You can create a signed APK using the Android Sign Step in your Bitrise Workflow.
Creating a signed APK with the Android Sign Step ⚓
To digitally sign your Android project, use the Android Sign Step. This Step is configured to run if you have already uploaded your keystore file on the Code signing tab of the Workflow Editor.
The Android Sign Step is not required if signing is configured in your project’s bundle.gradle file. If so, running the Android Build Step (or the Gradle Runner Step) signs the output (APK or AAB) automatically. Nevertheless, we recommend that you use the Android Sign Step to sign your project in an easy and secure way.
Before you start:
- Make sure you have the Android Sign Step in your deploy Workflow right after your build Steps but before the Google Play deploy Step.
- Log into bitrise.io and click on your app.
- On the app’s page, click Workflows.
- Click Code signing.
Click on or drag-and-drop your keystore file to the Upload file field of the ANDROID KEYSTORE FILE section.
A keystore URL automatically gets generated once you upload the keystore file. Bitrise assigns an Environment Variable (
BITRISEIO_ANDROID_KEYSTORE_URL) to the download URL (which is a time-limited, read-only download URL) of the file as the value. No need to download it manually as the Android Sign Step downloads it automatically.
- Fill out the displayed three input fields with your credentials:
- Keystore password.
- Keystore alias.
- Private key password.
Click Save metadata.
When you have successfully uploaded a keystore file to the ANDROID KEYSTORE FILE section, Bitrise will automatically export the following Environment Variables based on your input:
Bitrise uses the above Environment Variables and sets them as inputs into the respective fields of the Android Sign Step. Once the Step runs, it produces either a signed APK or an AAB. The signed APK or AAB is used in deploy Steps, for example, the Google Play Deploy Step or the Deploy to Bitrise.io Step. The latter deploys the APK/AAB on the APPS & ARTIFACTS tab. You can also use Ship to deploy your app once you built an APK/AAB file.
Downloading your files ⚓
You can download your keystore to the project directory from the ANDROID KEYSTORE FILE section using the File Downloader Step:
An example for downloading a keystore file:
- file-downloader: inputs: - source: $BITRISEIO_ANDROID_KEYSTORE_URL - destination: "$HOME/keystores/my_keystore.jks" #native android#
After this Step,
my_keystore.jks will be available at
You can upload, update, list, and delete iOS code signing files with the relevant Bitrise API. In this guide we show you how and in what order to use those...
You can manually specify the code signing configuration in your Gradle configuration so that your app gets signed during the build process.
Before you distribute your app through Google Play Store, your APK file must be digitally signed. Find out the different ways of signing your Android app on Bitrise.