> flutter-cicd
Set up Continuous Integration and Deployment pipelines for Flutter apps. Use when setting up CI/CD pipelines, automated testing, or deployment workflows for Flutter. (triggers: .github/workflows/**.yml, fastlane/**, android/fastlane/**, ios/fastlane/**, ci, cd, pipeline, build, deploy, release, action, workflow)
curl "https://skillshub.wtf/HoangNguyen0403/agent-skills-standard/flutter-cicd?format=md"CI/CD Standards
Priority: P1 (HIGH)
Automates code quality checks, testing, and deployment to prevent regressions and accelerate delivery.
Core Pipeline Steps
- Environment Setup: Use stable Flutter channel. Cache dependencies (pub, gradle, cocoapods).
- Static Analysis: Enforce
flutter analyzeanddart format. Fail on any warning in strict mode. - Testing: Run unit, widget, and integration tests. Upload coverage reports (e.g., Codecov).
- Build:
- Android: Build App Bundle (
.aab) for Play Store. - iOS: Sign and build
.ipa(requires macOS runner).
- Android: Build App Bundle (
- Deployment (CD): Automated upload to TestFlight/Play Console using standard tools (Fastlane, Codemagic).
Best Practices
- Timeout Limits: Always set
timeout-minutes(e.g., 30m) to save costs on hung jobs. - Fail Fast: Run Analyze/Format before Tests/Builds.
- Secrets: Never commit keys. Use GitHub Secrets or secure vaults for
keystore.jksand.p8certs. - Versioning: Automate version bumping based on git tags or semantic version scripts.
Reference
- GitHub Actions Template - Standard workflow file.
- Advanced Large-Scale Workflow - Parallel jobs, Caching, Strict Mode.
- Fastlane Standards - Automated Signing & Deployment.
Anti-Patterns
- ❌ Committing
keystore.jks,.p8, or.envfiles — store all signing credentials in GitHub Secrets or a secure vault - ❌ CI job without
timeout-minutes— hung jobs burn runner minutes; always set an explicit timeout (e.g., 30m) - ❌ Manual
version: 1.0.0+42edits inpubspec.yaml— automate via git tags or a version script to prevent human error - ❌ Running
flutter analyzeafterflutter build— analysis is cheap and fast; fail fast by running it before builds/tests
Related Topics
flutter/testing | dart/tooling
> related_skills --same-repo
> common-store-changelog
Generate user-facing release notes for the Apple App Store and Google Play Store by collecting git history, triaging user-impacting changes, and drafting store-compliant changelogs. Enforces character limits (App Store ≤4000, Google Play ≤500), tone, and bullet format. Use when generating release notes, app store changelog, play store release, what's new, or version release notes for any mobile app. (triggers: generate changelog, app store notes, play store release, what's new, release notes, ve
> golang-tooling
Go developer toolchain — gopls LSP diagnostics, linting, formatting, and vet. Use when setting up Go tooling, running linters, or integrating gopls with Claude Code. (triggers: gopls, golangci-lint, golangci.yml, go vet, goimports, staticcheck, go tooling, go lint)
> common-ui-design
Design distinctive, production-grade frontend UI with bold aesthetic choices. Use when building web components, pages, interfaces, dashboards, or applications in any framework (React, Next.js, Angular, Vue, HTML/CSS). (triggers: build a page, create a component, design a dashboard, landing page, UI for, build a layout, make it look good, improve the design, build UI, create interface, design screen)
> common-owasp
OWASP Top 10 audit checklist for Web Applications (2021) and APIs (2023). Load during any security review, PR review, or codebase audit touching web, mobile backend, or API code. (triggers: security review, OWASP, broken access control, IDOR, BOLA, injection, broken auth, API review, authorization, access control)