Thanks, Andrew for doing a thorough review. This was merged in last week. I have created a new PR for the docs update: https://github.com/apache/cordova-docs/pull/277
It's important to note, to make it simple to pass multiple signing parameters, I have created the concept of a build.json file (instead of cordova-keys.json suggested below) that can be used to specify build-time parameters. It supports specifying two sets of values - debug & release. This support is currently only for Android, I am working on another PR for iOS. Thanks, Nikhil -----Original Message----- From: agri...@google.com [mailto:agri...@google.com] On Behalf Of Andrew Grieve Sent: Wednesday, March 18, 2015 4:48 PM To: dev Subject: Re: Build signed archives using CLI Left some comments on the PR. On Tue, Mar 17, 2015 at 5:04 PM, Nikhil Khandelwal <nikhi...@microsoft.com> wrote: > I just submitted a PR for this for Android: > https://github.com/apache/cordova-android/pull/164 > > Here's the rough design: > > - Build.json or command line args can be used to specify details > required for packaging: > - Keystore > - Alias > - Keystore password > - Password > - Keystore type. > - Debug-signing.properties or release-signing.properties is created at > prepare time to allow gradle or Ant build systems to pick up those > properties and generate a signed archive. > - ‘Clean’ will delete these autogenerated .properties files. > - If no password is specified for release signing, Ant & gradle will > prompt for passwords. > > I will shortly have a PR to update the docs. > > Thanks, > Nikhil > > > -----Original Message----- > From: Carlos Santana [mailto:csantan...@gmail.com] > Sent: Friday, February 13, 2015 2:28 PM > To: dev@cordova.apache.org > Subject: Re: Build signed archives using CLI > > Thanks Nikhil I see this as a very good and important feature to have > in our CLI stack > > On Fri, Feb 13, 2015 at 4:48 PM, Nikhil Khandelwal > <nikhi...@microsoft.com > > > wrote: > > > I'm taking this over from Dan. I like the idea of having the release > > signing information persisted in a json file. > > > > I have made some updates on the specific issue of how keys/passwords > > can be passed through CLI and JSON: > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9Pu > > NB > > L1auAMGFM/edit# > > > > I'm still going through the details of packaging requirements of > > each platform. I expect to add some more details on how the > > packaging process will work with individual platform build systems > > in the coming days. I will update this thread when I do so. > > > > Here's the main JIRA with platform specific tasks here: > > https://issues.apache.org/jira/browse/CB-8483. I would love to > > collaborate with others who are interested in this area. > > Specifically, I plan to take up the task of implementing this for Android > > first. > > > > Thanks, > > Nikhil > > > > > > -----Original Message----- > > From: Victor Sosa [mailto:sosah.vic...@gmail.com] > > Sent: Tuesday, February 10, 2015 2:29 PM > > To: dev@cordova.apache.org > > Subject: Re: Build signed archives using CLI > > > > I'm leaning to Andrew and Omar's idea. I like the idea of having a > > file where all the platform-specific information will be stored, > > then each platform will take that information to sign the archive > > and produce a usable, I mean ready-to-distribute, binary. > > > > As for Omar's comment, I also concur there. If a user has the > > signing info in gradle or ant properties and that info is also > > provided in the new file discussed here, then it should take > > precedence and override the platform-specific one. > > > > Wondering if Dan is feeling OK now and ready to be back in the game > > :D > > > > 2015-02-02 14:58 GMT-06:00 Mefire O. <ommen...@microsoft.com>: > > > > > +1 for having an additional file to abstract away all the platform > > > specific stuff. Currently, we support both gradle and ant for > > > android for example, I think it wouldn't make sense for end-users > > > to have to change their specs depending on what specific tool is > > > used behind the > > scenes. > > > Maybe we could also copy those properties to specific files during > > > build or prepare ? [copy from cordova's to ant.properties] > > > > > > > > > Thanks, > > > Mefire > > > > > > -----Original Message----- > > > From: Chuck Lantz [mailto:cla...@microsoft.com] > > > Sent: Wednesday, January 28, 2015 10:30 AM > > > To: dev@cordova.apache.org > > > Subject: RE: Build signed archives using CLI > > > > > > Yeah personally I am thinking that - particularly if we treat > > > platforms as dependencies in package.json as proposed - we'll need > > > some facility to set native build settings. We may be able to come > > > up with some sort of abstraction for this part, but I'm kind of > > > thinking we'll ultimately want a facility to include native build > > > property files (ant/gradle.properties, things like the signing > > > identity in build.xcconfig, etc) in the CLI project. That said, > > > we could have another facility for common settings like certs. > > > > > > -Chuck > > > > > > -----Original Message----- > > > From: agri...@google.com [mailto:agri...