You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@cordova.apache.org by Victor Sosa <so...@gmail.com> on 2014/10/06 20:48:56 UTC
Build signed archives using CLI
Hi community.
Been looking at this topic and wondering why the build command does not
create signed archives. Digging a little bit found a lot of differences in
the platforms to create these archives.
For instance, in Android you need to
1. Export your APK in release mode (--release flag)
2. Sign your APK (you already need a RSA key)
In iOS, you need to:
1. Export your APP using --device flag (--release seems to export for
emulator only)
2. Either use XCode (UI-based) and sign the archive or use xcrun (headless
process)
Besides these differences, what is preventing Cordova from providing a
generic one-way to build these signed, ready-to-publish archives?
Perhaps I'm missing something here...? I really appreciate your insights
on this topic
Thanks!
--
Victor Adrian Sosa Herrera
IBM Software Engineer
Guadalajara, Jalisco
Re: Build signed archives using CLI
Posted by Frederico Galvão <fr...@pontoget.com.br>.
The ant target that is executed when I run "cordova build android
--release" with the appropriate .properties in place already prompts me for
the keystore passwords (there are 2). The itunes deployment done through
xCode archiver also asks for a password once.
I think prompting for passwords in the process is something we can't avoid,
unless we're brave enough to ask passwords to be stored somewhere else so
the non-interactive packaging can be done, but I might be wrong here.
Documentation on this topic has to be golden and well thought through,
above average I'd say. I can envision so much confusion and trouble if we
create this layer between the developer and the native requirements, it's
already **too hard** to get it working in iOS following the official
configuration documentation, I wonder how hard it can get when you have to
go through another tool(cordova).
2014-10-09 16:02 GMT-03:00 Shazron <sh...@gmail.com>:
> Liking Subhag's proposal.
> Agree with Jesse on using conventions as a default plus config.xml -- with
> overrides/env-vars possible. The only caveat for including info in the
> config.xml is, the config.xml data is copied into the iOS platform and will
> be included in the .app bundle, and will leak information (even though
> harmless, since it shouldn't contain passwords, etc) -- so maybe that is
> not desirable, using config.xml.
>
> We will need to provide the password each time at least for iOS, since we
> need to unlock the keychain for code signing.
>
>
>
>
>
>
>
>
> On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org>
> wrote:
>
> > The prompting is actually pretty appropriate here since passwords are
> > involved I think. I think also that keys will often not be checked into
> > source control, but maybe the best way to support that is to allow
> multiple
> > ways of specifying things (e.g. default to convention, allow override via
> > config.xml, allow override via command-line & env variable as well)
> >
> > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
> >
> > > I am liking all of this.
> > > Are we ready to move this to an editable plaintext doc to collaborate
> on?
> > >
> > > I agree that we should take advantage of as much 'by-convention' as we
> > can,
> > > meaning things like `cordova package ios` defaults to a code sign
> > identity
> > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > >
> > > If it does not make sense as a convention, then I too would like to see
> > as
> > > much as possible done through config.xml as Fredrico points out, and
> > agree
> > > on picking the most consistent names possible.
> > >
> > > I would prefer that we do not prompt, and simply fail fast, given that
> > > tools will typically be consuming the cli. Or we should at least
> > provide a
> > > --noPrompt option. Anything prompt-able should be config.xml-able
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > @purplecabbage
> > > risingj.com
> > >
> > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com>
> > wrote:
> > >
> > > > One option here could be to build off of the idea of the "res" folder
> > > that
> > > > is in the current samples for splashscreens and icons and introduce
> > > > something like "res/native". Files placed here would be put into the
> > > > native project folders "before_prepare" and would be further enhanced
> > by
> > > > the plugin and build infrastructure. This would allow you to place
> > > > customized native assets that are unique to your project in a place
> > that
> > > > you can check in and would be unaffected by an upgrade.
> > > >
> > > > Andrew's environment variable idea could also provide an alternate
> > means
> > > > to specify platform specific values (what Soak mentions in the { }).
> > > >
> > > > -Chuck
> > > >
> > > > -----Original Message-----
> > > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > Cc: dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > I agree with pretty much everything mentioned, but as far as I know
> > > > cordova is trying it's best to not depend on anything to be in
> > > > /platforms/<TARGET_PLATFORM>/. Having said that, the package command
> > > should
> > > > always expect things to be in config.xml or something like that.
> > > >
> > > > Also, the closer we are in naming things to what they are already
> known
> > > as
> > > > in the native platform, the better.
> > > >
> > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> > > >
> > > > > Hey Cordova community,
> > > > >
> > > > >
> > > > >
> > > > > I am Subhag Oak, senior program manager on the Visual Studio team
> > > > > working on VS tools for Multi device hybrid apps. In line with the
> > > > > discussion of having a generic Cordova ‘packaging’ command for all
> > > > > platforms, here is one
> > > > > proposal:
> > > > >
> > > > >
> > > > >
> > > > > As we all know, packaging an application for deployment requires
> > extra
> > > > > steps that are specific to the native platforms. A new generic
> > > > > Cordova CLI ‘package’ command can perform these platform specific
> > > > > actions to generate a final signed package ready for deployment:
> > > > >
> > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > –-sign[location]
> > > > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > > > parameters within { } are platform specific overrides.
> > > > >
> > > > >
> > > > >
> > > > > If no platform is specified, the command will build packages for
> all
> > > > > platforms added.
> > > > >
> > > > >
> > > > >
> > > > > The values for –packageConfiguration are interpreted by the
> > respective
> > > > > platforms. For Android and Windows, the value can be debug or
> > release,
> > > > > with release being the default value. For iOS, the possible values
> > > > > are development, adhoc or store with development being the default
> > > > > value. The
> > > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > > specific signing arguments for specifying the location of
> > code-signing
> > > > > certificate, the provisioning profile or the code signing identity
> > > > > (certificates along with public and private keys) respectively.
> > > > >
> > > > >
> > > > >
> > > > > e.g:
> > > > >
> > > > > · ‘cordova package iOS’ would generate a signed ipa with
> > > > > development profile, using code signing identity defined in
> > > > build.xcconfig:
> > > > >
> > > > > // to list all installed iOS identities, run:
> > > > >
> > > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' | grep
> > > > > 'iPhone'
> > > > >
> > > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > > Identity with the right Provisioning // Profile plus Certificate,
> > > > > based on the app bundle id
> > > > >
> > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > >
> > > > >
> > > > >
> > > > > · ‘cordova package android’ would generate a release signed
> > > using
> > > > > the packaging assets (keystore, alias and password) defined in the
> > > > > ant.properties files using the ANT build. This would be using
> > > > > gradle.propoerties once cordova changes to gradle build like the
> one
> > > > > Andrew mentions below.
> > > > >
> > > > >
> > > > >
> > > > > · ‘Cordova package windows’ would generate a signed APPX
> > > package.
> > > > > This will use the following tools in the Windows SDK:
> > > > >
> > > > > • An unsigned packaged Windows Store app, for
> > > example,
> > > > > an .APPX file created by using the app packager (MakeAppx.exe) tool
> > > > >
> > > > > • A valid code signing certificate, for
> example, a
> > > > > Personal Information Exchange (.pfx) file created with the
> > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > >
> > > > > • SignTool, which is part of the Windows SDK
> > > > >
> > > > >
> > > > >
> > > > > Here is how the package command should work. The proposal is to
> make
> > > > > the ‘package’ command work on convention (similar to the Cordova
> > build
> > > > > command) rather than config settings. The command would look out
> for
> > > > > packaging assets in the “platform\ [native-platform]” folder.
> > > > >
> > > > >
> > > > >
> > > > > For android, the contents of the ant.properties (keystore,
> password,
> > > > > alias and alias password) would be used for packaging. If any of
> > these
> > > > > properties is missing in ant.properties [or gradle.properties for
> > > > > gradle build] or if the file is missing, the command would prompt
> the
> > > > > user for these value at the command prompt. If the values provided
> > are
> > > > > invalid, the command would fail.
> > > > >
> > > > >
> > > > >
> > > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > > certificate and the provisioning profile to be used. The default
> > > > > build.xcconfig file is setup to handle different information by
> build
> > > > > profile based on the configuration defined in the command.
> > > > > Build.xcconfig can also support signing identities that tie the
> > > > > code-sign certificate with the provisioning profile.
> > > > >
> > > > >
> > > > >
> > > > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > > > explicit way to specify certs/profile for packaging for iOS (since
> > the
> > > > > build needs to happen on MAC agent) instead of the assets being
> > > > > defined in the build.xcconfig. One way to allow this is by using
> > > > > optional platform specific arguments to the package command like:
> > > > >
> > > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> --embed
> > > > > “d:\cert\devprovision.mobileprovisioning”
> > > > >
> > > > > This command will run the xcrun command to generate a signed IPA
> with
> > > > > development provisioning profile.
> > > > >
> > > > >
> > > > >
> > > > > I would love to hear your comments, insights and feedback on this
> > > > proposal.
> > > > >
> > > > >
> > > > >
> > > > > Subhag Oak | Senior Program Manager
> > > > >
> > > > > Visual Studio, Client Tools
> > > > >
> > > > > soak@microsoft.com
> > > > >
> > > > > 425 707 5598 office
> > > > >
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > > > > Andrew Grieve
> > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > To: Shazron
> > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > >
> > > > >
> > > > > For Android Gradle, what's in (and experimental) right now:
> > > > >
> > > > >
> > > > >
> > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a
> > > > > .properties file that contains:
> > > > >
> > > > >
> > > > >
> > > > > storeFile=relative/path/to/keystore.p12
> > > > >
> > > > > storePassword=SECRET1
> > > > >
> > > > > storeType=pkcs12
> > > > >
> > > > > keyAlias=DebugSigningKey
> > > > >
> > > > > keyPassword=SECRET2
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Topics to discuss:
> > > > >
> > > > >
> > > > >
> > > > > 1) Combine platform info into one file, or leave separate?
> > > > >
> > > > > - Leaning towards together
> > > > >
> > > > > 2) have config.xml point to signing info?
> > > > >
> > > > > - I think no, since signing info you often want to not check in /
> > keep
> > > > > secure
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Strawman:
> > > > >
> > > > > If a file "cordova-keys.json" exists as a sibling to www/, then use
> > > > > it. It should look like:
> > > > >
> > > > > {
> > > > >
> > > > > "android": {
> > > > >
> > > > > "storeFile": "relative/path.p12"
> > > > >
> > > > > ...
> > > > >
> > > > > },
> > > > >
> > > > > "ios": {
> > > > >
> > > > > },
> > > > >
> > > > > ...
> > > > >
> > > > > }
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Android signs debug builds as well (not sure if other platforms do
> > > > > this too?), so maybe also allow
> > > > >
> > > > > "android-release" as an alias for "android", and
> > > > >
> > > > > "android-debug"
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > > > > shazron@gmail.com>> wrote:
> > > > >
> > > > >
> > > > >
> > > > > > I did open an issue for this two years ago:
> > > > >
> > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > >
> > > > > > and we did discuss this as well 2 yrs ago:
> > > > >
> > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > >
> > > > > >
> > > > >
> > > > > > Seems to be of great value - so let's get going on this ;) The
> CLI
> > > > > > has
> > > > >
> > > > > > (I think) matured more since then to allow this
> > > > >
> > > > > >
> > > > >
> > > > > >
> > > > >
> > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > >
> > > > > > <to...@devgeeks.org>>
> > > > >
> > > > > > wrote:
> > > > >
> > > > > >
> > > > >
> > > > > > > Frederico’s workflow is the same as ours. I would love to see
> > > > >
> > > > > > > something happen To improve this, the less time I spend in
> Xcode,
> > > > >
> > > > > > > the happier I am
> > > > >
> > > > > > ;)
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > >
> > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > >
> > > > > > >
> > > > >
> > > > > > > I can already get the ultimate .apk through "cordova build
> > android
> > > > >
> > > > > > > --release", but I already have the required .properties
> properly
> > > > >
> > > > > > configured
> > > > >
> > > > > > > in my platform/android folder, specifying the path and name to
> my
> > > > >
> > > > > > > keystores. The "cordova build android --release" already gives
> me
> > > > >
> > > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > > play.google.com.
> > > > >
> > > > > > >
> > > > >
> > > > > > > I have never, however, used cordova's CLI to build the final
> > > > >
> > > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > > >
> > > > > > > prepare", and use xCode
> > > > >
> > > > > > from
> > > > >
> > > > > > > then on to build, package, sign, and upload.
> > > > >
> > > > > > >
> > > > >
> > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN
> TECH) <
> > > > >
> > > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > > >
> > > > > > >
> > > > >
> > > > > > > > How about a "cordova package" command, that would be for
> > > > > > > > packaging
> > > > >
> > > > > > > > the
> > > > >
> > > > > > > app
> > > > >
> > > > > > > > for the store? Note that different platforms may have
> different
> > > > >
> > > > > > > > requirements for certs, signing etc. So it may make sense to
> > > > >
> > > > > > > > promote
> > > > >
> > > > > > this
> > > > >
> > > > > > > > to a different command and let each command take care of
> > > > > > > > packaging
> > > > >
> > > > > > > > the
> > > > >
> > > > > > > app
> > > > >
> > > > > > > > for the store. This command will also mean that developers
> > don’t
> > > > >
> > > > > > > > have
> > > > >
> > > > > > to
> > > > >
> > > > > > > go
> > > > >
> > > > > > > > over to the native projects when they finally want to publish
> > > > >
> > > > > > > > their
> > > > >
> > > > > > apps
> > > > >
> > > > > > > to
> > > > >
> > > > > > > > the store.
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > -----Original Message-----
> > > > >
> > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > >
> > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > >
> > > > > > > > To: dev
> > > > >
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > if you do:
> > > > >
> > > > > > > > Cordova build --release,
> > > > >
> > > > > > > > The blackberry10 platform will generate a signed image...
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> > > <mailto:
> > > > > agrieve@chromium.org>> wrote:
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > >AFAIK, I don't think there's any technical roadblocks. Just
> > > > > > > > >need
> > > > >
> > > > > > > > >a proposal for how it should look, and then a patch & docs
> to
> > > > > > > > >add
> > > > > it!
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >For Android's hot-off-the-press gradle support, you can set
> an
> > > > >
> > > > > > > > >environment variable that points to a .properties file for
> > > > >
> > > > > > > > >signing builds. This shows one way to go about it, but I'm
> not
> > > > > > > > >in
> > > > >
> > > > > > > > >love with
> > > > >
> > > > > > the
> > > > >
> > > > > > > > .properties idea.
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > >
> > > > > > > > ><so...@gmail.com>>
> > > > >
> > > > > > > > >wrote:
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >> Hi community.
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > > >> command
> > > > >
> > > > > > > > >>does not create signed archives. Digging a little bit
> found a
> > > > >
> > > > > > > > >>lot of differences in the platforms to create these
> archives.
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> For instance, in Android you need to 1. Export your APK in
> > > > >
> > > > > > > > >> release mode (--release flag) 2. Sign your APK (you
> already
> > > > >
> > > > > > > > >> need a RSA key)
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> In iOS, you need to:
> > > > >
> > > > > > > > >> 1. Export your APP using --device flag (--release seems to
> > > > >
> > > > > > > > >> export
> > > > >
> > > > > > for
> > > > >
> > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign the
> > > > >
> > > > > > > > >>archive or use xcrun (headless
> > > > >
> > > > > > > > >> process)
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Besides these differences, what is preventing Cordova from
> > > > >
> > > > > > > > >> providing a generic one-way to build these signed,
> > > > > ready-to-publish archives?
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Perhaps I'm missing something here...? I really appreciate
> > > > > > > > >> your
> > > > >
> > > > > > > > >>insights on this topic
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Thanks!
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> --
> > > > >
> > > > > > > > >> Victor Adrian Sosa Herrera
> > > > >
> > > > > > > > >> IBM Software Engineer
> > > > >
> > > > > > > > >> Guadalajara, Jalisco
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > >
> > > > >
> > > > > > > >
> > > > >
> > > > > > > >
> > ----------------------------------------------------------------
> > > > > > > > --
> > > > >
> > > > > > > > --- To unsubscribe, e-mail:
> dev-unsubscribe@cordova.apache.org
> > > > > <ma...@cordova.apache.org>
> > > > >
> > > > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > <mailto:
> > > > > dev-help@cordova.apache.org>
> > > > >
> > > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > --
> > > > >
> > > > > > >
> > > > >
> > > > > > > *Frederico Galvão*
> > > > >
> > > > > > >
> > > > >
> > > > > > > Diretor de Tecnologia
> > > > >
> > > > > > >
> > > > >
> > > > > > > PontoGet Inovação Web
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > ( +55(62) 8131-5720
> > > > >
> > > > > > >
> > > > >
> > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > http://www.pontoget.com/>
> > > > >
> > > > > > >
> > > > >
> > > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > >
> > > > *Frederico Galvão*
> > > >
> > > > Diretor de Tecnologia
> > > >
> > > > PontoGet Inovação Web
> > > >
> > > >
> > > > ( +55(62) 8131-5720
> > > >
> > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > >
> > >
> >
>
--
*Frederico Galvão*
Diretor de Tecnologia
PontoGet Inovação Web
( +55(62) 8131-5720
* www.pontoget.com.br <http://www.pontoget.com/>
Re: Build signed archives using CLI
Posted by Shazron <sh...@gmail.com>.
I have rectified it in cordova-ios 4.0.x already, it picks up the
.xcconfig files.
On Wed, Apr 22, 2015 at 8:07 AM, Andrew Grieve <ag...@chromium.org> wrote:
> PR LGTM, but I have one question (maybe mostly for Shaz):
>
> Seems our build script pass -xcconfig "build-release.xcconfig", but our
> project template doesn't use any .xcconfig:
> http://pasteboard.co/2L2wg6r2.png
>
> Would it be better to:
> - use a different build-extras.xcconfig for debug / release (e.g.
> build-extras-release.xcconfig)
> - Set the xcconfigs in the project template so that they are used when
> building from Xcode?
>
>
> On Tue, Apr 21, 2015 at 4:47 PM, Nikhil Khandelwal <ni...@microsoft.com>
> wrote:
>>
>> Support for iOS is in this PR now:
>> https://github.com/apache/cordova-ios/pull/138
>>
>> It allows you to specify a signing identity and a provisioning profile
>> using command line arguments or build.json.
>>
>> Thanks,
>> Nikhil
>>
>>
>> -----Original Message-----
>> From: Nikhil Khandelwal [mailto:nikhilkh@microsoft.com]
>> Sent: Monday, April 6, 2015 9:37 AM
>> To: dev@cordova.apache.org
>> Subject: RE: Build signed archives using CLI
>>
>> Thanks, Andrew for doing a thorough review. This was merged in last week.
>> I have created a new PR for the docs update:
>> https://github.com/apache/cordova-docs/pull/277
>>
>> It's important to note, to make it simple to pass multiple signing
>> parameters, I have created the concept of a build.json file (instead of
>> cordova-keys.json suggested below) that can be used to specify build-time
>> parameters. It supports specifying two sets of values - debug & release.
>>
>> This support is currently only for Android, I am working on another PR for
>> iOS.
>>
>> Thanks,
>> Nikhil
>>
>>
>> -----Original Message-----
>> From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew
>> Grieve
>> Sent: Wednesday, March 18, 2015 4:48 PM
>> To: dev
>> Subject: Re: Build signed archives using CLI
>>
>> Left some comments on the PR.
>>
>> On Tue, Mar 17, 2015 at 5:04 PM, Nikhil Khandelwal
>> <ni...@microsoft.com>
>> wrote:
>>
>> > I just submitted a PR for this for Android:
>> > https://github.com/apache/cordova-android/pull/164
>> >
>> > Here's the rough design:
>> >
>> > - Build.json or command line args can be used to specify details
>> > required for packaging:
>> > - Keystore
>> > - Alias
>> > - Keystore password
>> > - Password
>> > - Keystore type.
>> > - Debug-signing.properties or release-signing.properties is created at
>> > prepare time to allow gradle or Ant build systems to pick up those
>> > properties and generate a signed archive.
>> > - ‘Clean’ will delete these autogenerated .properties files.
>> > - If no password is specified for release signing, Ant & gradle will
>> > prompt for passwords.
>> >
>> > I will shortly have a PR to update the docs.
>> >
>> > Thanks,
>> > Nikhil
>> >
>> >
>> > -----Original Message-----
>> > From: Carlos Santana [mailto:csantana23@gmail.com]
>> > Sent: Friday, February 13, 2015 2:28 PM
>> > To: dev@cordova.apache.org
>> > Subject: Re: Build signed archives using CLI
>> >
>> > Thanks Nikhil I see this as a very good and important feature to have
>> > in our CLI stack
>> >
>> > On Fri, Feb 13, 2015 at 4:48 PM, Nikhil Khandelwal
>> > <nikhilkh@microsoft.com
>> > >
>> > wrote:
>> >
>> > > I'm taking this over from Dan. I like the idea of having the release
>> > > signing information persisted in a json file.
>> > >
>> > > I have made some updates on the specific issue of how keys/passwords
>> > > can be passed through CLI and JSON:
>> > >
>> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9Pu
>> > > NB
>> > > L1auAMGFM/edit#
>> > >
>> > > I'm still going through the details of packaging requirements of
>> > > each platform. I expect to add some more details on how the
>> > > packaging process will work with individual platform build systems
>> > > in the coming days. I will update this thread when I do so.
>> > >
>> > > Here's the main JIRA with platform specific tasks here:
>> > > https://issues.apache.org/jira/browse/CB-8483. I would love to
>> > > collaborate with others who are interested in this area.
>> > > Specifically, I plan to take up the task of implementing this for
>> > > Android first.
>> > >
>> > > Thanks,
>> > > Nikhil
>> > >
>> > >
>> > > -----Original Message-----
>> > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
>> > > Sent: Tuesday, February 10, 2015 2:29 PM
>> > > To: dev@cordova.apache.org
>> > > Subject: Re: Build signed archives using CLI
>> > >
>> > > I'm leaning to Andrew and Omar's idea. I like the idea of having a
>> > > file where all the platform-specific information will be stored,
>> > > then each platform will take that information to sign the archive
>> > > and produce a usable, I mean ready-to-distribute, binary.
>> > >
>> > > As for Omar's comment, I also concur there. If a user has the
>> > > signing info in gradle or ant properties and that info is also
>> > > provided in the new file discussed here, then it should take
>> > > precedence and override the platform-specific one.
>> > >
>> > > Wondering if Dan is feeling OK now and ready to be back in the game
>> > > :D
>> > >
>> > > 2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
>> > >
>> > > > +1 for having an additional file to abstract away all the platform
>> > > > specific stuff. Currently, we support both gradle and ant for
>> > > > android for example, I think it wouldn't make sense for end-users
>> > > > to have to change their specs depending on what specific tool is
>> > > > used behind the
>> > > scenes.
>> > > > Maybe we could also copy those properties to specific files during
>> > > > build or prepare ? [copy from cordova's to ant.properties]
>> > > >
>> > > >
>> > > > Thanks,
>> > > > Mefire
>> > > >
>> > > > -----Original Message-----
>> > > > From: Chuck Lantz [mailto:clantz@microsoft.com]
>> > > > Sent: Wednesday, January 28, 2015 10:30 AM
>> > > > To: dev@cordova.apache.org
>> > > > Subject: RE: Build signed archives using CLI
>> > > >
>> > > > Yeah personally I am thinking that - particularly if we treat
>> > > > platforms as dependencies in package.json as proposed - we'll need
>> > > > some facility to set native build settings. We may be able to come
>> > > > up with some sort of abstraction for this part, but I'm kind of
>> > > > thinking we'll ultimately want a facility to include native build
>> > > > property files (ant/gradle.properties, things like the signing
>> > > > identity in build.xcconfig, etc) in the CLI project. That said,
>> > > > we could have another facility for common settings like certs.
>> > > >
>> > > > -Chuck
>> > > >
>> > > > -----Original Message-----
>> > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
>> > > > Andrew Grieve
>> > > > Sent: Wednesday, January 28, 2015 10:18 AM
>> > > > To: dev
>> > > > Subject: Re: Build signed archives using CLI
>> > > >
>> > > > Sounds good, let's wait until Dan is back to discuss. The main
>> > > > point I'd like to cover is whether it'd be good to have layer of
>> > > > indirection between cordova and the platform-specific files that
>> > > > dictate signing
>> > > info.
>> > > >
>> > > > E.g.:
>> > > > Instead of using ant.properties / gradle.properties /
>> > > > build.xcconfig,
>> > > have:
>> > > >
>> > > > cordova-keys.json
>> > > > {
>> > > > ios: { identity: "", provisioning_profile: "" },
>> > > > android-debug: { keystore: "", alias: "", password: "", type: ""
>> > > > },
>> > > > android-release: { keystore: "", alias: "", password: "", type:
>> > > > ""
>> > }
>> > > > ...
>> > > > }
>> > > >
>> > > > Then, have a prepare step that makes the platforms do the right
>> > > > thing
>> > > >
>> > > > (Note that for android it's important to have debug siging keys as
>> > > > well since they are used for Play Services and Cloud Console APIs).
>> > > >
>> > > >
>> > > >
>> > > >
>> > > >
>> > > >
>> > > > On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa
>> > > > <so...@gmail.com>
>> > > > wrote:
>> > > >
>> > > > > Yay!! Great news!
>> > > > >
>> > > > > Chuck, by any chance, do you have a link to the sandbox, or
>> > > > > design doc or something worth to look at it? If no, we can wait
>> > > > > until Dan is back (hope he feels better soon) I'm happy to help if
>> > > > > needed.
>> > > > >
>> > > > > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
>> > > > >
>> > > > > > Dan Levine whom some of you met at PhoneGap day actually has
>> > > > > > been working on a PR based on Subhag's proposal for discussion
>> > > > > > - he is out sick which
>> > > > > is
>> > > > > > why he didn't respond to this thread. I'll let him speak to it
>> > > > > > once he's back but the good news is there is someone working
>> > > > > > on something in this area.
>> > > > > >
>> > > > > > -Chuck
>> > > > > >
>> > > > > > -----Original Message-----
>> > > > > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
>> > > > > > Sent: Wednesday, January 28, 2015 7:57 AM
>> > > > > > To: dev@cordova.apache.org
>> > > > > > Subject: Re: Build signed archives using CLI
>> > > > > >
>> > > > > > Hi Andrew.
>> > > > > >
>> > > > > > AFAICT, no one has done any work on this area, but I'd like to
>> > > > > > add this topic to the hangout agenda, start discussing this. I
>> > > > > > think Subhag has a very good design in the google doc in this
>> > > > > > thread. We can start from
>> > > > > there
>> > > > > > and try to make this happen for a future release.
