This repository has been archived by the owner on Nov 28, 2024. It is now read-only.
forked from bitrise-steplib/steps-sign-apk
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathstep.yml
223 lines (205 loc) · 9.36 KB
/
step.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
title: Android Sign
summary: Signs your APK or Android App Bundle before uploading it to Google Play Store.
description: |-
Once you have uploaded your keystore file and provided your keystore credentials on the **Code Signing** tab of the **App Settings** page, the **Android Sign** Step signs your APK digitally.
Bitrise assigns Environment Variables to the uploaded file and credentials, and uses those in the respective fields of the **Android Sign** Step.
Once the Step runs, it produces a signed APK or App Bundle which will be used as the input value of the **App file path** field in the **Google Play Deploy** Step.
### Configuring the Step
1. Add the **Android Sign** Step after a build Step in your deploy workflow.
2. Upload the keystore file to the **Upload file** field on the **Code Signing** tab.
3. Provide your keystore password, keystore alias and private key password to the relevant fields on the **Code Signing** tab.
4. Run your build.
### Troubleshooting
Make sure you have the **Android Sign** Step right after a build Steps but before **Deploy to Google Play** Step in your deploy workflow.
If you wish to get your Android project signed automatically, use the **Android Sign** Step and do not set any gradle task for the signing, otherwise, the Step will fail.
### Useful links
- [Android code signing using Android Sign Step](https://devcenter.bitrise.io/code-signing/android-code-signing/android-code-signing-using-bitrise-sign-apk-step/)
- [Android deployment](https://devcenter.bitrise.io/deploy/android-deploy/android-deployment-index/)
### Related Steps
- [Android Build](https://www.bitrise.io/integrations/steps/android-build)
- [Gradle Runner](https://www.bitrise.io/integrations/steps/gradle-runner)
- [Deploy to Bitrise.io](https://www.bitrise.io/integrations/steps/deploy-to-bitrise-io)
website: https://github.com/bitrise-steplib/steps-sign-apk
source_code_url: https://github.com/bitrise-steplib/steps-sign-apk
support_url: https://github.com/bitrise-steplib/steps-sign-apk/issues
host_os_tags:
- osx-10.10
- ubuntu
project_type_tags:
- android
- xamarin
- react-native
- cordova
- ionic
type_tags:
- code-sign
is_requires_admin_user: false
is_always_run: false
is_skippable: false
toolkit:
go:
package_name: github.com/bitrise-steplib/steps-sign-apk
inputs:
- android_app: $BITRISE_APK_PATH\n$BITRISE_AAB_PATH
opts:
title: App file path.
summary: "`Android App Bundle (.aab)` or `Android Application Package (.apk)`"
description: |-
Path(s) to the build artifact file to sign (`.aab` or `.apk`).
You can provide multiple build artifact file paths separated by `|` character.
Format examples:
- `/path/to/my/app.apk`
- `/path/to/my/app1.apk|/path/to/my/app2.apk|/path/to/my/app3.apk`
- `/path/to/my/app.aab`
- `/path/to/my/app1.aab|/path/to/my/app2.apk|/path/to/my/app3.aab`
is_required: true
- keystore_url: $BITRISEIO_ANDROID_KEYSTORE_URL
opts:
title: Keystore url
description: |-
For remote keystores you can provide any download location (e.g. `https://URL/TO/keystore.jks`).
For local keystores provide file path url. (e.g. `file://PATH/TO/keystore.jks`).
is_required: true
is_sensitive: true
- keystore_password: $BITRISEIO_ANDROID_KEYSTORE_PASSWORD
opts:
title: Keystore password
description: Matching password to `keystore_url`. Do not confuse this with `key_password`!
is_required: true
is_sensitive: true
- keystore_alias: $BITRISEIO_ANDROID_KEYSTORE_ALIAS
opts:
title: Key alias
description: Alias of key inside `keystore_url`.
is_required: true
is_sensitive: true
- private_key_password: $BITRISEIO_ANDROID_KEYSTORE_PRIVATE_KEY_PASSWORD
opts:
title: Key password
description: |
If key password equals to keystore password (not recommended), you can leave it empty.
Otherwise specify the private key password.
is_sensitive: true
- page_align: automatic
opts:
title: Page alignment
is_required: true
value_options:
- "true"
- "false"
- automatic
description: |
If enabled, it tells zipalign to use memory page alignment for stored shared object files.
- `automatic`: Enable page alignment for .so files, unless atribute `extractNativeLibs="true"` is set in the AndroidManifest.xml
- `true`: Enable memory page alignment for .so files
- `false`: Disable memory page alignment for .so files
- signer_tool: automatic
opts:
title: Signer tool
is_required: true
value_options:
- automatic
- apksigner
- jarsigner
description: |
Indicates which tool should be used for signing the app.