@google.com] On Behalf Of > > > Andrew Grieve > > > Sent: Wednesday, January 28, 2015 10:18 AM > > > To: dev > > > Subject: Re: Build signed archives using CLI > > > > > > Sounds good, let's wait until Dan is back to discuss. The main > > > point I'd like to cover is whether it'd be good to have layer of > > > indirection between cordova and the platform-specific files that > > > dictate signing > > info. > > > > > > E.g.: > > > Instead of using ant.properties / gradle.properties / > > > build.xcconfig, > > have: > > > > > > cordova-keys.json > > > { > > > ios: { identity: "", provisioning_profile: "" }, > > > android-debug: { keystore: "", alias: "", password: "", type: "" }, > > > android-release: { keystore: "", alias: "", password: "", type: "" > } > > > ... > > > } > > > > > > Then, have a prepare step that makes the platforms do the right > > > thing > > > > > > (Note that for android it's important to have debug siging keys as > > > well since they are used for Play Services and Cloud Console APIs). > > > > > > > > > > > > > > > > > > > > > On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa > > > <sosah.vic...@gmail.com> > > > wrote: > > > > > > > Yay!! Great news! > > > > > > > > Chuck, by any chance, do you have a link to the sandbox, or > > > > design doc or something worth to look at it? If no, we can wait > > > > until Dan is back (hope he feels better soon) I'm happy to help if > > > > needed. > > > > > > > > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cla...@microsoft.com>: > > > > > > > > > Dan Levine whom some of you met at PhoneGap day actually has > > > > > been working on a PR based on Subhag's proposal for discussion > > > > > - he is out sick which > > > > is > > > > > why he didn't respond to this thread. I'll let him speak to it > > > > > once he's back but the good news is there is someone working > > > > > on something in this area. > > > > > > > > > > -Chuck > > > > > > > > > > -----Original Message----- > > > > > From: Victor Sosa [mailto:sosah.vic...@gmail.com] > > > > > Sent: Wednesday, January 28, 2015 7:57 AM > > > > > To: dev@cordova.apache.org > > > > > Subject: Re: Build signed archives using CLI > > > > > > > > > > Hi Andrew. > > > > > > > > > > AFAICT, no one has done any work on this area, but I'd like to > > > > > add this topic to the hangout agenda, start discussing this. I > > > > > think Subhag has a very good design in the google doc in this > > > > > thread. We can start from > > > > there > > > > > and try to make this happen for a future release. > > > > > > > > > > Thoughts before adding it to the agenda? > > > > > > > > > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <agri...@chromium.org>: > > > > > > > > > > > In anyone interested in working on any of this? > > > > > > > > > > > > Was just looking at it to see if there was anything I needed > > > > > > to do to add support to Android for release packaging. > > > > > > > > > > > > Main thing lacking to me is whether we should support > > > > > > specifying release key information outside of the > platforms/android directory. > > > > > > E.g. have a cordova-keys.json as a sibling to www/ that has > > > > > > per-platform key locations & settings. > > > > > > > > > > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa > > > > > > <sosah.vic...@gmail.com> > > > > > > wrote: > > > > > > > > > > > > > Hello Cordova community > > > > > > > Curious to know where we stand about this topic. Even > > > > > > > though this topic looks to have significant impact on > > > > > > > Cordova, Subhag has a document > > > > > > proposal > > > > > > > with little discussion activity. > > > > > > > > > > > > > > I like Subhag's proposal, but I want to bring back the > > > > > > > idea of a prompt-less keychain. > > > > > > > > > > > > > > Is anything else, besides what is depicted in the > > > > > > > proposal, missing > > > > > here? > > > > > > > > > > > > > > Document: > > > > > > > > > > > > > > > > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA > > > > > > fb > > > > > > iQ > > > > > > u9 > > > > > > PuNB > > > > > > L1auAMGFM/edit?usp=sharing > > > > > > > > > > > > > > > > > > > > > ---------- Forwarded message ---------- > > > > > > > From: Carlos Santana <csantan...@gmail.com> > > > > > > > Date: 2014-10-15 12:42 GMT-05:00 > > > > > > > Subject: Re: Build signed archives using CLI > > > > > > > To: "dev@cordova.apache.org" <dev@cordova.apache.org> > > > > > > > > > > > > > > > > > > > > > +1 on having a new command "cordova package" this will > > > > > > > +allow IBM tooling > > > > > > to > > > > > > > hook into before_package and after_package for our own > > > > > > > customizations (direct update, authenticity, etc..) > > > > > > > +1 on using sane defaults and not prompting (i.e. default > > > > > > > +keychain maybe > > > > > > > used and unlock already) if not found what we need then > > > > > > > prompt or fail > > > > > > > +1 have some config/settings outside "platforms/" as I > > > > > > > +like to be > > > > > > transient > > > > > > > replaceable. using config.xml, something.json, or file > > > > > > > conventions like res/packaging/<platform>/ are all ok options. > > > > > > > > > > > > > > > > > > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak > > > > > > > <subhag....