我想让 Jenkins 服务器构建我的基于 Cordova (Android) 的应用程序。为此,我打算使用 Gradle(因为 Cordova 的项目拥有所有必需的文件)。我从
IntelliJ -> Export signed APK
多次发布了该应用程序,但我无法使用我的密钥库正确签署 gradle 版本。
这是我的配置:
通过
keytool
生成,已用于通过 Google Play 商店发布我的应用程序。我认为 Gradle 可能存在密钥库和/或密钥密码中的特殊字符问题,所以我使用了
keytool -storepasswd -keystore mykeystore.keystore
和
keytool -keypasswd -alias myalias -keystore mykeystore.keystore
改变它们。我 100% 确定我的 Gradle 配置文件中的密码是正确的。
这个文件是为项目预先生成的,我没有做太多改变。我保留了以下几行:
if (cdvReleaseSigningPropertiesFile) {
signingConfigs {
release {
// These must be set or Gradle will complain (even if they are overridden).
keyAlias = ""
keyPassword = "__unset" // And these must be set to non-empty in order to have the signing step added to the task graph.
storeFile = null
storePassword = "__unset"
}
}
(snip)
}
为了满足
cdvReleaseSigningPropertiesFile
条件,我在项目android目录中创建了一个文件release-signing.properties
(请参阅http://cordova.apache.org/docs/en/dev/guide/platforms/android/index.html#设置-gradle-属性)。
storeFile=keystore/mykeystore.keystore
storePassword="my_password"
keyAlias="myalias"
keyPassword="my_password"
现在,当我运行
./gradlew signingReport --info
时,我得到以下输出:
Selected primary task 'signingReport' from project :
Tasks to be executed: [task ':signingReport', task ':CordovaLib:signingReport']
:signingReport (Thread[main,5,main]) started.
:signingReport
Executing task ':signingReport' (up-to-date check took 0.001 secs) due to:
Task has not declared any outputs.
Variant: debugAndroidTest
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
Variant: releaseUnitTest
Config: release
Store: /Users/myusername/Documents/MyApplication/project/platforms/android/keystore/mykeystore.keystore
Alias: "myalias"
Error: Failed to read key "myalias" from store "/Users/myusername/Documents/MyApplication/project/platforms/android/keystore/mykeystore.keystore": Keystore was tampered with, or password was incorrect
----------
Variant: release
Config: release
Store: /Users/myusername/Documents/MyApplication/project/platforms/android/keystore/mykeystore.keystore
Alias: "myalias"
Error: Failed to read key "myalias" from store "/Users/myusername/Documents/MyApplication/project/platforms/android/keystore/mykeystore.keystore": Keystore was tampered with, or password was incorrect
----------
Variant: debug
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
Variant: debugUnitTest
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
:signingReport (Thread[main,5,main]) completed. Took 0.292 secs.
:CordovaLib:signingReport (Thread[main,5,main]) started.
:CordovaLib:signingReport
Executing task ':CordovaLib:signingReport' (up-to-date check took 0.0 secs) due to:
Task has not declared any outputs.
Variant: debugAndroidTest
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
Variant: release
Config: none
----------
Variant: debug
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
Variant: releaseUnitTest
Config: none
----------
Variant: debugUnitTest
Config: debug
Store: /Users/myusername/.android/debug.keystore
Alias: AndroidDebugKey
MD5: (snip)
SHA1: (snip)
Valid until: Mittwoch, 3. Dezember 2042
----------
:CordovaLib:signingReport (Thread[main,5,main]) completed. Took 0.008 secs.
BUILD SUCCESSFUL
Total time: 23.152 secs
Stopped 0 compiler daemon(s).
运行
./gradlew build
会导致以下错误消息:
:transformResourcesWithMergeJavaResForRelease 最新
:验证发布签名
:包发布失败
FAILURE:构建失败并出现异常。
- 出了什么问题: 任务“:packageRelease”执行失败。 无法从存储“/Users/myusername/Documents”读取密钥“myalias” /MyApplication/project/platforms/android/keystore /mykeystore.keystore”:密钥库被篡改,或者密码不正确
关于如何解决该错误有什么想法吗?
由于我找不到 Gradle 如此顽固的原因,所以我删除了文件
release-signing.properties
,让 Gradle 构建 unsigned APK,并使用以下命令在 shell 脚本中对文件进行签名:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore mykeystore.keystore
myapplication.apk mykeyalias -storepass mypassword
/path/to/somewhere/android-sdk-macosx/build-tools/23.0.3/zipalign -v 4
myapplication.apk myapplication-signed.apk
距 OP 7 年之后,我发现 Gradle 签名过程在转义存储密码或密钥密码中可能存在的反斜杠方面存在问题。我怀疑你也遇到过类似的事情。