Simple way to store secrets in Android Project.

This content originally appeared on DEV Community and was authored by Kiolk

Very often, we should store secrets that we need to build android application. One of the most common cases are storing key alias, key password and store password, that are need to build production release. It is not problem when you develop application in solo in your own private repository. If your team grows to two developers, or you want to move the project to open source, you should store this secrets outside of version control. 

The best candidate for this is Gradle local.properties file, that doesn't track by git by default. In this file, you can store key-value pairs by very simple syntax.  In our example, it looks like this:

#sign configuration
key_alias=SomeAlias
key_password=SomeKeyPassword
store_password=SomeStorePassword

After, you can use it for signing configuration in build.gradle.kts file, you need only read these values and store in variables:

val localProperties = Properties()
val localPropertiesFile = rootProject.file("local.properties")
localProperties.load(FileInputStream(localPropertiesFile))

val aliasKey: String = localProperties.getProperty("key_alias")
val passwordKey: String = localProperties.getProperty("key_password")
val passwordStore: String = localProperties.getProperty("store_password")

Late, you can simply use it in places where they need:

signingConfigs {
        create("release") {
            keyAlias = aliasKey
            keyPassword = passwordKey
            storePassword = passwordStore
            storeFile = rootProject.file("keystore/release.keystore")
        }
    }

If you need to use these secrets in code, you can simply store it in variables of BuildConfig . But this way is not very secure, because they will be visible after revers engineering of your application.

buildConfigField("String", "PRIVATE_ACCESS_TOKEN", "\"${privateAccessToken}\""

It is all. After this simple manipulation, you can feel itself safety. Also, I like to add information about required local variables in README with pointing where you can find it for saving time of developer who will join to projec.

This content originally appeared on DEV Community and was authored by Kiolk

Print Share Comment Cite Upload Translate Updates

APA

Kiolk | Sciencx (2024-08-13T21:29:54+00:00) Simple way to store secrets in Android Project.. Retrieved from https://www.scien.cx/2024/08/13/simple-way-to-store-secrets-in-android-project/

MLA

" » Simple way to store secrets in Android Project.." Kiolk | Sciencx - Tuesday August 13, 2024, https://www.scien.cx/2024/08/13/simple-way-to-store-secrets-in-android-project/

HARVARD

Kiolk | Sciencx Tuesday August 13, 2024 » Simple way to store secrets in Android Project.., viewed ,<https://www.scien.cx/2024/08/13/simple-way-to-store-secrets-in-android-project/>

VANCOUVER

Kiolk | Sciencx - » Simple way to store secrets in Android Project.. [Internet]. [Accessed ]. Available from: https://www.scien.cx/2024/08/13/simple-way-to-store-secrets-in-android-project/

CHICAGO

" » Simple way to store secrets in Android Project.." Kiolk | Sciencx - Accessed . https://www.scien.cx/2024/08/13/simple-way-to-store-secrets-in-android-project/

IEEE

" » Simple way to store secrets in Android Project.." Kiolk | Sciencx [Online]. Available: https://www.scien.cx/2024/08/13/simple-way-to-store-secrets-in-android-project/. [Accessed: ]

rf:citation

» Simple way to store secrets in Android Project. | Kiolk | Sciencx | https://www.scien.cx/2024/08/13/simple-way-to-store-secrets-in-android-project/ |

Please log in to upload a file.

There are no updates yet.
Click the Upload button above to add an update.

You must be logged in to translate posts. Please log in or register.