How to sign Android App Bundles in Azure Pipelines

The Standard Azure Pipelines Android signing task signs only *.apk files. But that`s not what google wants you to upload.

But there is a simple workaround based on this Stackoverflow:

- task: AndroidSigning@2
  inputs:
    apkFiles: '**/*.aab'
    jarsign: true
    jarsignerKeystoreFile: 'yourkeystore.jks'
    jarsignerKeystorePassword: '$(yourSecretKeystorePassword)'
    jarsignerKeystoreAlias: 'yourkeystore.alias'
    jarsignerKeyPassword: '$(yourSecretKeyPassword)'
    # The two Arguments working there magic:
    jarsignerArguments: '-sigalg SHA256withRSA -digestalg SHA-256'
    zipalign: true

Simply add the right signing algorithm as options.

You are wondering why it does not accept your Keystore file? It has to be a secure file (just upload it to Pipelines > Library > Secure Files and reference its name).

How to sign Android App Bundles in Azure Pipelines

Comments