github应用程序
Using Github Actions we can compile, run tests, and also sign a release artifact. But that would be dangerous since we would need to upload our Keystore to the public repository.
使用Github Actions,我们可以编译,运行测试,还可以签署发布工件 。 但这很危险,因为我们需要将密钥库上载到公共存储库。
As developers, we must take certain precautions such as not to commit API keys or the Keystore and using Github Actions as CI is not an excuse to do so.
作为开发人员,我们必须采取一些预防措施,例如不要提交API密钥或密钥库,并且使用Github Actions作为CI并不是这样做的借口。
将凭据和密钥库上载到私有存储库 (Uploading the credentials and Keystore to a private repository)
To have a much safer environment and to be able to achieve our purpose, the Keystore and the file with a similar structure to the example below must be in a private repository.
为了拥有更安全的环境并能够实现我们的目的,与以下示例类似的结构的Keystore和文件必须位于私有存储库中。
keyAlias=[your key alias]
keyPassword=[your key passwor