>> > > > > >
>> > > > > > Thoughts before adding it to the agenda?
>> > > > > >
>> > > > > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
>> > > > > >
>> > > > > > > In anyone interested in working on any of this?
>> > > > > > >
>> > > > > > > Was just looking at it to see if there was anything I needed
>> > > > > > > to do to add support to Android for release packaging.
>> > > > > > >
>> > > > > > > Main thing lacking to me is whether we should support
>> > > > > > > specifying release key information outside of the
>> > platforms/android directory.
>> > > > > > > E.g. have a cordova-keys.json as a sibling to www/ that has
>> > > > > > > per-platform key locations & settings.
>> > > > > > >
>> > > > > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
>> > > > > > > <so...@gmail.com>
>> > > > > > > wrote:
>> > > > > > >
>> > > > > > > > Hello Cordova community
>> > > > > > > > Curious to know where we stand about this topic. Even
>> > > > > > > > though this topic looks to have significant impact on
>> > > > > > > > Cordova, Subhag has a document
>> > > > > > > proposal
>> > > > > > > > with little discussion activity.
>> > > > > > > >
>> > > > > > > > I like Subhag's proposal, but I want to bring back the
>> > > > > > > > idea of a prompt-less keychain.
>> > > > > > > >
>> > > > > > > > Is anything else, besides what is depicted in the
>> > > > > > > > proposal, missing
>> > > > > > here?
>> > > > > > > >
>> > > > > > > > Document:
>> > > > > > > >
>> > > > > > > >
>> > > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA
>> > > > > > > fb
>> > > > > > > iQ
>> > > > > > > u9
>> > > > > > > PuNB
>> > > > > > > L1auAMGFM/edit?usp=sharing
>> > > > > > > >
>> > > > > > > >
>> > > > > > > > ---------- Forwarded message ----------
>> > > > > > > > From: Carlos Santana <cs...@gmail.com>
>> > > > > > > > Date: 2014-10-15 12:42 GMT-05:00
>> > > > > > > > Subject: Re: Build signed archives using CLI
>> > > > > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
>> > > > > > > >
>> > > > > > > >
>> > > > > > > > +1 on having a new command "cordova package" this will
>> > > > > > > > +allow IBM tooling
>> > > > > > > to
>> > > > > > > > hook into before_package and after_package for our own
>> > > > > > > > customizations (direct update, authenticity, etc..)
>> > > > > > > > +1 on using sane defaults and not prompting (i.e. default
>> > > > > > > > +keychain maybe
>> > > > > > > > used and unlock already) if not found what we need then
>> > > > > > > > prompt or fail
>> > > > > > > > +1 have some config/settings outside "platforms/" as I
>> > > > > > > > +like to be
>> > > > > > > transient
>> > > > > > > > replaceable. using config.xml, something.json, or file
>> > > > > > > > conventions like res/packaging/<platform>/ are all ok
>> > > > > > > > options.
>> > > > > > > >
>> > > > > > > >
>> > > > > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
>> > > > > > > > <Su...@microsoft.com>
>> > > > > > > > wrote:
>> > > > > > > >
>> > > > > > > > > Here is the link to the proposal:
>> > > > > > > > >
>> > > > > > > >
>> > > > > > > >
>> > > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA
>> > > > > > > fb
>> > > > > > > iQ
>> > > > > > > u9
>> > > > > > > PuNB
>> > > > > > > L1auAMGFM/edit?usp=sharing
>> > > > > > > > > Jump on it people :)
>> > > > > > > > >
>> > > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
>> > > > > > > > > Client Tools soak@microsoft.com
>> > > > > > > > > 425 707 5598 office
>> > > > > > > > >
>> > > > > > > > > -----Original Message-----
>> > > > > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
>> > > > > > > > > Sent: Thursday, October 9, 2014 12:58 PM
>> > > > > > > > > To: dev@cordova.apache.org
>> > > > > > > > > Subject: RE: Build signed archives using CLI
>> > > > > > > > >
>> > > > > > > > > Adding to what Shazron said, isn't config.xml supposed
>> > > > > > > > > to be considered as app-wide settings/properties?
>> > > > > > > > > Typically packaging information is per platform and
>> > > > > > > > > hence in my opinion, should be decoupled from config
>> > > > > > > > settings.
>> > > > > > > > > Jesse, I am working on a documentation that I will share
>> > > > > > > > > out soon for
>> > > > > > > > the
>> > > > > > > > > community to collaborate.
>> > > > > > > > >
>> > > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
>> > > > > > > > > Client Tools soak@microsoft.com
>> > > > > > > > > 425 707 5598 office
>> > > > > > > > >
>> > > > > > > > > -----Original Message-----
>> > > > > > > > > From: Shazron [mailto:shazron@gmail.com]
>> > > > > > > > > Sent: Thursday, October 9, 2014 12:02 PM
>> > > > > > > > > To: dev@cordova.apache.org
>> > > > > > > > > Subject: Re: Build signed archives using CLI
>> > > > > > > > >
>> > > > > > > > > Liking Subhag's proposal.
>> > > > > > > > > Agree with Jesse on using conventions as a default plus
>> > > > > > > > > config.xml
>> > > > > > > > > --
>> > > > > > > > with
>> > > > > > > > > overrides/env-vars possible. The only caveat for
>> > > > > > > > > including info in the config.xml is, the config.xml data
>> > > > > > > > > is copied into the iOS platform and
>> > > > > > > > will
>> > > > > > > > > be included in the .app bundle, and will leak
>> > > > > > > > > information (even though harmless, since it shouldn't
>> > > > > > > > > contain passwords,
>> > > > > > > > > etc) -- so maybe that
>> > > > > > > is
>> > > > > > > > > not desirable, using config.xml.
>> > > > > > > > >
>> > > > > > > > > We will need to provide the password each time at least
>> > > > > > > > > for iOS, since
>> > > > > > > we
>> > > > > > > > > need to unlock the keychain for code signing.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
>> > > > > > > > > <ag...@chromium.org>
>> > > > > > > > > wrote:
>> > > > > > > > >
>> > > > > > > > > > The prompting is actually pretty appropriate here
>> > > > > > > > > > since passwords are involved I think. I think also
>> > > > > > > > > > that keys will often not be checked into source
>> > > > > > > > > > control, but maybe the best way to support that is to
>> > > > > > > > > > allow multiple ways of specifying things (e.g. default
>> > > > > > > > > > to convention, allow override via config.xml, allow
>> > > > > > > > > > override via command-line & env variable as well)
>> > > > > > > > > >
>> > > > > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
>> > > > > > > > > > <pu...@gmail.com>
>> > > > > > > wrote:
>> > > > > > > > > >
>> > > > > > > > > > > I am liking all of this.
>> > > > > > > > > > > Are we ready to move this to an editable plaintext
>> > > > > > > > > > > doc to
>> > > > > > > collaborate
>> > > > > > > > > on?
>> > > > > > > > > > >
>> > > > > > > > > > > I agree that we should take advantage of as much
>> > > > > > > > > > > 'by-convention' as we
>> > > > > > > > > > can,
>> > > > > > > > > > > meaning things like `cordova package ios` defaults
>> > > > > > > > > > > to a code sign
>> > > > > > > > > > identity
>> > > > > > > > > > > of 'iPhone Developer' and signs based on
>> > > > > > > > > > > app-bundle-id,
>> > ...
>> > > > > > > > > > >
>> > > > > > > > > > > If it does not make sense as a convention, then I
>> > > > > > > > > > > too would like to see
>> > > > > > > > > > as
>> > > > > > > > > > > much as possible done through config.xml as Fredrico
>> > > > > > > > > > > points out,
>> > > > > > > and
>> > > > > > > > > > agree
>> > > > > > > > > > > on picking the most consistent names possible.
>> > > > > > > > > > >
>> > > > > > > > > > > I would prefer that we do not prompt, and simply
>> > > > > > > > > > > fail fast, given that tools will typically be
>> > > > > > > > > > > consuming the cli. Or we should at least
>> > > > > > > > > > provide a
>> > > > > > > > > > > --noPrompt option. Anything prompt-able should be
>> > > > > > > > > > > config.xml-able
>> > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > > > @purplecabbage
>> > > > > > > > > > > risingj.com
>> > > > > > > > > > >
>> > > > > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
>> > > > > > > > > > > <clantz@microsoft.com
>> > > > > > > >
>> > > > > > > > > > wrote:
>> > > > > > > > > > >
>> > > > > > > > > > > > One option here could be to build off of the idea
>> > > > > > > > > > > > of the
>> > > > > "res"
>> > > > > > > > > > > > folder
>> > > > > > > > > > > that
>> > > > > > > > > > > > is in the current samples for splashscreens and
>> > > > > > > > > > > > icons and introduce something like "res/native".
>> > > > > > > > > > > > Files placed here would
>> > > > > > > be
>> > > > > > > > > > > > put into the native project folders "before_prepare"
>> > > > > > > > > > > > and would be further enhanced
>> > > > > > > > > > by
>> > > > > > > > > > > > the plugin and build infrastructure. This would
>> > > > > > > > > > > > allow you to place customized native assets that
>> > > > > > > > > > > > are unique to your project in a place
>> > > > > > > > > > that
>> > > > > > > > > > > > you can check in and would be unaffected by an
>> > > > > > > > > > > > upgrade.
>> > > > > > > > > > > >
>> > > > > > > > > > > > Andrew's environment variable idea could also
>> > > > > > > > > > > > provide an
>> > > > > > > alternate
>> > > > > > > > > > means
>> > > > > > > > > > > > to specify platform specific values (what Soak
>> > > > > > > > > > > > mentions in the {
>> > > > > > > > }).
>> > > > > > > > > > > >
>> > > > > > > > > > > > -Chuck
>> > > > > > > > > > > >
>> > > > > > > > > > > > -----Original Message-----
>> > > > > > > > > > > > From: Frederico Galvão
>> > > > > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
>> > > > > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
>> > > > > > > > > > > > Cc: dev@cordova.apache.org
>> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
>> > > > > > > > > > > >
>> > > > > > > > > > > > I agree with pretty much everything mentioned, but
>> > > > > > > > > > > > as far as I know cordova is trying it's best to
>> > > > > > > > > > > > not depend on anything to be in
>> > > /platforms/<TARGET_PLATFORM>/.
>> > > > > > > > > > > > Having said that, the package command
>> > > > > > > > > > > should
>> > > > > > > > > > > > always expect things to be in config.xml or
>> > > > > > > > > > > > something like
>> > > > > > that.
>> > > > > > > > > > > >
>> > > > > > > > > > > > Also, the closer we are in naming things to what
>> > > > > > > > > > > > they are already known
>> > > > > > > > > > > as
>> > > > > > > > > > > > in the native platform, the better.
>> > > > > > > > > > > >
>> > > > > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
>> > > > > > > > > > > > <Subhag.Oak@microsoft.com
>> > > > > > > >:
>> > > > > > > > > > > >
>> > > > > > > > > > > > > Hey Cordova community,
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > I am Subhag Oak, senior program manager on the
>> > > > > > > > > > > > > Visual Studio team working on VS tools for Multi
>> > > > > > > > > > > > > device hybrid apps. In line with the discussion
>> > > > > > > > > > > > > of having a generic
>> > > > > > Cordova ‘packaging’
>> > > > > > > > > > > > > command for all platforms, here is one
>> > > > > > > > > > > > > proposal:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > As we all know, packaging an application for
>> > > > > > > > > > > > > deployment
>> > > > > > > requires
>> > > > > > > > > > extra
>> > > > > > > > > > > > > steps that are specific to the native platforms.
>> > > > > > > > > > > > > A new generic Cordova CLI ‘package’ command can
>> > > > > > > > > > > > > perform these platform specific actions to
>> > > > > > > > > > > > > generate a final signed package ready for
>> > > > > > > > > deployment:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > cordova package [platform]
>> > > > > > > > > > > > > [--packageConfiguration]
>> > > > > > > > > > > > > {-- –-sign[location]
>> > > > > > > > > > > > > -- –-embed[location] --
>> > > > > > > > > > > > > --signIdentity[location]}, where all
>> > > > > > > the
>> > > > > > > > > > > > > parameters within { } are platform specific
>> > overrides.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > If no platform is specified, the command will
>> > > > > > > > > > > > > build packages
>> > > > > > > for
>> > > > > > > > > > > > > all platforms added.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > The values for –packageConfiguration are
>> > > > > > > > > > > > > interpreted by the
>> > > > > > > > > > respective
>> > > > > > > > > > > > > platforms. For Android and Windows, the value
>> > > > > > > > > > > > > can be debug or
>> > > > > > > > > > release,
>> > > > > > > > > > > > > with release being the default value. For iOS,
>> > > > > > > > > > > > > the possible values are development, adhoc or
>> > > > > > > > > > > > > store with development being the default value.
>> > > > > > > > > > > > > The
>> > > > > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity
>> > > > > > > > > > > > > are optional iOS specific signing arguments for
>> > > > > > > > > > > > > specifying the location of
>> > > > > > > > > > code-signing
>> > > > > > > > > > > > > certificate, the provisioning profile or the
>> > > > > > > > > > > > > code signing identity (certificates along with
>> > > > > > > > > > > > > public and private keys)
>> > > > > > > > > respectively.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > e.g:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > · ‘cordova package iOS’ would generate a
>> > signed
>> > > > ipa
>> > > > > > > with
>> > > > > > > > > > > > > development profile, using code signing identity
>> > > > > > > > > > > > > defined in
>> > > > > > > > > > > > build.xcconfig:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > // to list all installed iOS identities, run:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > // security find-identity | sed -n
>> > > > > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > // generic 'iPhone Developer' (no quotes) will
>> > > > > > > > > > > > > match the right Identity with the right
>> > > > > > > > > > > > > Provisioning // Profile plus Certificate, based
>> > > > > > > > > > > > > on the app bundle id
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > · ‘cordova package android’ would generate
>> > > > > > > > > > > > > a
>> > > > > release
>> > > > > > > > signed
>> > > > > > > > > > > using
>> > > > > > > > > > > > > the packaging assets (keystore, alias and
>> > > > > > > > > > > > > password) defined in the ant.properties files
>> > > > > > > > > > > > > using the ANT
>> > > build.
>> > > > > > > > > > > > > This would be using gradle.propoerties once
>> > > > > > > > > > > > > cordova changes to gradle build like the one
>> > > > > > > > > > > > > Andrew mentions
>> > > > below.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > · ‘Cordova package windows’ would generate
>> > > > > > > > > > > > > a
>> > > > signed
>> > > > > > > APPX
>> > > > > > > > > > > package.
>> > > > > > > > > > > > > This will use the following tools in the Windows
>> > > > > > > > > > > > > SDK:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > • An unsigned packaged Windows
>> > Store
>> > > > > app,
>> > > > > > > for
>> > > > > > > > > > > example,
>> > > > > > > > > > > > > an .APPX file created by using the app packager
>> > > > > > > > > > > > > (MakeAppx.exe) tool
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > • A valid code signing
>> > certificate,
>> > > > for
>> > > > > > > > > example, a
>> > > > > > > > > > > > > Personal Information Exchange (.pfx) file
>> > > > > > > > > > > > > created with the MakeCert.exe and Pvk2Pfx.exe
>> > > > > > > > > > > > > tools
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > • SignTool, which is part of
>> > > > > > > > > > > > > the
>> > > > Windows
>> > > > > > SDK
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Here is how the package command should work. The
>> > > > > > > > > > > > > proposal is to make the ‘package’ command work
>> > > > > > > > > > > > > on convention (similar to the Cordova
>> > > > > > > > > > build
>> > > > > > > > > > > > > command) rather than config settings. The
>> > > > > > > > > > > > > command would look
>> > > > > > > out
>> > > > > > > > > > > > > for packaging assets in the “platform\
>> > > [native-platform]”
>> > > > > > > folder.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > For android, the contents of the ant.properties
>> > > > > > > > > > > > > (keystore, password, alias and alias password)
>> > > > > > > > > > > > > would be used for
>> > > > > > > packaging.
>> > > > > > > > > > > > > If any of
>> > > > > > > > > > these
>> > > > > > > > > > > > > properties is missing in ant.properties [or
>> > > > > > > > > > > > > gradle.properties for gradle build] or if the
>> > > > > > > > > > > > > file is missing, the command would prompt the
>> > > > > > > > > > > > > user for these value at the command prompt. If
>> > > > > > > > > > > > > the values provided
>> > > > > > > > > > are
>> > > > > > > > > > > > > invalid, the command would fail.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > For iOS, the contents of build.xcconfig specify
>> > > > > > > > > > > > > the code-sign certificate and the provisioning
>> > > > > > > > > > > > > profile to be used. The
>> > > > > > > default
>> > > > > > > > > > > > > build.xcconfig file is setup to handle different
>> > > > > > > > > > > > > information by build profile based on the
>> > > > > > > > > > > > > configuration defined in the
>> > > > > > > command.
>> > > > > > > > > > > > > Build.xcconfig can also support signing
>> > > > > > > > > > > > > identities that tie the code-sign certificate
>> > > > > > > > > > > > > with the provisioning
>> > > > > profile.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Tools like VS and other IDEs, which use cordova
>> > > > > > > > > > > > > CLI, may need
>> > > > > > > an
>> > > > > > > > > > > > > explicit way to specify certs/profile for
>> > > > > > > > > > > > > packaging for iOS (since
>> > > > > > > > > > the
>> > > > > > > > > > > > > build needs to happen on MAC agent) instead of
>> > > > > > > > > > > > > the assets being defined in the build.xcconfig.
>> > > > > > > > > > > > > One way to allow this is by
>> > > > > > > using
>> > > > > > > > > > > > > optional platform specific arguments to the
>> > > > > > > > > > > > > package command
>> > > > > > > like:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Cordova package iOS --development --sign
>> > > > > “d:\cert\mycert.cer”
>> > > > > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > This command will run the xcrun command to
>> > > > > > > > > > > > > generate a signed
>> > > > > > > IPA
>> > > > > > > > > > > > > with development provisioning profile.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > I would love to hear your comments, insights and
>> > > > > > > > > > > > > feedback on this
>> > > > > > > > > > > > proposal.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Subhag Oak | Senior Program Manager
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Visual Studio, Client Tools
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > soak@microsoft.com
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > 425 707 5598 office
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > -----Original Message-----
>> > > > > > > > > > > > > From: agrieve@google.com
>> > > > > > > > > > > > > [mailto:agrieve@google.com] On Behalf Of Andrew
>> > > > > > > > > > > > > Grieve
>> > > > > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
>> > > > > > > > > > > > > To: Shazron
>> > > > > > > > > > > > > Cc: tommy-carlos williams;
>> > > > > > > > > > > > > dev@cordova.apache.org
>> > > > > > > > > > > > > Subject: Re: Build signed archives using CLI
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > For Android Gradle, what's in (and experimental)
>> > > > > > > > > > > > > right
>> > > > now:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Environment variable
>> > "RELEASE_SIGNING_PROPERTIES_FILE"
>> > > > > > > > > > > > > points
>> > > > > > > to
>> > > > > > > > > > > > > a .properties file that contains:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > storeFile=relative/path/to/keystore.p12
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > storePassword=SECRET1
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > storeType=pkcs12
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > keyAlias=DebugSigningKey
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > keyPassword=SECRET2
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Topics to discuss:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > 1) Combine platform info into one file, or leave
>> > > > separate?
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > - Leaning towards together
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > 2) have config.xml point to signing info?
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > - I think no, since signing info you often want
>> > > > > > > > > > > > > to not check in /
>> > > > > > > > > > keep
>> > > > > > > > > > > > > secure
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Strawman:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > If a file "cordova-keys.json" exists as a
>> > > > > > > > > > > > > sibling to www/, then use it. It should look like:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > {
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > "android": {
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > "storeFile": "relative/path.p12"
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > ...
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > },
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > "ios": {
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > },
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > ...
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > }
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > Android signs debug builds as well (not sure if
>> > > > > > > > > > > > > other platforms do this too?), so maybe also
>> > > > > > > > > > > > > allow
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > "android-release" as an alias for "android",
>> > > > > > > > > > > > > and
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > "android-debug"
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
>> > > > > > > > > > > > > <shazron@gmail.com
>> > > > > > > > <mailto:
>> > > > > > > > > > > > > shazron@gmail.com>> wrote:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > I did open an issue for this two years ago:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > and we did discuss this as well 2 yrs ago:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctv
>> > > > > > > > > > > > > > sq
>> > > > > > > > > > > > > > nm
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > Seems to be of great value - so let's get
>> > > > > > > > > > > > > > going on this
>> > > > > > > > > > > > > > ;)
>> > > > > > > The
>> > > > > > > > > > > > > > CLI has
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > (I think) matured more since then to allow
>> > > > > > > > > > > > > > this
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
>> > > > > > > > > > > > > > williams
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > <to...@devgeeks.org>
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > wrote:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > Frederico’s workflow is the same as ours. I
>> > > > > > > > > > > > > > > would love to see
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > something happen To improve this, the less
>> > > > > > > > > > > > > > > time I spend in Xcode,
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > the happier I am
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > ;)
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico
>> > > > > > > > > > > > > > > Galvão (
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
>> > > > > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > I can already get the ultimate .apk through
>> > > > > > > > > > > > > > > "cordova build
>> > > > > > > > > > android
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > --release", but I already have the required
>> > > > > > > > > > > > > > > .properties properly
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > configured
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > in my platform/android folder, specifying
>> > > > > > > > > > > > > > > the path and name to my
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > keystores. The "cordova build android
>> > > > > > > > > > > > > > > --release"
>> > > > > > > > > > > > > > > already gives me
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > the signed and ready .apk, all I have to do
>> > > > > > > > > > > > > > > is upload it to
>> > > > > > > > > > > > > play.google.com.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > I have never, however, used cordova's CLI to
>> > > > > > > > > > > > > > > build the
>> > > > > > > final
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do
>> > > > > > > > > > > > > > > is run "cordova
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > prepare", and use xCode
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > from
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > then on to build, package, sign, and upload.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram
>> > > > > > > > > > > > > > > Narasimhan (MS OPEN
>> > > > > > > > > > > > > > > TECH) <
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@micro
>> > > > > > > > > > > > > > > so
>> > > > > > > > > > > > > > > ft
>> > > > > > > > > > > > > > > .c
>> > > > > > > > > > > > > > > om
>> > > > > >>:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > How about a "cordova package" command,
>> > > > > > > > > > > > > > > > that would be for packaging
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > the
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > app
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > for the store? Note that different
>> > > > > > > > > > > > > > > > platforms may have different
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > requirements for certs, signing etc. So it
>> > > > > > > > > > > > > > > > may make sense to
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > promote
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > this
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > to a different command and let each
>> > > > > > > > > > > > > > > > command take care of packaging
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > the
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > app
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > for the store. This command will also mean
>> > > > > > > > > > > > > > > > that
>> > > > > > > developers
>> > > > > > > > > > don’t
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > have
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > to
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > go
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > over to the native projects when they
>> > > > > > > > > > > > > > > > finally want to publish
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > their
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > apps
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > to
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > the store.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > -----Original Message-----
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > From: Josh Soref
>> > > > > > > > > > > > > > > > [mailto:jsoref@blackberry.com]
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > To: dev
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > Subject: Re: Build signed archives using
>> > > > > > > > > > > > > > > > CLI
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > if you do:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > Cordova build --release,
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > The blackberry10 platform will generate a
>> > > > > > > > > > > > > > > > signed
>> > > > > > image...
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
>> > > > > > > agrieve@chromium.org
>> > > > > > > > > > > <mailto:
>> > > > > > > > > > > > > agrieve@chromium.org>> wrote:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >AFAIK, I don't think there's any
>> > > > > > > > > > > > > > > > >technical
>> > > > > roadblocks.
>> > > > > > > > > > > > > > > > >Just need
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >a proposal for how it should look, and
>> > > > > > > > > > > > > > > > >then a patch & docs to add
>> > > > > > > > > > > > > it!
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >For Android's hot-off-the-press gradle
>> > > > > > > > > > > > > > > > >support, you can set an
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >environment variable that points to a
>> > > > > > > > > > > > > > > > >.properties file for
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >signing builds. This shows one way to go
>> > > > > > > > > > > > > > > > >about it, but I'm not in
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >love with
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > the
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > .properties idea.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor
>> > > > > > > > > > > > > > > > >Sosa
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.vict
>> > > > > > > > > > > > > > > > >or
>> > > > > > > > > > > > > > > > >@g
>> > > > > > > > > > > > > > > > >ma
>> > > > > > > > > > > > > > > > >il.c
>> > > > > > > > > > > > > > > > >om>>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >wrote:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> Hi community.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> Been looking at this topic and
>> > > > > > > > > > > > > > > > >> wondering why the build command
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>does not create signed archives. Digging
>> > > > > > > > > > > > > > > > >>a little bit found a
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>lot of differences in the platforms to
>> > > > > > > > > > > > > > > > >>create these
>> > > > > > > > > archives.
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> For instance, in Android you need to 1.
>> > > > > > > > > > > > > > > > >> Export your
>> > > > > > > APK
>> > > > > > > > > > > > > > > > >> in
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> release mode (--release flag) 2. Sign
>> > > > > > > > > > > > > > > > >> your APK (you already
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> need a RSA key)
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> In iOS, you need to:
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> 1. Export your APP using --device flag
>> > > > > > > > > > > > > > > > >> (--release
>> > > > > > > seems
>> > > > > > > > > > > > > > > > >> to
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> export
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > for
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>emulator only) 2. Either use XCode
>> > > > > > > > > > > > > > > > >>(UI-based) and sign the
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>archive or use xcrun (headless
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> process)
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> Besides these differences, what is
>> > > > > > > > > > > > > > > > >> preventing Cordova from
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> providing a generic one-way to build
>> > > > > > > > > > > > > > > > >> these signed,
>> > > > > > > > > > > > > ready-to-publish archives?
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> Perhaps I'm missing something here...?
>> > > > > > > > > > > > > > > > >> I really appreciate your
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>insights on this topic
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> Thanks!
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> --
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> IBM Software Engineer
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >> Guadalajara, Jalisco
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > >>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > ------------------------------------------------------
>> > > > > > > > > > --
>> > > > > > > > > > --
>> > > > > > > > > > --
>> > > > > > > > > > ----
>> > > > > > > > > > > > > > > > --
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > --- To unsubscribe, e-mail:
>> > > > > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
>> > > > > > > > > > > > > <ma...@cordova.apache.org>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > > For additional commands, e-mail:
>> > > > > > > > > > > > > > > > dev-help@cordova.apache.org
>> > > > > > > > > > > > <mailto:
>> > > > > > > > > > > > > dev-help@cordova.apache.org>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > --
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > *Frederico Galvão*
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > Diretor de Tecnologia
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > PontoGet Inovação Web
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > ( +55(62) 8131-5720
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > > *
>> > > > > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com.
