Skip to content

#1 [init] : 초기 세팅 #3

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
fredleeJH merged 1 commit into from
Sep 29, 2025
Merged

#1 [init] : 초기 세팅 #3

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
196 changes: 184 additions & 12 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,187 @@
# Created by https://www.toptal.com/developers/gitignore/api/android,androidstudio,kotlin
# Edit at https://www.toptal.com/developers/gitignore?templates=android,androidstudio,kotlin

### Android ###
# Gradle files
.gradle/
build/

# Local configuration file (sdk path, etc)
local.properties

# Log/OS Files
*.log

# Android Studio generated files and folders
captures/
.externalNativeBuild/
.cxx/
*.apk
output.json

# IntelliJ
*.iml
.idea/
misc.xml
deploymentTargetDropDown.xml
render.experimental.xml

# Keystore files
*.jks
*.keystore

# Google Services (e.g. APIs or Firebase)
google-services.json

# Android Profiling
*.hprof

### Android Patch ###
gen-external-apklibs

# Replacement of .externalNativeBuild directories introduced
# with Android Studio 3.5.

### Kotlin ###
# Compiled class file
*.class

# Log file

# BlueJ files
*.ctxt

# Mobile Tools for Java (J2ME)
.mtj.tmp/

# Package Files #
*.jar
*.war
*.nar
*.ear
*.zip
*.tar.gz
*.rar

# virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
hs_err_pid*
replay_pid*

### AndroidStudio ###
# Covers files to be ignored for android development using Android Studio.

# Built application files
*.ap_
*.aab

# Files for the ART/Dalvik VM
*.dex

# Java class files

# Generated files
bin/
gen/
out/

# Gradle files
.gradle
/local.properties
/.idea/caches
/.idea/libraries
/.idea/modules.xml
/.idea/workspace.xml
/.idea/navEditor.xml
/.idea/assetWizardSettings.xml
.DS_Store
/build
/captures

# Signing files
.signing/

# Local configuration file (sdk path, etc)

# Proguard folder generated by Eclipse
proguard/

# Log Files

# Android Studio
/*/build/
/*/local.properties
/*/out
/*/*/build
/*/*/production
.navigation/
*.ipr
*~
*.swp

# Keystore files

# Google Services (e.g. APIs or Firebase)
# google-services.json

# Android Patch

# External native build folder generated in Android Studio 2.2 and later
.externalNativeBuild
.cxx
local.properties

# NDK
obj/

# IntelliJ IDEA
*.iws
/out/

# User-specific configurations
.idea/caches/
.idea/libraries/
.idea/shelf/
.idea/workspace.xml
.idea/tasks.xml
.idea/.name
.idea/compiler.xml
.idea/copyright/profiles_settings.xml
.idea/encodings.xml
.idea/misc.xml
.idea/modules.xml
.idea/scopes/scope_settings.xml
.idea/dictionaries
.idea/vcs.xml
.idea/jsLibraryMappings.xml
.idea/datasources.xml
.idea/dataSources.ids
.idea/sqlDataSources.xml
.idea/dynamic.xml
.idea/uiDesigner.xml
.idea/assetWizardSettings.xml
.idea/gradle.xml
.idea/jarRepositories.xml
.idea/navEditor.xml

# Legacy Eclipse project files
.classpath
.project
.cproject
.settings/

# Mobile Tools for Java (J2ME)

# Package Files #

# virtual machine crash logs (Reference: http://www.java.com/en/download/help/error_hotspot.xml)

## Plugin-specific files:

# mpeltonen/sbt-idea plugin
.idea_modules/

# JIRA plugin
atlassian-ide-plugin.xml

# Mongo Explorer plugin
.idea/mongoSettings.xml

# Crashlytics plugin (for Android Studio and IntelliJ)
com_crashlytics_export_strings.xml
crashlytics.properties
crashlytics-build.properties
fabric.properties

### AndroidStudio Patch ###

!/gradle/wrapper/gradle-wrapper.jar

# End of https://www.toptal.com/developers/gitignore/api/android,androidstudio,kotlin
4 changes: 3 additions & 1 deletion .idea/vcs.xml
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

61 changes: 24 additions & 37 deletions app/build.gradle.kts
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,59 +1,46 @@
plugins {
alias(libs.plugins.android.application)
alias(libs.plugins.spot.android.application)
alias(libs.plugins.kotlin.android)
alias(libs.plugins.kotlin.compose)
alias(libs.plugins.spot.android.hilt)
}
Comment on lines 1 to 5
Copy link

@coderabbitai coderabbitai bot Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

🧩 Analysis chain

기본 설정이 컨벤션 플러그인에 위임됐는지 확인 필요.

defaultConfig(applicationId/minSdk/targetSdk 등)가 spot.android.application에서 설정되는지 확인해주세요. 미설정 시 빌드 실패합니다.

다음 스크립트로 컨벤션 플러그인에서의 설정을 탐색하세요.

