Closed devinreams closed 5 years ago
also see https://mozilla.github.io/application-services/docs/applications/signing-android-apps.html
Bitrise might not be an approved party as part of the main mozilla
github org
Our bitrise pipeline is now building and signing (with a test keystore) via the "deploy" pipeline. We've got the "Hello World" app installed across multiple devices. ✅
I sent an email to release management to confirm their desired approach to have us sign via app-services instructions ~or if they'd prefer using the Google Play signing abilities: https://developer.android.com/studio/publish/app-signing#google-play-app-signing~
@devinreams Please add a checklist item to request secops@m.c to generate the real APK signing key when needed. Remember - that key can never be changed once it's associated with the app.
tracking the key gen and autograph changes in https://bugzilla.mozilla.org/show_bug.cgi?id=1492941 (let me know if you want to be CC'd)
I just tested and confirmed the Autograph keys and service. Thanks again @g-k! 🏅
I then hooked up the Autograph service with stage and prod keys to bitrise (for PR and default branch builds, respectively) in a "Sign APK" step. Both builds installed locally on my test device as expected. ✅
We're now ready to share the prod-signed APK with release management to set up the Play Store...
Closing this as done and spinning up a separate issue to deploy to Play Store and document our release process at #111
Looking at bitrise as a possible solution to run tests, sign the app, and deploy to Play Store: https://devcenter.bitrise.io/tutorials/deploy/android-deployment/
Here's the instructions from release management: https://wiki.mozilla.org/Release_Management/Adding_a_new_app_on_Google_play
Here's the doc to set up our app: https://docs.google.com/document/d/1limKjc3Qk2IcqTjoaAPQ7p2yS19O0KNCEAFgqzHKmYU/edit?usp=sharing