>> > > > > > > > > > > > > > > br
>> > > > > > > > > > > > > > > >
>> > > > > > > > > > > > > > > <
>> > > > > > > > > > > > > http://www.pontoget.com/>
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > > > > > --
>> > > > > > > > > > > >
>> > > > > > > > > > > > *Frederico Galvão*
>> > > > > > > > > > > >
>> > > > > > > > > > > > Diretor de Tecnologia
>> > > > > > > > > > > >
>> > > > > > > > > > > > PontoGet Inovação Web
>> > > > > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > > > > > ( +55(62) 8131-5720
>> > > > > > > > > > > >
>> > > > > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
>> > > > > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > --------------------------------------------------------
>> > > > > > > > > --
>> > > > > > > > > --
>> > > > > > > > > --
>> > > > > > > > > ----
>> > > > > > > > > --- To unsubscribe, e-mail:
>> > > > > > > > > dev-unsubscribe@cordova.apache.org
>> > > > > > > > > For additional commands, e-mail:
>> > > > > > > > > dev-help@cordova.apache.org
>> > > > > > > > >
>> > > > > > > > > --------------------------------------------------------
>> > > > > > > > > --
>> > > > > > > > > --
>> > > > > > > > > --
>> > > > > > > > > ----
>> > > > > > > > > --- To unsubscribe, e-mail:
>> > > > > > > > > dev-unsubscribe@cordova.apache.org
>> > > > > > > > > For additional commands, e-mail:
>> > > > > > > > > dev-help@cordova.apache.org
>> > > > > > > > >
>> > > > > > > >
>> > > > > > > >
>> > > > > > > >
>> > > > > > > > --
>> > > > > > > > Carlos Santana
>> > > > > > > > <cs...@gmail.com>
>> > > > > > > >
>> > > > > > > >
>> > > > > > > >
>> > > > > > > > --
>> > > > > > > > Victor Adrian Sosa Herrera IBM Software Engineer
>> > > > > > > > Guadalajara, Jalisco
>> > > > > > > >
>> > > > > > >
>> > > > > >
>> > > > > >
>> > > > > >
>> > > > > > --
>> > > > > > Victor Adrian Sosa Herrera
>> > > > > > IBM Software Engineer
>> > > > > > Guadalajara, Jalisco
>> > > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > > > --
>> > > > > Victor Adrian Sosa Herrera
>> > > > > IBM Software Engineer
>> > > > > Guadalajara, Jalisco
>> > > > >
>> > > > B
>> > KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
>> > > > [ X ܚX K K[XZ[
>> > > > ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
>> > > > ] Z [ ܙ ݘK \ X K ܙ B
>> > > >
>> > >
>> > >
>> > >
>> > > --
>> > > Victor Adrian Sosa Herrera
>> > > IBM Software Engineer
>> > > Guadalajara, Jalisco
>> > >
>> >
>> >
>> >
>> > --
>> > Carlos Santana
>> > <cs...@gmail.com>
>> >
>> B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
>> [ X ܚX K K[XZ[
>> ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
>> ] Z [ ܙ ݘK \ X K ܙ B
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org
Re: Build signed archives using CLI
Posted by Andrew Grieve <ag...@chromium.org>.
PR LGTM, but I have one question (maybe mostly for Shaz):
Seems our build script pass -xcconfig "build-release.xcconfig", but our
project template doesn't use any .xcconfig:
http://pasteboard.co/2L2wg6r2.png
Would it be better to:
- use a different build-extras.xcconfig for debug / release (e.g.
build-extras-release.xcconfig)
- Set the xcconfigs in the project template so that they are used when
building from Xcode?
On Tue, Apr 21, 2015 at 4:47 PM, Nikhil Khandelwal <ni...@microsoft.com>
wrote:
> Support for iOS is in this PR now:
> https://github.com/apache/cordova-ios/pull/138
>
> It allows you to specify a signing identity and a provisioning profile
> using command line arguments or build.json.
>
> Thanks,
> Nikhil
>
>
> -----Original Message-----
> From: Nikhil Khandelwal [mailto:nikhilkh@microsoft.com]
> Sent: Monday, April 6, 2015 9:37 AM
> To: dev@cordova.apache.org
> Subject: RE: Build signed archives using CLI
>
> Thanks, Andrew for doing a thorough review. This was merged in last week.
> I have created a new PR for the docs update:
> https://github.com/apache/cordova-docs/pull/277
>
> It's important to note, to make it simple to pass multiple signing
> parameters, I have created the concept of a build.json file (instead of
> cordova-keys.json suggested below) that can be used to specify build-time
> parameters. It supports specifying two sets of values - debug & release.
>
> This support is currently only for Android, I am working on another PR for
> iOS.
>
> Thanks,
> Nikhil
>
>
> -----Original Message-----
> From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew
> Grieve
> Sent: Wednesday, March 18, 2015 4:48 PM
> To: dev
> Subject: Re: Build signed archives using CLI
>
> Left some comments on the PR.
>
> On Tue, Mar 17, 2015 at 5:04 PM, Nikhil Khandelwal <nikhilkh@microsoft.com
> >
> wrote:
>
> > I just submitted a PR for this for Android:
> > https://github.com/apache/cordova-android/pull/164
> >
> > Here's the rough design:
> >
> > - Build.json or command line args can be used to specify details
> > required for packaging:
> > - Keystore
> > - Alias
> > - Keystore password
> > - Password
> > - Keystore type.
> > - Debug-signing.properties or release-signing.properties is created at
> > prepare time to allow gradle or Ant build systems to pick up those
> > properties and generate a signed archive.
> > - ‘Clean’ will delete these autogenerated .properties files.
> > - If no password is specified for release signing, Ant & gradle will
> > prompt for passwords.
> >
> > I will shortly have a PR to update the docs.
> >
> > Thanks,
> > Nikhil
> >
> >
> > -----Original Message-----
> > From: Carlos Santana [mailto:csantana23@gmail.com]
> > Sent: Friday, February 13, 2015 2:28 PM
> > To: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > Thanks Nikhil I see this as a very good and important feature to have
> > in our CLI stack
> >
> > On Fri, Feb 13, 2015 at 4:48 PM, Nikhil Khandelwal
> > <nikhilkh@microsoft.com
> > >
> > wrote:
> >
> > > I'm taking this over from Dan. I like the idea of having the release
> > > signing information persisted in a json file.
> > >
> > > I have made some updates on the specific issue of how keys/passwords
> > > can be passed through CLI and JSON:
> > >
> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9Pu
> > > NB
> > > L1auAMGFM/edit#
> > >
> > > I'm still going through the details of packaging requirements of
> > > each platform. I expect to add some more details on how the
> > > packaging process will work with individual platform build systems
> > > in the coming days. I will update this thread when I do so.
> > >
> > > Here's the main JIRA with platform specific tasks here:
> > > https://issues.apache.org/jira/browse/CB-8483. I would love to
> > > collaborate with others who are interested in this area.
> > > Specifically, I plan to take up the task of implementing this for
> Android first.
> > >
> > > Thanks,
> > > Nikhil
> > >
> > >
> > > -----Original Message-----
> > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > Sent: Tuesday, February 10, 2015 2:29 PM
> > > To: dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > > I'm leaning to Andrew and Omar's idea. I like the idea of having a
> > > file where all the platform-specific information will be stored,
> > > then each platform will take that information to sign the archive
> > > and produce a usable, I mean ready-to-distribute, binary.
> > >
> > > As for Omar's comment, I also concur there. If a user has the
> > > signing info in gradle or ant properties and that info is also
> > > provided in the new file discussed here, then it should take
> > > precedence and override the platform-specific one.
> > >
> > > Wondering if Dan is feeling OK now and ready to be back in the game
> > > :D
> > >
> > > 2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
> > >
> > > > +1 for having an additional file to abstract away all the platform
> > > > specific stuff. Currently, we support both gradle and ant for
> > > > android for example, I think it wouldn't make sense for end-users
> > > > to have to change their specs depending on what specific tool is
> > > > used behind the
> > > scenes.
> > > > Maybe we could also copy those properties to specific files during
> > > > build or prepare ? [copy from cordova's to ant.properties]
> > > >
> > > >
> > > > Thanks,
> > > > Mefire
> > > >
> > > > -----Original Message-----
> > > > From: Chuck Lantz [mailto:clantz@microsoft.com]
> > > > Sent: Wednesday, January 28, 2015 10:30 AM
> > > > To: dev@cordova.apache.org
> > > > Subject: RE: Build signed archives using CLI
> > > >
> > > > Yeah personally I am thinking that - particularly if we treat
> > > > platforms as dependencies in package.json as proposed - we'll need
> > > > some facility to set native build settings. We may be able to come
> > > > up with some sort of abstraction for this part, but I'm kind of
> > > > thinking we'll ultimately want a facility to include native build
> > > > property files (ant/gradle.properties, things like the signing
> > > > identity in build.xcconfig, etc) in the CLI project. That said,
> > > > we could have another facility for common settings like certs.
> > > >
> > > > -Chuck
> > > >
> > > > -----Original Message-----
> > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > > > Andrew Grieve
> > > > Sent: Wednesday, January 28, 2015 10:18 AM
> > > > To: dev
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > Sounds good, let's wait until Dan is back to discuss. The main
> > > > point I'd like to cover is whether it'd be good to have layer of
> > > > indirection between cordova and the platform-specific files that
> > > > dictate signing
> > > info.
> > > >
> > > > E.g.:
> > > > Instead of using ant.properties / gradle.properties /
> > > > build.xcconfig,
> > > have:
> > > >
> > > > cordova-keys.json
> > > > {
> > > > ios: { identity: "", provisioning_profile: "" },
> > > > android-debug: { keystore: "", alias: "", password: "", type: ""
> },
> > > > android-release: { keystore: "", alias: "", password: "", type:
> ""
> > }
> > > > ...
> > > > }
> > > >
> > > > Then, have a prepare step that makes the platforms do the right
> > > > thing
> > > >
> > > > (Note that for android it's important to have debug siging keys as
> > > > well since they are used for Play Services and Cloud Console APIs).
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa
> > > > <so...@gmail.com>
> > > > wrote:
> > > >
> > > > > Yay!! Great news!
> > > > >
> > > > > Chuck, by any chance, do you have a link to the sandbox, or
> > > > > design doc or something worth to look at it? If no, we can wait
> > > > > until Dan is back (hope he feels better soon) I'm happy to help if
> needed.
> > > > >
> > > > > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> > > > >
> > > > > > Dan Levine whom some of you met at PhoneGap day actually has
> > > > > > been working on a PR based on Subhag's proposal for discussion
> > > > > > - he is out sick which
> > > > > is
> > > > > > why he didn't respond to this thread. I'll let him speak to it
> > > > > > once he's back but the good news is there is someone working
> > > > > > on something in this area.
> > > > > >
> > > > > > -Chuck
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > > > > Sent: Wednesday, January 28, 2015 7:57 AM
> > > > > > To: dev@cordova.apache.org
> > > > > > Subject: Re: Build signed archives using CLI
> > > > > >
> > > > > > Hi Andrew.
> > > > > >
> > > > > > AFAICT, no one has done any work on this area, but I'd like to
> > > > > > add this topic to the hangout agenda, start discussing this. I
> > > > > > think Subhag has a very good design in the google doc in this
> > > > > > thread. We can start from
> > > > > there
> > > > > > and try to make this happen for a future release.
> > > > > >
> > > > > > Thoughts before adding it to the agenda?
> > > > > >
> > > > > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> > > > > >
> > > > > > > In anyone interested in working on any of this?
> > > > > > >
> > > > > > > Was just looking at it to see if there was anything I needed
> > > > > > > to do to add support to Android for release packaging.
> > > > > > >
> > > > > > > Main thing lacking to me is whether we should support
> > > > > > > specifying release key information outside of the
> > platforms/android directory.
> > > > > > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > > > > > per-platform key locations & settings.
> > > > > > >
> > > > > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > > > > > <so...@gmail.com>
> > > > > > > wrote:
> > > > > > >
> > > > > > > > Hello Cordova community
> > > > > > > > Curious to know where we stand about this topic. Even
> > > > > > > > though this topic looks to have significant impact on
> > > > > > > > Cordova, Subhag has a document
> > > > > > > proposal
> > > > > > > > with little discussion activity.
> > > > > > > >
> > > > > > > > I like Subhag's proposal, but I want to bring back the
> > > > > > > > idea of a prompt-less keychain.
> > > > > > > >
> > > > > > > > Is anything else, besides what is depicted in the
> > > > > > > > proposal, missing
> > > > > > here?
> > > > > > > >
> > > > > > > > Document:
> > > > > > > >
> > > > > > > >
> > > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA
> > > > > > > fb
> > > > > > > iQ
> > > > > > > u9
> > > > > > > PuNB
> > > > > > > L1auAMGFM/edit?usp=sharing
> > > > > > > >
> > > > > > > >
> > > > > > > > ---------- Forwarded message ----------
> > > > > > > > From: Carlos Santana <cs...@gmail.com>
> > > > > > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > > > > > >
> > > > > > > >
> > > > > > > > +1 on having a new command "cordova package" this will
> > > > > > > > +allow IBM tooling
> > > > > > > to
> > > > > > > > hook into before_package and after_package for our own
> > > > > > > > customizations (direct update, authenticity, etc..)
> > > > > > > > +1 on using sane defaults and not prompting (i.e. default
> > > > > > > > +keychain maybe
> > > > > > > > used and unlock already) if not found what we need then
> > > > > > > > prompt or fail
> > > > > > > > +1 have some config/settings outside "platforms/" as I
> > > > > > > > +like to be
> > > > > > > transient
> > > > > > > > replaceable. using config.xml, something.json, or file
> > > > > > > > conventions like res/packaging/<platform>/ are all ok
> options.
> > > > > > > >
> > > > > > > >
> > > > > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > > > > > <Su...@microsoft.com>
> > > > > > > > wrote:
> > > > > > > >
> > > > > > > > > Here is the link to the proposal:
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA
> > > > > > > fb
> > > > > > > iQ
> > > > > > > u9
> > > > > > > PuNB
> > > > > > > L1auAMGFM/edit?usp=sharing
> > > > > > > > > Jump on it people :)
> > > > > > > > >
> > > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > > > Client Tools soak@microsoft.com
> > > > > > > > > 425 707 5598 office
> > > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > > > > > To: dev@cordova.apache.org
> > > > > > > > > Subject: RE: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > > Adding to what Shazron said, isn't config.xml supposed
> > > > > > > > > to be considered as app-wide settings/properties?
> > > > > > > > > Typically packaging information is per platform and
> > > > > > > > > hence in my opinion, should be decoupled from config
> > > > > > > > settings.
> > > > > > > > > Jesse, I am working on a documentation that I will share
> > > > > > > > > out soon for
> > > > > > > > the
> > > > > > > > > community to collaborate.
> > > > > > > > >
> > > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > > > Client Tools soak@microsoft.com
> > > > > > > > > 425 707 5598 office
> > > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > > > > > To: dev@cordova.apache.org
> > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > > Liking Subhag's proposal.
> > > > > > > > > Agree with Jesse on using conventions as a default plus
> > > > > > > > > config.xml
> > > > > > > > > --
> > > > > > > > with
> > > > > > > > > overrides/env-vars possible. The only caveat for
> > > > > > > > > including info in the config.xml is, the config.xml data
> > > > > > > > > is copied into the iOS platform and
> > > > > > > > will
> > > > > > > > > be included in the .app bundle, and will leak
> > > > > > > > > information (even though harmless, since it shouldn't
> > > > > > > > > contain passwords,
> > > > > > > > > etc) -- so maybe that
> > > > > > > is
> > > > > > > > > not desirable, using config.xml.
> > > > > > > > >
> > > > > > > > > We will need to provide the password each time at least
> > > > > > > > > for iOS, since
> > > > > > > we
> > > > > > > > > need to unlock the keychain for code signing.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > > > > > <ag...@chromium.org>
> > > > > > > > > wrote:
> > > > > > > > >
> > > > > > > > > > The prompting is actually pretty appropriate here
> > > > > > > > > > since passwords are involved I think. I think also
> > > > > > > > > > that keys will often not be checked into source
> > > > > > > > > > control, but maybe the best way to support that is to
> > > > > > > > > > allow multiple ways of specifying things (e.g. default
> > > > > > > > > > to convention, allow override via config.xml, allow
> > > > > > > > > > override via command-line & env variable as well)
> > > > > > > > > >
> > > > > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > > > > > <pu...@gmail.com>
> > > > > > > wrote:
> > > > > > > > > >
> > > > > > > > > > > I am liking all of this.
> > > > > > > > > > > Are we ready to move this to an editable plaintext
> > > > > > > > > > > doc to
> > > > > > > collaborate
> > > > > > > > > on?
> > > > > > > > > > >
> > > > > > > > > > > I agree that we should take advantage of as much
> > > > > > > > > > > 'by-convention' as we
> > > > > > > > > > can,
> > > > > > > > > > > meaning things like `cordova package ios` defaults
> > > > > > > > > > > to a code sign
> > > > > > > > > > identity
> > > > > > > > > > > of 'iPhone Developer' and signs based on
> > > > > > > > > > > app-bundle-id,
> > ...
> > > > > > > > > > >
> > > > > > > > > > > If it does not make sense as a convention, then I
> > > > > > > > > > > too would like to see
> > > > > > > > > > as
> > > > > > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > > > > > points out,
> > > > > > > and
> > > > > > > > > > agree
> > > > > > > > > > > on picking the most consistent names possible.
> > > > > > > > > > >
> > > > > > > > > > > I would prefer that we do not prompt, and simply
> > > > > > > > > > > fail fast, given that tools will typically be
> > > > > > > > > > > consuming the cli. Or we should at least
> > > > > > > > > > provide a
> > > > > > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > > > > > config.xml-able
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > @purplecabbage
> > > > > > > > > > > risingj.com
> > > > > > > > > > >
> > > > > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > > > > > <clantz@microsoft.com
> > > > > > > >
> > > > > > > > > > wrote:
> > > > > > > > > > >
> > > > > > > > > > > > One option here could be to build off of the idea
> > > > > > > > > > > > of the
> > > > > "res"
> > > > > > > > > > > > folder
> > > > > > > > > > > that
> > > > > > > > > > > > is in the current samples for splashscreens and
> > > > > > > > > > > > icons and introduce something like "res/native".
> > > > > > > > > > > > Files placed here would
> > > > > > > be
> > > > > > > > > > > > put into the native project folders "before_prepare"
> > > > > > > > > > > > and would be further enhanced
> > > > > > > > > > by
> > > > > > > > > > > > the plugin and build infrastructure. This would
> > > > > > > > > > > > allow you to place customized native assets that
> > > > > > > > > > > > are unique to your project in a place
> > > > > > > > > > that
> > > > > > > > > > > > you can check in and would be unaffected by an
> upgrade.
> > > > > > > > > > > >
> > > > > > > > > > > > Andrew's environment variable idea could also
> > > > > > > > > > > > provide an
> > > > > > > alternate
> > > > > > > > > > means
> > > > > > > > > > > > to specify platform specific values (what Soak
> > > > > > > > > > > > mentions in the {
> > > > > > > > }).
> > > > > > > > > > > >
> > > > > > > > > > > > -Chuck
> > > > > > > > > > > >
> > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > > From: Frederico Galvão
> > > > > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > > >
> > > > > > > > > > > > I agree with pretty much everything mentioned, but
> > > > > > > > > > > > as far as I know cordova is trying it's best to
> > > > > > > > > > > > not depend on anything to be in
> > > /platforms/<TARGET_PLATFORM>/.
> > > > > > > > > > > > Having said that, the package command
> > > > > > > > > > > should
> > > > > > > > > > > > always expect things to be in config.xml or
> > > > > > > > > > > > something like
> > > > > > that.
> > > > > > > > > > > >
> > > > > > > > > > > > Also, the closer we are in naming things to what
> > > > > > > > > > > > they are already known
> > > > > > > > > > > as
> > > > > > > > > > > > in the native platform, the better.
> > > > > > > > > > > >
> > > > > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > > > > > <Subhag.Oak@microsoft.com
> > > > > > > >:
> > > > > > > > > > > >
> > > > > > > > > > > > > Hey Cordova community,
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > I am Subhag Oak, senior program manager on the
> > > > > > > > > > > > > Visual Studio team working on VS tools for Multi
> > > > > > > > > > > > > device hybrid apps. In line with the discussion
> > > > > > > > > > > > > of having a generic
> > > > > > Cordova ‘packaging’
> > > > > > > > > > > > > command for all platforms, here is one
> > > > > > > > > > > > > proposal:
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > As we all know, packaging an application for
> > > > > > > > > > > > > deployment
> > > > > > > requires
> > > > > > > > > > extra
> > > > > > > > > > > > > steps that are specific to the native platforms.
> > > > > > > > > > > > > A new generic Cordova CLI ‘package’ command can
> > > > > > > > > > > > > perform these platform specific actions to
> > > > > > > > > > > > > generate a final signed package ready for
> > > > > > > > > deployment:
> > > > > > > > > > > > >
> > > > > > > > > > > > > cordova package [platform]
> > > > > > > > > > > > > [--packageConfiguration]
> > > > > > > > > > > > > {-- –-sign[location]
> > > > > > > > > > > > > -- –-embed[location] --
> > > > > > > > > > > > > --signIdentity[location]}, where all
> > > > > > > the
> > > > > > > > > > > > > parameters within { } are platform specific
> > overrides.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > If no platform is specified, the command will
> > > > > > > > > > > > > build packages
> > > > > > > for
> > > > > > > > > > > > > all platforms added.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > The values for –packageConfiguration are
> > > > > > > > > > > > > interpreted by the
> > > > > > > > > > respective
> > > > > > > > > > > > > platforms. For Android and Windows, the value
> > > > > > > > > > > > > can be debug or
> > > > > > > > > > release,
> > > > > > > > > > > > > with release being the default value. For iOS,
> > > > > > > > > > > > > the possible values are development, adhoc or
> > > > > > > > > > > > > store with development being the default value.
> > > > > > > > > > > > > The
> > > > > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity
> > > > > > > > > > > > > are optional iOS specific signing arguments for
> > > > > > > > > > > > > specifying the location of
> > > > > > > > > > code-signing
> > > > > > > > > > > > > certificate, the provisioning profile or the
> > > > > > > > > > > > > code signing identity (certificates along with
> > > > > > > > > > > > > public and private keys)
> > > > > > > > > respectively.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > e.g:
> > > > > > > > > > > > >
> > > > > > > > > > > > > · ‘cordova package iOS’ would generate a
> > signed
> > > > ipa
> > > > > > > with
> > > > > > > > > > > > > development profile, using code signing identity
> > > > > > > > > > > > > defined in
> > > > > > > > > > > > build.xcconfig:
> > > > > > > > > > > > >
> > > > > > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > > > > > >
> > > > > > > > > > > > > // security find-identity | sed -n
> > > > > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > > > > > >
> > > > > > > > > > > > > // generic 'iPhone Developer' (no quotes) will
> > > > > > > > > > > > > match the right Identity with the right
> > > > > > > > > > > > > Provisioning // Profile plus Certificate, based
> > > > > > > > > > > > > on the app bundle id
> > > > > > > > > > > > >
> > > > > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > · ‘cordova package android’ would generate
> a
> > > > > release
> > > > > > > > signed
> > > > > > > > > > > using
> > > > > > > > > > > > > the packaging assets (keystore, alias and
> > > > > > > > > > > > > password) defined in the ant.properties files
> > > > > > > > > > > > > using the ANT
> > > build.
> > > > > > > > > > > > > This would be using gradle.propoerties once
> > > > > > > > > > > > > cordova changes to gradle build like the one
> > > > > > > > > > > > > Andrew mentions
> > > > below.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > · ‘Cordova package windows’ would generate
> a
> > > > signed
> > > > > > > APPX
> > > > > > > > > > > package.
> > > > > > > > > > > > > This will use the following tools in the Windows
> SDK:
> > > > > > > > > > > > >
> > > > > > > > > > > > > • An unsigned packaged Windows
> > Store
> > > > > app,
> > > > > > > for
> > > > > > > > > > > example,
> > > > > > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > > > > > >
> > > > > > > > > > > > > • A valid code signing
> > certificate,
> > > > for
> > > > > > > > > example, a
> > > > > > > > > > > > > Personal Information Exchange (.pfx) file
> > > > > > > > > > > > > created with the MakeCert.exe and Pvk2Pfx.exe
> > > > > > > > > > > > > tools
> > > > > > > > > > > > >
> > > > > > > > > > > > > • SignTool, which is part of the
> > > > Windows
> > > > > > SDK
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > Here is how the package command should work. The
> > > > > > > > > > > > > proposal is to make the ‘package’ command work
> > > > > > > > > > > > > on convention (similar to the Cordova
> > > > > > > > > > build
> > > > > > > > > > > > > command) rather than config settings. The
> > > > > > > > > > > > > command would look
> > > > > > > out
> > > > > > > > > > > > > for packaging assets in the “platform\
> > > [native-platform]”
> > > > > > > folder.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > > > > > (keystore, password, alias and alias password)
> > > > > > > > > > > > > would be used for
> > > > > > > packaging.
> > > > > > > > > > > > > If any of
> > > > > > > > > > these
> > > > > > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > > > > > gradle.properties for gradle build] or if the
> > > > > > > > > > > > > file is missing, the command would prompt the
> > > > > > > > > > > > > user for these value at the command prompt. If
> > > > > > > > > > > > > the values provided
> > > > > > > > > > are
> > > > > > > > > > > > > invalid, the command would fail.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > For iOS, the contents of build.xcconfig specify
> > > > > > > > > > > > > the code-sign certificate and the provisioning
> > > > > > > > > > > > > profile to be used. The
> > > > > > > default
> > > > > > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > > > > > information by build profile based on the
> > > > > > > > > > > > > configuration defined in the
> > > > > > > command.
> > > > > > > > > > > > > Build.xcconfig can also support signing
> > > > > > > > > > > > > identities that tie the code-sign certificate
> > > > > > > > > > > > > with the provisioning
> > > > > profile.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > Tools like VS and other IDEs, which use cordova
> > > > > > > > > > > > > CLI, may need
> > > > > > > an
> > > > > > > > > > > > > explicit way to specify certs/profile for
> > > > > > > > > > > > > packaging for iOS (since
> > > > > > > > > > the
> > > > > > > > > > > > > build needs to happen on MAC agent) instead of
> > > > > > > > > > > > > the assets being defined in the build.xcconfig.
