Disclaimer: This course assumes you are using GitHub and walks you through setting up Actions for the repository on GitHub. If you happen to use a different platform as your code repository (like GitLab, BitBucket etc) please send me a DM and depending on your interest I will extend the course to cover more options.
If you already have a GitHub account created - great news! We can proceed and use it for the follow-up steps. If not, go ahead and create a new account - it's free!
If you are using a GitHub account that belongs to a company or an organization - you will need to request permissions to be able to manage the account, or at least, the project that you are going to be setting up the CI/CD.
Once you are ready with the GitHub account setup, and you have the desired project that you are going to be setting up the CI/CD pipeline for available on the repository - you can proceed with the steps below. The setup of the repository and the project are out of the scope of this course, but if you have difficulties setting that up - feel free to drop me a DM, and I will gladly help you out!
Open the project in GitHub using your favorite browser. You'll see something like this
From the top menu where you have the Code section selected - open Settings
If you don't have the Settings tab available - that's a sign that you don't own the project and you have no permissions to manage the project. Make sure you get that right before you proceed.
On the left side, you will see a menu with sections like Access, Code and automation, etc... Scroll down to the Security section, and select Actions
On the right-hand side, it will open a panel that is empty by default.
Our goal is to put here the things we've collected so far. Namely:
The authorization with Google Play Console (the JSON file)
The Keystore + its password
The key (alias) + its password that we are going to use to sign the app with
Let's go ahead and add those things one by one.
Click on the New repository secret green button on the top right
In the panel that gets opened, we can add a new secret. Beware that we can add only a single thing at a time. Let's start off with the simple things first.
Let's add the Google Play Console Authorization JSON first. In the Name field type:
GOOGLE_PLAY_API_AUTH
or any name that you prefer. Make sure to follow the naming convention as the hint suggests - all caps with an underscore.In the Secret field put the content of the JSON file we've downloaded previously, at the Google Play Authorization step. Just open the file using any text editor, copy the whole content, and paste it into the Secret field. Click on the Add secret button to confirm.
At this point we have 1 repository secret added.
Click on the New repository secret button again to repeat the process. Add the following items one by one, creating a new repository secret for each and every item:
Name:
KEYSTORE_PASSWORD
-> Secret: the password of the keystore we createdName:
APP_NAME_KEY
-> Secret: the alias value of the key we created when creating the key store. In my case, the alias value was: appnamekey, so in my case the name-secret combination will beAPP_NAME_KEY
-appnamekey
respectivelyName:
APP_NAME_KEY_PASSWORD
-> Secret: the password of the key. In my case, I need to use the password of the appnamekey alias. Let's assume the password of the key was something, so I need to put that value inside the SecretAt this point we have all the textual values added as secrets in our GitHub project secrets. We should have something like this
where the values inside these secrets correspond with the values we typed when creating our Keystore + the key, like so
There is only 1 thing left to add, and that is the Keystore file.
Adding the textual values in the secrets was pretty straightforward. But the Keystore is a file, and in the secrets, we can only add text values. How do we solve this problem? - Base64 for the rescue. Base64 allows us to encode a file into text and then use it.
Open the terminal
Navigate to the folder where you have created the keystore file in the Keystore Setup Section, in my case it was my Desktop directory
Run:
base64 -i my_keystore -o the_keystore.txt
Explanation: we run the base64 command, providing input (-i) the Keystore file, and asking it to write the output (-o) into a text file. You can type any name you want, just add .txt extension at the end.Now we have the Keystore file as text available, and we can add it to our GitHub secrets. Either open the file with a text editor and copy the content, or run
cat the_keystore.txt
in the terminal, then copy the output.Using the same steps from above, add New repository secret and type in the Name and the Secret respectively
Click on Add secret to confirm
At this point, we have our secrets ready. We have a very little to do in order to complete the whole setup. It might be heavy, but boy is it worth it. Next up - setting up the project