🏁 Script executed:

#!/bin/bash
rg -n -C3 -g 'build-logic/**' -P '(class\s+AndroidApplicationPlugin|pluginManager\.apply\("com\.android\.application"\))|defaultConfig\s*\{|applicationId\s*='

Length of output: 2991

컨벤션 플러그인이 minSdk/compileSdk/BuildConfig 등은 설정하지만 applicationId는 설정하지 않습니다 — app 모듈에 applicationId 필요

  • 확인: build-logic/convention/src/main/java/com/umcspot/spot/convention/KotlinAndroid.kt 에서 compileSdk/minSdk 및 defaultConfig 설정 확인.
  • 확인: build-logic/convention/src/main/java/com/umcspot/spot/convention/BuildConfig.kt 에서 buildConfigField 설정 확인.
  • 확인: build-logic/convention/src/main/java/com/umcspot/spot/convention/AndroidTestPlugin.kt 에서 testInstrumentationRunner 설정 확인.
  • 미발견: build-logic/** 내에서 applicationId 설정 없음 — app 모듈에 applicationId를 명시하거나 컨벤션 플러그인에 applicationId 설정을 추가해야 함(미설정 시 빌드 실패).
🤖 Prompt for AI Agents 
In app/build.gradle.kts around lines 1-5: the convention plugins set
compileSdk/minSdk/BuildConfig/test runner but do not provide applicationId,
which must be declared for the app module; add an applicationId entry to the app
module's defaultConfig in this file (e.g., defaultConfig { applicationId
"com.yourcompany.yourapp" }) or alternatively add applicationId configuration to
the convention plugin (build-logic/*) so the app module receives it; ensure the
chosen package string matches your AndroidManifest and flavors and update any
CI/build scripts if they expect a specific applicationId.


android {
namespace = "com.umcspot.spot"
compileSdk = 35

defaultConfig {
applicationId = "com.umcspot.spot"
minSdk = 35
targetSdk = 35
versionCode = 1
versionName = "1.0"

testInstrumentationRunner = "androidx.test.runner.AndroidJUnitRunner"
signingConfigs {
getByName("debug") {
keyAlias = "androiddebugkey"
keyPassword = "android"
storeFile = file("debug.keystore")
}
Comment on lines +10 to +15
Copy link

@coderabbitai coderabbitai bot Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

디버그 키스토어를 스크립트에 하드코딩하지 마세요.

AGP 기본 디버그 키스토어를 사용하면 별도 설정이 불필요합니다. 현재처럼 파일/패스워드를 레포에 남기면 관리 오버헤드와 실수 위험이 있습니다.

권장 수정:

-    signingConfigs {
-        getByName("debug") {
-            keyAlias = "androiddebugkey"
-            keyPassword = "android"
-            storeFile = file("debug.keystore")
-        }
-    }
+    // 디버그 서명은 AGP 기본값 사용 (커스텀 불필요)
📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
signingConfigs {
getByName("debug") {
keyAlias = "androiddebugkey"
keyPassword = "android"
storeFile = file("debug.keystore")
}
// 디버그 서명은 AGP 기본값 사용 (커스텀 불필요)
🤖 Prompt for AI Agents 
In app/build.gradle.kts around lines 10 to 15, the debug keystore data
(keyAlias, keyPassword, storeFile) is hardcoded in signingConfigs; remove this
hardcoded debug keystore block and rely on the Android Gradle Plugin's default
debug keystore instead, or if a custom debug keystore is absolutely required,
load its path/password from secure external configuration (environment variables
or gradle.properties with .gitignore) rather than embedding them in the script.

}

buildTypes {
debug {
signingConfig = signingConfigs.getByName("debug")
}
release {
signingConfig = signingConfigs.getByName("debug")
isMinifyEnabled = false
Comment on lines +19 to 24
Copy link

@coderabbitai coderabbitai bot Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

릴리스 빌드가 디버그 키로 서명되고 있습니다. 반드시 차단.

releasesigningConfig = signingConfigs.getByName("debug")는 보안/배포상 금지입니다. 실제 릴리스 서명은 별도 keystore.properties 등 외부 비밀로 주입하세요.

수정안:

-        debug {
-            signingConfig = signingConfigs.getByName("debug")
-        }
+        debug { /* 기본 디버그 서명 사용 */ }

         release {
-            signingConfig = signingConfigs.getByName("debug")
+            // TODO: keystoreProperties로 릴리스 서명 구성 (레포에 비밀값 저장 금지)
             isMinifyEnabled = false
             proguardFiles(
                 getDefaultProguardFile("proguard-android-optimize.txt"),
                 "proguard-rules.pro"
             )
         }
🤖 Prompt for AI Agents 
In app/build.gradle.kts around lines 19–24, the release build is incorrectly
using the debug signing config; replace the debug signing for release with a
proper release signing setup that reads keystore credentials from an external
secret (e.g. keystore.properties or CI secrets) and registers a release
signingConfig, then reference that release signingConfig here (do not use
signingConfigs.getByName("debug") for release). Ensure the keystore file path,
alias, storePassword and keyPassword are injected from the external file/CI and
not hard-coded in the repo.

