Builds/hash-wallet
1
0
Fork 0
forked from github-such-software/hash-wallet
Code Pull Requests Actions Activity

dev #22

Merged
such-gitea merged 2 commits from github-such-software/hash-wallet:dev into dev 2026-05-19 13:00:28 -04:00
Conversation 0 Commits 2 Files Changed 3 +13 -2
such-gitea commented 2026-05-19 13:00:22 -04:00
Owner
Copy Link

Issue Number (if Applicable): Fixes #

Description

Please include a summary of the changes and which issue is fixed / feature is added.

Pull Request - Checklist

  • Initial Manual Tests Passed
  • Double check modified code and verify it with the feature/task requirements
  • Format code
  • Look for code duplication
  • Clear naming for variables and methods
  • Manual tests in accessibility mode (TalkBack on Android) passed
Issue Number (if Applicable): Fixes # # Description Please include a summary of the changes and which issue is fixed / feature is added. # Pull Request - Checklist - [ ] Initial Manual Tests Passed - [ ] Double check modified code and verify it with the feature/task requirements - [ ] Format code - [ ] Look for code duplication - [ ] Clear naming for variables and methods - [ ] Manual tests in accessibility mode (TalkBack on Android) passed
such-gitea added 2 commits 2026-05-19 13:00:22 -04:00
CI: skip TLS verify on iOS artifact upload + verbose AAB build 9f832633b9 
iOS:
- Build itself succeeds (Runner.app sits in build/ios/iphonesimulator/).
- actions/upload-artifact's Node.js HTTP client hits git.such.software
  via LAN (NAT hairpin), bypassing the public NPM/Let's Encrypt cert
  and landing on Gitea's internal self-signed cert. Node refuses with
  DEPTH_ZERO_SELF_SIGNED_CERT.
- Setting NODE_TLS_REJECT_UNAUTHORIZED=0 at job env disables verification
  for all Node-based actions in the job. Acceptable here because we're
  talking to our own server on our own LAN — no external MITM surface.
- Long-term cleaner fix: install Gitea's CA cert into the runner's
  system trust store, or have the runner reach Gitea via the public
  hostname so NPM's Let's Encrypt cert is presented.

Android AAB:
- APK built + signed + uploaded fine (~14 min). AAB build then failed
  at FinalizeBundleTask$BundleToolRunnable / :app:signReleaseBundle
  with no visible error.
- Added --verbose to 'flutter build appbundle' so the next run prints
  the actual gradle stacktrace. Once we see WHY signReleaseBundle is
  failing, we can target the real fix.
CI: clarify NODE_TLS_REJECT_UNAUTHORIZED is a fallback now ba5c81e78b 
Gitea is on the same Mac mini as the runner, behind NPM in a separate
container. The proper fix is a hosts entry on the Mac that points
git.such.software at NPM's LAN IP so the runner reaches Gitea via
NPM's Let's Encrypt cert.

The env var stays in the workflow as a belt-and-suspenders fallback —
no harm if certs already validate cleanly, saves the workflow from
breaking again if the hosts entry ever gets blown away (system reset,
container migration, etc).
such-gitea merged commit 3530ba9a9c into dev 2026-05-19 13:00:28 -04:00
Sign in to join this conversation.
Reviewers
No Reviewers
Labels
No items
No Label
Milestone
No items
No Milestone
Assignees
Clear assignees
such-gitea
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: Builds/hash-wallet#22
Delete Branch "github-such-software/hash-wallet:dev"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?