> > > > > > > > > > > > > One way to allow this is by
> > > > > > > using
> > > > > > > > > > > > > optional platform specific arguments to the
> > > > > > > > > > > > > package command
> > > > > > > like:
> > > > > > > > > > > > >
> > > > > > > > > > > > > Cordova package iOS --development --sign
> > > > > “d:\cert\mycert.cer”
> > > > > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > > > > > >
> > > > > > > > > > > > > This command will run the xcrun command to
> > > > > > > > > > > > > generate a signed
> > > > > > > IPA
> > > > > > > > > > > > > with development provisioning profile.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > > > > > feedback on this
> > > > > > > > > > > > proposal.
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > > > > > >
> > > > > > > > > > > > > Visual Studio, Client Tools
> > > > > > > > > > > > >
> > > > > > > > > > > > > soak@microsoft.com
> > > > > > > > > > > > >
> > > > > > > > > > > > > 425 707 5598 office
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > > > From: agrieve@google.com
> > > > > > > > > > > > > [mailto:agrieve@google.com] On Behalf Of Andrew
> > > > > > > > > > > > > Grieve
> > > > > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > > > > > To: Shazron
> > > > > > > > > > > > > Cc: tommy-carlos williams;
> > > > > > > > > > > > > dev@cordova.apache.org
> > > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > For Android Gradle, what's in (and experimental)
> > > > > > > > > > > > > right
> > > > now:
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > Environment variable
> > "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > > > > > points
> > > > > > > to
> > > > > > > > > > > > > a .properties file that contains:
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > > > > > >
> > > > > > > > > > > > > storePassword=SECRET1
> > > > > > > > > > > > >
> > > > > > > > > > > > > storeType=pkcs12
> > > > > > > > > > > > >
> > > > > > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > > > > > >
> > > > > > > > > > > > > keyPassword=SECRET2
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > Topics to discuss:
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > 1) Combine platform info into one file, or leave
> > > > separate?
> > > > > > > > > > > > >
> > > > > > > > > > > > > - Leaning towards together
> > > > > > > > > > > > >
> > > > > > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > > > > > >
> > > > > > > > > > > > > - I think no, since signing info you often want
> > > > > > > > > > > > > to not check in /
> > > > > > > > > > keep
> > > > > > > > > > > > > secure
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > Strawman:
> > > > > > > > > > > > >
> > > > > > > > > > > > > If a file "cordova-keys.json" exists as a
> > > > > > > > > > > > > sibling to www/, then use it. It should look like:
> > > > > > > > > > > > >
> > > > > > > > > > > > > {
> > > > > > > > > > > > >
> > > > > > > > > > > > > "android": {
> > > > > > > > > > > > >
> > > > > > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > > > > > >
> > > > > > > > > > > > > ...
> > > > > > > > > > > > >
> > > > > > > > > > > > > },
> > > > > > > > > > > > >
> > > > > > > > > > > > > "ios": {
> > > > > > > > > > > > >
> > > > > > > > > > > > > },
> > > > > > > > > > > > >
> > > > > > > > > > > > > ...
> > > > > > > > > > > > >
> > > > > > > > > > > > > }
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > Android signs debug builds as well (not sure if
> > > > > > > > > > > > > other platforms do this too?), so maybe also
> > > > > > > > > > > > > allow
> > > > > > > > > > > > >
> > > > > > > > > > > > > "android-release" as an alias for "android",
> > > > > > > > > > > > > and
> > > > > > > > > > > > >
> > > > > > > > > > > > > "android-debug"
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > > > > > <shazron@gmail.com
> > > > > > > > <mailto:
> > > > > > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > > > > > >
> > > > > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > > > > > >
> > > > > > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > > > > > >
> > > > > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctv
> > > > > > > > > > > > > > sq
> > > > > > > > > > > > > > nm
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > Seems to be of great value - so let's get
> > > > > > > > > > > > > > going on this
> > > > > > > > > > > > > > ;)
> > > > > > > The
> > > > > > > > > > > > > > CLI has
> > > > > > > > > > > > >
> > > > > > > > > > > > > > (I think) matured more since then to allow
> > > > > > > > > > > > > > this
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > > > > > williams
> > > > > > > > > > > > >
> > > > > > > > > > > > > > <to...@devgeeks.org>
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > wrote:
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > Frederico’s workflow is the same as ours. I
> > > > > > > > > > > > > > > would love to see
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > something happen To improve this, the less
> > > > > > > > > > > > > > > time I spend in Xcode,
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > the happier I am
> > > > > > > > > > > > >
> > > > > > > > > > > > > > ;)
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico
> > > > > > > > > > > > > > > Galvão (
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > > > > > "cordova build
> > > > > > > > > > android
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > > > > > .properties properly
> > > > > > > > > > > > >
> > > > > > > > > > > > > > configured
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > in my platform/android folder, specifying
> > > > > > > > > > > > > > > the path and name to my
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > keystores. The "cordova build android
> --release"
> > > > > > > > > > > > > > > already gives me
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > the signed and ready .apk, all I have to do
> > > > > > > > > > > > > > > is upload it to
> > > > > > > > > > > > > play.google.com.
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > I have never, however, used cordova's CLI to
> > > > > > > > > > > > > > > build the
> > > > > > > final
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do
> > > > > > > > > > > > > > > is run "cordova
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > prepare", and use xCode
> > > > > > > > > > > > >
> > > > > > > > > > > > > > from
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram
> > > > > > > > > > > > > > > Narasimhan (MS OPEN
> > > > > > > > > > > > > > > TECH) <
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@micro
> > > > > > > > > > > > > > > so
> > > > > > > > > > > > > > > ft
> > > > > > > > > > > > > > > .c
> > > > > > > > > > > > > > > om
> > > > > >>:
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > How about a "cordova package" command,
> > > > > > > > > > > > > > > > that would be for packaging
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > the
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > app
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > for the store? Note that different
> > > > > > > > > > > > > > > > platforms may have different
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > requirements for certs, signing etc. So it
> > > > > > > > > > > > > > > > may make sense to
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > promote
> > > > > > > > > > > > >
> > > > > > > > > > > > > > this
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > to a different command and let each
> > > > > > > > > > > > > > > > command take care of packaging
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > the
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > app
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > for the store. This command will also mean
> > > > > > > > > > > > > > > > that
> > > > > > > developers
> > > > > > > > > > don’t
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > have
> > > > > > > > > > > > >
> > > > > > > > > > > > > > to
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > go
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > over to the native projects when they
> > > > > > > > > > > > > > > > finally want to publish
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > their
> > > > > > > > > > > > >
> > > > > > > > > > > > > > apps
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > to
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > the store.
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > From: Josh Soref
> > > > > > > > > > > > > > > > [mailto:jsoref@blackberry.com]
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > To: dev
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > Subject: Re: Build signed archives using
> > > > > > > > > > > > > > > > CLI
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > if you do:
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > Cordova build --release,
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > The blackberry10 platform will generate a
> > > > > > > > > > > > > > > > signed
> > > > > > image...
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > > > > > agrieve@chromium.org
> > > > > > > > > > > <mailto:
> > > > > > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >AFAIK, I don't think there's any
> > > > > > > > > > > > > > > > >technical
> > > > > roadblocks.
> > > > > > > > > > > > > > > > >Just need
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >a proposal for how it should look, and
> > > > > > > > > > > > > > > > >then a patch & docs to add
> > > > > > > > > > > > > it!
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >For Android's hot-off-the-press gradle
> > > > > > > > > > > > > > > > >support, you can set an
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > > > > > >.properties file for
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >signing builds. This shows one way to go
> > > > > > > > > > > > > > > > >about it, but I'm not in
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >love with
> > > > > > > > > > > > >
> > > > > > > > > > > > > > the
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > .properties idea.
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor
> > > > > > > > > > > > > > > > >Sosa
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.vict
> > > > > > > > > > > > > > > > >or
> > > > > > > > > > > > > > > > >@g
> > > > > > > > > > > > > > > > >ma
> > > > > > > > > > > > > > > > >il.c
> > > > > > > > > > > > > > > > >om>>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >wrote:
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> Hi community.
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> Been looking at this topic and
> > > > > > > > > > > > > > > > >> wondering why the build command
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>does not create signed archives. Digging
> > > > > > > > > > > > > > > > >>a little bit found a
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>lot of differences in the platforms to
> > > > > > > > > > > > > > > > >>create these
> > > > > > > > > archives.
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > > > > > >> Export your
> > > > > > > APK
> > > > > > > > > > > > > > > > >> in
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> release mode (--release flag) 2. Sign
> > > > > > > > > > > > > > > > >> your APK (you already
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> need a RSA key)
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > > > > > >> (--release
> > > > > > > seems
> > > > > > > > > > > > > > > > >> to
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> export
> > > > > > > > > > > > >
> > > > > > > > > > > > > > for
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>emulator only) 2. Either use XCode
> > > > > > > > > > > > > > > > >>(UI-based) and sign the
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> process)
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> Besides these differences, what is
> > > > > > > > > > > > > > > > >> preventing Cordova from
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> providing a generic one-way to build
> > > > > > > > > > > > > > > > >> these signed,
> > > > > > > > > > > > > ready-to-publish archives?
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> Perhaps I'm missing something here...?
> > > > > > > > > > > > > > > > >> I really appreciate your
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>insights on this topic
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> Thanks!
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> --
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > >>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > ------------------------------------------------------
> > > > > > > > > > --
> > > > > > > > > > --
> > > > > > > > > > --
> > > > > > > > > > ----
> > > > > > > > > > > > > > > > --
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > > > > > <mailto:
> > > > > > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > --
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > > > *
> > > > > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com.
> > > > > > > > > > > > > > > br
> > > > > > > > > > > > > > > >
> > > > > > > > > > > > > > > <
> > > > > > > > > > > > > http://www.pontoget.com/>
> > > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > --
> > > > > > > > > > > >
> > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > > >
> > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > > >
> > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > > >
> > > > > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > --------------------------------------------------------
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > ----
> > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > For additional commands, e-mail:
> > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > >
> > > > > > > > > --------------------------------------------------------
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > ----
> > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > For additional commands, e-mail:
> > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > > Carlos Santana
> > > > > > > > <cs...@gmail.com>
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > > Victor Adrian Sosa Herrera IBM Software Engineer
> > > > > > > > Guadalajara, Jalisco
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Victor Adrian Sosa Herrera
> > > > > > IBM Software Engineer
> > > > > > Guadalajara, Jalisco
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Victor Adrian Sosa Herrera
> > > > > IBM Software Engineer
> > > > > Guadalajara, Jalisco
> > > > >
> > > > B
> > KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> > > > [ X ܚX K K[XZ[
> > > > ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> > > > ] Z [ ܙ ݘK \ X K ܙ B
> > > >
> > >
> > >
> > >
> > > --
> > > Victor Adrian Sosa Herrera
> > > IBM Software Engineer
> > > Guadalajara, Jalisco
> > >
> >
> >
> >
> > --
> > Carlos Santana
> > <cs...@gmail.com>
> >
> B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> [ X ܚX K K[XZ[
> ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> ] Z [ ܙ ݘK \ X K ܙ B
>
RE: Build signed archives using CLI
Posted by Nikhil Khandelwal <ni...@microsoft.com>.
Support for iOS is in this PR now: https://github.com/apache/cordova-ios/pull/138
It allows you to specify a signing identity and a provisioning profile using command line arguments or build.json.
Thanks,
Nikhil
-----Original Message-----
From: Nikhil Khandelwal [mailto:nikhilkh@microsoft.com]
Sent: Monday, April 6, 2015 9:37 AM
To: dev@cordova.apache.org
Subject: RE: Build signed archives using CLI
Thanks, Andrew for doing a thorough review. This was merged in last week. I have created a new PR for the docs update: https://github.com/apache/cordova-docs/pull/277
It's important to note, to make it simple to pass multiple signing parameters, I have created the concept of a build.json file (instead of cordova-keys.json suggested below) that can be used to specify build-time parameters. It supports specifying two sets of values - debug & release.
This support is currently only for Android, I am working on another PR for iOS.
Thanks,
Nikhil
-----Original Message-----
From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew Grieve
Sent: Wednesday, March 18, 2015 4:48 PM
To: dev
Subject: Re: Build signed archives using CLI
Left some comments on the PR.
On Tue, Mar 17, 2015 at 5:04 PM, Nikhil Khandelwal <ni...@microsoft.com>
wrote:
> I just submitted a PR for this for Android:
> https://github.com/apache/cordova-android/pull/164
>
> Here's the rough design:
>
> - Build.json or command line args can be used to specify details
> required for packaging:
> - Keystore
> - Alias
> - Keystore password
> - Password
> - Keystore type.
> - Debug-signing.properties or release-signing.properties is created at
> prepare time to allow gradle or Ant build systems to pick up those
> properties and generate a signed archive.
> - ‘Clean’ will delete these autogenerated .properties files.
> - If no password is specified for release signing, Ant & gradle will
> prompt for passwords.
>
> I will shortly have a PR to update the docs.
>
> Thanks,
> Nikhil
>
>
> -----Original Message-----
> From: Carlos Santana [mailto:csantana23@gmail.com]
> Sent: Friday, February 13, 2015 2:28 PM
> To: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> Thanks Nikhil I see this as a very good and important feature to have
> in our CLI stack
>
> On Fri, Feb 13, 2015 at 4:48 PM, Nikhil Khandelwal
> <nikhilkh@microsoft.com
> >
> wrote:
>
> > I'm taking this over from Dan. I like the idea of having the release
> > signing information persisted in a json file.
> >
> > I have made some updates on the specific issue of how keys/passwords
> > can be passed through CLI and JSON:
> >
> > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9Pu
> > NB
> > L1auAMGFM/edit#
> >
> > I'm still going through the details of packaging requirements of
> > each platform. I expect to add some more details on how the
> > packaging process will work with individual platform build systems
> > in the coming days. I will update this thread when I do so.
> >
> > Here's the main JIRA with platform specific tasks here:
> > https://issues.apache.org/jira/browse/CB-8483. I would love to
> > collaborate with others who are interested in this area.
> > Specifically, I plan to take up the task of implementing this for Android first.
> >
> > Thanks,
> > Nikhil
> >
> >
> > -----Original Message-----
> > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > Sent: Tuesday, February 10, 2015 2:29 PM
> > To: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > I'm leaning to Andrew and Omar's idea. I like the idea of having a
> > file where all the platform-specific information will be stored,
> > then each platform will take that information to sign the archive
> > and produce a usable, I mean ready-to-distribute, binary.
> >
> > As for Omar's comment, I also concur there. If a user has the
> > signing info in gradle or ant properties and that info is also
> > provided in the new file discussed here, then it should take
> > precedence and override the platform-specific one.
> >
> > Wondering if Dan is feeling OK now and ready to be back in the game
> > :D
> >
> > 2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
> >
> > > +1 for having an additional file to abstract away all the platform
> > > specific stuff. Currently, we support both gradle and ant for
> > > android for example, I think it wouldn't make sense for end-users
> > > to have to change their specs depending on what specific tool is
> > > used behind the
> > scenes.
> > > Maybe we could also copy those properties to specific files during
> > > build or prepare ? [copy from cordova's to ant.properties]
> > >
> > >
> > > Thanks,
> > > Mefire
> > >
> > > -----Original Message-----
> > > From: Chuck Lantz [mailto:clantz@microsoft.com]
> > > Sent: Wednesday, January 28, 2015 10:30 AM
> > > To: dev@cordova.apache.org
> > > Subject: RE: Build signed archives using CLI
> > >
> > > Yeah personally I am thinking that - particularly if we treat
> > > platforms as dependencies in package.json as proposed - we'll need
> > > some facility to set native build settings. We may be able to come
> > > up with some sort of abstraction for this part, but I'm kind of
> > > thinking we'll ultimately want a facility to include native build
> > > property files (ant/gradle.properties, things like the signing
> > > identity in build.xcconfig, etc) in the CLI project. That said,
> > > we could have another facility for common settings like certs.
> > >
> > > -Chuck
> > >
> > > -----Original Message-----
> > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > > Andrew Grieve
> > > Sent: Wednesday, January 28, 2015 10:18 AM
> > > To: dev
> > > Subject: Re: Build signed archives using CLI
> > >
> > > Sounds good, let's wait until Dan is back to discuss. The main
> > > point I'd like to cover is whether it'd be good to have layer of
> > > indirection between cordova and the platform-specific files that
> > > dictate signing
> > info.
> > >
> > > E.g.:
> > > Instead of using ant.properties / gradle.properties /
> > > build.xcconfig,
> > have:
> > >
> > > cordova-keys.json
> > > {
> > > ios: { identity: "", provisioning_profile: "" },
> > > android-debug: { keystore: "", alias: "", password: "", type: "" },
> > > android-release: { keystore: "", alias: "", password: "", type: ""
> }
> > > ...
> > > }
> > >
> > > Then, have a prepare step that makes the platforms do the right
> > > thing
> > >
> > > (Note that for android it's important to have debug siging keys as
> > > well since they are used for Play Services and Cloud Console APIs).
> > >
> > >
> > >
> > >
> > >
> > >
> > > On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa
> > > <so...@gmail.com>
> > > wrote:
> > >
> > > > Yay!! Great news!
> > > >
> > > > Chuck, by any chance, do you have a link to the sandbox, or
> > > > design doc or something worth to look at it? If no, we can wait
> > > > until Dan is back (hope he feels better soon) I'm happy to help if needed.
> > > >
> > > > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> > > >
> > > > > Dan Levine whom some of you met at PhoneGap day actually has
> > > > > been working on a PR based on Subhag's proposal for discussion
> > > > > - he is out sick which
> > > > is
> > > > > why he didn't respond to this thread. I'll let him speak to it
> > > > > once he's back but the good news is there is someone working
> > > > > on something in this area.
> > > > >
> > > > > -Chuck
> > > > >
> > > > > -----Original Message-----
> > > > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > > > Sent: Wednesday, January 28, 2015 7:57 AM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > Hi Andrew.
> > > > >
> > > > > AFAICT, no one has done any work on this area, but I'd like to
> > > > > add this topic to the hangout agenda, start discussing this. I
> > > > > think Subhag has a very good design in the google doc in this
> > > > > thread. We can start from
> > > > there
> > > > > and try to make this happen for a future release.
> > > > >
> > > > > Thoughts before adding it to the agenda?
> > > > >
> > > > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> > > > >
> > > > > > In anyone interested in working on any of this?
> > > > > >
> > > > > > Was just looking at it to see if there was anything I needed
> > > > > > to do to add support to Android for release packaging.
> > > > > >
> > > > > > Main thing lacking to me is whether we should support
> > > > > > specifying release key information outside of the
> platforms/android directory.
> > > > > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > > > > per-platform key locations & settings.
> > > > > >
> > > > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > > > > <so...@gmail.com>
> > > > > > wrote:
> > > > > >
> > > > > > > Hello Cordova community
> > > > > > > Curious to know where we stand about this topic. Even
> > > > > > > though this topic looks to have significant impact on
> > > > > > > Cordova, Subhag has a document
> > > > > > proposal
> > > > > > > with little discussion activity.
> > > > > > >
> > > > > > > I like Subhag's proposal, but I want to bring back the
> > > > > > > idea of a prompt-less keychain.
> > > > > > >
> > > > > > > Is anything else, besides what is depicted in the
> > > > > > > proposal, missing
> > > > > here?
> > > > > > >
> > > > > > > Document:
> > > > > > >
> > > > > > >
> > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA
> > > > > > fb
> > > > > > iQ
> > > > > > u9
> > > > > > PuNB
> > > > > > L1auAMGFM/edit?usp=sharing
> > > > > > >
> > > > > > >
> > > > > > > ---------- Forwarded message ----------
> > > > > > > From: Carlos Santana <cs...@gmail.com>
> > > > > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > > > > >
> > > > > > >
> > > > > > > +1 on having a new command "cordova package" this will
> > > > > > > +allow IBM tooling
> > > > > > to
> > > > > > > hook into before_package and after_package for our own
> > > > > > > customizations (direct update, authenticity, etc..)
> > > > > > > +1 on using sane defaults and not prompting (i.e. default
> > > > > > > +keychain maybe
> > > > > > > used and unlock already) if not found what we need then
> > > > > > > prompt or fail
> > > > > > > +1 have some config/settings outside "platforms/" as I
> > > > > > > +like to be
> > > > > > transient
> > > > > > > replaceable. using config.xml, something.json, or file
> > > > > > > conventions like res/packaging/<platform>/ are all ok options.
> > > > > > >
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > > > > <Su...@microsoft.com>
> > > > > > > wrote:
> > > > > > >
> > > > > > > > Here is the link to the proposal:
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA
> > > > > > fb
> > > > > > iQ
> > > > > > u9
> > > > > > PuNB
> > > > > > L1auAMGFM/edit?usp=sharing
> > > > > > > > Jump on it people :)
> > > > > > > >
> > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > > Client Tools soak@microsoft.com
> > > > > > > > 425 707 5598 office
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > > > > To: dev@cordova.apache.org
> > > > > > > > Subject: RE: Build signed archives using CLI
> > > > > > > >
> > > > > > > > Adding to what Shazron said, isn't config.xml supposed
> > > > > > > > to be considered as app-wide settings/properties?
> > > > > > > > Typically packaging information is per platform and
> > > > > > > > hence in my opinion, should be decoupled from config
> > > > > > > settings.
> > > > > > > > Jesse, I am working on a documentation that I will share
> > > > > > > > out soon for
> > > > > > > the
> > > > > > > > community to collaborate.
> > > > > > > >
> > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > > Client Tools soak@microsoft.com
> > > > > > > > 425 707 5598 office
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > > > > To: dev@cordova.apache.org
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > >
> > > > > > > > Liking Subhag's proposal.
> > > > > > > > Agree with Jesse on using conventions as a default plus
> > > > > > > > config.xml
> > > > > > > > --
> > > > > > > with
> > > > > > > > overrides/env-vars possible. The only caveat for
> > > > > > > > including info in the config.xml is, the config.xml data
> > > > > > > > is copied into the iOS platform and
> > > > > > > will
> > > > > > > > be included in the .app bundle, and will leak
> > > > > > > > information (even though harmless, since it shouldn't
> > > > > > > > contain passwords,
> > > > > > > > etc) -- so maybe that
> > > > > > is
> > > > > > > > not desirable, using config.xml.
> > > > > > > >
> > > > > > > > We will need to provide the password each time at least
> > > > > > > > for iOS, since
> > > > > > we
> > > > > > > > need to unlock the keychain for code signing.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > > > > <ag...@chromium.org>
> > > > > > > > wrote:
> > > > > > > >
> > > > > > > > > The prompting is actually pretty appropriate here
> > > > > > > > > since passwords are involved I think. I think also
> > > > > > > > > that keys will often not be checked into source
> > > > > > > > > control, but maybe the best way to support that is to
> > > > > > > > > allow multiple ways of specifying things (e.g. default
> > > > > > > > > to convention, allow override via config.xml, allow
> > > > > > > > > override via command-line & env variable as well)
> > > > > > > > >
> > > > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > > > > <pu...@gmail.com>
> > > > > > wrote:
> > > > > > > > >
> > > > > > > > > > I am liking all of this.
> > > > > > > > > > Are we ready to move this to an editable plaintext
> > > > > > > > > > doc to
> > > > > > collaborate
> > > > > > > > on?
> > > > > > > > > >
> > > > > > > > > > I agree that we should take advantage of as much
> > > > > > > > > > 'by-convention' as we
> > > > > > > > > can,
> > > > > > > > > > meaning things like `cordova package ios` defaults
> > > > > > > > > > to a code sign
> > > > > > > > > identity
> > > > > > > > > > of 'iPhone Developer' and signs based on
> > > > > > > > > > app-bundle-id,
> ...
> > > > > > > > > >
> > > > > > > > > > If it does not make sense as a convention, then I
> > > > > > > > > > too would like to see
> > > > > > > > > as
> > > > > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > > > > points out,
> > > > > > and
> > > > > > > > > agree
> > > > > > > > > > on picking the most consistent names possible.
> > > > > > > > > >
> > > > > > > > > > I would prefer that we do not prompt, and simply
> > > > > > > > > > fail fast, given that tools will typically be
> > > > > > > > > > consuming the cli. Or we should at least
> > > > > > > > > provide a
> > > > > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > > > > config.xml-able
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > @purplecabbage
> > > > > > > > > > risingj.com
> > > > > > > > > >
> > > > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > > > > <clantz@microsoft.com
> > > > > > >
> > > > > > > > > wrote:
> > > > > > > > > >
> > > > > > > > > > > One option here could be to build off of the idea
> > > > > > > > > > > of the
> > > > "res"
> > > > > > > > > > > folder
> > > > > > > > > > that
> > > > > > > > > > > is in the current samples for splashscreens and
> > > > > > > > > > > icons and introduce something like "res/native".
> > > > > > > > > > > Files placed here would
> > > > > > be
> > > > > > > > > > > put into the native project folders "before_prepare"
> > > > > > > > > > > and would be further enhanced
> > > > > > > > > by
> > > > > > > > > > > the plugin and build infrastructure. This would
> > > > > > > > > > > allow you to place customized native assets that
> > > > > > > > > > > are unique to your project in a place
> > > > > > > > > that
> > > > > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > > > > >
> > > > > > > > > > > Andrew's environment variable idea could also
> > > > > > > > > > > provide an
> > > > > > alternate
> > > > > > > > > means
> > > > > > > > > > > to specify platform specific values (what Soak
> > > > > > > > > > > mentions in the {
> > > > > > > }).
> > > > > > > > > > >
> > > > > > > > > > > -Chuck
> > > > > > > > > > >
> > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > From: Frederico Galvão
> > > > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > >
> > > > > > > > > > > I agree with pretty much everything mentioned, but
> > > > > > > > > > > as far as I know cordova is trying it's best to
> > > > > > > > > > > not depend on anything to be in
> > /platforms/<TARGET_PLATFORM>/.
> > > > > > > > > > > Having said that, the package command
> > > > > > > > > > should
> > > > > > > > > > > always expect things to be in config.xml or
> > > > > > > > > > > something like
> > > > > that.
> > > > > > > > > > >
> > > > > > > > > > > Also, the closer we are in naming things to what
> > > > > > > > > > > they are already known
> > > > > > > > > > as
> > > > > > > > > > > in the native platform, the better.
> > > > > > > > > > >
> > > > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > > > > <Subhag.Oak@microsoft.com
> > > > > > >:
> > > > > > > > > > >
> > > > > > > > > > > > Hey Cordova community,
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > I am Subhag Oak, senior program manager on the
> > > > > > > > > > > > Visual Studio team working on VS tools for Multi
> > > > > > > > > > > > device hybrid apps. In line with the discussion
> > > > > > > > > > > > of having a generic
> > > > > Cordova ‘packaging’
> > > > > > > > > > > > command for all platforms, here is one
> > > > > > > > > > > > proposal:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > As we all know, packaging an application for
> > > > > > > > > > > > deployment
> > > > > > requires
> > > > > > > > > extra
> > > > > > > > > > > > steps that are specific to the native platforms.
