I was wondering if there is any way to automate the building of apk and ipa file and publish them into Google Play or App Store?
The idea is customer will be able to change some image and content from website console then build the apk or ipa with their own changes and publish the app into Google Play or App Store by their own from the website console.
So my question is, is there any tools or techniques that can be used to build the apk or ipa from website where by customer click event, that tool or technique will perform the build using the modified source code saved in the server and also publish the app using necessary process including app signing.
I am asking this because I found some app builder websites are providing this kind of service where customer can publish their app by their own.
I have searched the web for this, and did not find anything to try.
Yes, there are services for building & releasing apps automatically. A build server using the right tools can build your app and be responsible for signing & publishing to the stores. This takes a bit of time to setup properly, but once setup it shouldn't be much of a hassle.
Have a look at Fastlane, their service should match your needs for mobile apps and it widely adopted as a deployment solution. You can have a look at their doc on how to set it up yourself.
As to wether or not this is the proper solution for you remains discussable. If all your clients wish to do is update images & simple content, you're much better off with a CMS. This would allow your client to update all the content while the app is live. That way, you wouldn't have to push an update to the store just to change an image, and the app users won't have to update everytime (which you can never guarantee).
tl;dr: I'm wondering if there's anyway for me to ensure that the source code I (re)viewed on GitHub for an open-source project was actually used to build the APK I'm downloading from Google Play?
Let's say I want to find an app for encrypting files on my local Android device. There are several apps available when googling, many open-source. As I'm going to encrypt sensitive information, I'd like to ensure it's done correctly (and without bad intent), so I review the source code for the app. All looks okay, so I download the app from Google Play and start using it.
If the developer of the app wanted to, they could just offline modify the source code (in a "private build step", so to say), and inject whatever they want (send the unencrypted file content somewhere, fake-encrypt the files, whatever), build the APK and upload that APK to Google Play instead.
Is there anyway to verify the APK actually came from the source code?
I am trying to setup my own Server to host apk files which will be available for installs and updates in the client App.
On new version update of apk, only the updated part should get downloaded at the client end. I am able to generate a patch file using "bsdiff" at the server end. But at the client, how should I merge the patch file with the original apk and install the update.
Based on your question, it looks like you are looking for some kind of patching system. Normally Google play store takes of managing this. When you upload a new version of APK, it only download the difference on client's device which saves data for customers. However the merging of this done on Mobile itself.
Since you are not using google play store, the only way available could be a patching system like AndFix. Some more options can be found on this SO. Most of them require some code changes.
You can also follow the concept of expansion files described by Google. You should be able to mimic the approach.
Note: Google play policy discourages this approaches if you are distributing it though Google play store and not utilizing Google Play's update mechanism. You need to be careful in case you are planning to distribute your app through play store in later stages
I implemented a continuous integration pipeline using Jenkins, but as final step I want Jenkins to deploy/upload the signed APK file to Google Play Store and AndroidPit. I looked for Jenkins/Hudson plugins but only found two: one for Appaloosa and one for Zubhium.
I have a working developer account both on Google Play and on AndroidPit and can manually upload the APK that Jenkins produces. But my question is: Does anybody know a way to teach Jenkins (e.g. via a shell script?) to upload the APK to the mentioned app stores?
There is a Google Play Android Publisher plugin for Jenkins which uses the Google Play Publishing API, announced at Google I/O 2014.
Google has also released Java and Python libraries to help make use of the API.
For more info on the API, see also:
http://android-developers.blogspot.com/2014/07/grow-with-google-play-scaled-publishing.html
I can talk only for Google's Play Store. There is a way, but be warned, it isn't beautiful, you have to code your solution. I am right now writing a Bachelor Thesis to solve this problem - "Continuous Delivery for Android Applications". My solution is mine, this means I don't raise a claim to have the perfect solution, but I can say it is quite working prototype.
I found out the following:
The first Solution is none. Google offers an Play Store API, but it lacks to upload stuff. Seems that they were already thinking about to make such an API, but it only offers In-App billing control
The 2nd solution is to use Apache HttpComponents Library, which lets you implement your own Client for the Google Play Developer Console, but HttpClient lacks a JavaScript Interpreter... Several ways to implement or add one. But of course, not the easiest way.
The 3rd Solution I am working on, is to use Selenium Web Browser Automation Framework. So basically I create PageObjects from those Play Store Pages and dialogues. After that you can create some Factory to maintain "pathes" of controlling these PageObjects.
Using them you have two options as far as I can see, for instance the WebDriver Objects which uses an "invisible" browser process like FF or Chrome and another I use is ChromeDriver which uses a visible Browser process, to perform the User actions. And don't forget to have Exception Handlers, which scans the Webpage for appearing errors, while in use.
There are a lot of pitfalls, due to possible changes in the Design from Google, which lets your Software break. But there are also some ways to handle that. =) And create an XML containing all valueable information about an app, which comes in handy, when continueing to the next step.
You can create a Maven Plugin. This you can load into your Continuous Integration Server. I hope I could help you a bit.
Since Google Play released the upload API, a plugin has been made:
https://wiki.jenkins-ci.org/pages/viewpage.action?pageId=73533143
I haven't tried it yet, but looks like it's exactly what we were looking for.
There are other plugins that claim to do the same (thanks #mdt)
https://github.com/DavidHamm/google-play-publisher 404-this page does not exist
https://github.com/orrc/google-play-android-publisher-plugin
I believe it is not included in the PlayStore API currently to reduce stress on the system and to avoid abuse.
I believe we may see this in the gradle plugin and in the IDE in the future.
While we wait for google decide to open up the API, here is a solution, that is so sill, that i just had to propose it:
If you have a GUI, use GUI automation for the last step.
Google Play Android Publisher plugin for Jenkins is a good one. However, it doesn't support uploading descriptions and screenshots (at least for now).
I found decent Gradle plugin, called Gradle Play Publisher. It supports uploading apk, updating Metadata, and uploading screenshots. And it only needs a few steps to setup.
First go to Google Play Console in a browser, open the page for your app, and look for the option to allow a new email address to upload APKs. If it's not there, it probably means you are not the administrator of that Play Store account and you need to ask the person who is the administrator to add it for you (on a per-app basis). To find out what email address to add, go to Google Developer Service Accounts and create a JSON key for any of your existing Google developer service accounts, or create a new service account with a JSON key. Note the email address associated with the service account for which you have created (or will create) the JSON key. It will most likely be something at gserviceaccount.com. This is the email address that must be given permission to upload APKs by someone who has admin access to your Play account.
After that has been done, download Madison Dickson's updated version of Marta Rodriguez's script via wget https://gist.githubusercontent.com/mix3d/665f4ab329b4482297a2f425ebba402c/raw/0949385dd6c80d0701170746b1bd5fd479303412/basic_upload_apks_service_account.py and install dependencies via pip install google-api-python-client (or sudo pip install google-api-python-client as appropriate).
Then in the automated script you can use (for example) python basic_upload_apks_service_account.py -t beta -p org.example.MyApp -s JSON_file_I_made.json -a MyApp.apk (assuming your JSON file, your APK, and basic_upload_apks_service_account.py are all in the current directory and the pip install has been done on that machine or container).
I strongly recommend uploading to beta (hence -t beta in the above) rather than directly to production. Just in case something breaks and it somehow gets as far as the APK upload. I think the final press of "rollout to production" should always be done by a human. But if you really want to do that automatically as well, you can use -t production instead.
I am developing a paid app that I will be placing in the google play store, but I want to give away some copies of the app for free to reviewers, for promotions, etc. I know that I can just link to the apk file but that is not secure as anyone could then copy and re distribute it. My question is, is there a way to distribute an application outside of the google play store but in a secure manner? Are there other services that allow you to upload your apk and distribute the app to specific individuals?
If you're concerned about people redistributing your APK, anyone who can install your app can retrieve the APK from their phone and then make that APK available to others, if they wish.
A dedicated android app distribution service might have useful Play-Store-like features, but if that's not essential for you then you just need a non-public file distribution method.
Some possible means of distributing a file to a named set of individuals:
Email it directly (depending on the size of your apk)
Send it using a web-based file hosting + distribution tool (e.g. sharefile.com)
Host it on a website with logins that you control.
As I'm currently facing a similar task, I looked into Zubhium and HockeyApp. However, I haven't evaluated their potential, yet, I just browsed through the website. Maybe you can start from there.