/sign-android-release

A GitHub action to sign an APK or AAB

Primary LanguageJavaScriptMIT LicenseMIT

Sign Android Release Action

This action will help you sign an Android .apk or .aab (Android App Bundle) file for release.

Inputs

releaseDirectory

Required: The relative directory path in your project where your Android release file will be located

signingKeyBase64

Required: The base64 encoded signing key used to sign your app

This action will directly decode this input to a file to sign your release with. You can prepare your key by running this command on *nix systems.

openssl base64 < some_signing_key.jks | tr -d '\n' | tee some_signing_key.jks.base64.txt

Then copy the contents of the .txt file to your GH secrets

alias

Required: The alias of your signing key

keyStorePassword

Required: The password to your signing keystore

keyPassword

Optional: The private key password for your signing keystore

ENV: BUILD_TOOLS_VERSION

Optional: You can manually specify a version of build-tools to use. We use 29.0.3 by default.

Outputs

Output variables are set both locally and in environment variables.

signedReleaseFile/ ENV: SIGNED_RELEASE_FILE

The path to the single release file that have been signed with this action. Not set if several release files have been signed.

signedReleaseFiles / ENV: SIGNED_RELEASE_FILES

The paths to the release files that have been signed with this action, separated by :.

Example usage

Single APK

The output variable signedReleaseFile can be used in a release action.

steps:
  - uses: r0adkll/sign-android-release@v1
    name: Sign app APK
    # ID used to access action output
    id: sign_app
    with:
      releaseDirectory: app/build/outputs/apk/release
      signingKeyBase64: ${{ secrets.SIGNING_KEY }}
      alias: ${{ secrets.ALIAS }}
      keyStorePassword: ${{ secrets.KEY_STORE_PASSWORD }}
      keyPassword: ${{ secrets.KEY_PASSWORD }}
    env:
      # override default build-tools version (29.0.3) -- optional
      BUILD_TOOLS_VERSION: "30.0.2"

  # Example use of `signedReleaseFile` output -- not needed
  - uses: actions/upload-artifact@v2
    with:
      name: Signed app bundle
      path: ${{steps.sign_app.outputs.signedReleaseFile}}

Multiple APKs, multiple variables

The output variables signedReleaseFileX can be used to refer to each signed release file.

steps:
  - uses: r0adkll/sign-android-release@v1
    id: sign_app
    with:
      releaseDirectory: app/build/outputs/apk/release
      signingKeyBase64: ${{ secrets.SIGNING_KEY }}
      alias: ${{ secrets.ALIAS }}
      keyStorePassword: ${{ secrets.KEY_STORE_PASSWORD }}
      keyPassword: ${{ secrets.KEY_PASSWORD }}

  - name: Example Release
    uses: "marvinpinto/action-automatic-releases@latest"
    with:
      repo_token: "${{ secrets.GITHUB_TOKEN }}"
      automatic_release_tag: "latest"
      prerelease: true
      title: "Release X"
      files: |
        ${{ steps.sign_app.signedReleaseFile0 }}
        ${{ steps.sign_app.signedReleaseFile1 }}
        ${{ steps.sign_app.signedReleaseFile2 }}
        ${{ steps.sign_app.signedReleaseFile3 }}
        ${{ steps.sign_app.signedReleaseFile4 }}

Multiple APKs, single variable

The output variable signedReleaseFiles must be split first, before being used in a release action.

steps:
  - uses: r0adkll/sign-android-release@v1
    id: sign_app
    with:
      releaseDirectory: app/build/outputs/apk/release
      signingKeyBase64: ${{ secrets.SIGNING_KEY }}
      alias: ${{ secrets.ALIAS }}
      keyStorePassword: ${{ secrets.KEY_STORE_PASSWORD }}
      keyPassword: ${{ secrets.KEY_PASSWORD }}

  - uses: jungwinter/split@v1
    id: signed_files
    with:
      msg: ${{ steps.sign_app.signedReleaseFiles }}
      separator: ':'

  - name: Example Release
    uses: "marvinpinto/action-automatic-releases@latest"
    with:
      repo_token: "${{ secrets.GITHUB_TOKEN }}"
      automatic_release_tag: "latest"
      prerelease: true
      title: "Release X"
      files: |
        ${{ steps.signed_files._0 }}
        ${{ steps.signed_files._1 }}
        ${{ steps.signed_files._2 }}
        ${{ steps.signed_files._3 }}
        ${{ steps.signed_files._4 }}