@microsoft.com> > > > > > > > wrote: > > > > > > > > > > > > > > > Here is the link to the proposal: > > > > > > > > > > > > > > > > > > > > > > > > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA > > > > > > fb > > > > > > iQ > > > > > > u9 > > > > > > PuNB > > > > > > L1auAMGFM/edit?usp=sharing > > > > > > > > Jump on it people :) > > > > > > > > > > > > > > > > Subhag Oak | Senior Program Manager Visual Studio, > > > > > > > > Client Tools s...@microsoft.com > > > > > > > > 425 707 5598 office > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > > > From: Subhag Oak [mailto:subhag....@microsoft.com] > > > > > > > > Sent: Thursday, October 9, 2014 12:58 PM > > > > > > > > To: dev@cordova.apache.org > > > > > > > > Subject: RE: Build signed archives using CLI > > > > > > > > > > > > > > > > Adding to what Shazron said, isn't config.xml supposed > > > > > > > > to be considered as app-wide settings/properties? > > > > > > > > Typically packaging information is per platform and > > > > > > > > hence in my opinion, should be decoupled from config > > > > > > > settings. > > > > > > > > Jesse, I am working on a documentation that I will share > > > > > > > > out soon for > > > > > > > the > > > > > > > > community to collaborate. > > > > > > > > > > > > > > > > Subhag Oak | Senior Program Manager Visual Studio, > > > > > > > > Client Tools s...@microsoft.com > > > > > > > > 425 707 5598 office > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > > > From: Shazron [mailto:shaz...@gmail.com] > > > > > > > > Sent: Thursday, October 9, 2014 12:02 PM > > > > > > > > To: dev@cordova.apache.org > > > > > > > > Subject: Re: Build signed archives using CLI > > > > > > > > > > > > > > > > Liking Subhag's proposal. > > > > > > > > Agree with Jesse on using conventions as a default plus > > > > > > > > config.xml > > > > > > > > -- > > > > > > > with > > > > > > > > overrides/env-vars possible. The only caveat for > > > > > > > > including info in the config.xml is, the config.xml data > > > > > > > > is copied into the iOS platform and > > > > > > > will > > > > > > > > be included in the .app bundle, and will leak > > > > > > > > information (even though harmless, since it shouldn't > > > > > > > > contain passwords, > > > > > > > > etc) -- so maybe that > > > > > > is > > > > > > > > not desirable, using config.xml. > > > > > > > > > > > > > > > > We will need to provide the password each time at least > > > > > > > > for iOS, since > > > > > > we > > > > > > > > need to unlock the keychain for code signing. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve > > > > > > > > <agri...@chromium.org> > > > > > > > > wrote: > > > > > > > > > > > > > > > > > The prompting is actually pretty appropriate here > > > > > > > > > since passwords are involved I think. I think also > > > > > > > > > that keys will often not be checked into source > > > > > > > > > control, but maybe the best way to support that is to > > > > > > > > > allow multiple ways of specifying things (e.g. default > > > > > > > > > to convention, allow override via config.xml, allow > > > > > > > > > override via command-line & env variable as well) > > > > > > > > > > > > > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse > > > > > > > > > <purplecabb...@gmail.com> > > > > > > wrote: > > > > > > > > > > > > > > > > > > > I am liking all of this. > > > > > > > > > > Are we ready to move this to an editable plaintext > > > > > > > > > > doc to > > > > > > collaborate > > > > > > > > on? > > > > > > > > > > > > > > > > > > > > I agree that we should take advantage of as much > > > > > > > > > > 'by-convention' as we > > > > > > > > > can, > > > > > > > > > > meaning things like `cordova package ios` defaults > > > > > > > > > > to a code sign > > > > > > > > > identity > > > > > > > > > > of 'iPhone Developer' and signs based on > > > > > > > > > > app-bundle-id, > ... > > > > > > > > > > > > > > > > > > > > If it does not make sense as a convention, then I > > > > > > > > > > too would like to see > > > > > > > > > as > > > > > > > > > > much as possible done through config.xml as Fredrico > > > > > > > > > > points out, > > > > > > and > > > > > > > > > agree > > > > > > > > > > on picking the most consistent names possible. > > > > > > > > > > > > > > > > > > > > I would prefer that we do not prompt, and simply > > > > > > > > > > fail fast, given that tools will typically be > > > > > > > > > > consuming the cli. Or we should at least > > > > > > > > > provide a > > > > > > > > > > --noPrompt option. Anything prompt-able should be > > > > > > > > > > config.xml-able > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > @purplecabbage > > > > > > > > > > risingj.com > > > > > > > > > > > > > > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz > > > > > > > > > > <cla...