Thanks a lot for this step-by-step instruction!

It's worth to mention there is an alternative way to base64-ing your private key and echoing it to file-system. Gradle signing plugin may use an in-memory ascii-armored (like safe-encoded to transfer as a text) key that you explicitly configure in `signing` closure. The key than is put as a secret and exported as an ENV.

To get such key you run the pgp executable like this:

Then you get the key in a transfer-safe way:

--== The key sequence itself ==-------END PGP PRIVATE KEY BLOCK-----

which could be directly copy-pasted as a secret variable

Then configure signing to use in-memory keys:

To be able to build locally the armored key may be “escaped” to put inside your (line-breaks transformed):

Bonus: thus you have all your signing/publishing credentials in one portable file.

Take a look at complete build scripts here. The publishing is made based on your solution.



Lead Android developer

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store