proguardFiles(
getDefaultProguardFile("proguard-android-optimize.txt"),
"proguard-rules.pro"
)
}
}
compileOptions {
sourceCompatibility = JavaVersion.VERSION_11
targetCompatibility = JavaVersion.VERSION_11
}
kotlinOptions {
jvmTarget = "11"
}
buildFeatures {
compose = true
}
}

dependencies {

implementation(libs.androidx.core.ktx)
implementation(libs.androidx.lifecycle.runtime.ktx)
implementation(libs.androidx.activity.compose)
implementation(platform(libs.androidx.compose.bom))
implementation(libs.androidx.ui)
implementation(libs.androidx.ui.graphics)
implementation(libs.androidx.ui.tooling.preview)
implementation(libs.androidx.material3)
testImplementation(libs.junit)
androidTestImplementation(libs.androidx.junit)
androidTestImplementation(libs.androidx.espresso.core)
androidTestImplementation(platform(libs.androidx.compose.bom))
androidTestImplementation(libs.androidx.ui.test.junit4)
debugImplementation(libs.androidx.ui.tooling)
debugImplementation(libs.androidx.ui.test.manifest)
implementation(projects.feature.home)
implementation(projects.feature.main)
implementation(projects.feature.mypage)
implementation(projects.domain.home)
implementation(projects.core.ui)
implementation(projects.core.network)
implementation(projects.core.model)
implementation(projects.core.designsystem)
implementation(projects.core.common)
implementation(projects.core.buildconfig)
implementation(projects.core.navigation)
implementation(projects.data.home)
}
20 changes: 13 additions & 7 deletions app/src/main/AndroidManifest.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,27 +2,33 @@
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
xmlns:tools="http://schemas.android.com/tools">

<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.VIBRATE" />
<uses-permission android:name="android.permission.ACCESS_FINE_LOCATION" />
<uses-permission android:name="android.permission.ACCESS_COARSE_LOCATION" />

<application
android:name="com.umcspot.spot.SpotApplication"
android:allowBackup="true"
android:dataExtractionRules="@xml/data_extraction_rules"
android:fullBackupContent="@xml/backup_rules"
Comment on lines 12 to 14
Copy link

@coderabbitai coderabbitai bot Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

백업/데이터 추출 정책에 토큰 DataStore 파일 제외 규칙 반영 필요.

앱 백업이 활성화(allowBackup="true")이고 rules가 지정되어 있습니다. 토큰을 저장하는 DataStore 파일(com.umcspot.spot.datastore)이 백업/전송에 포함되지 않도록 backup_rules.xmldata_extraction_rules.xml에 명시적으로 제외 규칙을 넣어주세요.

android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/Theme.SPOT"
android:theme="@style/Theme.Spot"
android:usesCleartextTraffic="true"
Copy link

@coderabbitai coderabbitai bot Sep 23, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue

릴리즈에서 cleartext 금지 또는 빌드타입별로 제어하세요.

android:usesCleartextTraffic="true"는 보안/스토어 심사 리스크입니다. 디버그만 허용하고 릴리즈는 차단하도록 전환을 권장합니다.

다음처럼 매니페스트 플레이스홀더로 전환하세요:

-        android:usesCleartextTraffic="true"
+        android:usesCleartextTraffic="${cleartextTrafficPermitted}"

추가로 app/build.gradle.kts에 빌드타입별 플레이스홀더를 설정하세요:

android {
  buildTypes {
    debug { manifestPlaceholders["cleartextTrafficPermitted"] = true }
    release { manifestPlaceholders["cleartextTrafficPermitted"] = false }
  }
}

또는 networkSecurityConfig로 디버그만 cleartext 허용을 분리해도 됩니다.

🤖 Prompt for AI Agents 
In app/src/main/AndroidManifest.xml around line 20,
android:usesCleartextTraffic="true" is applied globally which is a
security/store risk; replace the literal with a manifest placeholder (e.g.
android:usesCleartextTraffic="${cleartextTrafficPermitted}") and then set
build-type-specific manifestPlaceholders in app/build.gradle.kts (debug true,
release false). Alternatively, remove the global attribute and configure a
networkSecurityConfig that permits cleartext only for debug builds and reference
that config via a placeholder tied to buildTypes.

tools:targetApi="31">

<activity
android:name=".MainActivity"
android:name="com.umcspot.spot.main.MainActivity"
android:exported="true"
android:label="@string/app_name"
android:theme="@style/Theme.SPOT">
android:theme="@style/Theme.Spot">
<intent-filter>
<action android:name="android.intent.action.MAIN" />

<category android:name="android.intent.category.LAUNCHER" />
<action android:name="android.intent.action.MAIN"/>
<category android:name="android.intent.category.LAUNCHER"/>
</intent-filter>
</activity>
</application>

</manifest>
47 changes: 0 additions & 47 deletions app/src/main/java/com/umcspot/spot/MainActivity.kt
View file
Open in desktop

This file was deleted.

11 changes: 11 additions & 0 deletions app/src/main/java/com/umcspot/spot/SpotApplication.kt
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
package com.umcspot.spot

import android.app.Application
import dagger.hilt.android.HiltAndroidApp

@HiltAndroidApp
class SpotApplication : Application() {
override fun onCreate() {
super.onCreate()
}
}
Loading