Open Source Repository Challenges
Making the project Open Source is a good thing as it allows others to learn from it but also to so that people can be assured that there is no nasty other software that is installed with the application.
However as anyone on the internet can view the source code this introduces complexities that you do not have with a private repository.
One main issue is that you cannot store configuration or credentials in the repository. Every configuration item (say an app store identifier) and credential item (Google Play Store publish token or API key) MUST come from repository secrets.
Loading these into environment variables for use is not a hard problem to solve however some items have complexities as you may need them in a format other than a string. Some examples that I have experienced (with Pi Garage) are listed below:
- Updating the contents of an existing file
- Converted a base64 string (from the secret) into a JSON file (e.g. Google JSON service account key)
- Apple push certificates required different approaches, Fastlane has a plugin to store certificates in a different private repository (check Fastlane docs for more information)