> > > > > > > > > > > > A new generic Cordova CLI ‘package’ command can
> > > > > > > > > > > > perform these platform specific actions to
> > > > > > > > > > > > generate a final signed package ready for
> > > > > > > > deployment:
> > > > > > > > > > > >
> > > > > > > > > > > > cordova package [platform]
> > > > > > > > > > > > [--packageConfiguration]
> > > > > > > > > > > > {-- –-sign[location]
> > > > > > > > > > > > -- –-embed[location] --
> > > > > > > > > > > > --signIdentity[location]}, where all
> > > > > > the
> > > > > > > > > > > > parameters within { } are platform specific
> overrides.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > If no platform is specified, the command will
> > > > > > > > > > > > build packages
> > > > > > for
> > > > > > > > > > > > all platforms added.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > The values for –packageConfiguration are
> > > > > > > > > > > > interpreted by the
> > > > > > > > > respective
> > > > > > > > > > > > platforms. For Android and Windows, the value
> > > > > > > > > > > > can be debug or
> > > > > > > > > release,
> > > > > > > > > > > > with release being the default value. For iOS,
> > > > > > > > > > > > the possible values are development, adhoc or
> > > > > > > > > > > > store with development being the default value.
> > > > > > > > > > > > The
> > > > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity
> > > > > > > > > > > > are optional iOS specific signing arguments for
> > > > > > > > > > > > specifying the location of
> > > > > > > > > code-signing
> > > > > > > > > > > > certificate, the provisioning profile or the
> > > > > > > > > > > > code signing identity (certificates along with
> > > > > > > > > > > > public and private keys)
> > > > > > > > respectively.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > e.g:
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘cordova package iOS’ would generate a
> signed
> > > ipa
> > > > > > with
> > > > > > > > > > > > development profile, using code signing identity
> > > > > > > > > > > > defined in
> > > > > > > > > > > build.xcconfig:
> > > > > > > > > > > >
> > > > > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > > > > >
> > > > > > > > > > > > // security find-identity | sed -n
> > > > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > > > > >
> > > > > > > > > > > > // generic 'iPhone Developer' (no quotes) will
> > > > > > > > > > > > match the right Identity with the right
> > > > > > > > > > > > Provisioning // Profile plus Certificate, based
> > > > > > > > > > > > on the app bundle id
> > > > > > > > > > > >
> > > > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘cordova package android’ would generate a
> > > > release
> > > > > > > signed
> > > > > > > > > > using
> > > > > > > > > > > > the packaging assets (keystore, alias and
> > > > > > > > > > > > password) defined in the ant.properties files
> > > > > > > > > > > > using the ANT
> > build.
> > > > > > > > > > > > This would be using gradle.propoerties once
> > > > > > > > > > > > cordova changes to gradle build like the one
> > > > > > > > > > > > Andrew mentions
> > > below.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘Cordova package windows’ would generate a
> > > signed
> > > > > > APPX
> > > > > > > > > > package.
> > > > > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > > > > >
> > > > > > > > > > > > • An unsigned packaged Windows
> Store
> > > > app,
> > > > > > for
> > > > > > > > > > example,
> > > > > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > > > > >
> > > > > > > > > > > > • A valid code signing
> certificate,
> > > for
> > > > > > > > example, a
> > > > > > > > > > > > Personal Information Exchange (.pfx) file
> > > > > > > > > > > > created with the MakeCert.exe and Pvk2Pfx.exe
> > > > > > > > > > > > tools
> > > > > > > > > > > >
> > > > > > > > > > > > • SignTool, which is part of the
> > > Windows
> > > > > SDK
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Here is how the package command should work. The
> > > > > > > > > > > > proposal is to make the ‘package’ command work
> > > > > > > > > > > > on convention (similar to the Cordova
> > > > > > > > > build
> > > > > > > > > > > > command) rather than config settings. The
> > > > > > > > > > > > command would look
> > > > > > out
> > > > > > > > > > > > for packaging assets in the “platform\
> > [native-platform]”
> > > > > > folder.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > > > > (keystore, password, alias and alias password)
> > > > > > > > > > > > would be used for
> > > > > > packaging.
> > > > > > > > > > > > If any of
> > > > > > > > > these
> > > > > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > > > > gradle.properties for gradle build] or if the
> > > > > > > > > > > > file is missing, the command would prompt the
> > > > > > > > > > > > user for these value at the command prompt. If
> > > > > > > > > > > > the values provided
> > > > > > > > > are
> > > > > > > > > > > > invalid, the command would fail.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For iOS, the contents of build.xcconfig specify
> > > > > > > > > > > > the code-sign certificate and the provisioning
> > > > > > > > > > > > profile to be used. The
> > > > > > default
> > > > > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > > > > information by build profile based on the
> > > > > > > > > > > > configuration defined in the
> > > > > > command.
> > > > > > > > > > > > Build.xcconfig can also support signing
> > > > > > > > > > > > identities that tie the code-sign certificate
> > > > > > > > > > > > with the provisioning
> > > > profile.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Tools like VS and other IDEs, which use cordova
> > > > > > > > > > > > CLI, may need
> > > > > > an
> > > > > > > > > > > > explicit way to specify certs/profile for
> > > > > > > > > > > > packaging for iOS (since
> > > > > > > > > the
> > > > > > > > > > > > build needs to happen on MAC agent) instead of
> > > > > > > > > > > > the assets being defined in the build.xcconfig.
> > > > > > > > > > > > One way to allow this is by
> > > > > > using
> > > > > > > > > > > > optional platform specific arguments to the
> > > > > > > > > > > > package command
> > > > > > like:
> > > > > > > > > > > >
> > > > > > > > > > > > Cordova package iOS --development --sign
> > > > “d:\cert\mycert.cer”
> > > > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > > > > >
> > > > > > > > > > > > This command will run the xcrun command to
> > > > > > > > > > > > generate a signed
> > > > > > IPA
> > > > > > > > > > > > with development provisioning profile.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > > > > feedback on this
> > > > > > > > > > > proposal.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > > > > >
> > > > > > > > > > > > Visual Studio, Client Tools
> > > > > > > > > > > >
> > > > > > > > > > > > soak@microsoft.com
> > > > > > > > > > > >
> > > > > > > > > > > > 425 707 5598 office
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > > From: agrieve@google.com
> > > > > > > > > > > > [mailto:agrieve@google.com] On Behalf Of Andrew
> > > > > > > > > > > > Grieve
> > > > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > > > > To: Shazron
> > > > > > > > > > > > Cc: tommy-carlos williams;
> > > > > > > > > > > > dev@cordova.apache.org
> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For Android Gradle, what's in (and experimental)
> > > > > > > > > > > > right
> > > now:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Environment variable
> "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > > > > points
> > > > > > to
> > > > > > > > > > > > a .properties file that contains:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > > > > >
> > > > > > > > > > > > storePassword=SECRET1
> > > > > > > > > > > >
> > > > > > > > > > > > storeType=pkcs12
> > > > > > > > > > > >
> > > > > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > > > > >
> > > > > > > > > > > > keyPassword=SECRET2
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Topics to discuss:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > 1) Combine platform info into one file, or leave
> > > separate?
> > > > > > > > > > > >
> > > > > > > > > > > > - Leaning towards together
> > > > > > > > > > > >
> > > > > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > > > > >
> > > > > > > > > > > > - I think no, since signing info you often want
> > > > > > > > > > > > to not check in /
> > > > > > > > > keep
> > > > > > > > > > > > secure
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Strawman:
> > > > > > > > > > > >
> > > > > > > > > > > > If a file "cordova-keys.json" exists as a
> > > > > > > > > > > > sibling to www/, then use it. It should look like:
> > > > > > > > > > > >
> > > > > > > > > > > > {
> > > > > > > > > > > >
> > > > > > > > > > > > "android": {
> > > > > > > > > > > >
> > > > > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > > > > >
> > > > > > > > > > > > ...
> > > > > > > > > > > >
> > > > > > > > > > > > },
> > > > > > > > > > > >
> > > > > > > > > > > > "ios": {
> > > > > > > > > > > >
> > > > > > > > > > > > },
> > > > > > > > > > > >
> > > > > > > > > > > > ...
> > > > > > > > > > > >
> > > > > > > > > > > > }
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Android signs debug builds as well (not sure if
> > > > > > > > > > > > other platforms do this too?), so maybe also
> > > > > > > > > > > > allow
> > > > > > > > > > > >
> > > > > > > > > > > > "android-release" as an alias for "android",
> > > > > > > > > > > > and
> > > > > > > > > > > >
> > > > > > > > > > > > "android-debug"
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > > > > <shazron@gmail.com
> > > > > > > <mailto:
> > > > > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > > > > >
> > > > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > > > > >
> > > > > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > > > > >
> > > > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctv
> > > > > > > > > > > > > sq
> > > > > > > > > > > > > nm
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > Seems to be of great value - so let's get
> > > > > > > > > > > > > going on this
> > > > > > > > > > > > > ;)
> > > > > > The
> > > > > > > > > > > > > CLI has
> > > > > > > > > > > >
> > > > > > > > > > > > > (I think) matured more since then to allow
> > > > > > > > > > > > > this
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > > > > williams
> > > > > > > > > > > >
> > > > > > > > > > > > > <to...@devgeeks.org>
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > Frederico’s workflow is the same as ours. I
> > > > > > > > > > > > > > would love to see
> > > > > > > > > > > >
> > > > > > > > > > > > > > something happen To improve this, the less
> > > > > > > > > > > > > > time I spend in Xcode,
> > > > > > > > > > > >
> > > > > > > > > > > > > > the happier I am
> > > > > > > > > > > >
> > > > > > > > > > > > > ;)
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico
> > > > > > > > > > > > > > Galvão (
> > > > > > > > > > > >
> > > > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > > > > "cordova build
> > > > > > > > > android
> > > > > > > > > > > >
> > > > > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > > > > .properties properly
> > > > > > > > > > > >
> > > > > > > > > > > > > configured
> > > > > > > > > > > >
> > > > > > > > > > > > > > in my platform/android folder, specifying
> > > > > > > > > > > > > > the path and name to my
> > > > > > > > > > > >
> > > > > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > > > > already gives me
> > > > > > > > > > > >
> > > > > > > > > > > > > > the signed and ready .apk, all I have to do
> > > > > > > > > > > > > > is upload it to
> > > > > > > > > > > > play.google.com.
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > I have never, however, used cordova's CLI to
> > > > > > > > > > > > > > build the
> > > > > > final
> > > > > > > > > > > >
> > > > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do
> > > > > > > > > > > > > > is run "cordova
> > > > > > > > > > > >
> > > > > > > > > > > > > > prepare", and use xCode
> > > > > > > > > > > >
> > > > > > > > > > > > > from
> > > > > > > > > > > >
> > > > > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram
> > > > > > > > > > > > > > Narasimhan (MS OPEN
> > > > > > > > > > > > > > TECH) <
> > > > > > > > > > > >
> > > > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@micro
> > > > > > > > > > > > > > so
> > > > > > > > > > > > > > ft
> > > > > > > > > > > > > > .c
> > > > > > > > > > > > > > om
> > > > >>:
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > How about a "cordova package" command,
> > > > > > > > > > > > > > > that would be for packaging
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > app
> > > > > > > > > > > >
> > > > > > > > > > > > > > > for the store? Note that different
> > > > > > > > > > > > > > > platforms may have different
> > > > > > > > > > > >
> > > > > > > > > > > > > > > requirements for certs, signing etc. So it
> > > > > > > > > > > > > > > may make sense to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > promote
> > > > > > > > > > > >
> > > > > > > > > > > > > this
> > > > > > > > > > > >
> > > > > > > > > > > > > > > to a different command and let each
> > > > > > > > > > > > > > > command take care of packaging
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > app
> > > > > > > > > > > >
> > > > > > > > > > > > > > > for the store. This command will also mean
> > > > > > > > > > > > > > > that
> > > > > > developers
> > > > > > > > > don’t
> > > > > > > > > > > >
> > > > > > > > > > > > > > > have
> > > > > > > > > > > >
> > > > > > > > > > > > > to
> > > > > > > > > > > >
> > > > > > > > > > > > > > go
> > > > > > > > > > > >
> > > > > > > > > > > > > > > over to the native projects when they
> > > > > > > > > > > > > > > finally want to publish
> > > > > > > > > > > >
> > > > > > > > > > > > > > > their
> > > > > > > > > > > >
> > > > > > > > > > > > > apps
> > > > > > > > > > > >
> > > > > > > > > > > > > > to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the store.
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > >
> > > > > > > > > > > > > > > From: Josh Soref
> > > > > > > > > > > > > > > [mailto:jsoref@blackberry.com]
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > > > > >
> > > > > > > > > > > > > > > To: dev
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Subject: Re: Build signed archives using
> > > > > > > > > > > > > > > CLI
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > if you do:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Cordova build --release,
> > > > > > > > > > > >
> > > > > > > > > > > > > > > The blackberry10 platform will generate a
> > > > > > > > > > > > > > > signed
> > > > > image...
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > > > > agrieve@chromium.org
> > > > > > > > > > <mailto:
> > > > > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >AFAIK, I don't think there's any
> > > > > > > > > > > > > > > >technical
> > > > roadblocks.
> > > > > > > > > > > > > > > >Just need
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >a proposal for how it should look, and
> > > > > > > > > > > > > > > >then a patch & docs to add
> > > > > > > > > > > > it!
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >For Android's hot-off-the-press gradle
> > > > > > > > > > > > > > > >support, you can set an
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > > > > >.properties file for
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >signing builds. This shows one way to go
> > > > > > > > > > > > > > > >about it, but I'm not in
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >love with
> > > > > > > > > > > >
> > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > > .properties idea.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor
> > > > > > > > > > > > > > > >Sosa
> > > > > > > > > > > >
> > > > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.vict
> > > > > > > > > > > > > > > >or
> > > > > > > > > > > > > > > >@g
> > > > > > > > > > > > > > > >ma
> > > > > > > > > > > > > > > >il.c
> > > > > > > > > > > > > > > >om>>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Hi community.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Been looking at this topic and
> > > > > > > > > > > > > > > >> wondering why the build command
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>does not create signed archives. Digging
> > > > > > > > > > > > > > > >>a little bit found a
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>lot of differences in the platforms to
> > > > > > > > > > > > > > > >>create these
> > > > > > > > archives.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > > > > >> Export your
> > > > > > APK
> > > > > > > > > > > > > > > >> in
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> release mode (--release flag) 2. Sign
> > > > > > > > > > > > > > > >> your APK (you already
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> need a RSA key)
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > > > > >> (--release
> > > > > > seems
> > > > > > > > > > > > > > > >> to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> export
> > > > > > > > > > > >
> > > > > > > > > > > > > for
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>emulator only) 2. Either use XCode
> > > > > > > > > > > > > > > >>(UI-based) and sign the
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> process)
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Besides these differences, what is
> > > > > > > > > > > > > > > >> preventing Cordova from
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> providing a generic one-way to build
> > > > > > > > > > > > > > > >> these signed,
> > > > > > > > > > > > ready-to-publish archives?
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Perhaps I'm missing something here...?
> > > > > > > > > > > > > > > >> I really appreciate your
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>insights on this topic
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Thanks!
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> --
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > ------------------------------------------------------
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > ----
> > > > > > > > > > > > > > > --
> > > > > > > > > > > >
> > > > > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > > > > <mailto:
> > > > > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > --
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > *
> > > > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com.
> > > > > > > > > > > > > > br
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > <
> > > > > > > > > > > > http://www.pontoget.com/>
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > --
> > > > > > > > > > >
> > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > >
> > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > >
> > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > >
> > > > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > > --------------------------------------------------------
> > > > > > > > --
> > > > > > > > --
> > > > > > > > --
> > > > > > > > ----
> > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > For additional commands, e-mail:
> > > > > > > > dev-help@cordova.apache.org
> > > > > > > >
> > > > > > > > --------------------------------------------------------
> > > > > > > > --
> > > > > > > > --
> > > > > > > > --
> > > > > > > > ----
> > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > For additional commands, e-mail:
> > > > > > > > dev-help@cordova.apache.org
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Carlos Santana
> > > > > > > <cs...@gmail.com>
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Victor Adrian Sosa Herrera IBM Software Engineer
> > > > > > > Guadalajara, Jalisco
> > > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Victor Adrian Sosa Herrera
> > > > > IBM Software Engineer
> > > > > Guadalajara, Jalisco
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Victor Adrian Sosa Herrera
> > > > IBM Software Engineer
> > > > Guadalajara, Jalisco
> > > >
> > > B
> KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> > > [ X ܚX K K[XZ[
> > > ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> > > ] Z [ ܙ ݘK \ X K ܙ B
> > >
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
>
>
>
> --
> Carlos Santana
> <cs...@gmail.com>
>
�B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB � �[ X ܚX K��K[XZ[
��] ][ X ܚX P� ܙ�ݘK \�X �K ܙ B ܈�Y��]�[ۘ[�� [X[ � ��K[XZ[
��] Z�[��� ܙ�ݘK \�X �K ܙ B
RE: Build signed archives using CLI
Posted by Nikhil Khandelwal <ni...@microsoft.com>.
Thanks, Andrew for doing a thorough review. This was merged in last week. I have created a new PR for the docs update: https://github.com/apache/cordova-docs/pull/277
It's important to note, to make it simple to pass multiple signing parameters, I have created the concept of a build.json file (instead of cordova-keys.json suggested below) that can be used to specify build-time parameters. It supports specifying two sets of values - debug & release.
This support is currently only for Android, I am working on another PR for iOS.
Thanks,
Nikhil
-----Original Message-----
From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew Grieve
Sent: Wednesday, March 18, 2015 4:48 PM
To: dev
Subject: Re: Build signed archives using CLI
Left some comments on the PR.
On Tue, Mar 17, 2015 at 5:04 PM, Nikhil Khandelwal <ni...@microsoft.com>
wrote:
> I just submitted a PR for this for Android:
> https://github.com/apache/cordova-android/pull/164
>
> Here's the rough design:
>
> - Build.json or command line args can be used to specify details
> required for packaging:
> - Keystore
> - Alias
> - Keystore password
> - Password
> - Keystore type.
> - Debug-signing.properties or release-signing.properties is created at
> prepare time to allow gradle or Ant build systems to pick up those
> properties and generate a signed archive.
> - ‘Clean’ will delete these autogenerated .properties files.
> - If no password is specified for release signing, Ant & gradle will
> prompt for passwords.
>
> I will shortly have a PR to update the docs.
>
> Thanks,
> Nikhil
>
>
> -----Original Message-----
> From: Carlos Santana [mailto:csantana23@gmail.com]
> Sent: Friday, February 13, 2015 2:28 PM
> To: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> Thanks Nikhil I see this as a very good and important feature to have
> in our CLI stack
>
> On Fri, Feb 13, 2015 at 4:48 PM, Nikhil Khandelwal
> <nikhilkh@microsoft.com
> >
> wrote:
>
> > I'm taking this over from Dan. I like the idea of having the release
> > signing information persisted in a json file.
> >
> > I have made some updates on the specific issue of how keys/passwords
> > can be passed through CLI and JSON:
> >
> > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9Pu
> > NB
> > L1auAMGFM/edit#
> >
> > I'm still going through the details of packaging requirements of
> > each platform. I expect to add some more details on how the
> > packaging process will work with individual platform build systems
> > in the coming days. I will update this thread when I do so.
> >
> > Here's the main JIRA with platform specific tasks here:
> > https://issues.apache.org/jira/browse/CB-8483. I would love to
> > collaborate with others who are interested in this area.
> > Specifically, I plan to take up the task of implementing this for Android first.
> >
> > Thanks,
> > Nikhil
> >
> >
> > -----Original Message-----
> > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > Sent: Tuesday, February 10, 2015 2:29 PM
> > To: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > I'm leaning to Andrew and Omar's idea. I like the idea of having a
> > file where all the platform-specific information will be stored,
> > then each platform will take that information to sign the archive
> > and produce a usable, I mean ready-to-distribute, binary.
> >
> > As for Omar's comment, I also concur there. If a user has the
> > signing info in gradle or ant properties and that info is also
> > provided in the new file discussed here, then it should take
> > precedence and override the platform-specific one.
> >
> > Wondering if Dan is feeling OK now and ready to be back in the game
> > :D
> >
> > 2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
> >
> > > +1 for having an additional file to abstract away all the platform
> > > specific stuff. Currently, we support both gradle and ant for
> > > android for example, I think it wouldn't make sense for end-users
> > > to have to change their specs depending on what specific tool is
> > > used behind the
> > scenes.
> > > Maybe we could also copy those properties to specific files during
> > > build or prepare ? [copy from cordova's to ant.properties]
> > >
> > >
> > > Thanks,
> > > Mefire
> > >
> > > -----Original Message-----
> > > From: Chuck Lantz [mailto:clantz@microsoft.com]
> > > Sent: Wednesday, January 28, 2015 10:30 AM
> > > To: dev@cordova.apache.org
> > > Subject: RE: Build signed archives using CLI
> > >
> > > Yeah personally I am thinking that - particularly if we treat
> > > platforms as dependencies in package.json as proposed - we'll need
> > > some facility to set native build settings. We may be able to come
> > > up with some sort of abstraction for this part, but I'm kind of
> > > thinking we'll ultimately want a facility to include native build
> > > property files (ant/gradle.properties, things like the signing
> > > identity in build.xcconfig, etc) in the CLI project. That said,
> > > we could have another facility for common settings like certs.
> > >
> > > -Chuck
> > >
> > > -----Original Message-----
> > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > > Andrew Grieve
> > > Sent: Wednesday, January 28, 2015 10:18 AM
> > > To: dev
> > > Subject: Re: Build signed archives using CLI
> > >
> > > Sounds good, let's wait until Dan is back to discuss. The main
> > > point I'd like to cover is whether it'd be good to have layer of
> > > indirection between cordova and the platform-specific files that
> > > dictate signing
> > info.
> > >
> > > E.g.:
> > > Instead of using ant.properties / gradle.properties /
> > > build.xcconfig,
> > have:
> > >
> > > cordova-keys.json
> > > {
> > > ios: { identity: "", provisioning_profile: "" },
> > > android-debug: { keystore: "", alias: "", password: "", type: "" },
> > > android-release: { keystore: "", alias: "", password: "", type: ""
> }
> > > ...
> > > }
> > >
> > > Then, have a prepare step that makes the platforms do the right
> > > thing
> > >
> > > (Note that for android it's important to have debug siging keys as
> > > well since they are used for Play Services and Cloud Console APIs).
> > >
> > >
> > >
> > >
> > >
> > >
> > > On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa
> > > <so...@gmail.com>
> > > wrote:
> > >
> > > > Yay!! Great news!
> > > >
> > > > Chuck, by any chance, do you have a link to the sandbox, or
> > > > design doc or something worth to look at it? If no, we can wait
> > > > until Dan is back (hope he feels better soon) I'm happy to help if needed.
> > > >
> > > > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> > > >
> > > > > Dan Levine whom some of you met at PhoneGap day actually has
> > > > > been working on a PR based on Subhag's proposal for discussion
> > > > > - he is out sick which
> > > > is
> > > > > why he didn't respond to this thread. I'll let him speak to it
> > > > > once he's back but the good news is there is someone working
> > > > > on something in this area.
> > > > >
> > > > > -Chuck
> > > > >
> > > > > -----Original Message-----
> > > > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > > > Sent: Wednesday, January 28, 2015 7:57 AM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > Hi Andrew.
> > > > >
> > > > > AFAICT, no one has done any work on this area, but I'd like to
> > > > > add this topic to the hangout agenda, start discussing this. I
> > > > > think Subhag has a very good design in the google doc in this
> > > > > thread. We can start from
> > > > there
> > > > > and try to make this happen for a future release.
> > > > >
> > > > > Thoughts before adding it to the agenda?
> > > > >
> > > > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> > > > >
> > > > > > In anyone interested in working on any of this?
> > > > > >
> > > > > > Was just looking at it to see if there was anything I needed
> > > > > > to do to add support to Android for release packaging.
> > > > > >
> > > > > > Main thing lacking to me is whether we should support
> > > > > > specifying release key information outside of the
> platforms/android directory.
> > > > > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > > > > per-platform key locations & settings.
> > > > > >
> > > > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > > > > <so...@gmail.com>
> > > > > > wrote:
> > > > > >
> > > > > > > Hello Cordova community
> > > > > > > Curious to know where we stand about this topic. Even
> > > > > > > though this topic looks to have significant impact on
> > > > > > > Cordova, Subhag has a document
> > > > > > proposal
> > > > > > > with little discussion activity.
> > > > > > >
> > > > > > > I like Subhag's proposal, but I want to bring back the
> > > > > > > idea of a prompt-less keychain.
> > > > > > >
> > > > > > > Is anything else, besides what is depicted in the
> > > > > > > proposal, missing
> > > > > here?
> > > > > > >
> > > > > > > Document:
> > > > > > >
> > > > > > >
> > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA
> > > > > > fb
> > > > > > iQ
> > > > > > u9
> > > > > > PuNB
> > > > > > L1auAMGFM/edit?usp=sharing
> > > > > > >
> > > > > > >
> > > > > > > ---------- Forwarded message ----------
> > > > > > > From: Carlos Santana <cs...@gmail.com>
> > > > > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > > > > >
> > > > > > >
> > > > > > > +1 on having a new command "cordova package" this will
> > > > > > > +allow IBM tooling
> > > > > > to
> > > > > > > hook into before_package and after_package for our own
> > > > > > > customizations (direct update, authenticity, etc..)
> > > > > > > +1 on using sane defaults and not prompting (i.e. default
> > > > > > > +keychain maybe
> > > > > > > used and unlock already) if not found what we need then
> > > > > > > prompt or fail
> > > > > > > +1 have some config/settings outside "platforms/" as I
> > > > > > > +like to be
> > > > > > transient
> > > > > > > replaceable. using config.xml, something.json, or file
> > > > > > > conventions like res/packaging/<platform>/ are all ok options.
> > > > > > >
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > > > > <Su...@microsoft.com>
> > > > > > > wrote:
> > > > > > >
> > > > > > > > Here is the link to the proposal:
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzA
> > > > > > fb
> > > > > > iQ
> > > > > > u9
> > > > > > PuNB
> > > > > > L1auAMGFM/edit?usp=sharing
> > > > > > > > Jump on it people :)
> > > > > > > >
> > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > > Client Tools soak@microsoft.com
> > > > > > > > 425 707 5598 office
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > > > > To: dev@cordova.apache.org
> > > > > > > > Subject: RE: Build signed archives using CLI
> > > > > > > >
> > > > > > > > Adding to what Shazron said, isn't config.xml supposed
> > > > > > > > to be considered as app-wide settings/properties?
