Android CI/CD
Software development skill, available on Zeplik
Android CI/CD is a ready-to-run software development skill on Zeplik. Automate Android CI/CD to Google Play: keystore, GitHub Secrets, multi-stage release workflow for RN, Flutter, native. Ask in plain language and Zeplik applies the skill's method for you inside the conversation, on whichever AI model you prefer.
The Android CI/CD skill loads automatically when your request matches it, or you can invoke it directly by typing /android-cicd in any chat. It works with attachments, connectors, and any model that supports the task, so you get the same expert method every time without setting anything up.
What the Android CI/CD skill can do
- Scaffold a multi-stage GitHub Actions pipeline for Android to Google Play
- Auto-detect framework: TWA, React Native, Flutter, or native Gradle
- Generate and store keystore and service account secrets in GitHub
- Auto-bump versionCode on main pushes and route tags to alpha, beta, or production tracks
Try these prompts on Zeplik
Pick a prompt to open it in the Zeplik app. If you are not signed in yet, your prompt is waiting for you the moment you do.
How the Android CI/CD skill works
Skill: android-cicd
Purpose
Set up a complete, multi-stage Android CI/CD pipeline that automatically builds and publishes to Google Play via GitHub Actions. Supports TWA (Trusted Web Activity / Bubblewrap), React Native, Flutter, and native Android (Gradle) projects.
When to Use
- The project has an Android app tracked in a GitHub repository
- No CI/CD pipeline exists yet for the Android build
- Goal: automate publishing to Google Play on every push to
mainand on version tags - User wants to avoid manual
versionCodebumping
Quick Start
Run the interactive setup wizard from the root of the target project:
npx android-cicd
The wizard handles: framework detection → keystore generation → GitHub Secrets → workflow scaffold.
Prerequisites
Before running the wizard, ensure:
- Node.js ≥ 18
- JDK 17 installed with
keytoolaccessible (JAVA_HOMEset, or installed via Eclipse Adoptium / Android Studio) ghCLI installed and authenticated (gh auth login)- App already created in Google Play Console — at least one manual AAB/APK upload done (required before the API can publish)
- App enrolled in Play App Signing (Google manages the signing key; you manage the upload key)
- Google Play Android Developer API enabled in Google Cloud Console
- Service account JSON key downloaded (see Manual Steps below)
Framework Detection
The wizard auto-detects the framework from the project directory structure:
| Condition | Detected framework |
|---|---|
pubspec.yaml contains flutter: | flutter |
android/app/build.gradle exists + package.json has react-native dep | react-native |
android-root-app/build.gradle or twa-manifest.json or .bubblewrap/config.json exists | twa |
app/build.gradle exists | native |
android/app/build.gradle exists (fallback) | native |
The user can override the detected framework during the wizard.
Multi-Stage Pipeline
The scaffolded workflow publishes to different tracks based on the git ref:
| Git event | Google Play track |
|---|---|
Push to main | internal |
Tag matching v*-alpha (e.g. v1.2-alpha) | alpha |
Tag matching v*-beta (e.g. v1.2-beta) | beta |
Tag matching v* (e.g. v1.2.0) | production |
Manual workflow_dispatch | User-selectable (internal / alpha / beta / production) |
To release to production:
git tag v1.2.0
git push origin v1.2.0
Auto-Bump versionCode
On every push to main, CI automatically:
- Reads the current
versionCodefrom the version file for the detected framework - Increments it by 1
- Commits the change with
[skip ci](prevents re-triggering the workflow) - Pushes the commit back to
main
Version file by framework:
| Framework | Version file | Field |
|---|---|---|
| TWA | android-root-app/build.gradle | versionCode |
| React Native | android/app/build.gradle | versionCode |
| Flutter | pubspec.yaml | version: x.y.z+N (the +N build number) |
| Native | app/build.gradle | versionCode |
For tag-based builds (alpha / beta / production), auto-bump does not run — the tag represents a pinned commit. Increment the version manually before tagging.
Required GitHub Secrets
The wizard sets these automatically via gh secret set:
| Secret | Description |
|---|---|
KEYSTORE_FILE | Base64-encoded upload keystore (.jks) |
KEYSTORE_PASSWORD | Keystore password |
KEY_ALIAS | Key alias (e.g. upload) |
KEY_PASSWORD | Key password (usually same as KEYSTORE_PASSWORD) |
GOOGLE_PLAY_SERVICE_ACCOUNT_JSON | Full JSON content of the service account key |
Signing Configuration
TWA / Native Android
Add to your build.gradle (see templates/gradle/signing.gradle):
android {
signingConfigs {
release {
storeFile file("keystore.jks")
storePassword System.getenv("KEYSTORE_PASSWORD")
keyAlias System.getenv("KEY_ALIAS")
keyPassword System.getenv("KEY_PASSWORD")
}
}
buildTypes {
release {
minifyEnabled true
signingConfig signingConfigs.release
}
}
}
Never set
org.gradle.java.homeingradle.properties— it breaks Linux CI runners.