@microsoft.com > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > One option here could be to build off of the idea > > > > > > > > > > > of the > > > > "res" > > > > > > > > > > > folder > > > > > > > > > > that > > > > > > > > > > > is in the current samples for splashscreens and > > > > > > > > > > > icons and introduce something like "res/native". > > > > > > > > > > > Files placed here would > > > > > > be > > > > > > > > > > > put into the native project folders "before_prepare" > > > > > > > > > > > and would be further enhanced > > > > > > > > > by > > > > > > > > > > > the plugin and build infrastructure. This would > > > > > > > > > > > allow you to place customized native assets that > > > > > > > > > > > are unique to your project in a place > > > > > > > > > that > > > > > > > > > > > you can check in and would be unaffected by an upgrade. > > > > > > > > > > > > > > > > > > > > > > Andrew's environment variable idea could also > > > > > > > > > > > provide an > > > > > > alternate > > > > > > > > > means > > > > > > > > > > > to specify platform specific values (what Soak > > > > > > > > > > > mentions in the { > > > > > > > }). > > > > > > > > > > > > > > > > > > > > > > -Chuck > > > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > > > > > > From: Frederico Galvão > > > > > > > > > > > [mailto:frederico.gal...@pontoget.com.br] > > > > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM > > > > > > > > > > > Cc: dev@cordova.apache.org > > > > > > > > > > > Subject: Re: Build signed archives using CLI > > > > > > > > > > > > > > > > > > > > > > I agree with pretty much everything mentioned, but > > > > > > > > > > > as far as I know cordova is trying it's best to > > > > > > > > > > > not depend on anything to be in > > /platforms/<TARGET_PLATFORM>/. > > > > > > > > > > > Having said that, the package command > > > > > > > > > > should > > > > > > > > > > > always expect things to be in config.xml or > > > > > > > > > > > something like > > > > > that. > > > > > > > > > > > > > > > > > > > > > > Also, the closer we are in naming things to what > > > > > > > > > > > they are already known > > > > > > > > > > as > > > > > > > > > > > in the native platform, the better. > > > > > > > > > > > > > > > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak > > > > > > > > > > > <subhag....@microsoft.com > > > > > > >: > > > > > > > > > > > > > > > > > > > > > > > Hey Cordova community, > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I am Subhag Oak, senior program manager on the > > > > > > > > > > > > Visual Studio team working on VS tools for Multi > > > > > > > > > > > > device hybrid apps. In line with the discussion > > > > > > > > > > > > of having a generic > > > > > Cordova ‘packaging’ > > > > > > > > > > > > command for all platforms, here is one > > > > > > > > > > > > proposal: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > As we all know, packaging an application for > > > > > > > > > > > > deployment > > > > > > requires > > > > > > > > > extra > > > > > > > > > > > > steps that are specific to the native platforms. > > > > > > > > > > > > A new generic Cordova CLI ‘package’ command can > > > > > > > > > > > > perform these platform specific actions to > > > > > > > > > > > > generate a final signed package ready for > > > > > > > > deployment: > > > > > > > > > > > > > > > > > > > > > > > > cordova package [platform] > > > > > > > > > > > > [--packageConfiguration] > > > > > > > > > > > > {-- –-sign[location] > > > > > > > > > > > > -- –-embed[location] -- > > > > > > > > > > > > --signIdentity[location]}, where all > > > > > > the > > > > > > > > > > > > parameters within { } are platform specific > overrides. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > If no platform is specified, the command will > > > > > > > > > > > > build packages > > > > > > for > > > > > > > > > > > > all platforms added. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > The values for –packageConfiguration are > > > > > > > > > > > > interpreted by the > > > > > > > > > respective > > > > > > > > > > > > platforms. For Android and Windows, the value > > > > > > > > > > > > can be debug or > > > > > > > > > release, > > > > > > > > > > > > with release being the default value. For iOS, > > > > > > > > > > > > the possible values are development, adhoc or > > > > > > > > > > > > store with development being the default value. > > > > > > > > > > > > The > > > > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity > > > > > > > > > > > > are optional iOS specific signing arguments for > > > > > > > > > > > > specifying the location of > > > > > > > > > code-signing > > > > > > > > > > > > certificate, the provisioning profile or the > > > > > > > > > > > > code signing identity (certificates along with > > > > > > > > > > > > public and private keys) > > > > > > > > respectively. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > e.g: > > > > > > > > > > > > > > > > > > > > > > > > · ‘cordova package iOS’ would generate a > signed > > > ipa > > > > > > with > > > > > > > > > > > > development profile, using code signing identity > > > > > > > > > > > > defined in > > > > > > > > > > > build.xcconfig: > > > > > > > > > > > > > > > > > > > > > > > > // to list all installed iOS identities, run: > > > > > > > > > > > > > > > > > > > > > > > > // security find-identity | sed -n > > > > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone' > > > > > > > > > > > > > > > > > > > > > > > > // generic 'iPhone Developer' (no quotes) will > > > > > > > > > > > > match the right Identity with the right > > > > > > > > > > > > Provisioning // Profile plus Certificate, based > > > > > > > > > > > > on the app bundle id > > > > > > > > > > > > > > > > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > · ‘cordova package android’ would generate a > > > > release > > > > > > > signed > > > > > > > > > > using > > > > > > > > > > > > the packaging assets (keystore, alias and > > > > > > > > > > > > password) defined in the ant.properties files > > > > > > > > > > > > using the ANT > > build. > > > > > > > > > > > > This would be using gradle.propoerties once > > > > > > > > > > > > cordova changes to gradle build like the one > > > > > > > > > > > > Andrew mentions > > > below. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > · ‘Cordova package windows’ would generate a > > > signed > > > > > > APPX > > > > > > > > > > package. > > > > > > > > > > > > This will use the following tools in the Windows SDK: > > > > > > > > > > > > > > > > > > > > > > > > • An unsigned packaged Windows > Store > > > > app, > > > > > > for > > > > > > > > > > example, > > > > > > > > > > > > an .APPX file created by using the app packager > > > > > > > > > > > > (MakeAppx.exe) tool > > > > > > > > > > > > > > > > > > > > > > > > • A valid code signing > certificate, > > > for > > > > > > > > example, a > > > > > > > > > > > > Personal Information Exchange (.pfx) file > > > > > > > > > > > > created with the MakeCert.exe and Pvk2Pfx.exe > > > > > > > > > > > > tools > > > > > > > > > > > > > > > > > > > > > > > > • SignTool, which is part of the > > > Windows > > > > > SDK > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Here is how the package command should work. The > > > > > > > > > > > > proposal is to make the ‘package’ command work > > > > > > > > > > > > on convention (similar to the Cordova > > > > > > > > > build > > > > > > > > > > > > command) rather than config settings. The > > > > > > > > > > > > command would look > > > > > > out > > > > > > > > > > > > for packaging assets in the “platform\ > > [native-platform]” > > > > > > folder. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > For android, the contents of the ant.properties > > > > > > > > > > > > (keystore, password, alias and alias password) > > > > > > > > > > > > would be used for > > > > > > packaging. > > > > > > > > > > > > If any of > > > > > > > > > these > > > > > > > > > > > > properties is missing in ant.properties [or > > > > > > > > > > > > gradle.properties for gradle build] or if the > > > > > > > > > > > > file is missing, the command would prompt the > > > > > > > > > > > > user for these value at the command prompt. If > > > > > > > > > > > > the values provided > > > > > > > > > are > > > > > > > > > > > > invalid, the command would fail. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > For iOS, the contents of build.xcconfig specify > > > > > > > > > > > > the code-sign certificate and the provisioning > > > > > > > > > > > > profile to be used. The > > > > > > default > > > > > > > > > > > > build.xcconfig file is setup to handle different > > > > > > > > > > > > information by build profile based on the > > > > > > > > > > > > configuration defined in the > > > > > > command. > > > > > > > > > > > > Build.xcconfig can also support signing > > > > > > > > > > > > identities that tie the code-sign certificate > > > > > > > > > > > > with the provisioning > > > > profile. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Tools like VS and other IDEs, which use cordova > > > > > > > > > > > > CLI, may need > > > > > > an > > > > > > > > > > > > explicit way to specify certs/profile for > > > > > > > > > > > > packaging for iOS (since > > > > > > > > > the > > > > > > > > > > > > build needs to happen on MAC agent) instead of > > > > > > > > > > > > the assets being defined in the build.xcconfig. > > > > > > > > > > > > One way to allow this is by > > > > > > using > > > > > > > > > > > > optional platform specific arguments to the > > > > > > > > > > > > package command > > > > > > like: > > > > > > > > > > > > > > > > > > > > > > > > Cordova package iOS --development --sign > > > > “d:\cert\mycert.cer” > > > > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning” > > > > > > > > > > > > > > > > > > > > > > > > This command will run the xcrun command to > > > > > > > > > > > > generate a signed > > > > > > IPA > > > > > > > > > > > > with development provisioning profile. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I would love to hear your comments, insights and > > > > > > > > > > > > feedback on this > > > > > > > > > > > proposal. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Subhag Oak | Senior Program Manager > > > > > > > > > > > > > > > > > > > > > > > > Visual Studio, Client Tools > > > > > > > > > > > > > > > > > > > > > > > > s...@microsoft.com > > > > > > > > > > > > > > > > > > > > > > > > 425 707 5598 office > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > > > > > > > From: agri...@google.com > > > > > > > > > > > > [mailto:agri...