> > > > > > > > Typically packaging information is per platform and
> > > > > > > > hence in my opinion, should be decoupled from config
> > > > > > > settings.
> > > > > > > > Jesse, I am working on a documentation that I will share
> > > > > > > > out soon for
> > > > > > > the
> > > > > > > > community to collaborate.
> > > > > > > >
> > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > > Client Tools soak@microsoft.com
> > > > > > > > 425 707 5598 office
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > > > > To: dev@cordova.apache.org
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > >
> > > > > > > > Liking Subhag's proposal.
> > > > > > > > Agree with Jesse on using conventions as a default plus
> > > > > > > > config.xml
> > > > > > > > --
> > > > > > > with
> > > > > > > > overrides/env-vars possible. The only caveat for
> > > > > > > > including info in the config.xml is, the config.xml data
> > > > > > > > is copied into the iOS platform and
> > > > > > > will
> > > > > > > > be included in the .app bundle, and will leak
> > > > > > > > information (even though harmless, since it shouldn't
> > > > > > > > contain passwords,
> > > > > > > > etc) -- so maybe that
> > > > > > is
> > > > > > > > not desirable, using config.xml.
> > > > > > > >
> > > > > > > > We will need to provide the password each time at least
> > > > > > > > for iOS, since
> > > > > > we
> > > > > > > > need to unlock the keychain for code signing.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > > > > <ag...@chromium.org>
> > > > > > > > wrote:
> > > > > > > >
> > > > > > > > > The prompting is actually pretty appropriate here
> > > > > > > > > since passwords are involved I think. I think also
> > > > > > > > > that keys will often not be checked into source
> > > > > > > > > control, but maybe the best way to support that is to
> > > > > > > > > allow multiple ways of specifying things (e.g. default
> > > > > > > > > to convention, allow override via config.xml, allow
> > > > > > > > > override via command-line & env variable as well)
> > > > > > > > >
> > > > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > > > > <pu...@gmail.com>
> > > > > > wrote:
> > > > > > > > >
> > > > > > > > > > I am liking all of this.
> > > > > > > > > > Are we ready to move this to an editable plaintext
> > > > > > > > > > doc to
> > > > > > collaborate
> > > > > > > > on?
> > > > > > > > > >
> > > > > > > > > > I agree that we should take advantage of as much
> > > > > > > > > > 'by-convention' as we
> > > > > > > > > can,
> > > > > > > > > > meaning things like `cordova package ios` defaults
> > > > > > > > > > to a code sign
> > > > > > > > > identity
> > > > > > > > > > of 'iPhone Developer' and signs based on
> > > > > > > > > > app-bundle-id,
> ...
> > > > > > > > > >
> > > > > > > > > > If it does not make sense as a convention, then I
> > > > > > > > > > too would like to see
> > > > > > > > > as
> > > > > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > > > > points out,
> > > > > > and
> > > > > > > > > agree
> > > > > > > > > > on picking the most consistent names possible.
> > > > > > > > > >
> > > > > > > > > > I would prefer that we do not prompt, and simply
> > > > > > > > > > fail fast, given that tools will typically be
> > > > > > > > > > consuming the cli. Or we should at least
> > > > > > > > > provide a
> > > > > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > > > > config.xml-able
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > @purplecabbage
> > > > > > > > > > risingj.com
> > > > > > > > > >
> > > > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > > > > <clantz@microsoft.com
> > > > > > >
> > > > > > > > > wrote:
> > > > > > > > > >
> > > > > > > > > > > One option here could be to build off of the idea
> > > > > > > > > > > of the
> > > > "res"
> > > > > > > > > > > folder
> > > > > > > > > > that
> > > > > > > > > > > is in the current samples for splashscreens and
> > > > > > > > > > > icons and introduce something like "res/native".
> > > > > > > > > > > Files placed here would
> > > > > > be
> > > > > > > > > > > put into the native project folders "before_prepare"
> > > > > > > > > > > and would be further enhanced
> > > > > > > > > by
> > > > > > > > > > > the plugin and build infrastructure. This would
> > > > > > > > > > > allow you to place customized native assets that
> > > > > > > > > > > are unique to your project in a place
> > > > > > > > > that
> > > > > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > > > > >
> > > > > > > > > > > Andrew's environment variable idea could also
> > > > > > > > > > > provide an
> > > > > > alternate
> > > > > > > > > means
> > > > > > > > > > > to specify platform specific values (what Soak
> > > > > > > > > > > mentions in the {
> > > > > > > }).
> > > > > > > > > > >
> > > > > > > > > > > -Chuck
> > > > > > > > > > >
> > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > From: Frederico Galvão
> > > > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > >
> > > > > > > > > > > I agree with pretty much everything mentioned, but
> > > > > > > > > > > as far as I know cordova is trying it's best to
> > > > > > > > > > > not depend on anything to be in
> > /platforms/<TARGET_PLATFORM>/.
> > > > > > > > > > > Having said that, the package command
> > > > > > > > > > should
> > > > > > > > > > > always expect things to be in config.xml or
> > > > > > > > > > > something like
> > > > > that.
> > > > > > > > > > >
> > > > > > > > > > > Also, the closer we are in naming things to what
> > > > > > > > > > > they are already known
> > > > > > > > > > as
> > > > > > > > > > > in the native platform, the better.
> > > > > > > > > > >
> > > > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > > > > <Subhag.Oak@microsoft.com
> > > > > > >:
> > > > > > > > > > >
> > > > > > > > > > > > Hey Cordova community,
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > I am Subhag Oak, senior program manager on the
> > > > > > > > > > > > Visual Studio team working on VS tools for Multi
> > > > > > > > > > > > device hybrid apps. In line with the discussion
> > > > > > > > > > > > of having a generic
> > > > > Cordova ‘packaging’
> > > > > > > > > > > > command for all platforms, here is one
> > > > > > > > > > > > proposal:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > As we all know, packaging an application for
> > > > > > > > > > > > deployment
> > > > > > requires
> > > > > > > > > extra
> > > > > > > > > > > > steps that are specific to the native platforms.
> > > > > > > > > > > > A new generic Cordova CLI ‘package’ command can
> > > > > > > > > > > > perform these platform specific actions to
> > > > > > > > > > > > generate a final signed package ready for
> > > > > > > > deployment:
> > > > > > > > > > > >
> > > > > > > > > > > > cordova package [platform]
> > > > > > > > > > > > [--packageConfiguration]
> > > > > > > > > > > > {-- –-sign[location]
> > > > > > > > > > > > -- –-embed[location] --
> > > > > > > > > > > > --signIdentity[location]}, where all
> > > > > > the
> > > > > > > > > > > > parameters within { } are platform specific
> overrides.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > If no platform is specified, the command will
> > > > > > > > > > > > build packages
> > > > > > for
> > > > > > > > > > > > all platforms added.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > The values for –packageConfiguration are
> > > > > > > > > > > > interpreted by the
> > > > > > > > > respective
> > > > > > > > > > > > platforms. For Android and Windows, the value
> > > > > > > > > > > > can be debug or
> > > > > > > > > release,
> > > > > > > > > > > > with release being the default value. For iOS,
> > > > > > > > > > > > the possible values are development, adhoc or
> > > > > > > > > > > > store with development being the default value.
> > > > > > > > > > > > The
> > > > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity
> > > > > > > > > > > > are optional iOS specific signing arguments for
> > > > > > > > > > > > specifying the location of
> > > > > > > > > code-signing
> > > > > > > > > > > > certificate, the provisioning profile or the
> > > > > > > > > > > > code signing identity (certificates along with
> > > > > > > > > > > > public and private keys)
> > > > > > > > respectively.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > e.g:
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘cordova package iOS’ would generate a
> signed
> > > ipa
> > > > > > with
> > > > > > > > > > > > development profile, using code signing identity
> > > > > > > > > > > > defined in
> > > > > > > > > > > build.xcconfig:
> > > > > > > > > > > >
> > > > > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > > > > >
> > > > > > > > > > > > // security find-identity | sed -n
> > > > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > > > > >
> > > > > > > > > > > > // generic 'iPhone Developer' (no quotes) will
> > > > > > > > > > > > match the right Identity with the right
> > > > > > > > > > > > Provisioning // Profile plus Certificate, based
> > > > > > > > > > > > on the app bundle id
> > > > > > > > > > > >
> > > > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘cordova package android’ would generate a
> > > > release
> > > > > > > signed
> > > > > > > > > > using
> > > > > > > > > > > > the packaging assets (keystore, alias and
> > > > > > > > > > > > password) defined in the ant.properties files
> > > > > > > > > > > > using the ANT
> > build.
> > > > > > > > > > > > This would be using gradle.propoerties once
> > > > > > > > > > > > cordova changes to gradle build like the one
> > > > > > > > > > > > Andrew mentions
> > > below.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘Cordova package windows’ would generate a
> > > signed
> > > > > > APPX
> > > > > > > > > > package.
> > > > > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > > > > >
> > > > > > > > > > > > • An unsigned packaged Windows
> Store
> > > > app,
> > > > > > for
> > > > > > > > > > example,
> > > > > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > > > > >
> > > > > > > > > > > > • A valid code signing
> certificate,
> > > for
> > > > > > > > example, a
> > > > > > > > > > > > Personal Information Exchange (.pfx) file
> > > > > > > > > > > > created with the MakeCert.exe and Pvk2Pfx.exe
> > > > > > > > > > > > tools
> > > > > > > > > > > >
> > > > > > > > > > > > • SignTool, which is part of the
> > > Windows
> > > > > SDK
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Here is how the package command should work. The
> > > > > > > > > > > > proposal is to make the ‘package’ command work
> > > > > > > > > > > > on convention (similar to the Cordova
> > > > > > > > > build
> > > > > > > > > > > > command) rather than config settings. The
> > > > > > > > > > > > command would look
> > > > > > out
> > > > > > > > > > > > for packaging assets in the “platform\
> > [native-platform]”
> > > > > > folder.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > > > > (keystore, password, alias and alias password)
> > > > > > > > > > > > would be used for
> > > > > > packaging.
> > > > > > > > > > > > If any of
> > > > > > > > > these
> > > > > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > > > > gradle.properties for gradle build] or if the
> > > > > > > > > > > > file is missing, the command would prompt the
> > > > > > > > > > > > user for these value at the command prompt. If
> > > > > > > > > > > > the values provided
> > > > > > > > > are
> > > > > > > > > > > > invalid, the command would fail.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For iOS, the contents of build.xcconfig specify
> > > > > > > > > > > > the code-sign certificate and the provisioning
> > > > > > > > > > > > profile to be used. The
> > > > > > default
> > > > > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > > > > information by build profile based on the
> > > > > > > > > > > > configuration defined in the
> > > > > > command.
> > > > > > > > > > > > Build.xcconfig can also support signing
> > > > > > > > > > > > identities that tie the code-sign certificate
> > > > > > > > > > > > with the provisioning
> > > > profile.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Tools like VS and other IDEs, which use cordova
> > > > > > > > > > > > CLI, may need
> > > > > > an
> > > > > > > > > > > > explicit way to specify certs/profile for
> > > > > > > > > > > > packaging for iOS (since
> > > > > > > > > the
> > > > > > > > > > > > build needs to happen on MAC agent) instead of
> > > > > > > > > > > > the assets being defined in the build.xcconfig.
> > > > > > > > > > > > One way to allow this is by
> > > > > > using
> > > > > > > > > > > > optional platform specific arguments to the
> > > > > > > > > > > > package command
> > > > > > like:
> > > > > > > > > > > >
> > > > > > > > > > > > Cordova package iOS --development --sign
> > > > “d:\cert\mycert.cer”
> > > > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > > > > >
> > > > > > > > > > > > This command will run the xcrun command to
> > > > > > > > > > > > generate a signed
> > > > > > IPA
> > > > > > > > > > > > with development provisioning profile.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > > > > feedback on this
> > > > > > > > > > > proposal.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > > > > >
> > > > > > > > > > > > Visual Studio, Client Tools
> > > > > > > > > > > >
> > > > > > > > > > > > soak@microsoft.com
> > > > > > > > > > > >
> > > > > > > > > > > > 425 707 5598 office
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > > From: agrieve@google.com
> > > > > > > > > > > > [mailto:agrieve@google.com] On Behalf Of Andrew
> > > > > > > > > > > > Grieve
> > > > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > > > > To: Shazron
> > > > > > > > > > > > Cc: tommy-carlos williams;
> > > > > > > > > > > > dev@cordova.apache.org
> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For Android Gradle, what's in (and experimental)
> > > > > > > > > > > > right
> > > now:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Environment variable
> "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > > > > points
> > > > > > to
> > > > > > > > > > > > a .properties file that contains:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > > > > >
> > > > > > > > > > > > storePassword=SECRET1
> > > > > > > > > > > >
> > > > > > > > > > > > storeType=pkcs12
> > > > > > > > > > > >
> > > > > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > > > > >
> > > > > > > > > > > > keyPassword=SECRET2
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Topics to discuss:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > 1) Combine platform info into one file, or leave
> > > separate?
> > > > > > > > > > > >
> > > > > > > > > > > > - Leaning towards together
> > > > > > > > > > > >
> > > > > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > > > > >
> > > > > > > > > > > > - I think no, since signing info you often want
> > > > > > > > > > > > to not check in /
> > > > > > > > > keep
> > > > > > > > > > > > secure
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Strawman:
> > > > > > > > > > > >
> > > > > > > > > > > > If a file "cordova-keys.json" exists as a
> > > > > > > > > > > > sibling to www/, then use it. It should look like:
> > > > > > > > > > > >
> > > > > > > > > > > > {
> > > > > > > > > > > >
> > > > > > > > > > > > "android": {
> > > > > > > > > > > >
> > > > > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > > > > >
> > > > > > > > > > > > ...
> > > > > > > > > > > >
> > > > > > > > > > > > },
> > > > > > > > > > > >
> > > > > > > > > > > > "ios": {
> > > > > > > > > > > >
> > > > > > > > > > > > },
> > > > > > > > > > > >
> > > > > > > > > > > > ...
> > > > > > > > > > > >
> > > > > > > > > > > > }
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Android signs debug builds as well (not sure if
> > > > > > > > > > > > other platforms do this too?), so maybe also
> > > > > > > > > > > > allow
> > > > > > > > > > > >
> > > > > > > > > > > > "android-release" as an alias for "android",
> > > > > > > > > > > > and
> > > > > > > > > > > >
> > > > > > > > > > > > "android-debug"
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > > > > <shazron@gmail.com
> > > > > > > <mailto:
> > > > > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > > > > >
> > > > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > > > > >
> > > > > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > > > > >
> > > > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctv
> > > > > > > > > > > > > sq
> > > > > > > > > > > > > nm
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > Seems to be of great value - so let's get
> > > > > > > > > > > > > going on this
> > > > > > > > > > > > > ;)
> > > > > > The
> > > > > > > > > > > > > CLI has
> > > > > > > > > > > >
> > > > > > > > > > > > > (I think) matured more since then to allow
> > > > > > > > > > > > > this
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > > > > williams
> > > > > > > > > > > >
> > > > > > > > > > > > > <to...@devgeeks.org>
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > Frederico’s workflow is the same as ours. I
> > > > > > > > > > > > > > would love to see
> > > > > > > > > > > >
> > > > > > > > > > > > > > something happen To improve this, the less
> > > > > > > > > > > > > > time I spend in Xcode,
> > > > > > > > > > > >
> > > > > > > > > > > > > > the happier I am
> > > > > > > > > > > >
> > > > > > > > > > > > > ;)
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico
> > > > > > > > > > > > > > Galvão (
> > > > > > > > > > > >
> > > > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > > > > "cordova build
> > > > > > > > > android
> > > > > > > > > > > >
> > > > > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > > > > .properties properly
> > > > > > > > > > > >
> > > > > > > > > > > > > configured
> > > > > > > > > > > >
> > > > > > > > > > > > > > in my platform/android folder, specifying
> > > > > > > > > > > > > > the path and name to my
> > > > > > > > > > > >
> > > > > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > > > > already gives me
> > > > > > > > > > > >
> > > > > > > > > > > > > > the signed and ready .apk, all I have to do
> > > > > > > > > > > > > > is upload it to
> > > > > > > > > > > > play.google.com.
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > I have never, however, used cordova's CLI to
> > > > > > > > > > > > > > build the
> > > > > > final
> > > > > > > > > > > >
> > > > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do
> > > > > > > > > > > > > > is run "cordova
> > > > > > > > > > > >
> > > > > > > > > > > > > > prepare", and use xCode
> > > > > > > > > > > >
> > > > > > > > > > > > > from
> > > > > > > > > > > >
> > > > > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram
> > > > > > > > > > > > > > Narasimhan (MS OPEN
> > > > > > > > > > > > > > TECH) <
> > > > > > > > > > > >
> > > > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@micro
> > > > > > > > > > > > > > so
> > > > > > > > > > > > > > ft
> > > > > > > > > > > > > > .c
> > > > > > > > > > > > > > om
> > > > >>:
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > How about a "cordova package" command,
> > > > > > > > > > > > > > > that would be for packaging
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > app
> > > > > > > > > > > >
> > > > > > > > > > > > > > > for the store? Note that different
> > > > > > > > > > > > > > > platforms may have different
> > > > > > > > > > > >
> > > > > > > > > > > > > > > requirements for certs, signing etc. So it
> > > > > > > > > > > > > > > may make sense to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > promote
> > > > > > > > > > > >
> > > > > > > > > > > > > this
> > > > > > > > > > > >
> > > > > > > > > > > > > > > to a different command and let each
> > > > > > > > > > > > > > > command take care of packaging
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > app
> > > > > > > > > > > >
> > > > > > > > > > > > > > > for the store. This command will also mean
> > > > > > > > > > > > > > > that
> > > > > > developers
> > > > > > > > > don’t
> > > > > > > > > > > >
> > > > > > > > > > > > > > > have
> > > > > > > > > > > >
> > > > > > > > > > > > > to
> > > > > > > > > > > >
> > > > > > > > > > > > > > go
> > > > > > > > > > > >
> > > > > > > > > > > > > > > over to the native projects when they
> > > > > > > > > > > > > > > finally want to publish
> > > > > > > > > > > >
> > > > > > > > > > > > > > > their
> > > > > > > > > > > >
> > > > > > > > > > > > > apps
> > > > > > > > > > > >
> > > > > > > > > > > > > > to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the store.
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > >
> > > > > > > > > > > > > > > From: Josh Soref
> > > > > > > > > > > > > > > [mailto:jsoref@blackberry.com]
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > > > > >
> > > > > > > > > > > > > > > To: dev
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Subject: Re: Build signed archives using
> > > > > > > > > > > > > > > CLI
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > if you do:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Cordova build --release,
> > > > > > > > > > > >
> > > > > > > > > > > > > > > The blackberry10 platform will generate a
> > > > > > > > > > > > > > > signed
> > > > > image...
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > > > > agrieve@chromium.org
> > > > > > > > > > <mailto:
> > > > > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >AFAIK, I don't think there's any
> > > > > > > > > > > > > > > >technical
> > > > roadblocks.
> > > > > > > > > > > > > > > >Just need
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >a proposal for how it should look, and
> > > > > > > > > > > > > > > >then a patch & docs to add
> > > > > > > > > > > > it!
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >For Android's hot-off-the-press gradle
> > > > > > > > > > > > > > > >support, you can set an
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > > > > >.properties file for
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >signing builds. This shows one way to go
> > > > > > > > > > > > > > > >about it, but I'm not in
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >love with
> > > > > > > > > > > >
> > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > > .properties idea.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor
> > > > > > > > > > > > > > > >Sosa
> > > > > > > > > > > >
> > > > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.vict
> > > > > > > > > > > > > > > >or
> > > > > > > > > > > > > > > >@g
> > > > > > > > > > > > > > > >ma
> > > > > > > > > > > > > > > >il.c
> > > > > > > > > > > > > > > >om>>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Hi community.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Been looking at this topic and
> > > > > > > > > > > > > > > >> wondering why the build command
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>does not create signed archives. Digging
> > > > > > > > > > > > > > > >>a little bit found a
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>lot of differences in the platforms to
> > > > > > > > > > > > > > > >>create these
> > > > > > > > archives.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > > > > >> Export your
> > > > > > APK
> > > > > > > > > > > > > > > >> in
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> release mode (--release flag) 2. Sign
> > > > > > > > > > > > > > > >> your APK (you already
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> need a RSA key)
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > > > > >> (--release
> > > > > > seems
> > > > > > > > > > > > > > > >> to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> export
> > > > > > > > > > > >
> > > > > > > > > > > > > for
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>emulator only) 2. Either use XCode
> > > > > > > > > > > > > > > >>(UI-based) and sign the
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> process)
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Besides these differences, what is
> > > > > > > > > > > > > > > >> preventing Cordova from
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> providing a generic one-way to build
> > > > > > > > > > > > > > > >> these signed,
> > > > > > > > > > > > ready-to-publish archives?
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Perhaps I'm missing something here...?
> > > > > > > > > > > > > > > >> I really appreciate your
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>insights on this topic
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Thanks!
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> --
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > ------------------------------------------------------
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > ----
> > > > > > > > > > > > > > > --
> > > > > > > > > > > >
> > > > > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > > > > <mailto:
> > > > > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > --
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > *
> > > > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com.
> > > > > > > > > > > > > > br
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > <
> > > > > > > > > > > > http://www.pontoget.com/>
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > --
> > > > > > > > > > >
> > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > >
> > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > >
> > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > >
> > > > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > > --------------------------------------------------------
> > > > > > > > --
> > > > > > > > --
> > > > > > > > --
> > > > > > > > ----
> > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > For additional commands, e-mail:
> > > > > > > > dev-help@cordova.apache.org
> > > > > > > >
> > > > > > > > --------------------------------------------------------
> > > > > > > > --
> > > > > > > > --
> > > > > > > > --
> > > > > > > > ----
> > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > For additional commands, e-mail:
> > > > > > > > dev-help@cordova.apache.org
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Carlos Santana
> > > > > > > <cs...@gmail.com>
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Victor Adrian Sosa Herrera IBM Software Engineer
> > > > > > > Guadalajara, Jalisco
> > > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Victor Adrian Sosa Herrera
> > > > > IBM Software Engineer
> > > > > Guadalajara, Jalisco
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Victor Adrian Sosa Herrera
> > > > IBM Software Engineer
> > > > Guadalajara, Jalisco
> > > >
> > > B
> KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> > > [ X ܚX K K[XZ[
> > > ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> > > ] Z [ ܙ ݘK \ X K ܙ B
> > >
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
>
>
>
> --
> Carlos Santana
> <cs...@gmail.com>
>
Re: Build signed archives using CLI
Posted by Andrew Grieve <ag...@chromium.org>.
Left some comments on the PR.
On Tue, Mar 17, 2015 at 5:04 PM, Nikhil Khandelwal <ni...@microsoft.com>
wrote:
> I just submitted a PR for this for Android:
> https://github.com/apache/cordova-android/pull/164
>
> Here's the rough design:
>
> - Build.json or command line args can be used to specify details required
> for packaging:
> - Keystore
> - Alias
> - Keystore password
> - Password
> - Keystore type.
> - Debug-signing.properties or release-signing.properties is created at
> prepare time to allow gradle or Ant build systems to pick up those
> properties and generate a signed archive.
> - ‘Clean’ will delete these autogenerated .properties files.
> - If no password is specified for release signing, Ant & gradle will
> prompt for passwords.
>
> I will shortly have a PR to update the docs.
>
> Thanks,
> Nikhil
>
>
> -----Original Message-----
> From: Carlos Santana [mailto:csantana23@gmail.com]
> Sent: Friday, February 13, 2015 2:28 PM
> To: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> Thanks Nikhil I see this as a very good and important feature to have in
> our CLI stack
>
> On Fri, Feb 13, 2015 at 4:48 PM, Nikhil Khandelwal <nikhilkh@microsoft.com
> >
> wrote:
>
> > I'm taking this over from Dan. I like the idea of having the release
> > signing information persisted in a json file.
> >
> > I have made some updates on the specific issue of how keys/passwords
> > can be passed through CLI and JSON:
> >
> > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
> > L1auAMGFM/edit#
> >
> > I'm still going through the details of packaging requirements of each
> > platform. I expect to add some more details on how the packaging
> > process will work with individual platform build systems in the coming
> > days. I will update this thread when I do so.
> >
> > Here's the main JIRA with platform specific tasks here:
> > https://issues.apache.org/jira/browse/CB-8483. I would love to
> > collaborate with others who are interested in this area. Specifically,
> > I plan to take up the task of implementing this for Android first.
> >
> > Thanks,
> > Nikhil
> >
> >
> > -----Original Message-----
> > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > Sent: Tuesday, February 10, 2015 2:29 PM
> > To: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > I'm leaning to Andrew and Omar's idea. I like the idea of having a
> > file where all the platform-specific information will be stored, then
> > each platform will take that information to sign the archive and
> > produce a usable, I mean ready-to-distribute, binary.
> >
> > As for Omar's comment, I also concur there. If a user has the signing
> > info in gradle or ant properties and that info is also provided in the
> > new file discussed here, then it should take precedence and override
> > the platform-specific one.
> >
> > Wondering if Dan is feeling OK now and ready to be back in the game :D
> >
> > 2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
> >
> > > +1 for having an additional file to abstract away all the platform
> > > specific stuff. Currently, we support both gradle and ant for
> > > android for example, I think it wouldn't make sense for end-users to
> > > have to change their specs depending on what specific tool is used
> > > behind the
> > scenes.
> > > Maybe we could also copy those properties to specific files during
> > > build or prepare ? [copy from cordova's to ant.properties]
> > >
> > >
> > > Thanks,
> > > Mefire
> > >
> > > -----Original Message-----
> > > From: Chuck Lantz [mailto:clantz@microsoft.com]
> > > Sent: Wednesday, January 28, 2015 10:30 AM
> > > To: dev@cordova.apache.org
> > > Subject: RE: Build signed archives using CLI
> > >
> > > Yeah personally I am thinking that - particularly if we treat
> > > platforms as dependencies in package.json as proposed - we'll need
> > > some facility to set native build settings. We may be able to come
> > > up with some sort of abstraction for this part, but I'm kind of
> > > thinking we'll ultimately want a facility to include native build
> > > property files (ant/gradle.properties, things like the signing
> > > identity in build.xcconfig, etc) in the CLI project. That said, we
> > > could have another facility for common settings like certs.
