On Mon, Jun 13, 2016 at 3:34 PM, fitz <[email protected]> wrote: > Release Android App Automatically and Securely > > There are mainly two steps: (1) Generate the signed apk (2) Release to the > google play store. > Generate the signed apk automatically: > > 1. (Need Help) Generate keystore file > > Use Command Line: > https://developer.android.com/studio/publish/app-signing.html#signing-manually > keytool -genkey -v -keystore my-release-key.keystore -alias alias_name > -keyalg RSA -keysize 2048 -validity 10000 > Or use Android studio: > https://developer.android.com/studio/publish/app-signing.html#release-mode > > Maybe we should generate a new, secure and stable private key for the future > android development and release. WDYT? > > 2. (Need Help) Define gradle global values: > > (Gradle user home: /home/hudsonagent/.gradle in > jenkins)(http://stackoverflow.com/questions/18328730/how-to-create-a-release-signed-apk-file-using-gradle) > To ensure the security of the keystore, we can’t directly put the > key_password, key_alias, store_password values in the github source. So > where do we define these values? The gradle global properties may be a good > choice. First we should define some global properties for all Gradle builds > in the USER_HOME/.gradle/gradle.properties. For the jenkins server, > GRADLE_USER_HOME = /home/hudsonagent/.gradle. If no gradle.properties file, > just create a new file and add the following properties. > > # android release key username and password > RELEASE_STORE_FILE=F:\\xwiki\\AndroidAuthKey.jks > RELEASE_STORE_PASSWORD=android > RELEASE_KEY_ALIAS=authenticator > RELEASE_KEY_PASSWORD=android > > I have no right to login and access the jenkins agent-1, so could you help > me create the global gradle.properties file in /home/hudsonagent/.gradle and > correctly set the four properties. Thanks in advance. :) > > 3. Add the following code to build.gradle > > > if(project.hasProperty("RELEASE_STORE_FILE")) { > signingConfigs { > release { > storeFile file(RELEASE_STORE_FILE) > storePassword RELEASE_STORE_PASSWORD > keyAlias RELEASE_KEY_ALIAS > keyPassword RELEASE_KEY_PASSWORD > } > } > } > > buildTypes { > if(project.hasProperty("RELEASE_STORE_FILE")) { > release { > signingConfig signingConfigs.release > } > } > } > > 4. Gradle clean build > -> then we can generate app-release.apk signed by the keystore in jenkins.
Will do as soon as I get back access to agent 1-1. > > > Release automatically in Google play store: > > > 1. (Need Help) Setup for Google API access: > > Following this link: > https://github.com/codepath/android_guides/wiki/Automating-Publishing-to-the-Play-Store. > Set the google api access and download the p12 key file. > But I have no permission to configure API access. It shows in the google > play console: > <http://xwiki.475771.n2.nabble.com/file/n7599946/api_access.png> > > So could you help me configure the API access? Or maybe should download the > p12 key file. Thank you in advance. :) > > 2. (Need Help) Jenkins plugin Settings: > > (1) Install the jenkins plugin "Google Play Android Publisher plugin" > (2) Add Credentials and import the p12 key file downloaded during the first > step of setting up Google API access. > <http://xwiki.475771.n2.nabble.com/file/n7599946/add_credentials.png> > > 3. Add a post-build step to your existing Jenkins project. > > <http://xwiki.475771.n2.nabble.com/file/n7599946/post_build.png> > > That’s all I can think of right now. I have tried and generated the release > apk in the jenkins server on my local computer. As I have no permission to > configure the google play api, so now I haven’t tried the automated release. > I don't know if this method is the best for the automated and secure release > of the android open source project, but it should be feasible. > > What do you think? :) I'm not sure "automated release" is such a need. Configure agent 1-1 to do release from it, sure. Agent 1-1 is XWiki's release agent so why not making it Android Authenticator release agent (we have to put the key somewhere). But a release of Android Authenticator should be a conscious decision IMO and you should do that only when you are sure the branch is OK. > > Thanks, > Fitz > > > > > -- > View this message in context: > http://xwiki.475771.n2.nabble.com/contrib-android-authenticator-About-Releasing-Android-App-Automatically-and-Securely-tp7599946.html > Sent from the XWiki- Dev mailing list archive at Nabble.com. > _______________________________________________ > devs mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/devs -- Thomas Mortagne _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
