Add sign_apk_unsafe.sh to the repo

2020-02-04 00:09:35 +01:00 · 2020-02-04 00:09:35 +01:00 · badb4042ce
parent c3bb421c1e
commit badb4042ce
1 changed files with 53 additions and 0 deletions
--- a/tools/release/sign_apk_unsafe.sh
+++ b/tools/release/sign_apk_unsafe.sh
@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+
+# Copy and adaptation of ./sign_apk.sh, which takes 2 more params: key store pass and key pass.
+# It's unsafe to use it because it takes password as parameter, so passwords will
+# remain in the terminal history.
+
+set -e
+
+if [[ -z "${ANDROID_HOME}" ]]; then
+    echo "Env variable ANDROID_HOME is not set, should be set to something like ~/Library/Android/sdk"
+    exit 1
+fi
+
+if [[ "$#" -ne 4 ]]; then
+  echo "Usage: $0 KEYSTORE_PATH APK KS_PASS KEY_PASS" >&2
+  exit 1
+fi
+
+# Get the command line parameters
+PARAM_KEYSTORE_PATH=$1
+PARAM_APK=$2
+PARAM_KS_PASS=$3
+PARAM_KEY_PASS=$4
+
+# Other params
+BUILD_TOOLS_VERSION="28.0.3"
+MIN_SDK_VERSION=19
+
+echo "Signing APK with build-tools version ${BUILD_TOOLS_VERSION} for min SDK version ${MIN_SDK_VERSION}..."
+
+APK_SIGNER_PATH=${ANDROID_HOME}/build-tools/${BUILD_TOOLS_VERSION}
+
+${APK_SIGNER_PATH}/apksigner sign \
+    -v \
+    --ks ${PARAM_KEYSTORE_PATH} \
+    --ks-pass pass:${PARAM_KS_PASS} \
+    --ks-key-alias riot.im \
+    --key-pass pass:${PARAM_KEY_PASS} \
+    --min-sdk-version ${MIN_SDK_VERSION} \
+    ${PARAM_APK}
+
+# Verify the signature
+echo "Verifying the signature..."
+
+# Note: we ignore warning on META-INF files
+${APK_SIGNER_PATH}/apksigner verify \
+    -v \
+    --min-sdk-version ${MIN_SDK_VERSION} \
+    ${PARAM_APK} \
+    | grep -v "WARNING: META-INF/"
+
+echo
+echo "Congratulations! The APK ${PARAM_APK} is now signed!"