- Meet Android Studio
- Publish your app
- Overview
- Version your app
- 通过minSdk设置来确保系统版本兼容
-
- minSdk, targetSdk, versionCode, versoinName
-
Version settings#
- versionCode
- 内部版本号,正整数,不展示给用户
- 最大值2100000000
- versionName
- 外部版本号,字符串,可以为
<major>.<minor>.<point>
或其他形式
-
Define version values(过)#
-
Specify API level requirements(过)#
- Sign your app
- Android要求所有APK必须有数字签名。AAB必须用upload key签名
- 可以让GP帮你签名,也可以自己上传签名key。
-
Play App Signing#
- 此为谷歌帮你签名,需要采用app bundle(可能是August 2021生效的)
- app bundles defer building and signing APKs to the Google Play Store
- 上传的时候需要用一个upload key来给app捆束签名
- One time key upgrade for new installs
- 用到两个key
- app signing key
- upload key(可以请求重置)
- 缺点是不能在所有设备上都使用相同的签名密钥
- 谷歌的安全白皮书https://services.google.com/fh/files/misc/security_whitepapers_march2018.pdf
-
Keystores, keys, and certificates#
- .jks或.keystore是Java的二进制密钥存储
- 公钥(.der或.pem)
- App signing key:用于签名APK的密钥,app生命周期内不变
- Upload key: 用于签名aab的密钥,自行保存
-
Working with API providers#
- 从Release > Setup > App Integrity页面可以下载app signing key的证书,包含公钥
-
Sign your debug build#
- 签名用密钥存在
$HOME/.android/debug.keystore
-
Expiry of the debug certificate#
- 有效期30年,只需删除
debug.keystore
便可重新生成
-
Sign your app for release to Google Play#
- Play App Signing is optional for apps created before August 2021
-
Generate an upload key and keystore#
- 讲述如何在Android Studio中生成一个upload key
-
Sign your app with your key#
-
Using Play App Signing#
-
-
Opt in an existing app#
-
Reset a lost or compromised private upload key#
-
-
Sign each product flavor differently#
-
Manage your own signing key#
-
Signing considerations#
- 应用生命范畴内,应保持签名证书不变
- App upgrade: 更新应用时要匹配证书,否则必须有一个新的料包名
- App modulairty:同一证书签名的可以跑在同一进程
- Code/data sharing through permissions:同一证书签名应用可共享代码和数据
- Google Play要求证书有效期必须到22 October 2033
-
Keep your key secure(略)#
-
- Upload your app