Closed Bug 1394486 Opened 7 years ago Closed 7 years ago

investigate and implement automation for signing of Firefox Focus/Klar Android apks

Categories

(Release Engineering :: Release Automation, enhancement)

Product:
Release Engineering
Component:
Release Automation
Type:
enhancement
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED DUPLICATE of bug 1409091

People

(Reporter: kmoir, Unassigned)

Details

The Focus for Android team asks us on a recurring basis to manually sign their Focus and klar (German version) apks. We should investigate how to automate this Some notes from my meeting with jlorenzo: -Android sdks are signed with a long lived signature because you can't change the certificate on a product once it's in the play store -Google may be providing support to use disposable private keys on upload soon -We should have a different google play account for Focus that we currently have for firefox, right now relman uses the same account to upload -Buddybuild, the system that the Focus team uses to test their binaries currently supports uploading the the gp sore https://docs.buddybuild.com/deployments/android/google_play/index.html We should investigate how we use this in a manner that would ensure that secrets are not leaked -It doesn't really make sense to migrate their build to tc given their entire infrastructure already runs on buddybuild and this is very useful to them because it allows them to run tests on actual devices vs emulators.
https://github.com/mozilla-releng/scriptworker/issues/147 We could potentially also generate new keys and new account as specified in comment 0. We still want to protect it via cot if possible.
Further notes: Looking at the buddybuild doc, you can sign ios aps but not android ones. https://docs.buddybuild.com/deployments/ios/code_signing/index.html I couldn't find a product roadmap for when they intend to implement new features. They just seem to have this. https://discuss.buddybuild.com/c/how-do-i Sebastian: As you are their direct customer, do you have any insight into their roadmaps for enabling new features, specifically implementing Android signing within their product?
Flags: needinfo?(s.kaspari)
Buddybuild already supports signing Android APKs: https://docs.buddybuild.com/deployments/android/keystores/index.html Parts of the Buddybuild docs are heavily focused on iOS - I often had problems finding the Android docs too. What's the background here? The last time I talked to jlorenzo it sounded like using buddybuild signing+upload is definitely not an option? Btw. I already started playing with the taskcluster github integration.. :)
Flags: needinfo?(s.kaspari)
The Focus guys would like to implement the Taskcluster solution. Let's track all the details of it in bug 1409091.
Status: NEW → RESOLVED
Closed: 7 years ago
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.