flutter提示使用相同的代码构建调试并发布android

Android Marketplace通常需要代码签名 (Android Marketplaces Often Require Code Signing)

Most of the mobile app marketplaces, including the Google Play Store, require code signing when submitting an app.

提交应用程序时，大多数移动应用程序市场(包括Google Play商店)都需要代码签名。

Code signing adds an extra layer of security (on top of your developer account password) to prevent hackers from sneaking malicious content into apps.

代码签名增加了一层额外的安全性(在您的开发人员帐户密码之上)，以防止黑客将恶意内容潜入应用程序。

According to the official Flutter documentation, to add code signing to Android, we need to add the following code to android/app/build.gradle:

根据Flutter的官方文档，要将代码签名添加到Android，我们需要将以下代码添加到android/app/build.gradle ：

def keystoreProperties = new Properties()
def keystorePropertiesFile = rootProject.file('key.properties')
if (keystorePropertiesFile.exists()) {
  keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
}


android {
  // other config
  signingConfigs {
     release {
       keyAlias keystoreProperties['keyAlias']
       keyPassword keystoreProperties['keyPassword']
       storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
       storePassword keystoreProperties['storePassword']
     }
   }
   buildTypes {
     release {
       signingConfig signingConfigs.release
     }
   }
}

代码签名后Android调试版本中断 (Android Debug Build Breaks After Code Signing)

Looking at the code above, some might have already smelled danger: If keystorePropertyFile doesn’t exist, the script breaks.

查看上面的代码，可能有些已经闻到了危险：如果keystorePropertyFile不存在，脚本将中断。

Unfortunately, this can happen because key.properties shouldn’t be in version control. Also, the code signing credentials shouldn’t be visible to external contributors, so they won’t be able to debug the app locally without commenting out the code signing script:

不幸的是，这可能会发生，因为key.properties不应处于版本控制中。 此外，外部贡献者也不应看到代码签名凭据，因此，如果不注释掉代码签名脚本，他们将无法在本地调试应用程序：

// def keystoreProperties = new Properties()
// def keystorePropertiesFile = rootProject.file('key.properties')
// if (keystorePropertiesFile.exists()) {
//   keystoreProperties.load(new FileInputStream(keystorePropertiesFile))
// }


android {
  // other config
  signingConfigs {
     release {
       // keyAlias keystoreProperties['keyAlias']
       // keyPassword keystoreProperties['keyPassword']
       // storeFile keystoreProperties['storeFile'] ? file(keystoreProperties['storeFile']) : null
       // storePassword keystoreProperties['storePassword']
     }
   }
   buildTypes {
     release {
       // signingConfig signingConfigs.release
       signingConfig signingConfigs.debug
     }
   }
}

However, this is inconvenient and dangerous (someone might forget to revert and push it into version control).

但是，这是不方便且危险的(有人可能会忘记还原并将其推送到版本控制中)。

解决方案：使用ENV控制调试/发布 (Solution: Use ENV To Control Debug/Release)

When we want to switch between a few configurations without modifying code, using environment variables is preferable.

当我们想在几个配置之间切换而不修改代码时，最好使用环境变量。

In our case, we can use an environment variable ANDROID_DEBUG to switch between debug and release Android builds.

在我们的案例中，我们可以使用环境变量ANDROID_DEBUG在调试版本和Android版本之间切换。

步骤1：从Gradle文件中检索环境变量 (Step 1: Retrieve environment variable from the Gradle file)

In android/app/build.gradle , we can retrieve the ANDROID_DEBUG environment variable with System.getenv('ANDROID_DEBUG') .

在android/app/build.gradle ，我们可以使用System.getenv('ANDROID_DEBUG')检索ANDROID_DEBUG环境变量。

步骤2：有条件地绕过凭证文件 (Step 2: Conditionally bypass credential files)

With the build script having information to distinguish debug and release, we can bypass the retrieval of code signing credentials when ANDROID_DEBUG presents:

利用具有区分调试和发布信息的构建脚本，当ANDROID_DEBUG出现时，我们可以绕过代码签名证书的检索：

signingConfigs {
 release {
   keyAlias System.getenv('ANDROID_DEBUG') ? null : keystoreProperties['keyAlias']
   keyPassword System.getenv('ANDROID_DEBUG') ? null : keystoreProperties['keyPassword']
   storeFile System.getenv('ANDROID_DEBUG') ? null : file(keystoreProperties['storeFile'])
   storePassword System.getenv('ANDROID_DEBUG') ? null : keystoreProperties['storePassword']
 }
}

步骤3：有条件地在调试和发行版本之间切换 (Step 3: Conditionally switch between debug and release build)

Similarly, we can also switch between the debug and release signing config with the environment variable:

同样，我们也可以使用环境变量在调试和发布签名配置之间切换：

buildTypes {
  release {
    signingConfig System.getenv('ANDROID_DEBUG') ? signingConfigs.debug : signingConfigs.release
    minifyEnabled true
    useProguard true
    proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
  }
}

步骤4：尝试一下！ (Step 4: Give it a try!)

With the modifications in place, we can now start an Android Flutter app in debug mode with ANDROID_DEBUG=true flutter run , and in release mode with flutter run .

进行适当的修改后，我们现在可以在调试模式下使用ANDROID_DEBUG=true flutter run来启动Android Flutter应用程序，在发布模式下使用flutter run来启动Android Flutter应用程序。

With switching between debug and release simply being a command-line option, we can easily collaborate with other contributors without risking our credentials.

通过在调试和发行之间进行切换只是一个命令行选项，我们可以轻松地与其他贡献者进行协作，而不必担心我们的凭据。

Note: I borrowed the scripts from Mini Donkey, an encrypted steganography app that protects privacy on social media. To see how it works in action (or in CI/CD), please check out the repository.

注意：我从Mini Donkey借来了脚本， Mini Donkey是一个加密的隐写应用程序，可以保护社交媒体上的隐私。 要查看其工作原理(或在CI / CD中)，请查看存储库 。

翻译自: https://medium.com/better-programming/flutter-tips-build-debug-and-release-android-with-the-same-code-968b8056c46