Android Gradle - load signing config from external file

Question

In Gradle for Android it seems to be commons practice to define your signing config for release build like this:

android {
    signingConfigs {
        debug {
            storeFile file("debug.keystore")
        }

        myConfig {
            storeFile file("other.keystore")
            storePassword "android"
            keyAlias "androiddebugkey"
            keyPassword "android"
        }
    }

    buildTypes {
        foo {
            debuggable true
            jniDebugBuild true
            signingConfig signingConfigs.myConfig
        }
    }
}

Thing is, I want to keep my build.gradle file in version control and don't have a good feeling having the password for my keystore (which is the same I use for other stuff, stupid, I know) on some git server.

Is there a way to load the signingConfig from an external file from somewhere on my hard drive?

Does this answer your question? [Sign APK without putting keystore info in build.gradle](https://stackoverflow.com/questions/20562189/sign-apk-without-putting-keystore-info-in-build-gradle) — Mahozad, Apr 15 '22 at 13:57

score 34 · Accepted Answer · answered Jun 17 '14 at 13:16

I use something like this.

I have a signing.properties in my app root folder.

STORE_FILE=xxxx
STORE_PASSWORD=xxx
KEY_ALIAS=xxx
KEY_PASSWORD=xxx

This file is not on under version control. Of course you can change folder.

Then in your build.gradle you can use something like this:

 android {

        signingConfigs {
            release
        }

        buildTypes {
                release {
                    signingConfig signingConfigs.release
                }     
        }
    }

    def Properties props = new Properties()
    def propFile = file('../signing.properties')
    if (propFile.canRead()){
        props.load(new FileInputStream(propFile))

        if (props!=null && props.containsKey('STORE_FILE') && props.containsKey('STORE_PASSWORD') &&
                props.containsKey('KEY_ALIAS') && props.containsKey('KEY_PASSWORD')) {

            android.signingConfigs.release.storeFile = file(props['STORE_FILE'])
            android.signingConfigs.release.storePassword = props['STORE_PASSWORD']
            android.signingConfigs.release.keyAlias = props['KEY_ALIAS']
            android.signingConfigs.release.keyPassword = props['KEY_PASSWORD']
        } else {
            android.buildTypes.release.signingConfig = null
        }
    }else {
        android.buildTypes.release.signingConfig = null
    }

If you change the folder, you have to change this line:

 def propFile = file('../signing.properties')

I'm trying the same, but instead of hard coding the path I'm taking path from `local.properties` it can read the file but showing `Error:(33, 0) Malformed \uxxxx encoding.` in the line `properties.load(new FileInputStream(propFile))` I even hard coded the path and tried but of no use. Any help? — Kavin Prabhu, Aug 09 '16 at 07:59

Willi Mentzel · Answer 2 · 2022-12-04T16:08:18.933

For Kotlin Script (build.gradle.kts)

Put a file signing.properties where the module specific build.gradle.kts is found. Don't forget to add it to your .gitignore file!

signing.properties

storeFilePath=/home/willi/example.keystore
storePassword=secret
keyPassword=secret
keyAlias=myReleaseSigningKey

build.gradle.kts

android {
    // ...
    signingConfigs {
        create("release") {
            val properties = Properties().apply {
                load(File("signing.properties").reader())
            }
            storeFile = File(properties.getProperty("storeFilePath"))
            storePassword = properties.getProperty("storePassword")
            keyPassword = properties.getProperty("keyPassword")
            keyAlias = properties.getProperty("keyAlias")
        }
    }

    buildTypes {
        getByName("release") {
            signingConfig = signingConfigs.getByName("release")
            // ...
        }
    }
}

You're using hardcoded keyAlias, not the one in properties file — Jakoss, Jun 03 '21 at 09:41

score 3 · Answer 3 · answered Apr 13 '20 at 12:21

For Groovy (build.gradle)

Put a file signing.properties where the module specific build.gradle is found. Don't forget to add it to your .gitignore file!

signing.properties

storeFilePath=/home/willi/example.keystore
storePassword=secret
keyPassword=secret
keyAlias=myReleaseSigningKey

build.gradle

android {
    // ...
    signingConfigs{
        release {
            def props = new Properties()

            def fileInputStream = new FileInputStream(file('../signing.properties'))
            props.load(fileInputStream)
            fileInputStream.close()

            storeFile = file(props['storeFilePath'])
            storePassword = props['storePassword']
            keyAlias = props['keyAlias']
            keyPassword = props['keyPassword']
        }
    }

    buildTypes {
        release {
            signingConfig signingConfigs.release
            // ...
        }
    }
}

score 1 · Answer 4 · answered Jun 17 '14 at 12:31

1

You can move your sensitive details to a separate signing file and have gradle load those in.

Here's a good article on how to do it

answered Jun 17 '14 at 12:31

CodeChimp

4,745
6
45
61

Android Gradle - load signing config from external file

4 Answers4

For Kotlin Script (build.gradle.kts)

For Groovy (build.gradle)

Linked