- `automatic`: Uses the `apksigner` tool to sign an APK and `jarsigner` tool to sign an AAB file.
- `apksigner`: Uses the `apksigner` tool to sign the app.
- `jarsigner`: Uses the `jarsigner` tool to sign the app.
- signer_scheme: automatic
opts:
title: APK Signature Scheme
is_required: true
value_options:
- automatic
- v2
- v3
- v4
description: |
If set, enforces which Signature Scheme should be used by the project.
- `automatic`: The tool uses the values of `--min-sdk-version` and `--max-sdk-version` to decide when to apply this Signature Scheme.
- `v2`: Sets `--v2-signing-enabled` true, and determines whether apksigner signs the given APK package using the APK Signature Scheme v2.
- `v3`: Sets `--v3-signing-enabled` true, and determines whether apksigner signs the given APK package using the APK Signature Scheme v3.
- `v4`: Sets `--v4-signing-enabled` true, and determines whether apksigner signs the given APK package using the APK Signature Scheme v4. This scheme produces a signature in an separate file (apk-name.apk.idsig). If true and the APK is not signed, then a v2 or v3 signature is generated based on the values of `--min-sdk-version` and `--max-sdk-version`.
- debuggable_permitted: "true"
opts:
title: Enable debuggable APKs
is_required: true
value_options:
- "true"
- "false"
description: |
Whether to permit signing `android:debuggable="true"` APKs. Android disables some of its security protections for such apps.
- output_name: ""
opts:
title: Artifact name
summary: Name of the produced output artifact
description: |
If empty, then the output name is `app-release-bitrise-signed`.
Otherwise, it's the specified name. Do not add the file extension here.
- verbose_log: "false"
opts:
title: Enable verbose logging?
description: Enable verbose logging?
is_required: true
value_options:
- "true"
- "false"
- apk_path:
opts:
title: "[DEPRECATED] Build artifact path."
category: Deprecated
summary: "`Android App Bundle (.aab)` or `Android Aplication Package (.apk)`. Deprecated, use `android_app` instead."
description: |-
__This input is deprecated and will be removed on 20 August 2019, use `App file path` input instead!__
Path(s) to the build artifact file to sign (`.aab` or `.apk`).
You can provide multiple build artifact file paths separated by `|` character.
Deprecated, use `android_app` instead.
Format examples:
- `/path/to/my/app.apk`
- `/path/to/my/app1.apk|/path/to/my/app2.apk|/path/to/my/app3.apk`
- `/path/to/my/app.aab`
- `/path/to/my/app1.aab|/path/to/my/app2.apk|/path/to/my/app3.aab`
outputs:
- BITRISE_SIGNED_APK_PATH:
opts:
title: Path of the signed APK
summary: Path of the signed APK
description: |-
This output will include the path of the signed APK.
If the build generates more than one APK this output will contain the last one's path.
- BITRISE_SIGNED_APK_PATH_LIST:
opts:
title: List of the signed APK paths
summary: List of the signed (and copied) APK paths
description: |-
This output will include the paths of the generated APKs
If multiple APKs are provided for signing the output paths are separated with `|` character, for example, `app-armeabi-v7a-debug.apk|app-mips-debug.apk|app-x86-debug.apk`
- BITRISE_SIGNED_AAB_PATH:
opts:
title: Path of the signed AAB
summary: Path of the signed AAB
description: |-
This output will include the path of the signed AAB.
If the build generates more than one AAB this output will contain the last one's path.
- BITRISE_SIGNED_AAB_PATH_LIST:
opts:
title: List of the signed AAB paths
summary: List of the signed (and copied) AAB paths
description: |-
This output will include the paths of the generated AABs.
If multiple AABs are provided for signing the output paths are separated with `|` character, for example, `app-armeabi-v7a-debug.aab|app-mips-debug.aab|app-x86-debug.aab`
- BITRISE_APK_PATH:
opts:
title: Path of the signed APK
summary: Path of the signed APK
description: |-
This output will include the path(s) of the signed APK(s).
If multiple APKs are provided for signing the output paths are separated with `|` character, for example, `app-armeabi-v7a-debug.apk|app-mips-debug.apk|app-x86-debug.apk`
- BITRISE_AAB_PATH:
opts:
title: Path of the signed AAB
summary: Path of the signed AAB
description: |-
This output will include the path(s) of the signed AAB(s).
If multiple AABs are provided for signing the output paths are separated with `|` character, for example, `app-armeabi-v7a-debug.aab|app-mips-debug.aab|app-x86-debug.aab`