@google.com] On Behalf Of Andrew > > > > > > > > > > > > Grieve > > > > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM > > > > > > > > > > > > To: Shazron > > > > > > > > > > > > Cc: tommy-carlos williams; > > > > > > > > > > > > dev@cordova.apache.org > > > > > > > > > > > > Subject: Re: Build signed archives using CLI > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > For Android Gradle, what's in (and experimental) > > > > > > > > > > > > right > > > now: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Environment variable > "RELEASE_SIGNING_PROPERTIES_FILE" > > > > > > > > > > > > points > > > > > > to > > > > > > > > > > > > a .properties file that contains: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > storeFile=relative/path/to/keystore.p12 > > > > > > > > > > > > > > > > > > > > > > > > storePassword=SECRET1 > > > > > > > > > > > > > > > > > > > > > > > > storeType=pkcs12 > > > > > > > > > > > > > > > > > > > > > > > > keyAlias=DebugSigningKey > > > > > > > > > > > > > > > > > > > > > > > > keyPassword=SECRET2 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Topics to discuss: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 1) Combine platform info into one file, or leave > > > separate? > > > > > > > > > > > > > > > > > > > > > > > > - Leaning towards together > > > > > > > > > > > > > > > > > > > > > > > > 2) have config.xml point to signing info? > > > > > > > > > > > > > > > > > > > > > > > > - I think no, since signing info you often want > > > > > > > > > > > > to not check in / > > > > > > > > > keep > > > > > > > > > > > > secure > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Strawman: > > > > > > > > > > > > > > > > > > > > > > > > If a file "cordova-keys.json" exists as a > > > > > > > > > > > > sibling to www/, then use it. It should look like: > > > > > > > > > > > > > > > > > > > > > > > > { > > > > > > > > > > > > > > > > > > > > > > > > "android": { > > > > > > > > > > > > > > > > > > > > > > > > "storeFile": "relative/path.p12" > > > > > > > > > > > > > > > > > > > > > > > > ... > > > > > > > > > > > > > > > > > > > > > > > > }, > > > > > > > > > > > > > > > > > > > > > > > > "ios": { > > > > > > > > > > > > > > > > > > > > > > > > }, > > > > > > > > > > > > > > > > > > > > > > > > ... > > > > > > > > > > > > > > > > > > > > > > > > } > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Android signs debug builds as well (not sure if > > > > > > > > > > > > other platforms do this too?), so maybe also > > > > > > > > > > > > allow > > > > > > > > > > > > > > > > > > > > > > > > "android-release" as an alias for "android", > > > > > > > > > > > > and > > > > > > > > > > > > > > > > > > > > > > > > "android-debug" > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron > > > > > > > > > > > > <shaz...@gmail.com > > > > > > > <mailto: > > > > > > > > > > > > shaz...@gmail.com>> wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I did open an issue for this two years ago: > > > > > > > > > > > > > > > > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369 > > > > > > > > > > > > > > > > > > > > > > > > > and we did discuss this as well 2 yrs ago: > > > > > > > > > > > > > > > > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctv > > > > > > > > > > > > > sq > > > > > > > > > > > > > nm > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Seems to be of great value - so let's get > > > > > > > > > > > > > going on this > > > > > > > > > > > > > ;) > > > > > > The > > > > > > > > > > > > > CLI has > > > > > > > > > > > > > > > > > > > > > > > > > (I think) matured more since then to allow > > > > > > > > > > > > > this > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos > > > > > > > > > > > > > williams > > > > > > > > > > > > > > > > > > > > > > > > > <to...@devgeeks.org<mailto:to...@devgeeks.org> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Frederico’s workflow is the same as ours. I > > > > > > > > > > > > > > would love to see > > > > > > > > > > > > > > > > > > > > > > > > > > something happen To improve this, the less > > > > > > > > > > > > > > time I spend in Xcode, > > > > > > > > > > > > > > > > > > > > > > > > > > the happier I am > > > > > > > > > > > > > > > > > > > > > > > > > ;) > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico > > > > > > > > > > > > > > Galvão ( > > > > > > > > > > > > > > > > > > > > > > > > > > frederico.gal...@pontoget.com.br<mailto: > > > > > > > > > > > > frederico.gal...@pontoget.com.br>) wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I can already get the ultimate .apk through > > > > > > > > > > > > > > "cordova build > > > > > > > > > android > > > > > > > > > > > > > > > > > > > > > > > > > > --release", but I already have the required > > > > > > > > > > > > > > .properties properly > > > > > > > > > > > > > > > > > > > > > > > > > configured > > > > > > > > > > > > > > > > > > > > > > > > > > in my platform/android folder, specifying > > > > > > > > > > > > > > the path and name to my > > > > > > > > > > > > > > > > > > > > > > > > > > keystores. The "cordova build android --release" > > > > > > > > > > > > > > already gives me > > > > > > > > > > > > > > > > > > > > > > > > > > the signed and ready .apk, all I have to do > > > > > > > > > > > > > > is upload it to > > > > > > > > > > > > play.google.com. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > I have never, however, used cordova's CLI to > > > > > > > > > > > > > > build the > > > > > > final > > > > > > > > > > > > > > > > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do > > > > > > > > > > > > > > is run "cordova > > > > > > > > > > > > > > > > > > > > > > > > > > prepare", and use xCode > > > > > > > > > > > > > > > > > > > > > > > > > from > > > > > > > > > > > > > > > > > > > > > > > > > > then on to build, package, sign, and upload. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram > > > > > > > > > > > > > > Narasimhan (MS OPEN > > > > > > > > > > > > > > TECH) < > > > > > > > > > > > > > > > > > > > > > > > > > > panar...@microsoft.com<mailto:panarasi@micro > > > > > > > > > > > > > > so > > > > > > > > > > > > > > ft > > > > > > > > > > > > > > .c > > > > > > > > > > > > > > om > > > > >>: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > How about a "cordova package" command, > > > > > > > > > > > > > > > that would be for packaging > > > > > > > > > > > > > > > > > > > > > > > > > > > the > > > > > > > > > > > > > > > > > > > > > > > > > > app > > > > > > > > > > > > > > > > > > > > > > > > > > > for the store? Note that different > > > > > > > > > > > > > > > platforms may have different > > > > > > > > > > > > > > > > > > > > > > > > > > > requirements for certs, signing etc. So it > > > > > > > > > > > > > > > may make sense to > > > > > > > > > > > > > > > > > > > > > > > > > > > promote > > > > > > > > > > > > > > > > > > > > > > > > > this > > > > > > > > > > > > > > > > > > > > > > > > > > > to a different command and let each > > > > > > > > > > > > > > > command take care of packaging > > > > > > > > > > > > > > > > > > > > > > > > > > > the > > > > > > > > > > > > > > > > > > > > > > > > > > app > > > > > > > > > > > > > > > > > > > > > > > > > > > for the store. This command will also mean > > > > > > > > > > > > > > > that > > > > > > developers > > > > > > > > > don’t > > > > > > > > > > > > > > > > > > > > > > > > > > > have > > > > > > > > > > > > > > > > > > > > > > > > > to > > > > > > > > > > > > > > > > > > > > > > > > > > go > > > > > > > > > > > > > > > > > > > > > > > > > > > over to the native projects when they > > > > > > > > > > > > > > > finally want to publish > > > > > > > > > > > > > > > > > > > > > > > > > > > their > > > > > > > > > > > > > > > > > > > > > > > > > apps > > > > > > > > > > > > > > > > > > > > > > > > > > to > > > > > > > > > > > > > > > > > > > > > > > > > > > the store. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -----Original Message----- > > > > > > > > > > > > > > > > > > > > > > > > > > > From: Josh Soref > > > > > > > > > > > > > > > [mailto:jso...@blackberry.com] > > > > > > > > > > > > > > > > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM > > > > > > > > > > > > > > > > > > > > > > > > > > > To: dev > > > > > > > > > > > > > > > > > > > > > > > > > > > Subject: Re: Build signed archives using > > > > > > > > > > > > > > > CLI > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > if you do: > > > > > > > > > > > > > > > > > > > > > > > > > > > Cordova build --release, > > > > > > > > > > > > > > > > > > > > > > > > > > > The blackberry10 platform will generate a > > > > > > > > > > > > > > > signed > > > > > image... > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" < > > > > > > agri...@chromium.org > > > > > > > > > > <mailto: > > > > > > > > > > > > agri...@chromium.org>> wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >AFAIK, I don't think there's any > > > > > > > > > > > > > > > >technical > > > > roadblocks. > > > > > > > > > > > > > > > >Just need > > > > > > > > > > > > > > > > > > > > > > > > > > > >a proposal for how it should look, and > > > > > > > > > > > > > > > >then a patch & docs to add > > > > > > > > > > > > it! > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >For Android's hot-off-the-press gradle > > > > > > > > > > > > > > > >support, you can set an > > > > > > > > > > > > > > > > > > > > > > > > > > > >environment variable that points to a > > > > > > > > > > > > > > > >.properties file for > > > > > > > > > > > > > > > > > > > > > > > > > > > >signing builds. This shows one way to go > > > > > > > > > > > > > > > >about it, but I'm not in > > > > > > > > > > > > > > > > > > > > > > > > > > > >love with > > > > > > > > > > > > > > > > > > > > > > > > > the > > > > > > > > > > > > > > > > > > > > > > > > > > > .properties idea. > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor > > > > > > > > > > > > > > > >Sosa > > > > > > > > > > > > > > > > > > > > > > > > > > > ><sosah.vic...@gmail.com<mailto:sosah.vict > > > > > > > > > > > > > > > >or > > > > > > > > > > > > > > > >@g > > > > > > > > > > > > > > > >ma > > > > > > > > > > > > > > > >il.c > > > > > > > > > > > > > > > >om>> > > > > > > > > > > > > > > > > > > > > > > > > > > > >wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Hi community. > > > > > > > > > > > > > > > > > > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Been looking at this topic and > > > > > > > > > > > > > > > >> wondering why the build command > > > > > > > > > > > > > > > > > > > > > > > > > > > >>does not create signed archives. Digging > > > > > > > > > > > > > > > >>a little bit found a > > > > > > > > > > > > > > > > > > > > > > > > > > > >>lot of differences in the platforms to > > > > > > > > > > > > > > > >>create these > > > > > > > > archives. > > > > > > > > > > > > > > > > > > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > >> For instance, in Android you need to 1. > > > > > > > > > > > > > > > >> Export your > > > > > > APK > > > > > > > > > > > > > > > >> in > > > > > > > > > > > > > > > > > > > > > > > > > > > >> release mode (--release flag) 2. Sign > > > > > > > > > > > > > > > >> your APK (you already > > > > > > > > > > > > > > > > > > > > > > > > > > > >> need a RSA key) > > > > > > > > > > > > > > > > > > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > >> In iOS, you need to: > > > > > > > > > > > > > > > > > > > > > > > > > > > >> 1. Export your APP using --device flag > > > > > > > > > > > > > > > >> (--release > > > > > > seems > > > > > > > > > > > > > > > >> to > > > > > > > > > > > > > > > > > > > > > > > > > > > >> export > > > > > > > > > > > > > > > > > > > > > > > > > for > > > > > > > > > > > > > > > > > > > > > > > > > > > >>emulator only) 2. Either use XCode > > > > > > > > > > > > > > > >>(UI-based) and sign the > > > > > > > > > > > > > > > > > > > > > > > > > > > >>archive or use xcrun (headless > > > > > > > > > > > > > > > > > > > > > > > > > > > >> process) > > > > > > > > > > > > > > > > > > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Besides these differences, what is > > > > > > > > > > > > > > > >> preventing Cordova from > > > > > > > > > > > > > > > > > > > > > > > > > > > >> providing a generic one-way to build > > > > > > > > > > > > > > > >> these signed, > > > > > > > > > > > > ready-to-publish archives? > > > > > > > > > > > > > > > > > > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Perhaps I'm missing something here...? > > > > > > > > > > > > > > > >> I really appreciate your > > > > > > > > > > > > > > > > > > > > > > > > > > > >>insights on this topic > > > > > > > > > > > > > > > > > > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Thanks! > > > > > > > > > > > > > > > > > > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > >> -- > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Victor Adrian Sosa Herrera > > > > > > > > > > > > > > > > > > > > > > > > > > > >> IBM Software Engineer > > > > > > > > > > > > > > > > > > > > > > > > > > > >> Guadalajara, Jalisco > > > > > > > > > > > > > > > > > > > > > > > > > > > >> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ------------------------------------------------------ > > > > > > > > > -- > > > > > > > > > -- > > > > > > > > > -- > > > > > > > > > ---- > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > > > > > > > > > > > > --- To unsubscribe, e-mail: > > > > > > > > > > > > > > > dev-unsubscr...@cordova.apache.org > > > > > > > > > > > > <mailto:dev-unsubscr...@cordova.apache.org> > > > > > > > > > > > > > > > > > > > > > > > > > > > For additional commands, e-mail: > > > > > > > > > > > > > > > dev-h...@cordova.apache.org > > > > > > > > > > > <mailto: > > > > > > > > > > > > dev-h...@cordova.apache.org> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > *Frederico Galvão* > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Diretor de Tecnologia > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > PontoGet Inovação Web > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ( +55(62) 8131-5720 > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > * > > > > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com. > > > > > > > > > > > > > > br > > > > > > > > > > > > > > > > > > > > > > > > > > > > > < > > > > > > > > > > > > http://www.pontoget.com/> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > > > > > > > > > > > > > > > > *Frederico Galvão* > > > > > > > > > > > > > > > > > > > > > > Diretor de Tecnologia > > > > > > > > > > > > > > > > > > > > > > PontoGet Inovação Web > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > ( +55(62) 8131-5720 > > > > > > > > > > > > > > > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/> > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -------------------------------------------------------- > > > > > > > > -- > > > > > > > > -- > > > > > > > > -- > > > > > > > > ---- > > > > > > > > --- To unsubscribe, e-mail: > > > > > > > > dev-unsubscr...@cordova.apache.org > > > > > > > > For additional commands, e-mail: > > > > > > > > dev-h...@cordova.apache.org > > > > > > > > > > > > > > > > -------------------------------------------------------- > > > > > > > > -- > > > > > > > > -- > > > > > > > > -- > > > > > > > > ---- > > > > > > > > --- To unsubscribe, e-mail: > > > > > > > > dev-unsubscr...@cordova.apache.org > > > > > > > > For additional commands, e-mail: > > > > > > > > dev-h...@cordova.apache.org > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > Carlos Santana > > > > > > > <csantan...@gmail.com> > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > > > Victor Adrian Sosa Herrera IBM Software Engineer > > > > > > > Guadalajara, Jalisco > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > -- > > > > > Victor Adrian Sosa Herrera > > > > > IBM Software Engineer > > > > > Guadalajara, Jalisco > > > > > > > > > > > > > > > > > > > > > -- > > > > Victor Adrian Sosa Herrera > > > > IBM Software Engineer > > > > Guadalajara, Jalisco > > > > > > > B > KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB > > > [ X ܚX K K[XZ[ > > > ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[ > > > ] Z [ ܙ ݘK \ X K ܙ B > > > > > > > > > > > -- > > Victor Adrian Sosa Herrera > > IBM Software Engineer > > Guadalajara, Jalisco > > > > > > -- > Carlos Santana > <csantan...@gmail.com> >