fix(android): track Fastlane Gemfile.lock to fix android-deploy#698
Merged
Conversation
The android-deploy lane shipped without a committed Gemfile.lock, so `bundle install` resolved gems fresh on every run. A transitive update pulled fastlane 2.235.0, whose google-apis/representable load path requires multi_json, which was no longer part of the resolved bundle. Result: "multi_json is not part of the bundle" (Gem::LoadError), crashing `fastlane beta` before the Play Store upload. Mirror the proven ios/ setup by committing android/Gemfile.lock (identical Gemfile, so identical graph: fastlane 2.232.2, multi_json 1.19.1) and add a .gitignore negation so the lockfile stays tracked despite the global *.lock rule.
The android runner is ubuntu-latest but the committed lock only carries the arm64-darwin + ruby platforms, so the non-frozen `bundle install` adds the linux platform at runtime. With the Gemfile constraint left at ">= 2.220", that step could re-resolve fastlane up to the broken 2.235.0 again. Pin fastlane to the known-good 2.232.2 (which the lock already resolves with multi_json 1.19.1) so no resolution path can reintroduce the failure.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Problem
The
android-deploylane (Release workflow, Upload to Play Store step) fails with:Root cause
android/had no committedGemfile.lock(the global*.lockrule in.gitignorecovers it, and unlikeios/it was never tracked). Sobundle installresolved gems fresh on every run — a non-reproducible build.The previous release (
v1.0.85) passed with the sameGemfile; the next run's fresh resolution pulled fastlane 2.235.0, whose google-apis →representable/jsonload path requiresmulti_json, which was no longer in the resolved bundle →LoadErrorbefore upload.ios-deploystayed green becauseios/Gemfile.lockis committed (pins fastlane 2.232.2 + multi_json 1.19.1).Fix
android/Gemfile.lockseeded from the provenios/Gemfile.lock(the twoGemfiles are otherwise identical), giving a known-good graph: fastlane 2.232.2, multi_json 1.19.1..gitignorenegations (!android/Gemfile.lock,!ios/Gemfile.lock) so the lockfiles stay tracked despite the global*.lockrule, with a self-documenting comment.fastlaneto2.232.2inandroid/Gemfile(lockDEPENDENCIESsynced tofastlane (= 2.232.2)). The android runner isubuntu-latestand the lock carriesarm64-darwin + rubyplatforms; the non-frozenbundle installadds the linux platform at runtime. The exact pin guarantees no resolution path can re-select the broken 2.235.0 —multi_json 1.19.1stays required transitively viagoogleauth/signet.Validation
PASS_CLEANon the final diff.android-deployrun once this reaches the release lane (local modern-bundler validation was not possible in this environment).Test plan
android-deployloads fastlane 2.232.2 and reaches the upload step