Develop Reference

React Native: How to store android keystore file and its password securely in CircleCI

I am working on integrating circleCI in our react native project.
I started with the first workflow which is android build, which requires the keystore file and it's alias and passwords, to achieve this task, I've used openssl to encrypt/decrypt the keystore file and store file's passwords to the circleCI env variables (and for my local environment I'm using react-native-config).
This is my build.gradle file:
signingConfigs {
debug {
storeFile file('debug.keystore')
storePassword 'android'
keyAlias 'androiddebugkey'
keyPassword 'android'
}
release {
if (project.hasProperty('MYAPP_UPLOAD_STORE_FILE')) {
storeFile file(MYAPP_UPLOAD_STORE_FILE)
storePassword project.env.get('MYAPP_UPLOAD_STORE_PASSWORD')
keyAlias project.env.get('MYAPP_UPLOAD_KEY_ALIAS')
keyPassword project.env.get('MYAPP_UPLOAD_KEY_PASSWORD')
}
}
}
MYAPP_UPLOAD_STORE_FILE stored in the gradle.properties and the rest in env vars
I've git this error
FAILURE: Build failed with an exception.
* What went wrong:
Execution failed for task ':app:packageRelease'.
> A failure occurred while executing com.android.build.gradle.tasks.PackageAndroidArtifact$IncrementalSplitterRunnable
> SigningConfig "release" is missing required property "storePassword".
A quick note: I can generate a release APK on my device
Is there any other approach to do this tedious task. Thanks in advance

I found a good resource which is in the CircleCI Docs itself: deploy-android-applications

Flutter - Azure Devops: Sign android on PC & on azure devops without sharing the JKS and key.properties file through git?

I built an Azure Devops pipeline what signs the apk after it is done:
- task: AndroidSigning#3
displayName: 'Signing and aligning APK file(s) **/*.apk'
inputs:
apkFiles: '**/*.apk'
apksign: true
apksignerKeystoreFile: upload-keystore.jks
apksignerKeystorePassword: $(upload-keystore-password)
apksignerKeystoreAlias: upload
apksignerKeyPassword: $(upload-keystore-password)
It signs the APK as it should. The problem that I have this in my build.gradle:
buildTypes {
release {
// TODO: Add your own signing config for the release build.
// Signing with the debug keys for now, so `flutter run --release` works.
signingConfig signingConfigs.debug
shrinkResources false // Add this line
minifyEnabled false // Also add this line
}
}
As you can see it is not setup to sign by my key. Like this the signing works in pipeline but does not work if I use the flutter build apk in console.
But if I setup the build.gradle as the docs says https://docs.flutter.dev/deployment/android:
signingConfigs {
release {
keyAlias keystoreProperties['keyAlias']
keyPassword keystoreProperties['keyPassword']
storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
storePassword keystoreProperties['storePassword']
}
}
buildTypes {
release {
signingConfig signingConfigs.release
}
}
Then the pipeline throws the
* What went wrong:
Execution failed for task ':app:validateSigningRelease'.
> Keystore file not set for signing config release
error because I'd rather not git add the key.properties that has the password or my JKS file that I sign the APK with.
I'd like the pipeline to work but also if I use the flutter build apk command it gives me a signed APK.
What could be the solution?

