android-signing-config_skill

This skill configures Android release signing using dual-source credentials from environment variables and gradle.properties to streamline CI/CD and local dev.
  • Shell

1

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill hitoshura25/claude-devtools --skill android-signing-config

  • SKILL.md7.8 KB

Overview

This skill configures Android release signing using a dual-source strategy: CI-friendly environment variables and local development via gradle.properties. It adds a release signingConfig to app/build.gradle.kts, validates release builds, and helps manage a project-specific environment variable prefix to avoid collisions. The goal is a reproducible, secure signing setup for CI and local workflows.

How this skill works

The script auto-detects a project prefix from settings.gradle.kts or asks the user to choose/apply a custom prefix. It injects a signingConfigs.release block into app/build.gradle.kts that reads credentials first from environment variables and falls back to project properties (gradle.properties). It also wires the release buildType to use that signingConfig and adds pre-build validation to fail fast when signing data is missing. Optionally it can append local credentials to ~/.gradle/gradle.properties after explicit user consent.

When to use it

  • Setting up release signing for CI/CD pipelines that supply secrets via environment variables or GitHub Secrets.
  • Standardizing a signing configuration across team members while allowing local gradle.properties for development.
  • Adding fail-fast validation to ensure builds fail when signing is not configured for release variants.
  • When you maintain multiple projects and want a project-specific env var prefix to avoid naming collisions.

Best practices

  • Prefer CI/CD environment variables (or base64 keystore secrets) for production builds; use local gradle.properties only for development.
  • Choose a clear prefix (project-specific or APP) and document the required secrets to store in your CI.
  • Keep keystores out of version control and ensure keystores/ and ~/.gradle/gradle.properties are gitignored.
  • Use absolute keystore paths in gradle.properties to avoid path resolution issues.
  • Always ask for explicit consent before updating ~/.gradle/gradle.properties on a developer machine.

Example use cases

  • Configure GitHub Actions to set ${PREFIX}_SIGNING_KEY_STORE_BASE64 and passwords for automated releases.
  • Local developer uses keystores/KEYSTORE_INFO.txt to populate ~/.gradle/gradle.properties for testing builds.
  • Migrating an existing app to a consistent signing strategy that supports both CI and local workflows.
  • Adding build-time validation so CI fails early if signing secrets are missing or malformed.

FAQ

Set PREFIX_SIGNING_KEY_STORE_PATH, PREFIX_SIGNING_STORE_PASSWORD, PREFIX_SIGNING_KEY_ALIAS, and PREFIX_SIGNING_KEY_PASSWORD (or store a base64 keystore and decode in CI).

Will this overwrite my existing signing config?

The logic updates or adds signingConfigs.release and preserves other buildType settings; it detects existing configs and avoids overwriting unrelated settings.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
android-signing-config skill by hitoshura25/claude-devtools | VeilStrat