240425/YungR1otz
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
35c7647d369e7a0c585c4f7b4d6722cd5c11ea73
YungR1otz/DEPLOYMENT.md
Lucas Saburido cabf2025cd first commit
2026-05-13 16:26:45 +01:00

2.3 KiB
Raw Blame History

RIOTZ Deployment Guide (Android + iOS)

This guide prepares RIOTZ for production releases with Flutter + Supabase.

1) Environment setup

Use --dart-define in release builds:

--dart-define=SUPABASE_URL=https://YOUR_PROJECT_ID.supabase.co
--dart-define=SUPABASE_ANON_KEY=YOUR_SUPABASE_ANON_KEY
--dart-define=ADMIN_USER_IDS=uuid-1,uuid-2

Optional: use --dart-define-from-file=env.production.json.

Example env.production.json:

{
  "SUPABASE_URL": "https://YOUR_PROJECT_ID.supabase.co",
  "SUPABASE_ANON_KEY": "YOUR_SUPABASE_ANON_KEY",
  "ADMIN_USER_IDS": "uuid-1,uuid-2"
}

2) Supabase production checklist

  • Apply migration in supabase/migrations/20260506170000_riotz_production_schema.sql.
  • Confirm buckets exist: avatars, post-images, tracks.
  • Confirm RLS policies are enabled and tested.
  • Add at least one admin user in admin_users.

3) Android release

3.1 Create upload keystore

keytool -genkey -v -keystore ~/riotz-upload-keystore.jks -keyalg RSA -keysize 2048 -validity 10000 -alias upload

3.2 Configure android/key.properties

Copy android/key.properties.example to android/key.properties and fill values.

3.3 Build artifacts

flutter pub get
flutter build appbundle --release --dart-define-from-file=env.production.json
flutter build apk --release --dart-define-from-file=env.production.json

Output:

  • AAB: build/app/outputs/bundle/release/app-release.aab
  • APK: build/app/outputs/flutter-apk/app-release.apk

4) iOS release

4.1 Xcode signing

  • Open ios/Runner.xcworkspace
  • Target Runner -> Signing & Capabilities
  • Set Team, Bundle Identifier (com.riotz.app), and provisioning profiles

4.2 Build and archive

flutter pub get
flutter build ipa --release --dart-define-from-file=env.production.json

Or archive from Xcode and upload via Organizer / Transporter.

5) Pre-release quality gate

  • flutter analyze
  • flutter test
  • Smoke test auth/profile/feed/music/discover/admin on physical devices
  • Verify upload, playback, logout/login, banned-user behavior
  • Verify crash-free startup with production Supabase keys

6) Security reminders

  • Never commit android/key.properties, keystores, or private keys
  • Do not expose service-role Supabase keys in Flutter app
  • Rotate anon keys only through Supabase config if leaked
Reference in New Issue View Git Blame Copy Permalink