key password from Keystore

I've used this command
keytool -genkey -v -keystore ~/nutella.jks -keyalg RSA -keysize 2048 -validity 10000 -alias nutella
to generate a Keystore. It works fine but From what I've read this command should also prompt you for a key password(not the store password)? I never got this prompt.
I can run
keytool -v -list -keystore //nutella.jks
to see the contents of the Keystore. And the key seems to be there...ie the correct alias is there.
Where do I get/set the password for the the particular alias?
I have a key.properties in the android directory
storePassword=password
keyPassword=password
keyAlias=ballotbox
storeFile=/Users/gerardhorgan/ballotbox.jks
and in build.gradle I have:
def keystoreProperties = new Properties()
def keystorePropertiesFile = rootProject.file('key.properties')
if (keystorePropertiesFile.exists()) {
keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
}
android {
compileSdkVersion 28
sourceSets {
main.java.srcDirs += 'src/main/kotlin'
}
lintOptions {
disable 'InvalidPackage'
}
defaultConfig {
// TODO: Specify your own unique Application ID (https://developer.android.com/studio/build/application-id.html).
applicationId "app.ballotbox.app"
minSdkVersion 16
targetSdkVersion 28
versionCode flutterVersionCode.toInteger()
versionName flutterVersionName
testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
}
signingConfigs {
release {
keyAlias keystoreProperties['keyAlias']
keyPassword keystoreProperties['keyPassword']
storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
storePassword keystoreProperties['storePassword']
}
}
buildTypes {
release {
signingConfig signingConfigs.release
}
}
}
When I try to generate a release build I get
Execution failed for task ':app:validateSigningRelease'.
> Keystore file not set for signing config release
I think it might have something to with keyPassword because I didn't set this and read somewhere you can use the storePassword.
`

Try android, it's the default one.

May be the issue is with the wrong alias.
In this code you have mentioned -alias = nutella at the end.
keytool -genkey -v -keystore ~/nutella.jks -keyalg RSA -keysize 2048 -validity 10000 -alias nutella
But in key.properties you have keyAlias=ballotbox.
Secondly, as per official guide,
The -storetype JKS tag is only required for Java 9 or newer. As of the Java 9 release, the keystore type defaults to PKS12.
That means, if you don't provide -storetype JKS in the command to generate keystore, the generated keystore file is of type PKS12 and not JKS. It seems in PKS12 format you can only set store password and the same password is used for key password during build. So, when I had different passwords set in key.properties file for store and key, I was getting "given-final-block-not-properly-padded" error, and no error when both were same.

could not generate APK on react native : :app:lintVitalRelease

I create a key with this command :
keytool -genkey -v -keystore first-key.keystore -alias first-key-alias -keyalg RSA -keysize 2048 -validity 1000
and add this to gradle file :
signingConfigs {
release {
storeFile file('/home/mohamadreza/keys/first-key.keystore')
storePassword '1234567890'
keyAlias = 'first-key-alias'
keyPassword 'qq-2012'
}
}
buildTypes {
release {
// Caution! In production, you need to generate your own keystore file.
// see https://facebook.github.io/react-native/docs/signed-apk-android.
signingConfig signingConfigs.release
minifyEnabled enableProguardInReleaseBuilds
proguardFiles getDefaultProguardFile("proguard-android.txt"), "proguard-rules.pro"
}
}
then I run this command:
cd android && ./gradlew assembleRelease
I got this error:
Could not determine the dependencies of task ':app:lintVitalRelease'.
> Could not resolve all task dependencies for configuration ':app:lintClassPath'.
> Could not find com.android.tools.lint:lint-gradle:26.4.2.
Searched in the following locations:
...
my classpath : classpath('com.android.tools.build:gradle:3.4.2')
how can I fix it?

This same issue I faced today.
I tried the following thing:
I deleted the output.json file from the folder
"yourProject/android/app/build/outputs/apk/release".
And RUN command to build the application.
It worked for me.
Hope will work for you too

Android Generate Signed APK Error?

My first Android project is finish. I want to load Google Play.
when I make build -> Generate Signed APK give error android studio.
For Gradle-based projects, the signing configuration should be
specified in the Gradle build scripts.See the Gradle User Guide for
more info."
I tried to sign configs as this sample
signingConfigs {
release {
storeFile file("mykeystore")
storePassword "mypassword"
keyAlias "my alias"
keyPassword "mykeypassword"
}
}
buildTypes {
release {
signingConfig signingConfigs.release
}
}
But I dont know mykeystore and my password and other infos.
release {
storeFile file("mykeystore") -> what is mykeystore ?
storePassword "mypassword" -> what is mypassword ?
keyAlias "my alias" -> what is myalias ?
keyPassword "mykeypassword" -> what is mykeypassword ?
}
I cant build apk my project. This is my first project.
I use android studio 2.0.11 and mac os x lion.
Please help. Sorry bad english.
Thanks.