feat(cli): Android onboarding - verify app exists in Play Store (apps:search + Trapeze rename)#2443
feat(cli): Android onboarding - verify app exists in Play Store (apps:search + Trapeze rename)#2443WcaleNieWolny wants to merge 17 commits into
Conversation
…loper Reporting API (apps:search, OAuth-only)
…le create-app (Path B)
…pload is documented; apps:search Draft-app visibility is UNVERIFIED
…s (fastlane/terraform/gradle-play-publisher); Path B is inform-only
…HIGH); first upload likely API-able as draft (fastlane #18293, MEDIUM)
…e_status to draft (fastlaneTemplateAndroid.ts:447)
… research appendix)
…ilent build.gradle rewrite)
…reconcile + rename helpers (+ tests)
… reconcile + picker + degrade)
…Android app-verify
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the ⚙️ Run configurationConfiguration used: Organization UI Review profile: ASSERTIVE Plan: Pro Run ID: You can disable this status message by setting the Use the checkbox below for a quick retry:
Comment |
|
Review the following changes in direct dependencies. Learn more about Socket for GitHub.
|
|
All alerts resolved. Learn more about Socket for GitHub. This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| assert.equal(calls.length, 1) | ||
| // Bearer auth + the pageSize query are wired correctly. | ||
| assert.equal(calls[0].init.headers.Authorization, 'Bearer tok') | ||
| assert.ok(calls[0].url.includes('playdeveloperreporting.googleapis.com')) |
Merging this PR will not alter performance
Comparing 
Footnotes
|
- parseAppsSearchResponse: drop rows missing packageName (the reconcile join key) so a malformed Play row can never spuriously exact-match an empty Gradle id; reconcileAndroidApp gets a matching empty-id guard - add verifyAsyncEpochRef generation counter: render-scope async ops (startRename/doRename/recheckBuildId/recheckCreateApp/openCreatePlayConsole) bail before state writes when the step leaves the verify family or the component unmounts (they can't see the step effect's cancelled flag) - await-studio-confirm: fail honestly if the rename workspace ref was lost instead of running node rename.mjs against '' - reset packageLoadedRef on step leave so Path A Back / Path B routes re-detect Gradle ids + re-fetch Play apps (a failed rename may have changed build.gradle); 'Continue anyway' pins the plain picker so it can't bounce back to create-app - doRename/recheckBuildId read Play apps via verifyPlayAppsRef (stale closure snapshot during long npm-install/cap-sync) - tests: parser drop rule + empty-id reconcile edges
Google's consent page words playdeveloperreporting as 'see metrics and data about the apps in your Google Play Developer account' — unexplained, that reads like analytics snooping. Add a third bullet to the sign-in screen (it lists 'the two access requests' no more) and a matching learn-more Q&A; tighten the other learn-more answers to stay within the 80x49 Android min-size floor (was already at exactly 49 rows).
…list scope was skipped The loopback success page now lists declined OPTIONAL scopes with a human blurb (decoding Google's 'see metrics and data' wording) and what degrades — right where the decline just happened. Required-scope misses keep the existing blocking scopeMissingHtml/MissingScopesError path. New exported splitMissingScopes(granted, scopes, requiredScopes) does the split (+ tests); the CLI status stream also gets a one-line note so the later 'verification skipped' warning isn't a surprise.
…package that isn't a real Play app
The SA invite grants per-package (developers/{id}/users grants[].packageName)
and Google 400s INVALID_ARGUMENT on a package that doesn't exist, so picking a
build id that apps:search doesn't list was a guaranteed failure. Close every
leak on the verified generate path:
- enriched picker: gradle-id options annotated with Play status (✓ in Play /
⚠ not on Play yet); picking one not in apps:search routes to create-app
instead of advancing into a doomed provision
- manual entry: a typed package not in apps:search routes to create-app
(import/degraded path unchanged — it has no apps list + already warns)
- Path B create-app: removed 'Continue anyway' (both variants) — on the
generate path you genuinely cannot proceed until the app exists; it's now a
real gate (create → re-check → auto-advance), with Back to pick a different app
- safety net: the gcp-setup SA-invite catch turns Google's raw 'packages are
not available' 400 into an actionable 'create the app first' message for the
import/degraded path
result: picking a non-existent build id can no longer 400 the SA invite.
|
jinhongliang991013
left a comment
jinhongliang991013
left a comment
There was a problem hiding this comment.
The automatic rename path does not currently preserve the platform-directory contract used by the rest of onboarding.
| process.exit(1) | ||
| } | ||
|
|
||
| const project = new MobileProject('.', { android: { path: 'android' } }) |
There was a problem hiding this comment.
[P1] Honor the configured Android platform path
androidDir is resolved from capacitor.config and may be a non-default path such as apps/mobile/platforms/android-native, but this generated script always edits ./android. With only the custom directory present, the advertised automatic rename always fails. More dangerously, if the repository also contains a stale/default ./android, Trapeze commits the package/namespace change to that wrong native project; doRename then verifies the configured directory and reports failure only after the unrelated tree has been mutated. Pass the resolved androidDir into the generated script (or its MobileProject config) and cover a non-default path in the rename test.
3 participants
Summary
Adds an Android app-existence check to the CLI onboarding flow. When a user selects an Android package, the CLI now verifies whether the app already exists in the Play Store and reconciles the local config against what Google reports.
apps:search, OAuth-only) to list the developer's apps.PRODUCT_BUNDLE_IDENTIFIER/ package id (never a silentbuild.gradlerewrite).apps:search, reconcile, rename helpers) are extracted with unit tests.Docs
Verification status
ALL GREEN (typecheck + lint + build + tests pass).
Deferred / follow-ups
playdeveloperreportingscope to the PREPROD/private/config/builderscopes[]and test viaCAPGO_BUILDER_CONFIG_URL. Prod degrades gracefully until the scope is added.apps:searchreturns Draft (not-yet-published) apps; this is currently UNVERIFIED.There are 6 remaining non-blocking review findings (none blocking merge).