How to Sign Android app Bundle with azure pipeline

Signing Android app Bundle with Azure Pipeline

This article will guide you through the process of signing your Android app bundle using Azure Pipelines. Signing your app is crucial for distribution on the Google Play Store and ensuring its authenticity.

Prerequisites

• An Azure DevOps organization and project
• An Azure Pipeline defined in your project
• An Android app bundle (AAB) file
• A signing keystore file
• Your keystore password and key alias

Setting up the Azure Pipeline

1. Create or Edit an Azure Pipeline

Go to your Azure DevOps project and navigate to Pipelines -> Pipelines. Create a new pipeline or edit an existing one.

2. Add a Task to Download Keystore

Use the ‘Download Secure File’ task to download your keystore file from Azure DevOps securely.

- task: DownloadSecureFile@1
  displayName: 'Download Keystore'
  inputs:
    secureFile: 'your-keystore-file-name.jks'
    targetFolder: '$(System.DefaultWorkingDirectory)'

3. Add a Task to Sign the App Bundle

Utilize the ‘Android Signing’ task to sign your AAB file with the downloaded keystore.

- task: AndroidSigning@1
  displayName: 'Sign App Bundle'
  inputs:
    apkFile: '$(Build.ArtifactStagingDirectory)/your-app-bundle.aab'
    keystoreFile: '$(System.DefaultWorkingDirectory)/your-keystore-file-name.jks'
    keystorePassword: 'your-keystore-password'
    keyAlias: 'your-key-alias'
    keyPassword: 'your-key-password'
    signingConfig: 'release'
    outputApkFile: '$(Build.ArtifactStagingDirectory)/your-app-bundle-signed.aab'

4. Publish the Signed App Bundle

Use the ‘Publish Build Artifacts’ task to make the signed AAB file available for download.

- task: PublishBuildArtifacts@1
  displayName: 'Publish Signed App Bundle'
  inputs:
    PathtoPublish: '$(Build.ArtifactStagingDirectory)'
    ArtifactName: 'signed-app-bundle'

Troubleshooting

• Ensure the correct keystore file, password, and key alias are provided.
• Check the task logs for any error messages.
• Make sure your keystore file has the appropriate permissions.

Conclusion

By following these steps, you can effectively sign your Android app bundle within your Azure Pipeline. This ensures a secure and reliable release process for your app on the Google Play Store. Remember to store your keystore file securely and protect its password.