Flutter
The CI workflow creates android/key.properties at build time (from secrets) and cleans it up after. Your android/app/build.gradle should read from it:
def keystoreProperties = new Properties()
def keystorePropertiesFile = rootProject.file('key.properties')
if (keystorePropertiesFile.exists()) {
keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
}
android {
signingConfigs {
release {
keyAlias keystoreProperties['keyAlias']
keyPassword keystoreProperties['keyPassword']
storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
storePassword keystoreProperties['storePassword']
}
}
buildTypes {
release {
signingConfig signingConfigs.release
}
}
}
Manual Steps (Cannot Be Automated)
1. Create the service account
- Google Cloud Console → your project → IAM & Admin → Service Accounts
- Create service account → name:
github-play-publisher→ Done (no roles needed) - Click the service account → Keys tab → Add key → Create new key → JSON → download
2. Enable the Play API
Google Cloud Console → APIs & Services → search Google Play Android Developer API → Enable
3. Invite the service account in Play Console
- Play Console → Users and permissions → Invite new user
- Email:
[email protected] - Account-level permissions:
- ✅ Release apps to testing tracks
- ✅ Manage testing tracks and edit testers
- Apply
4. First manual upload
Google Play requires at least one manually uploaded AAB before the API can publish. If this is a brand-new app, upload the first build from your local machine before running the CI pipeline.
Troubleshooting
| Error | Cause | Fix |
|---|---|---|
Java home supplied is invalid | org.gradle.java.home hardcoded in gradle.properties | Remove that line |
signed with the wrong key | Keystore in secret doesn't match Play's registered upload key | Update KEYSTORE_FILE secret |
The caller does not have permission | Service account missing permissions or API not enabled | Re-check Manual Steps 2 and 3 |
Upload failed — wrong versionCode | versionCode not incremented (tag-based build) | Increment versionCode manually before tagging |
shallow update not allowed | Shallow git checkout when pushing version bump | Workflow uses fetch-depth: 0 — verify the checkout step |
| Workflow not triggering on tag | Tag not pushed to remote | Run git push origin TAG_NAME |
gh: command not found | gh CLI not installed | Install from https://cli.github.com |
keytool not found | JDK not installed or not on PATH | Set JAVA_HOME or install JDK 17 |
Recovering a Lost Upload Keystore
If the app uses Play App Signing (recommended):
- Generate a new keystore:
npx android-cicdand choose "I already have a keystore: No" - Export the PEM certificate:
keytool -export -rfc -keystore upload.jks -alias ALIAS -storepass PASSWORD -file cert.pem - Play Console → app → App integrity → App signing → Request upload key reset
- Select "I forgot my password" → upload
cert.pem - Wait 1–2 business days for Google approval
- Update the
KEYSTORE_FILEsecret with the new keystore base64
Manually Bumping the Version (Tag Releases)
Before pushing a tag for alpha / beta / production:
TWA / Native / React Native — edit build.gradle:
versionCode 8 // increment
versionName "1.2.0"
Flutter — edit pubspec.yaml:
version: 1.2.0+8
Then tag and push:
git add .
git commit -m "chore: bump version to 1.2.0"
git tag v1.2.0
git push origin main --tags
How to use the Android CI/CD skill
Sign in to Zeplik
Create a free Zeplik account or sign in. New accounts start with free credits, so you can try the Android CI/CD skill right away.
Describe your software development task
Ask in plain language, or type /android-cicd to invoke the skill directly. Zeplik recognizes the Android CI/CD skill and applies its method.
Review and refine the result
Zeplik returns a clear, structured answer. Ask follow-ups in the same chat to refine it or take the next step.
Source and credit
- Author
- davila7 (D7 Class-A standalone)
- License
- MIT
Adapted from the open-source davila7/claude-code-templates project and tuned to run natively on Zeplik. View source on GitHub.
Frequently asked questions
- What is the Android CI/CD skill?
- Android CI/CD is a ready-to-run software development skill on Zeplik. Automate Android CI/CD to Google Play: keystore, GitHub Secrets, multi-stage release workflow for RN, Flutter, native. Ask in plain language and Zeplik applies the skill's method for you inside the conversation, on whichever AI model you prefer.
- How do I use Android CI/CD on Zeplik?
- Sign in to Zeplik and ask in plain language, or type /android-cicd in any chat to invoke it directly. The skill applies its method and returns a result you can refine in the same conversation.
- Which AI model does the Android CI/CD skill use?
- Any model you choose. Zeplik works across every model in one chat, so the Android CI/CD skill runs on your preferred model for the task.
- Where does the Android CI/CD skill come from?
- The Android CI/CD skill is adapted from the open-source davila7/claude-code-templates project (MIT) and tuned to run natively on Zeplik. The original source is linked on this page.
- How much does the Android CI/CD skill cost?
- Using the skill is free to start. You only spend Zeplik credits when the assistant runs, and new accounts begin with free credits.
Related software development skills
- .NET BackendBuild ASP.NET Core 8+ backends with EF Core: auth, background jobs, production API patterns
- Advanced Git WorkflowsUse for advanced Git surgery: interactive rebase, cherry-pick, bisect, reflog recovery, and history cleanup before merging. Not for parallel worktree workflows (use using-git-worktrees).
- Adversarial Code ReviewHunt for bugs in code the user shares by assuming defects exist and attacking the code through several distinct lenses, then report severity-ranked findings with evidence. Use for "review this", "what could go wrong", "bug hunt", or pre-merge scrutiny of a change. Read-only, it reports problems and does not rewrite the code. Not for style cleanup (use simplify-code) or for writing new code.
- AI Agent FrameworksUse when building multi-agent systems or agent orchestration -- LangChain/LangGraph, agent team design, task coordination, pipelines. Not for authoring a Zeplik skill (use skill-creator).
- Algolia SearchAdd Algolia search: indexing strategies, React InstantSearch, relevance tuning, search-as-you-type
- Angular (v20+)Modern Angular v20+: Signals, standalone components, zoneless apps, SSR/hydration, reactive patterns
More on Zeplik
Try Android CI/CD on Zeplik
Every model, one chat. Bring the Android CI/CD skill into your next conversation and let the assistant do the work.