Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
239 views
in Technique[技术] by (71.8m points)

git - Should I commit release key store for Android app to team repository?

We are developing android app in team. To create signed release apk you should set key store path, password, key alias and key password. If I want me and any my team member could create signed apk with same signature should I commit key store file to source control?

question from:https://stackoverflow.com/questions/33780137/should-i-commit-release-key-store-for-android-app-to-team-repository

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)

You should not.

Release keystore is the most sensitive data.

In my team, there is only one people can sign the release package. (And may be one for backing up).

All sensitive info MUST be ignored and we make a reference to these info.

In my team, we config like that:

On Android Studio:

/local.properties file:

storeFile=[path/to/keystore/file]
keyAlias=[alias's key]
keyPassword=[alias's password]
storePassword=[key's password]

/app/build.gradle, config scope:

signingConfigs {
  release {
    Properties properties = new Properties()
    properties.load(project.rootProject.file('local.properties').newDataInputStream())
    storeFile file(properties.getProperty('storeFile'))
    keyAlias properties.getProperty('keyAlias')
    storePassword properties.getProperty('storePassword')
    keyPassword properties.getProperty('keyPassword')
  }
}

buildTypes {
  release {
    minifyEnabled false
    proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
    signingConfig signingConfigs.release
  }
  .
  .
  .
}

See my complete demo config:

apply plugin: 'com.android.application'

android {
    compileSdkVersion 21
    buildToolsVersion "22.0.1"

    defaultConfig {
        multiDexEnabled = true

        applicationId "com.appconus.demoapp"
        minSdkVersion 16
        targetSdkVersion 21
        multiDexEnabled = true
        versionCode 18
        versionName "1.3"
    }

    signingConfigs {
        release {
            Properties properties = new Properties()
            properties.load(project.rootProject.file('local.properties').newDataInputStream())
            storeFile file(properties.getProperty('storeFile'))
            keyAlias properties.getProperty('keyAlias')
            storePassword properties.getProperty('storePassword')
            keyPassword properties.getProperty('keyPassword')
        }
    }

    buildTypes {
        release {
            minifyEnabled false
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
            signingConfig signingConfigs.release
        }
        debug {
            minifyEnabled false
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
        applicationVariants.all { variant ->
            appendVersionNameVersionCode(variant, defaultConfig)
        }
    }
}
dependencies {
    compile 'com.google.android.gms:play-services:8.1.0'
}

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...