feat(example-connect): add automated Android release signing setup

[gimenete-stripe]

Summary

Adds automated Android release signing configuration that persists across expo prebuild runs. The setup includes:

• Automated restoration of signing credentials after expo prebuild
• Version code management in app.json
• Comprehensive documentation for Android releases

Motivation

The example-stripe-connect app uses Expo, which regenerates the android/ directory when running expo prebuild. This causes several issues:

1. Signing credentials lost: Release keystore files and signing configuration in build.gradle are deleted
2. Manual reconfiguration required: Developers must manually restore signing setup after each prebuild
3. Version management unclear: No clear workflow for bumping versionCode for Play Store releases
4. Security risk: Without proper .gitignore, signing credentials could be accidentally committed

This PR solves all these issues with an automated setup that runs after every expo prebuild.

Changes

New Files:

• .signing/ - Directory to store keystore files outside of android/ (protected by .gitignore)
• scripts/setup-android-signing.js - Automated setup script that:
  • Copies keystore files from .signing/ to android/
  • Patches build.gradle with release signing configuration
  • Updates .gitignore to protect credentials
• ANDROID_SIGNING.md - Comprehensive documentation including:
  • Version management workflow
  • Complete release process
  • Troubleshooting guide

Modified Files:

• package.json - Added setup-android-signing script and postprebuild hook
• app.json - Added versionCode: 2 for Play Store versioning
• .gitignore - Protected signing credentials from git

Workflow

After this PR, the Android release workflow is:

# 1. Bump version in app.json
# 2. Run prebuild (signing auto-configured via postprebuild hook)
npx expo prebuild --platform android

# 3. Build release AAB
cd android && ./gradlew :app:bundleRelease

# 4. Upload to Play Store

The postprebuild hook automatically runs the setup script, so signing configuration is always correct.

Testing

• I tested this manually
  • Successfully built release AAB with version code 2
  • Verified AAB is signed with correct certificate
  • Tested expo prebuild → signing automatically restored
  • Tested manual setup with yarn setup-android-signing
• I added automated tests
  • This is a build/release tooling change (not runtime code)

Documentation

• I have added relevant documentation for my changes.
  • Added comprehensive ANDROID_SIGNING.md with:
    • Complete workflow documentation
    • Version management guide
    • Troubleshooting section
    • Security best practices
  • Added .signing/README.md explaining directory contents
  • Script includes helpful console output for all operations

[maragues-stripe]

Thanks! 1 comment and 1 general suggestion.

I suggest to skip copying credential files, and point to the .signing folder from build.gradle. It simplifies the script, and it's a perfectly valid gradle approach, I'd swear.

[maragues-stripe]

How does a developer get these files?

Google play requires that future versions are signed with the same certificate.

[gimenete-stripe]

I have those in a 1password vault. I'm trying to see how can I share them to other stripes.