-
Notifications
You must be signed in to change notification settings - Fork 194
/
sign.sh
executable file
·38 lines (31 loc) · 1.02 KB
/
sign.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
#!/bin/bash
set -e
# Script to sign unsigned APKs
# Assumptions:
# 1. Your PGP key is already imported on the locally running agent
# 2. An Android SDK is located at $ANDROID_HOME (or ~/Android/Sdk as fallback)
usage() {
echo "sign.sh <PATH_TO_KEYSTORE> <PATH_TO_BUILD_DIR>"
exit 1
}
if [ -z "$1" ] || [ -z "$2" ] || [ ! -f "$1" ] || [ ! -d "$2" ]; then
usage
fi
KEYSTORE_LOCATION="$1"
BUILD_DIR="$2"
read -s -p "Enter your keystore password: " KEYSTORE_PASSWORD
if [ -z "$ANDROID_HOME" ]; then
ANDROID_HOME=~/Android/Sdk
fi
if [ ! -d "$ANDROID_HOME" ]; then
echo "Could not find Android SDK!" >&2
exit 1
fi
for apk in "$BUILD_DIR"/*-release*.apk; do
unsignedApk=${apk/-release/-unsigned}
mv "$apk" "$unsignedApk"
${ANDROID_HOME}/build-tools/$(ls ${ANDROID_HOME}/build-tools/ | tail -1)/apksigner sign --ks "$KEYSTORE_LOCATION" --ks-pass pass:"${KEYSTORE_PASSWORD}" --out "${apk}" "${unsignedApk}"
sha256sum ${apk} | cut -d " " -f 1 >"$apk".sha256
gpg --batch --sign --detach-sig "$apk".sha256
rm "$unsignedApk"
done