Onespot, a platform building custom-branded mobile apps for schools, shares how they automated OTA updates and store deployments across 200+ React Native/Expo apps. The core approach: a JSON app registry (apps.json) as the source of truth, a Python script (onescript.py) that generates per-app config files, and a GitHub Actions workflow triggered via repository dispatch. A custom API endpoint wraps the GitHub dispatch call, enabling deployments to be triggered from within the app itself on a phone. The post covers the full architecture, code snippets, and important guardrails like server-side command validation, least-privilege credentials, audit logging, and idempotent scripts.
Table of contents
The challenge: deploying at “white-label” scaleThe key idea: “which app am I deploying?” is a data problemAutomating the config generationStructuring the app configPublishing with PythonMoving deployments off the laptopTriggering deployments from your phoneWhere do we go next?Safety and guardrails to considerFinal thoughtsSort: