The solution to this problem I want to share with you in this article is to encode the KeyStore file and also safely store it in your secrets, just like the credentials. Even if your credentials are safely stored in the secrets, you don’t want everyone to be able to access your KeyStore file. While this might be an acceptable trade-off for private repositories, it can not be an option for a public repository.
However, if you work in a team, in most cases you want everyone to be able to access the respective Keystore and credentials.īecause sharing the credentials and KeyStore is a security issue, a common approach is to upload the KeyStore to version control and store the credentials in the respective secrets.
If you are working alone on your app, you can easily use the Android Studio’s built-in Generate Signed Bundle/APK function. jks ( Java KeyStore) file that contains your certificate. To be able to sign your application, you need to generate a. Releasing an app to an app store like the Google Play Store is a common task that Android developers have to go through.īecause you need to verify that you are the owner of the respective app, you need to digitally sign your APK ( Android application package) or AAB ( Android App Bundle) before being able to upload it.
0 kommentar(er)
