marykarthur2civ / maven-android-plugin

Automatically exported from code.google.com/p/maven-android-plugin
0 stars 0 forks source link

Sign built apk with different keystore #2

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago
Need a way to sign with a different keystore than the debug keystore.

What version of maven-android-plugin are you using?
2.0.0-SNAPSHOT as of 2009-06-07.

What is the output of "mvn -version" on your machine?
Maven version: 2.0.10
Java version: 1.6.0_13
OS name: "linux" version: "2.6.28-11-generic" arch: "i386" Family: "unix"

Original issue reported on code.google.com by hugo.josefson.old@gmail.com on 7 Jun 2009 at 8:15

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Implementation note:
SignMojo, @goal sign
    Copy config from jarsigner plugin's JarSignMojo

        include in lifecycle
            last, after package

        * parameter debugSign
            default true  when no other keystores
                default false when other keystores

        * sign with different keystore:
            skip debug sign when creating apk
                execute jarsigner against apk with separate keystore

        * multiple keystores possible
        <keystores>
            <keystore>
                ...
            </keystore>
        </keystores>

Original comment by hugo.josefson.old@gmail.com on 7 Jun 2009 at 8:22

GoogleCodeExporter commented 9 years ago

Original comment by hugo.josefson.old@gmail.com on 7 Jun 2009 at 9:30

GoogleCodeExporter commented 9 years ago
Here's how jarsigner works:
http://java.sun.com/j2se/1.5.0/docs/tooldocs/windows/jarsigner.html

Here's maven jar plugin's sign mojo:
http://maven.apache.org/plugins/maven-jar-plugin/sign-mojo.html

Original comment by hugo.josefson.old@gmail.com on 7 Jun 2009 at 9:52

GoogleCodeExporter commented 9 years ago

Original comment by hugo.josefson.old@gmail.com on 16 Jul 2009 at 9:06

GoogleCodeExporter commented 9 years ago
Postponing until further notice, because we are now focusing on 
EclipseIntegration.

Original comment by hugo.josefson.old@gmail.com on 28 Jul 2009 at 8:30

GoogleCodeExporter commented 9 years ago
As alternative at least should be able to use jar:sign to build a application 
with
another key.

Right now getting error: "Not executing jar:sign as the project is not a Java 
module"

Original comment by explores...@gmail.com on 10 Oct 2009 at 7:18

GoogleCodeExporter commented 9 years ago
It is possible to sign apk files using the maven-jarsigner-plugin. By adding 
the profile below to the parent 
pom in a multi project structure you will be able to build, test and install 
the project by issuing the mvn 
install -Psign command.

{{{<profiles>
        <profile>
            <id>sign</id>
            <build>
                <plugins>
                    <plugin>
                        <groupId>org.apache.maven.plugins</groupId>
                        <artifactId>maven-jarsigner-plugin</artifactId>
                        <version>1.2</version>
                        <executions>
                            <execution>
                                <id>signing</id>
                                <goals>
                                    <goal>sign</goal>
                                </goals>
                                <phase>package</phase>
                                <inherited>true</inherited>
                                <configuration>
                                    <archiveDirectory></archiveDirectory>
                                    <includes>
                                        <include>target/*.apk</include>
                                    </includes>
                                    <keystore>path/to/keystore</keystore>
                                    <storepass>storepasword</storepass>
                                    <keypass>keypassword</keypass>
                                    <alias>key-alias</alias>
                                </configuration>
                            </execution>
                        </executions>
                    </plugin>
                    <plugin>
                        <groupId>com.jayway.maven.plugins.android.generation2</groupId>
                        <artifactId>maven-android-plugin</artifactId>
                        <inherited>true</inherited>
                        <configuration>
                            <sign>
                                <debug>false</debug>
                            </sign>
                        </configuration>
                    </plugin>
                </plugins>
            </build>
        </profile>
    </profiles>}}}

Replace the key store, alias and password properties with your own.

Original comment by thmalms...@gmail.com on 14 Dec 2009 at 10:17

GoogleCodeExporter commented 9 years ago
That looks great, Thomas!

It's better to use the existing functionality in the jarsigner plugin, than for 
us to
re-implement the same thing inside Maven Android Plugin. I think your solution  
is
quite elegant, with the profile which at the same time activates jarsigner, and
disables maven-android-plugin's debug signing.

Now it's a simple matter of using "-Psign" or not, depending on whether you 
want a
proper signature, or just the debug signature from maven-android-plugin's 
default
behavior.

You should put this up as a wiki page, and we can link to that from 
[Documentation]!

Marking this issue as "Fixed", because I see nothing more to code here.

Thanks!

Original comment by hugo.josefson.old@gmail.com on 14 Dec 2009 at 11:09

GoogleCodeExporter commented 9 years ago

Original comment by hugo.josefson.old@gmail.com on 14 Dec 2009 at 11:10

GoogleCodeExporter commented 9 years ago
I have now added a wiki page on how to do this:
http://code.google.com/p/maven-android-plugin/wiki/SigningAPKWithMavenJarsigner

/Tomas

Original comment by thmalms...@gmail.com on 5 Feb 2010 at 3:13

GoogleCodeExporter commented 9 years ago
Awesome! I think that deserves a mention and a link on the Documentation wiki 
page.
What section should it go into? Would "Reference" be suitable?

Thanks,
Hugo

Original comment by hugo.josefson.old@gmail.com on 5 Feb 2010 at 3:19

GoogleCodeExporter commented 9 years ago
Issue 55 has been merged into this issue.

Original comment by hugo.josefson.old@gmail.com on 28 Feb 2010 at 5:02

GoogleCodeExporter commented 9 years ago
[deleted comment]
GoogleCodeExporter commented 9 years ago
Added links to Thomas' signing and zipalign instructions on the Documentation 
wiki page. 
They were not easy to find before, but now they are!

Original comment by hugo.josefson.old@gmail.com on 28 Feb 2010 at 5:11

GoogleCodeExporter commented 9 years ago
Hi. Unfortunately 
http://maven-android-plugin-m2site.googlecode.com/svn/apk-mojo.html still links 
to this issue. It would be great if you can update link there so that it 
pointer people to 
https://code.google.com/p/maven-android-plugin/wiki/SigningAPKWithMavenJarsigner
 instead.

Original comment by blinov.v...@gmail.com on 22 May 2013 at 1:24