Upload extra files (not in the repo) for use in the builds. Android keystore signing build


#1

I wanted to ask if you guys are considering allowing user to upload extra files (not in the repo) for use in the builds.

The reason behind this request is for creating a release build for an android app.

To do this you need the keystore file to sign the app, but I am not going to commit it as part of my repo. It is just not a safe practice.

If there is a way to upload a file and use it for a build, that will allow me to create a release build otherwise I can only create debug builds.


#2

I think what you can do is storing the sensitive file in a secure place and downloading the file on the fly with curl in each build. You can store secrets to access the secure place in env var.


#3

@danlegion what did you end up doing?


#4

FWIW, I ended up using curl and dropbox to get signing working with CircleCI. I wrote a quick blurb with step by step instructions.


#5