Skip to main content

Managing Android keystore files

This guide describes how to manage your Android keystore files with the Bitrise API. If you’d like to learn more about how to do the same on the UI, please check out Android code signing.

Table 1. Endpoints related to Android keystore files

Endpoints

Function

Required role on the app's team

GET/apps/{app-slug}/android-keystore-files

Get a list of Android keystore files

Owner or Admin

POST/apps/{app-slug}/android-keystore-files

Create an Android keystore file

Owner or Admin

DELETE/apps/{app-slug}/android-keystore-files/{android-keystore-file-slug}

Delete an Android keystore file

Owner or Admin


Listing the Android keystore files of an app

Required role

You must have an admin or owner role on the app's team to manage Android keystore files using the Bitrise API.

For a complete list of user roles and role cheatsheets, check User roles on app teams.

Retrieve a list of the Android keystore files of an app with the GET method of the android-keystore-files endpoint. The returned data includes, among other things, the names of the files, their size, as well as their current status.

The required parameter is:

  • app slug

Optional parameters are:

  • next: slug of the first file in the response (as a string)

  • limit: max number of elements per page (as an integer) where the default is 50.

Example 1. Getting all Android keystore files of an app

Request:

curl -X GET -H  'Authorization: THE-ACCESS-TOKEN' 'https://api.bitrise.io/v0.1/apps/APP-SLUG/android-keystore-files'

Response:

{
  "data": [
    {
      "upload_file_name": "simplesample.jks",
      "upload_file_size": 2062,
      "slug": "01GDFZW5DZED3DQD4VK835FKTP",
      "processed": true,
      "is_expose": true,
      "is_protected": false,
      "user_env_key": "ANDROID_KEYSTORE",
      "exposed_meta_datastore": {
        "PASSWORD": "",
        "ALIAS": "",
        "PRIVATE_KEY_PASSWORD": ""
      }
    }
  ],
  "paging": {
    "total_item_count": 1,
    "page_item_limit": 50
  }

Creating and uploading Android keystore files

Required role

You must have an admin or owner role on the app's team to manage Android keystore files using the Bitrise API.

For a complete list of user roles and role cheatsheets, check User roles on app teams.

To add an Android keystore file to your app using the API, you will need to:

  1. Call the POST method of the android-keystore-files endpoint with the upload_file_name and upload_file_size parameters.

  2. Upload the file to AWS using the upload_url parameter from the response.

  3. Confirm the file upload with a POST call of the uploaded endpoint.

    This sets the processed flag of the file to true. This flag can't be changed again afterwards!

Example 1. Creating and uploading a new Android keystore file

Creating the file:

curl -X POST -H 'Authorization: THE-ACCESS-TOKEN' 'https://api.bitrise.io/v0.1/apps/APP-SLUG/android-keystore-files' -d '{"upload_file_name":"simplesample.jks","upload_file_size":2062}'

Response:

{
  "data": {
    "upload_file_name": "simplesample.jks",
    "upload_file_size": 2062,
    "slug": "01GDFYTF2DXZZSWGMCF0ZTVSB9",
    "processed": false,
    "is_expose": true,
    "is_protected": false,
    "upload_url": "https://concrete-userfiles-production.s3.us-west-2.amazonaws.com/project_file_storage_documents/uploads/129261/original/simplesample.jks?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIV2YZWMVCNWNR2HA%2F20220921%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20220921T120206Z&X-Amz-Expires=600&X-Amz-SignedHeaders=content-length%3Bhost&X-Amz-Signature=ce3c66fa144ba6ca9478cff3b72c49e024779f64ba961ddfc84060f65ea92562",
    "user_env_key": "ANDROID_KEYSTORE",
    "exposed_meta_datastore": {
      "PASSWORD": "",
      "ALIAS": "",
      "PRIVATE_KEY_PASSWORD": ""
    }
  }
}

The file name, its size, slug, and a pre-signed upload URL are retrieved (along with some attributes that you can modify). This pre-signed upload URL is a temporary link which you will use to upload the Android keystore file to its destination.

Uploading the file to AWS using the value of the upload_url parameter:

                        curl -T simplesample.jks 'https://concrete-userfiles-production.s3-us-west-2.amazonaws.com/build_certificates/uploads/30067/original/certs.p12?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Content-Sha256=UNSIGNED-PAYLOAD&X-Amz-Credential=AKIAIOC7N256G7J2W2TQ%2F20180216%2Fus-west-2%2Fs3%2Faws4_request&X-Amz-Date=20180216T124240Z&X-Amz-Expires=600&X-Amz-SignedHeaders=content-length%3Bhost&X-Amz-Signature=2bf42176650f00405abfd7b7757635c9be16b43e98013abb7f750d3c658be28e'

Confirming the upload:

curl -X POST -H 'Authorization: THE-ACCESS-TOKEN' 'https://api.bitrise.io/v0.1/apps/APP-SLUG/android-keystore-files/ANDROID-KEYSTORE-FILE-SLUG/uploaded'