> > >
> > > -Chuck
> > >
> > > -----Original Message-----
> > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > > Andrew Grieve
> > > Sent: Wednesday, January 28, 2015 10:18 AM
> > > To: dev
> > > Subject: Re: Build signed archives using CLI
> > >
> > > Sounds good, let's wait until Dan is back to discuss. The main point
> > > I'd like to cover is whether it'd be good to have layer of
> > > indirection between cordova and the platform-specific files that
> > > dictate signing
> > info.
> > >
> > > E.g.:
> > > Instead of using ant.properties / gradle.properties /
> > > build.xcconfig,
> > have:
> > >
> > > cordova-keys.json
> > > {
> > > ios: { identity: "", provisioning_profile: "" },
> > > android-debug: { keystore: "", alias: "", password: "", type: "" },
> > > android-release: { keystore: "", alias: "", password: "", type: ""
> }
> > > ...
> > > }
> > >
> > > Then, have a prepare step that makes the platforms do the right
> > > thing
> > >
> > > (Note that for android it's important to have debug siging keys as
> > > well since they are used for Play Services and Cloud Console APIs).
> > >
> > >
> > >
> > >
> > >
> > >
> > > On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa
> > > <so...@gmail.com>
> > > wrote:
> > >
> > > > Yay!! Great news!
> > > >
> > > > Chuck, by any chance, do you have a link to the sandbox, or design
> > > > doc or something worth to look at it? If no, we can wait until Dan
> > > > is back (hope he feels better soon) I'm happy to help if needed.
> > > >
> > > > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> > > >
> > > > > Dan Levine whom some of you met at PhoneGap day actually has
> > > > > been working on a PR based on Subhag's proposal for discussion -
> > > > > he is out sick which
> > > > is
> > > > > why he didn't respond to this thread. I'll let him speak to it
> > > > > once he's back but the good news is there is someone working on
> > > > > something in this area.
> > > > >
> > > > > -Chuck
> > > > >
> > > > > -----Original Message-----
> > > > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > > > Sent: Wednesday, January 28, 2015 7:57 AM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > Hi Andrew.
> > > > >
> > > > > AFAICT, no one has done any work on this area, but I'd like to
> > > > > add this topic to the hangout agenda, start discussing this. I
> > > > > think Subhag has a very good design in the google doc in this
> > > > > thread. We can start from
> > > > there
> > > > > and try to make this happen for a future release.
> > > > >
> > > > > Thoughts before adding it to the agenda?
> > > > >
> > > > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> > > > >
> > > > > > In anyone interested in working on any of this?
> > > > > >
> > > > > > Was just looking at it to see if there was anything I needed
> > > > > > to do to add support to Android for release packaging.
> > > > > >
> > > > > > Main thing lacking to me is whether we should support
> > > > > > specifying release key information outside of the
> platforms/android directory.
> > > > > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > > > > per-platform key locations & settings.
> > > > > >
> > > > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > > > > <so...@gmail.com>
> > > > > > wrote:
> > > > > >
> > > > > > > Hello Cordova community
> > > > > > > Curious to know where we stand about this topic. Even though
> > > > > > > this topic looks to have significant impact on Cordova,
> > > > > > > Subhag has a document
> > > > > > proposal
> > > > > > > with little discussion activity.
> > > > > > >
> > > > > > > I like Subhag's proposal, but I want to bring back the idea
> > > > > > > of a prompt-less keychain.
> > > > > > >
> > > > > > > Is anything else, besides what is depicted in the proposal,
> > > > > > > missing
> > > > > here?
> > > > > > >
> > > > > > > Document:
> > > > > > >
> > > > > > >
> > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfb
> > > > > > iQ
> > > > > > u9
> > > > > > PuNB
> > > > > > L1auAMGFM/edit?usp=sharing
> > > > > > >
> > > > > > >
> > > > > > > ---------- Forwarded message ----------
> > > > > > > From: Carlos Santana <cs...@gmail.com>
> > > > > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > > > > >
> > > > > > >
> > > > > > > +1 on having a new command "cordova package" this will allow
> > > > > > > +IBM tooling
> > > > > > to
> > > > > > > hook into before_package and after_package for our own
> > > > > > > customizations (direct update, authenticity, etc..)
> > > > > > > +1 on using sane defaults and not prompting (i.e. default
> > > > > > > +keychain maybe
> > > > > > > used and unlock already) if not found what we need then
> > > > > > > prompt or fail
> > > > > > > +1 have some config/settings outside "platforms/" as I like
> > > > > > > +to be
> > > > > > transient
> > > > > > > replaceable. using config.xml, something.json, or file
> > > > > > > conventions like res/packaging/<platform>/ are all ok options.
> > > > > > >
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > > > > <Su...@microsoft.com>
> > > > > > > wrote:
> > > > > > >
> > > > > > > > Here is the link to the proposal:
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfb
> > > > > > iQ
> > > > > > u9
> > > > > > PuNB
> > > > > > L1auAMGFM/edit?usp=sharing
> > > > > > > > Jump on it people :)
> > > > > > > >
> > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > > Client Tools soak@microsoft.com
> > > > > > > > 425 707 5598 office
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > > > > To: dev@cordova.apache.org
> > > > > > > > Subject: RE: Build signed archives using CLI
> > > > > > > >
> > > > > > > > Adding to what Shazron said, isn't config.xml supposed to
> > > > > > > > be considered as app-wide settings/properties? Typically
> > > > > > > > packaging information is per platform and hence in my
> > > > > > > > opinion, should be decoupled from config
> > > > > > > settings.
> > > > > > > > Jesse, I am working on a documentation that I will share
> > > > > > > > out soon for
> > > > > > > the
> > > > > > > > community to collaborate.
> > > > > > > >
> > > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > > Client Tools soak@microsoft.com
> > > > > > > > 425 707 5598 office
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > > > > To: dev@cordova.apache.org
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > >
> > > > > > > > Liking Subhag's proposal.
> > > > > > > > Agree with Jesse on using conventions as a default plus
> > > > > > > > config.xml
> > > > > > > > --
> > > > > > > with
> > > > > > > > overrides/env-vars possible. The only caveat for including
> > > > > > > > info in the config.xml is, the config.xml data is copied
> > > > > > > > into the iOS platform and
> > > > > > > will
> > > > > > > > be included in the .app bundle, and will leak information
> > > > > > > > (even though harmless, since it shouldn't contain
> > > > > > > > passwords,
> > > > > > > > etc) -- so maybe that
> > > > > > is
> > > > > > > > not desirable, using config.xml.
> > > > > > > >
> > > > > > > > We will need to provide the password each time at least
> > > > > > > > for iOS, since
> > > > > > we
> > > > > > > > need to unlock the keychain for code signing.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > > > > <ag...@chromium.org>
> > > > > > > > wrote:
> > > > > > > >
> > > > > > > > > The prompting is actually pretty appropriate here since
> > > > > > > > > passwords are involved I think. I think also that keys
> > > > > > > > > will often not be checked into source control, but maybe
> > > > > > > > > the best way to support that is to allow multiple ways
> > > > > > > > > of specifying things (e.g. default to convention, allow
> > > > > > > > > override via config.xml, allow override via command-line
> > > > > > > > > & env variable as well)
> > > > > > > > >
> > > > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > > > > <pu...@gmail.com>
> > > > > > wrote:
> > > > > > > > >
> > > > > > > > > > I am liking all of this.
> > > > > > > > > > Are we ready to move this to an editable plaintext doc
> > > > > > > > > > to
> > > > > > collaborate
> > > > > > > > on?
> > > > > > > > > >
> > > > > > > > > > I agree that we should take advantage of as much
> > > > > > > > > > 'by-convention' as we
> > > > > > > > > can,
> > > > > > > > > > meaning things like `cordova package ios` defaults to
> > > > > > > > > > a code sign
> > > > > > > > > identity
> > > > > > > > > > of 'iPhone Developer' and signs based on app-bundle-id,
> ...
> > > > > > > > > >
> > > > > > > > > > If it does not make sense as a convention, then I too
> > > > > > > > > > would like to see
> > > > > > > > > as
> > > > > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > > > > points out,
> > > > > > and
> > > > > > > > > agree
> > > > > > > > > > on picking the most consistent names possible.
> > > > > > > > > >
> > > > > > > > > > I would prefer that we do not prompt, and simply fail
> > > > > > > > > > fast, given that tools will typically be consuming the
> > > > > > > > > > cli. Or we should at least
> > > > > > > > > provide a
> > > > > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > > > > config.xml-able
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > @purplecabbage
> > > > > > > > > > risingj.com
> > > > > > > > > >
> > > > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > > > > <clantz@microsoft.com
> > > > > > >
> > > > > > > > > wrote:
> > > > > > > > > >
> > > > > > > > > > > One option here could be to build off of the idea of
> > > > > > > > > > > the
> > > > "res"
> > > > > > > > > > > folder
> > > > > > > > > > that
> > > > > > > > > > > is in the current samples for splashscreens and
> > > > > > > > > > > icons and introduce something like "res/native".
> > > > > > > > > > > Files placed here would
> > > > > > be
> > > > > > > > > > > put into the native project folders "before_prepare"
> > > > > > > > > > > and would be further enhanced
> > > > > > > > > by
> > > > > > > > > > > the plugin and build infrastructure. This would
> > > > > > > > > > > allow you to place customized native assets that are
> > > > > > > > > > > unique to your project in a place
> > > > > > > > > that
> > > > > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > > > > >
> > > > > > > > > > > Andrew's environment variable idea could also
> > > > > > > > > > > provide an
> > > > > > alternate
> > > > > > > > > means
> > > > > > > > > > > to specify platform specific values (what Soak
> > > > > > > > > > > mentions in the {
> > > > > > > }).
> > > > > > > > > > >
> > > > > > > > > > > -Chuck
> > > > > > > > > > >
> > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > From: Frederico Galvão
> > > > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > >
> > > > > > > > > > > I agree with pretty much everything mentioned, but
> > > > > > > > > > > as far as I know cordova is trying it's best to not
> > > > > > > > > > > depend on anything to be in
> > /platforms/<TARGET_PLATFORM>/.
> > > > > > > > > > > Having said that, the package command
> > > > > > > > > > should
> > > > > > > > > > > always expect things to be in config.xml or
> > > > > > > > > > > something like
> > > > > that.
> > > > > > > > > > >
> > > > > > > > > > > Also, the closer we are in naming things to what
> > > > > > > > > > > they are already known
> > > > > > > > > > as
> > > > > > > > > > > in the native platform, the better.
> > > > > > > > > > >
> > > > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > > > > <Subhag.Oak@microsoft.com
> > > > > > >:
> > > > > > > > > > >
> > > > > > > > > > > > Hey Cordova community,
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > I am Subhag Oak, senior program manager on the
> > > > > > > > > > > > Visual Studio team working on VS tools for Multi
> > > > > > > > > > > > device hybrid apps. In line with the discussion of
> > > > > > > > > > > > having a generic
> > > > > Cordova ‘packaging’
> > > > > > > > > > > > command for all platforms, here is one
> > > > > > > > > > > > proposal:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > As we all know, packaging an application for
> > > > > > > > > > > > deployment
> > > > > > requires
> > > > > > > > > extra
> > > > > > > > > > > > steps that are specific to the native platforms.
> > > > > > > > > > > > A new generic Cordova CLI ‘package’ command can
> > > > > > > > > > > > perform these platform specific actions to
> > > > > > > > > > > > generate a final signed package ready for
> > > > > > > > deployment:
> > > > > > > > > > > >
> > > > > > > > > > > > cordova package [platform]
> > > > > > > > > > > > [--packageConfiguration]
> > > > > > > > > > > > {-- –-sign[location]
> > > > > > > > > > > > -- –-embed[location] -- --signIdentity[location]},
> > > > > > > > > > > > where all
> > > > > > the
> > > > > > > > > > > > parameters within { } are platform specific
> overrides.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > If no platform is specified, the command will
> > > > > > > > > > > > build packages
> > > > > > for
> > > > > > > > > > > > all platforms added.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > The values for –packageConfiguration are
> > > > > > > > > > > > interpreted by the
> > > > > > > > > respective
> > > > > > > > > > > > platforms. For Android and Windows, the value can
> > > > > > > > > > > > be debug or
> > > > > > > > > release,
> > > > > > > > > > > > with release being the default value. For iOS,
> > > > > > > > > > > > the possible values are development, adhoc or
> > > > > > > > > > > > store with development being the default value.
> > > > > > > > > > > > The
> > > > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are
> > > > > > > > > > > > optional iOS specific signing arguments for
> > > > > > > > > > > > specifying the location of
> > > > > > > > > code-signing
> > > > > > > > > > > > certificate, the provisioning profile or the code
> > > > > > > > > > > > signing identity (certificates along with public
> > > > > > > > > > > > and private keys)
> > > > > > > > respectively.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > e.g:
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘cordova package iOS’ would generate a
> signed
> > > ipa
> > > > > > with
> > > > > > > > > > > > development profile, using code signing identity
> > > > > > > > > > > > defined in
> > > > > > > > > > > build.xcconfig:
> > > > > > > > > > > >
> > > > > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > > > > >
> > > > > > > > > > > > // security find-identity | sed -n
> > > > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > > > > >
> > > > > > > > > > > > // generic 'iPhone Developer' (no quotes) will
> > > > > > > > > > > > match the right Identity with the right
> > > > > > > > > > > > Provisioning // Profile plus Certificate, based on
> > > > > > > > > > > > the app bundle id
> > > > > > > > > > > >
> > > > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘cordova package android’ would generate a
> > > > release
> > > > > > > signed
> > > > > > > > > > using
> > > > > > > > > > > > the packaging assets (keystore, alias and
> > > > > > > > > > > > password) defined in the ant.properties files
> > > > > > > > > > > > using the ANT
> > build.
> > > > > > > > > > > > This would be using gradle.propoerties once
> > > > > > > > > > > > cordova changes to gradle build like the one
> > > > > > > > > > > > Andrew mentions
> > > below.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > · ‘Cordova package windows’ would generate a
> > > signed
> > > > > > APPX
> > > > > > > > > > package.
> > > > > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > > > > >
> > > > > > > > > > > > • An unsigned packaged Windows
> Store
> > > > app,
> > > > > > for
> > > > > > > > > > example,
> > > > > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > > > > >
> > > > > > > > > > > > • A valid code signing
> certificate,
> > > for
> > > > > > > > example, a
> > > > > > > > > > > > Personal Information Exchange (.pfx) file created
> > > > > > > > > > > > with the MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > > > > > >
> > > > > > > > > > > > • SignTool, which is part of the
> > > Windows
> > > > > SDK
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Here is how the package command should work. The
> > > > > > > > > > > > proposal is to make the ‘package’ command work on
> > > > > > > > > > > > convention (similar to the Cordova
> > > > > > > > > build
> > > > > > > > > > > > command) rather than config settings. The command
> > > > > > > > > > > > would look
> > > > > > out
> > > > > > > > > > > > for packaging assets in the “platform\
> > [native-platform]”
> > > > > > folder.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > > > > (keystore, password, alias and alias password)
> > > > > > > > > > > > would be used for
> > > > > > packaging.
> > > > > > > > > > > > If any of
> > > > > > > > > these
> > > > > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > > > > gradle.properties for gradle build] or if the file
> > > > > > > > > > > > is missing, the command would prompt the user for
> > > > > > > > > > > > these value at the command prompt. If the values
> > > > > > > > > > > > provided
> > > > > > > > > are
> > > > > > > > > > > > invalid, the command would fail.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For iOS, the contents of build.xcconfig specify
> > > > > > > > > > > > the code-sign certificate and the provisioning
> > > > > > > > > > > > profile to be used. The
> > > > > > default
> > > > > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > > > > information by build profile based on the
> > > > > > > > > > > > configuration defined in the
> > > > > > command.
> > > > > > > > > > > > Build.xcconfig can also support signing identities
> > > > > > > > > > > > that tie the code-sign certificate with the
> > > > > > > > > > > > provisioning
> > > > profile.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Tools like VS and other IDEs, which use cordova
> > > > > > > > > > > > CLI, may need
> > > > > > an
> > > > > > > > > > > > explicit way to specify certs/profile for
> > > > > > > > > > > > packaging for iOS (since
> > > > > > > > > the
> > > > > > > > > > > > build needs to happen on MAC agent) instead of the
> > > > > > > > > > > > assets being defined in the build.xcconfig. One
> > > > > > > > > > > > way to allow this is by
> > > > > > using
> > > > > > > > > > > > optional platform specific arguments to the
> > > > > > > > > > > > package command
> > > > > > like:
> > > > > > > > > > > >
> > > > > > > > > > > > Cordova package iOS --development --sign
> > > > “d:\cert\mycert.cer”
> > > > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > > > > >
> > > > > > > > > > > > This command will run the xcrun command to
> > > > > > > > > > > > generate a signed
> > > > > > IPA
> > > > > > > > > > > > with development provisioning profile.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > > > > feedback on this
> > > > > > > > > > > proposal.
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > > > > >
> > > > > > > > > > > > Visual Studio, Client Tools
> > > > > > > > > > > >
> > > > > > > > > > > > soak@microsoft.com
> > > > > > > > > > > >
> > > > > > > > > > > > 425 707 5598 office
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > > From: agrieve@google.com
> > > > > > > > > > > > [mailto:agrieve@google.com] On Behalf Of Andrew
> > > > > > > > > > > > Grieve
> > > > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > > > > To: Shazron
> > > > > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > For Android Gradle, what's in (and experimental)
> > > > > > > > > > > > right
> > > now:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Environment variable
> "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > > > > points
> > > > > > to
> > > > > > > > > > > > a .properties file that contains:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > > > > >
> > > > > > > > > > > > storePassword=SECRET1
> > > > > > > > > > > >
> > > > > > > > > > > > storeType=pkcs12
> > > > > > > > > > > >
> > > > > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > > > > >
> > > > > > > > > > > > keyPassword=SECRET2
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Topics to discuss:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > 1) Combine platform info into one file, or leave
> > > separate?
> > > > > > > > > > > >
> > > > > > > > > > > > - Leaning towards together
> > > > > > > > > > > >
> > > > > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > > > > >
> > > > > > > > > > > > - I think no, since signing info you often want to
> > > > > > > > > > > > not check in /
> > > > > > > > > keep
> > > > > > > > > > > > secure
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Strawman:
> > > > > > > > > > > >
> > > > > > > > > > > > If a file "cordova-keys.json" exists as a sibling
> > > > > > > > > > > > to www/, then use it. It should look like:
> > > > > > > > > > > >
> > > > > > > > > > > > {
> > > > > > > > > > > >
> > > > > > > > > > > > "android": {
> > > > > > > > > > > >
> > > > > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > > > > >
> > > > > > > > > > > > ...
> > > > > > > > > > > >
> > > > > > > > > > > > },
> > > > > > > > > > > >
> > > > > > > > > > > > "ios": {
> > > > > > > > > > > >
> > > > > > > > > > > > },
> > > > > > > > > > > >
> > > > > > > > > > > > ...
> > > > > > > > > > > >
> > > > > > > > > > > > }
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > Android signs debug builds as well (not sure if
> > > > > > > > > > > > other platforms do this too?), so maybe also allow
> > > > > > > > > > > >
> > > > > > > > > > > > "android-release" as an alias for "android", and
> > > > > > > > > > > >
> > > > > > > > > > > > "android-debug"
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > > > > <shazron@gmail.com
> > > > > > > <mailto:
> > > > > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > > > > >
> > > > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > > > > >
> > > > > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > > > > >
> > > > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsq
> > > > > > > > > > > > > nm
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > Seems to be of great value - so let's get going
> > > > > > > > > > > > > on this
> > > > > > > > > > > > > ;)
> > > > > > The
> > > > > > > > > > > > > CLI has
> > > > > > > > > > > >
> > > > > > > > > > > > > (I think) matured more since then to allow this
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > > > > williams
> > > > > > > > > > > >
> > > > > > > > > > > > > <to...@devgeeks.org>>
> > > > > > > > > > > >
> > > > > > > > > > > > > wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > Frederico’s workflow is the same as ours. I
> > > > > > > > > > > > > > would love to see
> > > > > > > > > > > >
> > > > > > > > > > > > > > something happen To improve this, the less
> > > > > > > > > > > > > > time I spend in Xcode,
> > > > > > > > > > > >
> > > > > > > > > > > > > > the happier I am
> > > > > > > > > > > >
> > > > > > > > > > > > > ;)
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão
> > > > > > > > > > > > > > (
> > > > > > > > > > > >
> > > > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > > > > "cordova build
> > > > > > > > > android
> > > > > > > > > > > >
> > > > > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > > > > .properties properly
> > > > > > > > > > > >
> > > > > > > > > > > > > configured
> > > > > > > > > > > >
> > > > > > > > > > > > > > in my platform/android folder, specifying the
> > > > > > > > > > > > > > path and name to my
> > > > > > > > > > > >
> > > > > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > > > > already gives me
> > > > > > > > > > > >
> > > > > > > > > > > > > > the signed and ready .apk, all I have to do is
> > > > > > > > > > > > > > upload it to
> > > > > > > > > > > > play.google.com.
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > I have never, however, used cordova's CLI to
> > > > > > > > > > > > > > build the
> > > > > > final
> > > > > > > > > > > >
> > > > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is
> > > > > > > > > > > > > > run "cordova
> > > > > > > > > > > >
> > > > > > > > > > > > > > prepare", and use xCode
> > > > > > > > > > > >
> > > > > > > > > > > > > from
> > > > > > > > > > > >
> > > > > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram
> > > > > > > > > > > > > > Narasimhan (MS OPEN
> > > > > > > > > > > > > > TECH) <
> > > > > > > > > > > >
> > > > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microso
> > > > > > > > > > > > > > ft
> > > > > > > > > > > > > > .c
> > > > > > > > > > > > > > om
> > > > >>:
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > How about a "cordova package" command, that
> > > > > > > > > > > > > > > would be for packaging
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > app
> > > > > > > > > > > >
> > > > > > > > > > > > > > > for the store? Note that different platforms
> > > > > > > > > > > > > > > may have different
> > > > > > > > > > > >
> > > > > > > > > > > > > > > requirements for certs, signing etc. So it
> > > > > > > > > > > > > > > may make sense to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > promote
> > > > > > > > > > > >
> > > > > > > > > > > > > this
> > > > > > > > > > > >
> > > > > > > > > > > > > > > to a different command and let each command
> > > > > > > > > > > > > > > take care of packaging
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > app
> > > > > > > > > > > >
> > > > > > > > > > > > > > > for the store. This command will also mean
> > > > > > > > > > > > > > > that
> > > > > > developers
> > > > > > > > > don’t
> > > > > > > > > > > >
> > > > > > > > > > > > > > > have
> > > > > > > > > > > >
> > > > > > > > > > > > > to
> > > > > > > > > > > >
> > > > > > > > > > > > > > go
> > > > > > > > > > > >
> > > > > > > > > > > > > > > over to the native projects when they
> > > > > > > > > > > > > > > finally want to publish
> > > > > > > > > > > >
> > > > > > > > > > > > > > > their
> > > > > > > > > > > >
> > > > > > > > > > > > > apps
> > > > > > > > > > > >
> > > > > > > > > > > > > > to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > the store.
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > >
> > > > > > > > > > > > > > > From: Josh Soref
> > > > > > > > > > > > > > > [mailto:jsoref@blackberry.com]
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > > > > >
> > > > > > > > > > > > > > > To: dev
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > if you do:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > Cordova build --release,
> > > > > > > > > > > >
> > > > > > > > > > > > > > > The blackberry10 platform will generate a
> > > > > > > > > > > > > > > signed
> > > > > image...
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > > > > agrieve@chromium.org
> > > > > > > > > > <mailto:
> > > > > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >AFAIK, I don't think there's any technical
> > > > roadblocks.
> > > > > > > > > > > > > > > >Just need
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >a proposal for how it should look, and then
> > > > > > > > > > > > > > > >a patch & docs to add
> > > > > > > > > > > > it!
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >For Android's hot-off-the-press gradle
> > > > > > > > > > > > > > > >support, you can set an
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > > > > >.properties file for
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >signing builds. This shows one way to go
> > > > > > > > > > > > > > > >about it, but I'm not in
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >love with
> > > > > > > > > > > >
> > > > > > > > > > > > > the
> > > > > > > > > > > >
> > > > > > > > > > > > > > > .properties idea.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > > > > > >
> > > > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor
> > > > > > > > > > > > > > > >@g
> > > > > > > > > > > > > > > >ma
> > > > > > > > > > > > > > > >il.c
> > > > > > > > > > > > > > > >om>>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >wrote:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Hi community.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Been looking at this topic and wondering
> > > > > > > > > > > > > > > >> why the build command
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>does not create signed archives. Digging a
> > > > > > > > > > > > > > > >>little bit found a
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>lot of differences in the platforms to
> > > > > > > > > > > > > > > >>create these
> > > > > > > > archives.
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > > > > >> Export your
> > > > > > APK
> > > > > > > > > > > > > > > >> in
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> release mode (--release flag) 2. Sign
> > > > > > > > > > > > > > > >> your APK (you already
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> need a RSA key)
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > > > > >> (--release
> > > > > > seems
> > > > > > > > > > > > > > > >> to
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> export
> > > > > > > > > > > >
> > > > > > > > > > > > > for
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>emulator only) 2. Either use XCode
> > > > > > > > > > > > > > > >>(UI-based) and sign the
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> process)
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Besides these differences, what is
> > > > > > > > > > > > > > > >> preventing Cordova from
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> providing a generic one-way to build
> > > > > > > > > > > > > > > >> these signed,
> > > > > > > > > > > > ready-to-publish archives?
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Perhaps I'm missing something here...? I
> > > > > > > > > > > > > > > >> really appreciate your
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>insights on this topic
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Thanks!
