SchildiChat-android/tools/release/sign_apk_unsafe.sh

54 lines
1.4 KiB
Bash
Executable File

#!/usr/bin/env bash
# Copy and adaptation of ./sign_apk.sh, which takes 2 more params: key store pass and key pass.
# It's unsafe to use it because it takes password as parameter, so passwords will
# remain in the terminal history.
set -e
if [[ -z "${ANDROID_HOME}" ]]; then
echo "Env variable ANDROID_HOME is not set, should be set to something like ~/Library/Android/sdk"
exit 1
fi
if [[ "$#" -ne 4 ]]; then
echo "Usage: $0 KEYSTORE_PATH APK KS_PASS KEY_PASS" >&2
exit 1
fi
# Get the command line parameters
PARAM_KEYSTORE_PATH=$1
PARAM_APK=$2
PARAM_KS_PASS=$3
PARAM_KEY_PASS=$4
# Other params
BUILD_TOOLS_VERSION="31.0.0"
MIN_SDK_VERSION=21
echo "Signing APK with build-tools version ${BUILD_TOOLS_VERSION} for min SDK version ${MIN_SDK_VERSION}..."
APK_SIGNER_PATH=${ANDROID_HOME}/build-tools/${BUILD_TOOLS_VERSION}
${APK_SIGNER_PATH}/apksigner sign \
-v \
--ks ${PARAM_KEYSTORE_PATH} \
--ks-pass pass:${PARAM_KS_PASS} \
--ks-key-alias riot.im \
--key-pass pass:${PARAM_KEY_PASS} \
--min-sdk-version ${MIN_SDK_VERSION} \
${PARAM_APK}
# Verify the signature
echo "Verifying the signature..."
# Note: we ignore warning on META-INF files
${APK_SIGNER_PATH}/apksigner verify \
-v \
--min-sdk-version ${MIN_SDK_VERSION} \
${PARAM_APK} \
| grep -v "WARNING: META-INF/"
echo
echo "Congratulations! The APK ${PARAM_APK} is now signed!"