An Android APK's signature identifies the app to the OS; a new build must carry the same one as the last install or Android refuses it as an update. generate-keystore.sh creates the keystore once, interactively, and refuses to run again once one exists to avoid ever changing it by accident. The resulting file is git-ignored — it's a secret that must live outside the repo, backed up separately.
1.5 KiB
Android release-signing keystore
This folder holds the persistent keystore used to sign release APKs built by
docker/build.sh android. Every release must be signed with the same
key, or Android refuses to install a new build over a previously installed
one (INSTALL_FAILED_UPDATE_INCOMPATIBLE) and forces the user to uninstall
first — which deletes the app's data.
First-time setup
./docker/keystore/generate-keystore.sh
Run this once, on whichever machine will keep producing release builds.
It creates release.keystore in this folder and asks for a keystore
password (and, optionally, a separate key password). Nothing is written to
git — release.keystore is ignored by .gitignore, and the script never
saves the passwords anywhere.
docker/build.sh android will refuse to run without this file, and will
prompt you for the same passwords at every build.
Back it up
The keystore file and its passwords cannot be regenerated: if lost, no
future release can ever update existing installs in place again — every
user would need to uninstall and reinstall from scratch. Copy
release.keystore and the passwords to a password manager or encrypted
backup outside this repository as soon as you generate them.
What NOT to do
- Do not commit
release.keystore(or any*.jks/*.keystorefile) to git. - Do not re-run
generate-keystore.shonce a keystore already exists — it refuses on purpose; delete the file yourself only if you fully accept the consequences above.