Signing Android applications

How to sign Android applications in Nevercode?

This guide covers the 2 options for signing Android applications in Nevercode:

Generating a keystore file

You need to generate a keystore to be able to use either of the application signing methods.

  1. Open your command line utility and use the keytool command.
  2. Run the command shown below in the root folder of your project following this SO example.
keytool -genkey -v -keystore keystore_name.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
  1. Save the generated keystore file and other information for it, such as password for keystore file, key alias and key password.

Alternatively, you could follow the instructions for app signing here.

Out-of-the-box method for signing Android applications

To upload the keystore file to Nevercode:

  1. Navigate to the Code signing section in your project settings.
  2. Select Android code signing as the method for Signing Files Management.
  3. Click the Keystore field and upload the keystore file.
  4. Enter the password in the Keystore password field.
  5. Enter the Key alias and Key password.
  6. Click Save to enable signing your Android application.

Signing Android applications using custom variables

It is often the case that you cannot store your signing files in the repository, but still want to get signed binaries from Nevercode. To overcome this issue, you can use the custom environment variables and environment files functionality Nevercode provides.

Read more about uploading environment files and setting custom environment variables here.

To set up signing your Android application using custom variables:

  1. Set the following environment variables in Nevercode (using the values from generating your keystore file):
NC_KEYSTORE_PASSWORD=myKeystorePassword
NC_KEY_ALIAS=MyReleaseKey
NC_KEY_PASSWORD=myKeypassword
  1. Upload your keystore as an environment file to Nevercode with the name NC_KEYSTORE_PATH.

  2. Set your signing config in build.gradle as follows:

...
android {
    ...
    defaultConfig { ... }

    signingConfigs {
        release {
            if (System.getenv()["CI"]) { // CI=true is exported by Nevercode
                storeFile file(System.getenv()["NC_KEYSTORE_PATH"])
                storePassword System.getenv()["NC_KEYSTORE_PASSWORD"]
                keyAlias System.getenv()["NC_KEY_ALIAS"]
                keyPassword System.getenv()["NC_KEY_PASSWORD"]
            } else {
                storeFile file("/path/to/local/myreleasekey.keystore")
                storePassword "password"
                keyAlias "MyReleaseKey"
                keyPassword "password"
            }
        }
    }

    buildTypes {
        release {
            ...
            signingConfig signingConfigs.release
        }
    }
}
...

Signing Android applications

How to sign Android applications in Nevercode?