Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Xamarin.Android.Build.Tasks] Add EnvVar and File support for Signing APKs #3522

Merged
merged 1 commit into from
Aug 24, 2019
Merged

[Xamarin.Android.Build.Tasks] Add EnvVar and File support for Signing APKs #3522

merged 1 commit into from
Aug 24, 2019

Conversation

dellis1972
Copy link
Contributor

Fixes #3513

Both jarsigner and apksigner provide a way to use both
files and environment variables for the store and key passwords.

For jarsigner you have to suffix the parameter switch with either
:env or :file to use those options. For apksigner you have
to prefix the value with either :env, :file or :pass.

We currently only support raw passwords.

This commit adds support for using both env: and file: for
signing. When providing values for the MSBuild properties
such as AndroidSigningStorePass and AndroidSigningKeyPass all
they need to do is prefix the value with env: or file: to
use the alternative parameters.

/p:AndroidSigningKeyPass=env:MyPasswordEnvVar
/p:AndroidSigningKeyPass=file:PathToPasswordFile

This will stop passwords appearing in build logs etc.

jonathanpeppers
jonathanpeppers reviewed Aug 20, 2019
View reviewed changes
Copy link
Member

@jonathanpeppers jonathanpeppers left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we add a test doing combinations of:

  • jarsigner vs apksigner
  • file vs env var

@dellis1972
Copy link
Contributor Author

@jonathanpeppers was just doing that exact thing :D

@dellis1972 dellis1972 force-pushed the Issue3513 branch 2 times, most recently from a7549b4 to 00042ad Compare August 21, 2019 10:56
@dellis1972
[Xamarin.Android.Build.Tasks] Add EnvVar and File support for Signing…
343f598 
… APKs.

Fixes dotnet#3513

Both `jarsigner` and `apksigner` provide a way to use both
files and environment variables for the store and key passwords.

For `jarsigner` you have to suffix the parameter switch with either
`:env` or `:file` to use those options. For `apksigner` you have
to prefix the value with either `:env`, `:file` or `:pass`.

We currently only support raw passwords.

This commit adds support for using both `env:` and `file:` for
signing. When providing values for the MSBuild properties
such as `AndroidSigningStorePass` and `AndroidSigningKeyPass` all
they need to do is prefix the value with `env:` or `file:` to
use the alternative parameters.

	/p:AndroidSigningKeyPass=env:MyPasswordEnvVar
	/p:AndroidSigningKeyPass=file:PathToPasswordFile

This will stop passwords appearing in build logs etc.
@jonpryor jonpryor merged commit 04a4308 into dotnet:master Aug 24, 2019
@github-actions github-actions bot locked and limited conversation to collaborators Jan 29, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@mungojam mungojam mungojam left review comments

@jonathanpeppers jonathanpeppers jonathanpeppers approved these changes

@jonpryor jonpryor Awaiting requested review from jonpryor

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Provide way to sign package/bundle with custom keyfile without writing passphrase to log
4 participants
@dellis1972 @jonathanpeppers @mungojam @jonpryor