Closed mcomella closed 4 years ago
The build and signing script failed on the last release too https://github.com/mozilla-mobile/firefox-echo-show/issues/287 – I wonder if there's anything to be learned here.
The zipalign docs say:
Caution: You must use zipalign at one of two specific points in the app-building process, depending on which app-signing tool you use:
If you use apksigner, zipalign must only be performed before the APK file has been signed. If you sign your APK using apksigner and make further changes to the APK, its signature is invalidated.
If you use jarsigner, zipalign must only be performed after the APK file has been signed.
https://developer.android.com/studio/command-line/zipalign
I wonder if we switched to using apksigner. I did verify that moving zipalign to before the signing does seem to address the issue (though we still get warnings about manifest files not being protected by the signature).
Steps to reproduce
./tools/sign_release.sh
Expected behavior
Build and sign successful
Actual behavior
Build and sign fails at
apksigner verify
: