Tag Archives: Android

Android Keystore file and password in VSTS builds

I was on site with a client last week working with them on DevOps for Xamarin.Forms builds using VSTS. The question came up of what to do about the Android Keystore file and its password – where to put them, keep them safe, etc.

Keystore file
If you’re running the build agent on a local build server (or Azure VM), the keystore file can be placed in a secure location on the build server. If you’re using the hosted build controller the Keystore file could be put into source control with limited access given to that file.

Keystore file password
For the Keystore file password, create a private variable in the Android build definition . Once the variable is set it cannot be displayed again. Then set the permissions in VSTS so only those who have Build Edit permissions can change this variable, and restrict who you give those permissions to accordingly.

clip_image001
The build step with a reference to the Keystore file in VSTS source control and a variable for the password.

image
The Keystore password saved as a Variable in the build definition.

Then you’ll need to set the security on the Build itself to limit who is allowed to edit the build definition.

image

image

And that’s it. Setting up the VSTS build in this way will keep the Keystore file and password safe in your Xamarin Android build definitions.

Enjoy!
–bliz