In the previous blog post we learned how to publish APK easily using a single gradle task. But what if you want to offload the build part also? That’s where CI (Continuous Integration) comes in.
What is CI?
In software engineering, continuous integration (CI) is the practice of merging all developer working copies to a shared mainline several times a day.
In broader terms, CI is used to automate all the build related workload over a remote machine so that developers can build their projects without setting up the development environment. We can create our own CI server or we can use any existing CI service.
For this tutorial, we will be using Travis CI as it provides android build support out of the box and is free for open source projects.
Note: Almost every CI uses a similar syntax for its configuration. So, using other CI systems won’t be a big issue.
Setting up .travis.yml
Create an empty file with name
.travis.yml in your project directory.
Travis CI then will check if your project contains this file or not. If the project contains this file, then it will parse that file and initiate a build.
.travis.yml file stores all the build related information.
Basic android specific .travis.yml format:
When you push your commits with this configuration, Travis CI will setup an android environment and execute the script, which is just basically gradle’s assembleDebug task. Also, the build will only be initiated when commits are pushed to branches named
develop, you can remove this restriction by removing the
branches section from
.travis.yml and then Travis CI will create build whenever the commits are pushed for any branch.
Publishing to google play from Travis
Publishing would require us to create a signed APK and then use google play publish API to create a release on google play. We have already discussed about all of that stuff in previous parts of this tutorial series.
In the previous part we learned that using a gradle plugin we can directly publish the app on google play and the command to do that would be:
But before we do that we need to encrypt important files first.
Encrypting sensitive data for Travis
Without encryption your sensitive data can be used by anyone which makes it very easy for anyone to create the same application with same certificates, which is very scary. Also, it is very helpful for open source projects where you cannot directly put your release keys. Encrypting will allow you to secure these files/keys and will only be decrypted when the travis CI build is being executed in the server.
Things to encrypt:
- Release keystore file.
- Release keystore credentials.
- Google Play service account key file.
- Google Play service account credentials.
Inorder to make things easier we will be using travis command line interface, which will provide us commands for encrypting and other stuff.
Setting up Travis CLI
You can easily install travis using this command, just make sure you have ruby/gem environment set up beforehand.
Note: You can setup ruby/gem environment using this link.
You can check if travis is installed or not by using
travis --version command in your terminal.
There are 4 important keys that we need to encrypt:
- Release keystore password.
- Release keystore key alias.
- Release keystore key password.
- Google play service account email.
Before encrypting keys, make sure your current directory in terminal is same as your project’s location, otherwise travis will not work as expected.
Encryption for keys can be performed using
travis encrypt SOMEVAR="secretvalue" command like this:
This would encrypt your store password. But you would still need to copy this encrypted key in your .travis.yml. So, your .travis.yml should look like this after adding all of the keys.
Travis would automatically decrypt these keys during build and use the values as environment variables. Now, lets check out on how to encrypt files.
Now, we need to encrypt these files:
- Keystore file.
- Google play service account json file. Click here for more info.
First, paste both of these files inside your project directory and then follow these steps:
- Create a .tar archive file consisting both of these files.
- Then, encrypt the .tar file using
travis encrypt-file mySuperSecretKeys.tar.
- This would create one more file named
mySuperSecretKeys.tar.encwhich is the encrypted version of your files.
- Now, just add the script in
.travis.ymlto decrypt these files just before the build process starts.
NOTE: Make sure to remove the sensitive files after encryption if your project is open source and avoid committing those files.
Triggering a release build on travis CI server
After setting all of this up, whenever you push to
develop branches, travis CI server would automatically trigger a release build. After the build is complete, it would
upload the generated APK to the Google Play Store. Also, during the entire build process you can keep an eye on travis console to check if everything is working as expected or not.
You can also cancel any ongoing build in travis if required.
You can go check out my project where I have successfully integrated
travis CI and
gradle play publisher plugin for automating
google play publishing.
NOTE: From now on, be more careful while pushing to develop/master ;)