The origin of
As an Android developer, you must encounter too many channels package, a lot of channel packages out, to reinforce, after reinforcement also need to re-sign the situation, some friends to say, is a few command things, so easy. But I as a lazy person, also in order to lose a few hair, I am too lazy to do a few orders. I took some time to write a reinforced and signed script and shared it briefly.
- Plugin provides 360 and Tencent Legu script, Legu reinforcement at the same time using Ali Cloud, this is modified according to the actual situation
Start with a brief overview of the project structure and configuration
- The directory structure
- Channel and buildType configurations, modified as needed
/ / configuration signature, the signature of the information such as password in/keystore/signconfig. / / here in the properties configuration, SigningConfigs {Properties Properties = new Properties() properties.load(new FileInputStream(rootProject.projectDir.absolutePath +"/keystore/signconfig.properties"))
release {
keyAlias properties.getProperty("ALIAS")
keyPassword properties.getProperty("KEY_PASS")
storeFile file(properties.getProperty("KEYSTORE"))
storePassword properties.getProperty("STORE_PASS"}} // If you want to build a new build, you can install a new build with a new build. If you want to build a new build with a new build, you can install a new build with a new build. // debugMinify--> Test package, like formal package, confuse reinforcement, but enable debugging buildTypes {debug {applicationIdSuffix'.debug'
debuggable true
minifyEnabled false
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
manifestPlaceholders = [
APP_NAME: "@string/app_name_dev",
]
}
debugMinify {
applicationIdSuffix '.debug'
zipAlignEnabled true
shrinkResources true
minifyEnabled true
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.release
manifestPlaceholders = [
APP_NAME: "@string/app_name_debug",
]
}
release {
zipAlignEnabled true
shrinkResources true
minifyEnabled true
debuggable false
proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
signingConfig signingConfigs.release
manifestPlaceholders = [
APP_NAME: "@string/app_name",]}} // Huawei and Tencent two channels flavorDimensions'app'
productFlavors {
huawei {
dimension 'app'
}
tx {
dimension 'app'}}Copy the code
The preparatory work
- The first is the signature script, which simply encapsulates the apksigner command
#! /bin/sh
keystore=The $1
alias=$2
storePass=$3
keypass=$4
output=A $5 # output address
origin=$6 # original APK addressjarPath=.. /reinforce/signature/lib/apksigner.jarV1 +v2 signature
java -jar ${jarPath} sign --ks "${keystore}" --ks-key-alias "${alias}" --ks-pass pass:"${storePass}" --key-pass pass:"${keypass}" --out "${output}" "${origin}"
Verify signature
#java -jar ${jarPath} verify -v "${output}"
rm -f "$origin"
Copy the code
- Create plug-in module, many online tutorials, here is no nonsense. Once you’ve created it, apply it to your project’s build file, for example:
apply plugin: 'com.yu1tiao.reinforce'
Copy the code
Next, upload the plug-in code
- ReinforcePlugin
class ReinforcePlugin implements Plugin<Project> { private Project project ReinforceExtension360 m360Extension ReinforceExtensionLegu mLeguExtension @Override void apply(Project project) { this.project = project // First reads two strengthening and solid reinforcement configuration file m360Extension = 360 project. The extensions. Create ("reinforceConfig360", ReinforceExtension360)
mLeguExtension = project.extensions.create("reinforceConfigLegu", ReinforceExtensionLegu) project. AfterEvaluate {project. Android. ApplicationVariants. All {variant - > / / traverse all variants, Find signature information and name def flavorName. = the variant flavorName def buildTypeName. = the variant buildType. The getName () def signConfig = Varie.getsigningconfig () varie.outputs. Each {String outputFilePath = it.getOutputFile().absolutePath println"outputFilePath = ${outputFilePath}"Def assembleTask = project.tasks. Find {it. Name =="assemble${Util.toUpperFirstChar(flavorName)}${Util.toUpperFirstChar(buildTypeName)}"Create360Task (it, signConfig, assembleTask, outputFilePath) createLeguTask(it, signConfig, assembleTask, outputFilePath) } } } } private void createLeguTask(output, signConfig, assembleTask, apkPath) { def subName = assembleTask.name.replace("assemble"."")
def taskName = "_leguJiagu${subName}"ReinforceTaskLegu leguTask = project.tasks.create(taskName, ReinforceTaskLegu) leguTask.secretId = mLeguExtension.secretId leguTask.secretKey = mLeguExtension.secretKey leguTask.endPoint = mLeguExtension.endPoint leguTask.accessKeyId = mLeguExtension.accessKeyId leguTask.accessKeySecret = mLeguExtension.accessKeySecret leguTask.bucketName = mLeguExtension.bucketName leguTask.apkPath = apkPath leguTask.signingConfig = signConfig leguTask.dependsOn(assembleTask) println"To create${taskName}The completion of"
}
private void create360Task(output, signConfig, assembleTask, apkPath) {
def subName = assembleTask.name.replace("assemble"."")
def taskName = "_360Jiagu${subName}"
ReinforceTask360 m360Task = project.tasks.create(taskName, ReinforceTask360)
m360Task.signingConfig = signConfig
m360Task.account = m360Extension.account
m360Task.password = m360Extension.password
m360Task.apkPath = apkPath
m360Task.dependsOn(assembleTask)
println "To create${taskName}The completion of"}}Copy the code
- Key methods of reinforcing task
void doReinforceAndSign() {
def rootDir = project.rootProject.projectDir.absolutePath
def jarPath = rootDir + "/reinforce/jiagu/jiagu.jar"
println "360 reinforce jarPath = ${jarPath}"// the output is a directory path, (jarPath, apkPath, account, password) def output = project.file(dir).listFiles().find { it.getName().contains("jiagu"AbsolutePath // Call the signed scriptif (Util.isNotEmpty(output)) {
def signShellPath = rootDir + "/reinforce/signature/apksigner.sh"
println "sign shell path = ${signShellPath}"
Util.signApk(output, signShellPath, signingConfig)
} else {
println '360 hardened APK not found! 'C: mandatory // c: mandatory // c: mandatory //pwd) {
println "Start 360 hardening ->> apkPath =${apkPath}"
def outputDir = new File(apkPath).getParentFile().absolutePath
Util.doCommand('java -jar ' + jarPath + ' -login ' + account + ' ' + pwd)
Util.doCommand('java -jar ' + jarPath + ' -jiagu ' + apkPath + ' ' + outputDir)
println "360 Hardening complete ->> outputDir =${outputDir}"
return outputDir
}
Copy the code
- Le Gu code will not be posted, very simple, we can see the project
Next, configure 360 and Legu account information in build
reinforceConfig360 {
account = "xxx"
password = "xxx"Mandatory {// Install secretId ='xxx'
secretKey = 'xxx'// Aliyun configure endPoint ='xxx'
accessKeyId = 'xxx'
accessKeySecret = 'xxx'
bucketName = 'xxx'
}
Copy the code
The last
Click the Sync button to generate the corresponding task. Click the sync button to automatically harden the signature. It can also be configured to Jekins to automatically trigger the hardening task.
Summarize the process
- 360
- Invoke jar command for hardening
- The signature again
- Le solid
- Upload APK to Ali Cloud (or other cloud servers, as long as the download address is generated, Legu background will download and consolidate)
- Invoking SDK Hardening
- Download the hardened APK
- The signature again