Thanks a lot for this step-by-step instruction!

It's worth to mention there is an alternative way to base64-ing your private key and echoing it to file-system. Gradle signing plugin may use an in-memory ascii-armored (like safe-encoded to transfer as a text) key that you explicitly configure in `signing` closure. The key than is put as a secret and exported as an ENV.

To get such key you run the pgp executable like this:

Then you get the key in a transfer-safe way:

--== The key sequence itself ==-------END PGP PRIVATE KEY BLOCK-----

which could be directly copy-pasted as a secret variable

Then configure signing to use in-memory keys:

To be able to build locally the armored key may be “escaped” to put inside your local.properties (line-breaks transformed):

Bonus: thus you have all your signing/publishing credentials in one portable file.

Take a look at complete build scripts here. The publishing is made based on your solution.

--

--

Lead Android developer

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store