14

为避免以纯文本形式写入密钥库密码,我尝试将依赖项添加到由 android Gradle 插件创建的assembleRelease任务中。

我已经检查了 Gradle 文档Manipulating existing tasks但我无法将依赖项放在应有的位置

这是我的任务,在android 插件上方的$root$/myApp/build.gradle中定义。

task readPasswordFromInput << {
    def console = System.console()

    ext.keystorePassword = console.readLine('\n\n\n> Enter keystore password: ')
}

apply plugin: 'android'

然后,我尝试了 Gradle 提供的两种可能性:task.dependsOntask.doFirst,但都没有。后者似乎被忽略了,而dependsOn确实添加了依赖项,但在依赖项链中为时已晚。运行./gradlew tasks --all打印这个

:assembleRelease - Assembles all Release builds [libs:ActionBarSherlock:bundleRelease, libs:DataDroid:bundleRelease, libs:SlidingMenu:bundleRelease]
    :compileRelease
    ...
    [SEVERAL TASKS]
    ...
    :packageRelease
    ...
    [SEVERAL TASKS]
    ...
    :readPasswordFromInput

问题是,任务包Release中需要keystore密码

顺便说一句,这可以按我的意愿工作

buildTypes {
        release {
            def console = System.console()

            ext.keystorePassword = console.readLine('\n\n\n> IF building release apk, enter keystore password: ')

            debuggable false

            signingConfigs.release.storePassword = ext.keystorePassword
            signingConfigs.release.keyPassword = ext.keystorePassword

            signingConfig signingConfigs.release
        }
    }

但是每次使用gradlew时它都会要求输入密码,无论是clean还是assemble

谢谢!

编辑

感谢@Intae Kim,这是我的 build.gradle 2.0 版

task readPasswordFromInput << {
    def console = System.console()

    ext.keystorePassword = console.readLine('\n\n\n> Enter keystore password: ')

    android.signingConfigs.release.storePassword = ext.keystorePassword
    android.signingConfigs.release.keyPassword = ext.keystorePassword
}

tasks.whenTaskAdded { task ->
    if (task.name == 'validateReleaseSigning') {
        task.dependsOn readPasswordFromInput
    }
}

apply plugin: 'android'

然后,buildTypes

release {
    debuggable false

    signingConfig signingConfigs.release

    runProguard true
    proguardFile 'my-file.txt'
}

Gradle 正确执行,但它只生成一个 release-unsigned.apk

4

5 回答 5

11

尝试:

tasks.whenTaskAdded { task ->
    if (task.name == 'packageRelease') {
        task.dependsOn readPasswordFromInput
    }
}

与你的readPasswordFromInput任务。

更新:

通过这种方式,您可以看到以下代码有效。

def runTasks = gradle.startParameter.taskNames
if ('assemble' in runTasks || 'assembleRelease' in runTasks || 'a' in runTasks || 'aR' in runTasks) {
    android.signingConfigs.releaseSign.storeFile = file('/path/to/keystore')
    android.signingConfigs.releaseSign.storePassword = System.console().readLine('KeyStore Password: ')
    android.signingConfigs.releaseSign.keyAlias = ...
    android.signingConfigs.releaseSign.keyPassword = System.console().readLine('Alias Password: ')
    android.buildTypes.release.signingConfig = android.signingConfigs.releaseSign
}

如果您遇到构建失败,可能需要在以下位置分配一个空的 keysign 配置android.signingConfig

android {
    ...
    signingConfigs {
        releaseSign
    }
    ...
于 2013-07-05T08:24:31.397 回答
6

