Titanium JIRA Archive
Titanium SDK/CLI (TIMOB)

[TIMOB-15307] CLI: support custom keystore when running on Android device

GitHub Issuen/a
TypeNew Feature
PriorityHigh
StatusClosed
ResolutionFixed
Resolution Date2013-10-19T01:25:16.000+0000
Affected Version/sn/a
Fix Version/s2013 Sprint 21, 2013 Sprint 21 Core, Release 3.2.0
ComponentsAndroid, CLI
Labelsandroidbuild, ay-verified, cb-verified, module_CLI, qe-testadded
ReporterYgor Lemos
AssigneeChris Barber
Created2013-09-22T04:51:59.000+0000
Updated2013-11-20T18:42:21.000+0000

Description

From [~ygbr] in TISTUD-3669: I think that the CLI also currently ignores a custom keystore when deploying directly to the device. For instance, if I do something like: 
titanium build -p android -T device -L pinion -K /PATH-TO-MY/pinion.keystore -P *********
theoretically the app should be signed with my keystore and them sent to the device for running. BUT, taking a closer look at what the CLI is doing, you can see that the build script completely ignores the custom keystore parameters and signs the app with the default tidev keystore: 
[DEBUG] keytool -v -list -keystore "/Users/yg/Library/Application Support/Titanium/mobilesdk/osx/3.1.1.GA/android/dev_keystore" -storepass ******* -alias tidev
[DEBUG] jarsigner -sigalg MD5withRSA -digestalg SHA1 -storepass ******* -keystore "/Users/yg/Library/Application Support/Titanium/mobilesdk/osx/3.1.1.GA/android/dev_keystore" -signedjar /Users/yg/Developer/android/build/android/bin/app.apk /Users/yg/Developer/android/build/android/bin/app-unsigned.apk tidev
[DEBUG] /Applications/Android/sdk/tools/zipalign -v 4 /Users/yg/Developer/android/build/android/bin/app.apk /Users/yg/Developer/android/build/android/bin/app.apkz
This is a GIANT pain, specially when you need to test stuff involving the new GMaps v2 and Facebook SSO authentication since they depend on the app being signed with your production keystore (although FB accepts many keys). Is there a specific JIRA ticket for this? I know that this isn't exactly Studio but it is very related with this ticket and should also exist on the CLI since many developers like me use only the CLI...

Comments

  1. Chris Barber 2013-10-05

    Pull request: https://github.com/appcelerator/titanium_mobile/pull/4760
  2. Kyle Berezin 2013-10-05

    I just ran into this problem and I am on a pretty tight time crunch. I am not outputting to a device, but to a folder I made. The compilation goes without a hitch but the file never makes it to the folder, and on closer inspection is signed with a dev keystore rather than the one I specified. I would just manually sign "app-unsigned.apk" but the source files are not obfuscated. Is there any way to get around this issue?
  3. Chris Barber 2013-10-05

    [~asor] You need to package your app for distribution. That will minify and encrypt the code as well as allow you to sign the app with whatever keystore you wish. If building from Studio, it's under the package icon menu. If building from the CLI, then use "ti build -p android -T dist-playstore".
  4. Allen Yeung 2013-10-19

    PR: https://github.com/appcelerator/titanium_mobile/pull/4781

JSON Source