问题
My Android build works fine in Continuous Integration, except for androidSigning: Gradle can allow for a developer to catch the keystore path and passwords in clear. Which is not satisfactory.
1- Have you a workaround for that? Such as password encryption... 2- My idea is now to build with Gradle, and sign and zipalign with Maven.
Currently I succeed in signing an existing apk, but cannot zipalign the signed apk. Here is the pom.xml located in the app folder:
<profiles>
<profile>
<id>sign</id>
<build>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-jarsigner-plugin</artifactId>
<version>1.4</version>
<executions>
<execution>
<id>signing</id>
<goals>
<goal>sign</goal>
</goals>
... all parameters ok...
</execution>
</executions>
</plugin>
<plugin>
<groupId>com.jayway.maven.plugins.android.generation2</groupId>
<artifactId>android-maven-plugin</artifactId>
<version>3.8.2</version>
<inherited>true</inherited>
<configuration>
<sign>
<debug>false</debug>
</sign>
<zipalign>
<verbose>true</verbose>
<inputApk>${apk.build.directory}/app-release-unsigned.apk</inputApk>
<outputApk>${apk.build.directory}/app-release-signed-aligned.apk</outputApk>
<skip>false</skip>
</zipalign>
</configuration>
<executions>
<execution>
<id>alignApk</id>
<phase>package</phase>
<goals>
<goal>zipalign</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</profile>
</profiles>
Results is
[INFO] --- maven-jarsigner-plugin:1.4:sign (signing) @ mavensigning ---
[INFO] 1 archive(s) traitées
[INFO]
[INFO] --- android-maven-plugin:3.8.2:zipalign (alignApk) @ mavensigning ---
[INFO] Skipping zipalign on pom
Any idea why I cannont perform zipalign?
来源:https://stackoverflow.com/questions/29824603/android-building-with-gradle-signing-with-maven