这是我发布密钥签名的完整解决方案。

  1. 它检测控制台是否在守护程序模式下不可用。
  2. 它隐藏密码。

gradle --no-daemon assembleRelease如果您使用的是守护程序模式,请使用。

buildscript {
    repositories {
        mavenCentral()
    }

    dependencies {
        classpath 'com.android.tools.build:gradle:0.5.+'
    }
}

tasks.whenTaskAdded { task ->
    if (task.name == 'validateReleaseSigning')
        task.dependsOn keystoreInfo
}

apply plugin: 'android'

repositories {
    mavenCentral()
}

android {
    compileSdkVersion 18
    buildToolsVersion '18.0.1'

    defaultConfig {
        minSdkVersion 7
        targetSdkVersion 18
    }

    signingConfigs {
        release {
            release {
                storeFile file('release.keystore')
                storePassword ''
                keyAlias ''
                keyPassword ''
            }
        }

        buildTypes {
            release {
                debuggable false
                signingConfig signingConfigs.release
            }
        }
    }
}

task keystoreInfo << {
    def console = System.console()
    if (console == null)
        throw new IllegalStateException('no console available, use --no-daemon flag')

    def storeFile = console.readLine('Keystore: ')
    def storePassword = console.readPassword('Keystore password: ')
    def keyAlias = console.readLine('Key alias: ')
    def keyPassword = console.readPassword('Key password: ')

    android.signingConfigs.release.storeFile = file(storeFile)
    android.signingConfigs.release.storePassword = new String(storePassword)
    android.signingConfigs.release.keyAlias = keyAlias
    android.signingConfigs.release.keyPassword = new String(keyPassword)
}

要点http://gist.github.com/grzegorz-zur/6416924

于 2013-09-02T20:16:33.687 回答
3

我已经创建了解决方案,对我来说很好,你可以测试一下

android { 
    signingConfigs {
        release {
            storeFile = file('android.keystore')
            keyAlias = "my_key_alias"
        }
    }

    buildTypes {
        release {
            signingConfig signingConfigs.release
        }
    }
}

task readPasswordFromInput << {
    if(!project.hasProperty('keyStore') || !project.hasProperty('keyPass') || !project.hasProperty('storePass')) {
        println "\n\$ Enter signing details manually or run with \"-PkeyStore={key.store.name} -PstorePass={StoreSecretPassword} -PkeyPass={KeySecretPassword}\""   
    }

    if(!project.hasProperty('keyStore')) {
        def newKeyStore = System.console().readLine("\n\$ Enter keystore location or enter (default: android.keystore): ")
        if(newKeyStore != '') android.signingConfigs.release.storeFile = file('${newKeyStore}')
    } else {
        android.signingConfigs.release.storeFile = file(project.keyStore)
    }

    android.signingConfigs.release.storePassword = project.hasProperty('storePass') ? project.storePass : new String(System.console().readPassword("\$ Store password: "))
        android.signingConfigs.release.keyPassword = project.hasProperty('keyPass') ? project.keyPass : new String(System.console().readPassword("\$ Key password: "))
}

tasks.whenTaskAdded { task ->
    if (task.name == 'validateReleaseSigning') {
        task.dependsOn readPasswordFromInput
    }
}

然后,您可以在提示时从 CLI 传递所有参数(使用readPassword,因此它不可见),或者您可以将它们作为 CLI 参数传递给脚本

gradle assemble
gradle assemble -PkeyStore="~/.android/my.keystore"
gradle assemble -PkeyStore="~/.android/my.keystore" -PstorePass="MyStorePass"
gradle assemble -PkeyStore="~/.android/my.keystore" -PstorePass="MyStorePass" -PkeyPass="MyKeyPass"
于 2013-09-01T19:25:15.167 回答
0

这就是我所做的。

task('readPasswordFromInput') << {
    def console = System.console()

    ext.keystorePassword = console.readLine('\n\n\n> Enter keystore password: ')

    android.signingConfigs.release.storePassword = ext.keystorePassword
    android.signingConfigs.release.keyPassword = ext.keystorePassword
}

tasks.whenTaskAdded { task ->
    if (task.name.matches("validateReleaseSigning")) {
        task.dependsOn('readPasswordFromInput')
    }
}


signingConfigs {
    debug {
        storeFile file("my-debug-key.keystore")
    }

    release {
        storeFile file("my-release-key.keystore")
        storePassword ""
        keyAlias "release_key"
        keyPassword ""
    }
}
于 2013-07-17T12:08:16.243 回答
0

谷歌最近添加了一种官方方式来做到这一点,见https://developer.android.com/studio/publish/app-signing.html#secure-shared-keystore

它可能无法回答我最初的问题(询问密码),但我认为这是简化部署和保证凭据安全的更好方法。

于 2016-08-31T14:53:50.003 回答