Transition to Dedicated Signer for Android Builds
Nicolas Fella
nicolas.fella at gmx.de
Mon Nov 18 10:19:04 GMT 2019
On Samstag, 16. November 2019 09:35:08 CET Ben Cooksley wrote:
> Hi all,
>
> I have just completed transitioning the Android builds on the Binary
> Factory from having the signing handled on the builders themselves (by
> Qt's Android Tooling) to a dedicated signing machine (using Android's
> tooling directly).
Thanks for your work!
> Should there be any issues please let me know.
I haven't noticed any regression
> This has improved the overall security and scalability of the Binary
> Factory, ensuring that high value assets such as our signing keys are
> kept separate from the builds themselves.
>
> As part of this the F-Droid repository on cdn.kde.org will also be
> automatically updated going forward.
>
> For now this is pointed to a test path - if someone could please
> confirm that the repository at https://cdn.kde.org/android/test/ is
> working correctly, that would be appreciated (after which i'll switch
> it to the production path).
It appears to work fine
> (Side note: it appears we are producing APKs marked for debugging,
> which F-Droid isn't 100% happy with)
Changing that should be trivial, however I'm not sure that's the semantics we
want to have. IMO it would make sense to have debug builds from master with
debuggable APKs and libs containing debug symbols. Once we want to release
stuff for real, i.e. on Google Play we then would need a dedicated release
build, i.e. from a given branch/tag and with libs/APKs build in release mode.
For F-Droid the release builds would be done on their hardware using their
build scripts, so that's not really relevant here.
> Thanks,
> Ben
Cheers
Nico
More information about the KDE-Android
mailing list