Android Gradle edit

Sign APK without exposing keystore password

You can define the signing configuration to sign the apk in the build.gradle file using these properties:

In many case you may need to avoid this kind of info in the build.gradle file.

Method A: Configure release signing using a keystore.properties file

It’s possible to configure your app’s build.gradle so that it will read your signing configuration information from a properties file like keystore.properties.

Setting up signing like this is beneficial because:

First, create a file called keystore.properties in the root of your project with content like this (replacing the values with your own):

storeFile=keystore.jks
storePassword=storePassword
keyAlias=keyAlias
keyPassword=keyPassword

Now, in your app’s build.gradle file, set up the signingConfigs block as follows:

android {
...

signingConfigs { release { def propsFile = rootProject.file(‘keystore.properties’) if (propsFile.exists()) { def props = new Properties() props.load(new FileInputStream(propsFile)) storeFile = file(props[‘storeFile’]) storePassword = props[‘storePassword’] keyAlias = props[‘keyAlias’] keyPassword = props[‘keyPassword’] } } }

}

That’s really all there is to it, but don’t forget to exclude both your keystore file and your keystore.properties file from version control.

A couple of things to note:

Method B: By using an environment variable

The same can be achieved also without a properties file, making the password harder to find:

android {

  signingConfigs {
    release {
        storeFile file('/your/keystore/location/key')
        keyAlias 'your_alias'
        String ps = System.getenv("ps")
        if (ps == null) {
             throw new GradleException('missing ps env variable')
        }
        keyPassword ps
        storePassword ps
    }
}

The "ps" environment variable can be global, but a safer approach can be by adding it to the shell of Android Studio only. In linux this can be done by editing Android Studio’s Desktop Entry

Exec=sh -c "export ps=myPassword123 ; /path/to/studio.sh"

You can find more details in this topic.

Feedback about page:

Feedback:
Optional: your email if you want me to get back to you:


Table Of Contents
3 Gradle
39 ACRA
64 Menu
112 Loader
119 Xposed
132 Colors
135 Fresco
140 AdMob
147 Button
156 Vk SDK
170 XMPP
176 OpenCV
200 FileIO
203 Moshi
217 Paint
231 AIDL
241 JCodec
243 Okio
255 Looper
  ↑ ↓ to navigate     ↵ to select     Esc to close