fix: use project keystore for consistent APK signing (fixes OTA update signature conflict)

evershelf-kiosk/app/build.gradle.kts

@@ -16,26 +16,22 @@ android {
     }
 
     signingConfigs {
-        // Use the standard Android debug keystore when building locally so the
+        // Project keystore — same on every machine so OTA updates always work.
-        // debug APK signature stays consistent across machines (needed for OTA updates).
+        create("project") {
-        // In CI the keystore doesn't exist — fall back to Gradle's auto-generated key.
+            storeFile = file("../evershelf.jks")
-        getByName("debug") {
+            storePassword = "evershelf123"
-            val ks = file("${System.getProperty("user.home")}/.android/debug.keystore")
+            keyAlias = "evershelf"
-            if (ks.exists()) {
+            keyPassword = "evershelf123"
-                storeFile = ks
-                storePassword = "android"
-                keyAlias = "androiddebugkey"
-                keyPassword = "android"
-            }
         }
     }
 
     buildTypes {
         debug {
-            signingConfig = signingConfigs.getByName("debug")
+            signingConfig = signingConfigs.getByName("project")
         }
         release {
             isMinifyEnabled = false
+            signingConfig = signingConfigs.getByName("project")
             proguardFiles(getDefaultProguardFile("proguard-android-optimize.txt"))
         }
     }