This guide covers the 2 options for signing Android applications in Nevercode:

• Out-of-the-box method for signing Android applications
• Signing Android applications using custom variables

Generating a keystore file

You need to generate a keystore to be able to use either of the application signing methods.

1. Open your command line utility and use the keytool command.
2. Run the command shown below in the root folder of your project following this SO example.

keytool -genkey -v -keystore keystore_name.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000

3. Save the generated keystore file and other information for it, such as password for keystore file, key alias and key password.

Alternatively, you could follow the instructions for app signing here.

Out-of-the-box method for signing Android applications

To enable code signing on Nevercode, you must upload your keystore file and provide the information required for code signing. Nevercode will then automatically sign your APK each time it is built.

1. Navigate to the Code signing section in your project settings.
2. Select Android code signing as the method for Signing files management.
3. Click the Keystore field and upload the keystore file.
4. Enter the password in the Keystore password field.
5. Enter the Key alias and Key password.
6. Click Save to enable signing your Android application.

🚧

Avoiding possible code signing issues

Please make sure that you do not call any local code signing methods configured in your build.gradle file as this may interfer with our out-of-the-box signing method. For example, you could add the following condition to the buildTypes section as well as to the signingConfigs section of your build.gradle file to ensure that local signing configurations are called only when you're building locally:

buildTypes {
    release {
      if (System.getenv()["CI"]) {
        // do nothing
      } else {
        signingConfig signingConfig.release
      }
    }
  }

Signing Android applications using custom variables

It is often the case that you cannot store your signing files in the repository, but still want to get signed binaries from Nevercode. To overcome this issue, you can use the custom environment variables and environment files functionality Nevercode provides.

📘

Read more about uploading environment files and setting custom environment variables here.

To set up signing your Android application using custom variables:

1. Set the following environment variables in Nevercode (using the values from generating your keystore file):

NC_KEYSTORE_PASSWORD=myKeystorePassword
NC_KEY_ALIAS=MyReleaseKey
NC_KEY_PASSWORD=myKeypassword

2. Upload your keystore as an environment file to Nevercode with the name NC_KEYSTORE_PATH.

3. Set your signing config in build.gradle as follows:

...
android {
    ...
    defaultConfig { ... }

    signingConfigs {
        release {
            if (System.getenv()["CI"]) { // CI=true is exported by Nevercode
                storeFile file(System.getenv()["NC_KEYSTORE_PATH"])
                storePassword System.getenv()["NC_KEYSTORE_PASSWORD"]
                keyAlias System.getenv()["NC_KEY_ALIAS"]
                keyPassword System.getenv()["NC_KEY_PASSWORD"]
            } else {
                storeFile file("/path/to/local/myreleasekey.keystore")
                storePassword "password"
                keyAlias "MyReleaseKey"
                keyPassword "password"
            }
        }
    }

    buildTypes {
        release {
            ...
            signingConfig signingConfigs.release
        }
    }
}
...