Keep release signing secrets out of APK build logs
This commit is contained in:
@@ -34,6 +34,7 @@ Environment:
|
||||
- `APK_VERSION` overrides the packaged app version.
|
||||
- `ANDROID_MIN_SDK` overrides the minimum supported Android SDK.
|
||||
- `ANDROID_TARGET_SDK` overrides the target Android SDK.
|
||||
- `SIGNPASS_FILE` provides the signing password by file instead of a command-line argument.
|
||||
- `RELEASE_SIGNKEY` overrides the release keystore path used by `make apk-release`.
|
||||
- `RELEASE_SIGNPASS_FILE` overrides the password file path used by `make apk-release`.
|
||||
|
||||
@@ -57,7 +58,8 @@ go tool gogio -target android ./cmd/keepassgo ...
|
||||
```
|
||||
|
||||
The release target wraps `make apk` and injects explicit signing credentials so
|
||||
local release builds and CI use the same stable key.
|
||||
local release builds and CI use the same stable key without echoing the release
|
||||
password in build logs.
|
||||
|
||||
The Android build uses the branded icon asset at:
|
||||
|
||||
|
||||
Reference in New Issue
Block a user