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> --
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > > > > >
> > > > > > > > > > > > > > > >>
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > --------------------------------------------------------
> > > > > > > > > --
> > > > > > > > > --
> > > > > > > > > ----
> > > > > > > > > > > > > > > --
> > > > > > > > > > > >
> > > > > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > > > > >
> > > > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > > > > <mailto:
> > > > > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > --
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > > > *
> > > > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com.br
> > > > > > > > > > > > > > >
> > > > > > > > > > > > > > <
> > > > > > > > > > > > http://www.pontoget.com/>
> > > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > --
> > > > > > > > > > >
> > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > >
> > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > >
> > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > >
> > > > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > > ----------------------------------------------------------
> > > > > > > > --
> > > > > > > > --
> > > > > > > > ----
> > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > For additional commands, e-mail:
> > > > > > > > dev-help@cordova.apache.org
> > > > > > > >
> > > > > > > > ----------------------------------------------------------
> > > > > > > > --
> > > > > > > > --
> > > > > > > > ----
> > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > For additional commands, e-mail:
> > > > > > > > dev-help@cordova.apache.org
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Carlos Santana
> > > > > > > <cs...@gmail.com>
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > > Victor Adrian Sosa Herrera
> > > > > > > IBM Software Engineer
> > > > > > > Guadalajara, Jalisco
> > > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Victor Adrian Sosa Herrera
> > > > > IBM Software Engineer
> > > > > Guadalajara, Jalisco
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Victor Adrian Sosa Herrera
> > > > IBM Software Engineer
> > > > Guadalajara, Jalisco
> > > >
> > > B
> KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> > > [ X ܚX K K[XZ[
> > > ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> > > ] Z [ ܙ ݘK \ X K ܙ B
> > >
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
>
>
>
> --
> Carlos Santana
> <cs...@gmail.com>
>
RE: Build signed archives using CLI
Posted by Nikhil Khandelwal <ni...@microsoft.com>.
I just submitted a PR for this for Android: https://github.com/apache/cordova-android/pull/164
Here's the rough design:
- Build.json or command line args can be used to specify details required for packaging:
- Keystore
- Alias
- Keystore password
- Password
- Keystore type.
- Debug-signing.properties or release-signing.properties is created at prepare time to allow gradle or Ant build systems to pick up those properties and generate a signed archive.
- ‘Clean’ will delete these autogenerated .properties files.
- If no password is specified for release signing, Ant & gradle will prompt for passwords.
I will shortly have a PR to update the docs.
Thanks,
Nikhil
-----Original Message-----
From: Carlos Santana [mailto:csantana23@gmail.com]
Sent: Friday, February 13, 2015 2:28 PM
To: dev@cordova.apache.org
Subject: Re: Build signed archives using CLI
Thanks Nikhil I see this as a very good and important feature to have in our CLI stack
On Fri, Feb 13, 2015 at 4:48 PM, Nikhil Khandelwal <ni...@microsoft.com>
wrote:
> I'm taking this over from Dan. I like the idea of having the release
> signing information persisted in a json file.
>
> I have made some updates on the specific issue of how keys/passwords
> can be passed through CLI and JSON:
>
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
> L1auAMGFM/edit#
>
> I'm still going through the details of packaging requirements of each
> platform. I expect to add some more details on how the packaging
> process will work with individual platform build systems in the coming
> days. I will update this thread when I do so.
>
> Here's the main JIRA with platform specific tasks here:
> https://issues.apache.org/jira/browse/CB-8483. I would love to
> collaborate with others who are interested in this area. Specifically,
> I plan to take up the task of implementing this for Android first.
>
> Thanks,
> Nikhil
>
>
> -----Original Message-----
> From: Victor Sosa [mailto:sosah.victor@gmail.com]
> Sent: Tuesday, February 10, 2015 2:29 PM
> To: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> I'm leaning to Andrew and Omar's idea. I like the idea of having a
> file where all the platform-specific information will be stored, then
> each platform will take that information to sign the archive and
> produce a usable, I mean ready-to-distribute, binary.
>
> As for Omar's comment, I also concur there. If a user has the signing
> info in gradle or ant properties and that info is also provided in the
> new file discussed here, then it should take precedence and override
> the platform-specific one.
>
> Wondering if Dan is feeling OK now and ready to be back in the game :D
>
> 2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
>
> > +1 for having an additional file to abstract away all the platform
> > specific stuff. Currently, we support both gradle and ant for
> > android for example, I think it wouldn't make sense for end-users to
> > have to change their specs depending on what specific tool is used
> > behind the
> scenes.
> > Maybe we could also copy those properties to specific files during
> > build or prepare ? [copy from cordova's to ant.properties]
> >
> >
> > Thanks,
> > Mefire
> >
> > -----Original Message-----
> > From: Chuck Lantz [mailto:clantz@microsoft.com]
> > Sent: Wednesday, January 28, 2015 10:30 AM
> > To: dev@cordova.apache.org
> > Subject: RE: Build signed archives using CLI
> >
> > Yeah personally I am thinking that - particularly if we treat
> > platforms as dependencies in package.json as proposed - we'll need
> > some facility to set native build settings. We may be able to come
> > up with some sort of abstraction for this part, but I'm kind of
> > thinking we'll ultimately want a facility to include native build
> > property files (ant/gradle.properties, things like the signing
> > identity in build.xcconfig, etc) in the CLI project. That said, we
> > could have another facility for common settings like certs.
> >
> > -Chuck
> >
> > -----Original Message-----
> > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > Andrew Grieve
> > Sent: Wednesday, January 28, 2015 10:18 AM
> > To: dev
> > Subject: Re: Build signed archives using CLI
> >
> > Sounds good, let's wait until Dan is back to discuss. The main point
> > I'd like to cover is whether it'd be good to have layer of
> > indirection between cordova and the platform-specific files that
> > dictate signing
> info.
> >
> > E.g.:
> > Instead of using ant.properties / gradle.properties /
> > build.xcconfig,
> have:
> >
> > cordova-keys.json
> > {
> > ios: { identity: "", provisioning_profile: "" },
> > android-debug: { keystore: "", alias: "", password: "", type: "" },
> > android-release: { keystore: "", alias: "", password: "", type: "" }
> > ...
> > }
> >
> > Then, have a prepare step that makes the platforms do the right
> > thing
> >
> > (Note that for android it's important to have debug siging keys as
> > well since they are used for Play Services and Cloud Console APIs).
> >
> >
> >
> >
> >
> >
> > On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa
> > <so...@gmail.com>
> > wrote:
> >
> > > Yay!! Great news!
> > >
> > > Chuck, by any chance, do you have a link to the sandbox, or design
> > > doc or something worth to look at it? If no, we can wait until Dan
> > > is back (hope he feels better soon) I'm happy to help if needed.
> > >
> > > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> > >
> > > > Dan Levine whom some of you met at PhoneGap day actually has
> > > > been working on a PR based on Subhag's proposal for discussion -
> > > > he is out sick which
> > > is
> > > > why he didn't respond to this thread. I'll let him speak to it
> > > > once he's back but the good news is there is someone working on
> > > > something in this area.
> > > >
> > > > -Chuck
> > > >
> > > > -----Original Message-----
> > > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > > Sent: Wednesday, January 28, 2015 7:57 AM
> > > > To: dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > Hi Andrew.
> > > >
> > > > AFAICT, no one has done any work on this area, but I'd like to
> > > > add this topic to the hangout agenda, start discussing this. I
> > > > think Subhag has a very good design in the google doc in this
> > > > thread. We can start from
> > > there
> > > > and try to make this happen for a future release.
> > > >
> > > > Thoughts before adding it to the agenda?
> > > >
> > > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> > > >
> > > > > In anyone interested in working on any of this?
> > > > >
> > > > > Was just looking at it to see if there was anything I needed
> > > > > to do to add support to Android for release packaging.
> > > > >
> > > > > Main thing lacking to me is whether we should support
> > > > > specifying release key information outside of the platforms/android directory.
> > > > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > > > per-platform key locations & settings.
> > > > >
> > > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > > > <so...@gmail.com>
> > > > > wrote:
> > > > >
> > > > > > Hello Cordova community
> > > > > > Curious to know where we stand about this topic. Even though
> > > > > > this topic looks to have significant impact on Cordova,
> > > > > > Subhag has a document
> > > > > proposal
> > > > > > with little discussion activity.
> > > > > >
> > > > > > I like Subhag's proposal, but I want to bring back the idea
> > > > > > of a prompt-less keychain.
> > > > > >
> > > > > > Is anything else, besides what is depicted in the proposal,
> > > > > > missing
> > > > here?
> > > > > >
> > > > > > Document:
> > > > > >
> > > > > >
> > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfb
> > > > > iQ
> > > > > u9
> > > > > PuNB
> > > > > L1auAMGFM/edit?usp=sharing
> > > > > >
> > > > > >
> > > > > > ---------- Forwarded message ----------
> > > > > > From: Carlos Santana <cs...@gmail.com>
> > > > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > > > Subject: Re: Build signed archives using CLI
> > > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > > > >
> > > > > >
> > > > > > +1 on having a new command "cordova package" this will allow
> > > > > > +IBM tooling
> > > > > to
> > > > > > hook into before_package and after_package for our own
> > > > > > customizations (direct update, authenticity, etc..)
> > > > > > +1 on using sane defaults and not prompting (i.e. default
> > > > > > +keychain maybe
> > > > > > used and unlock already) if not found what we need then
> > > > > > prompt or fail
> > > > > > +1 have some config/settings outside "platforms/" as I like
> > > > > > +to be
> > > > > transient
> > > > > > replaceable. using config.xml, something.json, or file
> > > > > > conventions like res/packaging/<platform>/ are all ok options.
> > > > > >
> > > > > >
> > > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > > > <Su...@microsoft.com>
> > > > > > wrote:
> > > > > >
> > > > > > > Here is the link to the proposal:
> > > > > > >
> > > > > >
> > > > > >
> > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfb
> > > > > iQ
> > > > > u9
> > > > > PuNB
> > > > > L1auAMGFM/edit?usp=sharing
> > > > > > > Jump on it people :)
> > > > > > >
> > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > Client Tools soak@microsoft.com
> > > > > > > 425 707 5598 office
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > > > To: dev@cordova.apache.org
> > > > > > > Subject: RE: Build signed archives using CLI
> > > > > > >
> > > > > > > Adding to what Shazron said, isn't config.xml supposed to
> > > > > > > be considered as app-wide settings/properties? Typically
> > > > > > > packaging information is per platform and hence in my
> > > > > > > opinion, should be decoupled from config
> > > > > > settings.
> > > > > > > Jesse, I am working on a documentation that I will share
> > > > > > > out soon for
> > > > > > the
> > > > > > > community to collaborate.
> > > > > > >
> > > > > > > Subhag Oak | Senior Program Manager Visual Studio,
> > > > > > > Client Tools soak@microsoft.com
> > > > > > > 425 707 5598 office
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > > > To: dev@cordova.apache.org
> > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > >
> > > > > > > Liking Subhag's proposal.
> > > > > > > Agree with Jesse on using conventions as a default plus
> > > > > > > config.xml
> > > > > > > --
> > > > > > with
> > > > > > > overrides/env-vars possible. The only caveat for including
> > > > > > > info in the config.xml is, the config.xml data is copied
> > > > > > > into the iOS platform and
> > > > > > will
> > > > > > > be included in the .app bundle, and will leak information
> > > > > > > (even though harmless, since it shouldn't contain
> > > > > > > passwords,
> > > > > > > etc) -- so maybe that
> > > > > is
> > > > > > > not desirable, using config.xml.
> > > > > > >
> > > > > > > We will need to provide the password each time at least
> > > > > > > for iOS, since
> > > > > we
> > > > > > > need to unlock the keychain for code signing.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > > > <ag...@chromium.org>
> > > > > > > wrote:
> > > > > > >
> > > > > > > > The prompting is actually pretty appropriate here since
> > > > > > > > passwords are involved I think. I think also that keys
> > > > > > > > will often not be checked into source control, but maybe
> > > > > > > > the best way to support that is to allow multiple ways
> > > > > > > > of specifying things (e.g. default to convention, allow
> > > > > > > > override via config.xml, allow override via command-line
> > > > > > > > & env variable as well)
> > > > > > > >
> > > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > > > <pu...@gmail.com>
> > > > > wrote:
> > > > > > > >
> > > > > > > > > I am liking all of this.
> > > > > > > > > Are we ready to move this to an editable plaintext doc
> > > > > > > > > to
> > > > > collaborate
> > > > > > > on?
> > > > > > > > >
> > > > > > > > > I agree that we should take advantage of as much
> > > > > > > > > 'by-convention' as we
> > > > > > > > can,
> > > > > > > > > meaning things like `cordova package ios` defaults to
> > > > > > > > > a code sign
> > > > > > > > identity
> > > > > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > > > > > >
> > > > > > > > > If it does not make sense as a convention, then I too
> > > > > > > > > would like to see
> > > > > > > > as
> > > > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > > > points out,
> > > > > and
> > > > > > > > agree
> > > > > > > > > on picking the most consistent names possible.
> > > > > > > > >
> > > > > > > > > I would prefer that we do not prompt, and simply fail
> > > > > > > > > fast, given that tools will typically be consuming the
> > > > > > > > > cli. Or we should at least
> > > > > > > > provide a
> > > > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > > > config.xml-able
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > @purplecabbage
> > > > > > > > > risingj.com
> > > > > > > > >
> > > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > > > <clantz@microsoft.com
> > > > > >
> > > > > > > > wrote:
> > > > > > > > >
> > > > > > > > > > One option here could be to build off of the idea of
> > > > > > > > > > the
> > > "res"
> > > > > > > > > > folder
> > > > > > > > > that
> > > > > > > > > > is in the current samples for splashscreens and
> > > > > > > > > > icons and introduce something like "res/native".
> > > > > > > > > > Files placed here would
> > > > > be
> > > > > > > > > > put into the native project folders "before_prepare"
> > > > > > > > > > and would be further enhanced
> > > > > > > > by
> > > > > > > > > > the plugin and build infrastructure. This would
> > > > > > > > > > allow you to place customized native assets that are
> > > > > > > > > > unique to your project in a place
> > > > > > > > that
> > > > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > > > >
> > > > > > > > > > Andrew's environment variable idea could also
> > > > > > > > > > provide an
> > > > > alternate
> > > > > > > > means
> > > > > > > > > > to specify platform specific values (what Soak
> > > > > > > > > > mentions in the {
> > > > > > }).
> > > > > > > > > >
> > > > > > > > > > -Chuck
> > > > > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > > > > > From: Frederico Galvão
> > > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > >
> > > > > > > > > > I agree with pretty much everything mentioned, but
> > > > > > > > > > as far as I know cordova is trying it's best to not
> > > > > > > > > > depend on anything to be in
> /platforms/<TARGET_PLATFORM>/.
> > > > > > > > > > Having said that, the package command
> > > > > > > > > should
> > > > > > > > > > always expect things to be in config.xml or
> > > > > > > > > > something like
> > > > that.
> > > > > > > > > >
> > > > > > > > > > Also, the closer we are in naming things to what
> > > > > > > > > > they are already known
> > > > > > > > > as
> > > > > > > > > > in the native platform, the better.
> > > > > > > > > >
> > > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > > > <Subhag.Oak@microsoft.com
> > > > > >:
> > > > > > > > > >
> > > > > > > > > > > Hey Cordova community,
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > I am Subhag Oak, senior program manager on the
> > > > > > > > > > > Visual Studio team working on VS tools for Multi
> > > > > > > > > > > device hybrid apps. In line with the discussion of
> > > > > > > > > > > having a generic
> > > > Cordova ‘packaging’
> > > > > > > > > > > command for all platforms, here is one
> > > > > > > > > > > proposal:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > As we all know, packaging an application for
> > > > > > > > > > > deployment
> > > > > requires
> > > > > > > > extra
> > > > > > > > > > > steps that are specific to the native platforms.
> > > > > > > > > > > A new generic Cordova CLI ‘package’ command can
> > > > > > > > > > > perform these platform specific actions to
> > > > > > > > > > > generate a final signed package ready for
> > > > > > > deployment:
> > > > > > > > > > >
> > > > > > > > > > > cordova package [platform]
> > > > > > > > > > > [--packageConfiguration]
> > > > > > > > > > > {-- –-sign[location]
> > > > > > > > > > > -- –-embed[location] -- --signIdentity[location]},
> > > > > > > > > > > where all
> > > > > the
> > > > > > > > > > > parameters within { } are platform specific overrides.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > If no platform is specified, the command will
> > > > > > > > > > > build packages
> > > > > for
> > > > > > > > > > > all platforms added.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > The values for –packageConfiguration are
> > > > > > > > > > > interpreted by the
> > > > > > > > respective
> > > > > > > > > > > platforms. For Android and Windows, the value can
> > > > > > > > > > > be debug or
> > > > > > > > release,
> > > > > > > > > > > with release being the default value. For iOS,
> > > > > > > > > > > the possible values are development, adhoc or
> > > > > > > > > > > store with development being the default value.
> > > > > > > > > > > The
> > > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are
> > > > > > > > > > > optional iOS specific signing arguments for
> > > > > > > > > > > specifying the location of
> > > > > > > > code-signing
> > > > > > > > > > > certificate, the provisioning profile or the code
> > > > > > > > > > > signing identity (certificates along with public
> > > > > > > > > > > and private keys)
> > > > > > > respectively.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > e.g:
> > > > > > > > > > >
> > > > > > > > > > > · ‘cordova package iOS’ would generate a signed
> > ipa
> > > > > with
> > > > > > > > > > > development profile, using code signing identity
> > > > > > > > > > > defined in
> > > > > > > > > > build.xcconfig:
> > > > > > > > > > >
> > > > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > > > >
> > > > > > > > > > > // security find-identity | sed -n
> > > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > > > >
> > > > > > > > > > > // generic 'iPhone Developer' (no quotes) will
> > > > > > > > > > > match the right Identity with the right
> > > > > > > > > > > Provisioning // Profile plus Certificate, based on
> > > > > > > > > > > the app bundle id
> > > > > > > > > > >
> > > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > · ‘cordova package android’ would generate a
> > > release
> > > > > > signed
> > > > > > > > > using
> > > > > > > > > > > the packaging assets (keystore, alias and
> > > > > > > > > > > password) defined in the ant.properties files
> > > > > > > > > > > using the ANT
> build.
> > > > > > > > > > > This would be using gradle.propoerties once
> > > > > > > > > > > cordova changes to gradle build like the one
> > > > > > > > > > > Andrew mentions
> > below.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > · ‘Cordova package windows’ would generate a
> > signed
> > > > > APPX
> > > > > > > > > package.
> > > > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > > > >
> > > > > > > > > > > • An unsigned packaged Windows Store
> > > app,
> > > > > for
> > > > > > > > > example,
> > > > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > > > >
> > > > > > > > > > > • A valid code signing certificate,
> > for
> > > > > > > example, a
> > > > > > > > > > > Personal Information Exchange (.pfx) file created
> > > > > > > > > > > with the MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > > > > >
> > > > > > > > > > > • SignTool, which is part of the
> > Windows
> > > > SDK
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Here is how the package command should work. The
> > > > > > > > > > > proposal is to make the ‘package’ command work on
> > > > > > > > > > > convention (similar to the Cordova
> > > > > > > > build
> > > > > > > > > > > command) rather than config settings. The command
> > > > > > > > > > > would look
> > > > > out
> > > > > > > > > > > for packaging assets in the “platform\
> [native-platform]”
> > > > > folder.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > > > (keystore, password, alias and alias password)
> > > > > > > > > > > would be used for
> > > > > packaging.
> > > > > > > > > > > If any of
> > > > > > > > these
> > > > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > > > gradle.properties for gradle build] or if the file
> > > > > > > > > > > is missing, the command would prompt the user for
> > > > > > > > > > > these value at the command prompt. If the values
> > > > > > > > > > > provided
> > > > > > > > are
> > > > > > > > > > > invalid, the command would fail.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > For iOS, the contents of build.xcconfig specify
> > > > > > > > > > > the code-sign certificate and the provisioning
> > > > > > > > > > > profile to be used. The
> > > > > default
> > > > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > > > information by build profile based on the
> > > > > > > > > > > configuration defined in the
> > > > > command.
> > > > > > > > > > > Build.xcconfig can also support signing identities
> > > > > > > > > > > that tie the code-sign certificate with the
> > > > > > > > > > > provisioning
> > > profile.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Tools like VS and other IDEs, which use cordova
> > > > > > > > > > > CLI, may need
> > > > > an
> > > > > > > > > > > explicit way to specify certs/profile for
> > > > > > > > > > > packaging for iOS (since
> > > > > > > > the
> > > > > > > > > > > build needs to happen on MAC agent) instead of the
> > > > > > > > > > > assets being defined in the build.xcconfig. One
> > > > > > > > > > > way to allow this is by
> > > > > using
> > > > > > > > > > > optional platform specific arguments to the
> > > > > > > > > > > package command
> > > > > like:
> > > > > > > > > > >
> > > > > > > > > > > Cordova package iOS --development --sign
> > > “d:\cert\mycert.cer”
> > > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > > > >
> > > > > > > > > > > This command will run the xcrun command to
> > > > > > > > > > > generate a signed
> > > > > IPA
> > > > > > > > > > > with development provisioning profile.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > > > feedback on this
> > > > > > > > > > proposal.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > > > >
> > > > > > > > > > > Visual Studio, Client Tools
> > > > > > > > > > >
> > > > > > > > > > > soak@microsoft.com
> > > > > > > > > > >
> > > > > > > > > > > 425 707 5598 office
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > From: agrieve@google.com
> > > > > > > > > > > [mailto:agrieve@google.com] On Behalf Of Andrew
> > > > > > > > > > > Grieve
> > > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > > > To: Shazron
> > > > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > For Android Gradle, what's in (and experimental)
> > > > > > > > > > > right
> > now:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > > > points
> > > > > to
> > > > > > > > > > > a .properties file that contains:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > > > >
> > > > > > > > > > > storePassword=SECRET1
> > > > > > > > > > >
> > > > > > > > > > > storeType=pkcs12
> > > > > > > > > > >
> > > > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > > > >
> > > > > > > > > > > keyPassword=SECRET2
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Topics to discuss:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > 1) Combine platform info into one file, or leave
> > separate?
> > > > > > > > > > >
> > > > > > > > > > > - Leaning towards together
> > > > > > > > > > >
> > > > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > > > >
> > > > > > > > > > > - I think no, since signing info you often want to
> > > > > > > > > > > not check in /
> > > > > > > > keep
> > > > > > > > > > > secure
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Strawman:
> > > > > > > > > > >
> > > > > > > > > > > If a file "cordova-keys.json" exists as a sibling
> > > > > > > > > > > to www/, then use it. It should look like:
> > > > > > > > > > >
> > > > > > > > > > > {
> > > > > > > > > > >
> > > > > > > > > > > "android": {
> > > > > > > > > > >
> > > > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > > > >
> > > > > > > > > > > ...
> > > > > > > > > > >
> > > > > > > > > > > },
> > > > > > > > > > >
> > > > > > > > > > > "ios": {
> > > > > > > > > > >
> > > > > > > > > > > },
> > > > > > > > > > >
> > > > > > > > > > > ...
> > > > > > > > > > >
> > > > > > > > > > > }
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Android signs debug builds as well (not sure if
> > > > > > > > > > > other platforms do this too?), so maybe also allow
> > > > > > > > > > >
> > > > > > > > > > > "android-release" as an alias for "android", and
> > > > > > > > > > >
> > > > > > > > > > > "android-debug"
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > > > <shazron@gmail.com
> > > > > > <mailto:
> > > > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > > > >
> > > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > > > >
> > > > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > > > >
> > > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsq
> > > > > > > > > > > > nm
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > Seems to be of great value - so let's get going
> > > > > > > > > > > > on this
> > > > > > > > > > > > ;)
> > > > > The
> > > > > > > > > > > > CLI has
> > > > > > > > > > >
> > > > > > > > > > > > (I think) matured more since then to allow this
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > > > williams
> > > > > > > > > > >
> > > > > > > > > > > > <to...@devgeeks.org>>
> > > > > > > > > > >
> > > > > > > > > > > > wrote:
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > Frederico’s workflow is the same as ours. I
> > > > > > > > > > > > > would love to see
> > > > > > > > > > >
> > > > > > > > > > > > > something happen To improve this, the less
> > > > > > > > > > > > > time I spend in Xcode,
> > > > > > > > > > >
> > > > > > > > > > > > > the happier I am
> > > > > > > > > > >
> > > > > > > > > > > > ;)
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão
> > > > > > > > > > > > > (
> > > > > > > > > > >
> > > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > > > "cordova build
> > > > > > > > android
> > > > > > > > > > >
> > > > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > > > .properties properly
> > > > > > > > > > >
> > > > > > > > > > > > configured
> > > > > > > > > > >
> > > > > > > > > > > > > in my platform/android folder, specifying the
> > > > > > > > > > > > > path and name to my
> > > > > > > > > > >
> > > > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > > > already gives me
> > > > > > > > > > >
> > > > > > > > > > > > > the signed and ready .apk, all I have to do is
> > > > > > > > > > > > > upload it to
> > > > > > > > > > > play.google.com.
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > I have never, however, used cordova's CLI to
> > > > > > > > > > > > > build the
> > > > > final
> > > > > > > > > > >
> > > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is
> > > > > > > > > > > > > run "cordova
> > > > > > > > > > >
> > > > > > > > > > > > > prepare", and use xCode
> > > > > > > > > > >
> > > > > > > > > > > > from
> > > > > > > > > > >
> > > > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram
> > > > > > > > > > > > > Narasimhan (MS OPEN
> > > > > > > > > > > > > TECH) <
> > > > > > > > > > >
> > > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microso
> > > > > > > > > > > > > ft
> > > > > > > > > > > > > .c
> > > > > > > > > > > > > om
> > > >>:
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > How about a "cordova package" command, that
> > > > > > > > > > > > > > would be for packaging
> > > > > > > > > > >
> > > > > > > > > > > > > > the
> > > > > > > > > > >
> > > > > > > > > > > > > app
> > > > > > > > > > >
> > > > > > > > > > > > > > for the store? Note that different platforms
> > > > > > > > > > > > > > may have different
> > > > > > > > > > >
> > > > > > > > > > > > > > requirements for certs, signing etc. So it
> > > > > > > > > > > > > > may make sense to
> > > > > > > > > > >
> > > > > > > > > > > > > > promote
> > > > > > > > > > >
> > > > > > > > > > > > this
> > > > > > > > > > >
> > > > > > > > > > > > > > to a different command and let each command
> > > > > > > > > > > > > > take care of packaging
> > > > > > > > > > >
> > > > > > > > > > > > > > the
> > > > > > > > > > >
> > > > > > > > > > > > > app
> > > > > > > > > > >
> > > > > > > > > > > > > > for the store. This command will also mean
> > > > > > > > > > > > > > that
> > > > > developers
> > > > > > > > don’t
> > > > > > > > > > >
> > > > > > > > > > > > > > have
> > > > > > > > > > >
> > > > > > > > > > > > to
> > > > > > > > > > >
> > > > > > > > > > > > > go
> > > > > > > > > > >
> > > > > > > > > > > > > > over to the native projects when they
> > > > > > > > > > > > > > finally want to publish
> > > > > > > > > > >
> > > > > > > > > > > > > > their
> > > > > > > > > > >
> > > > > > > > > > > > apps
> > > > > > > > > > >
> > > > > > > > > > > > > to
> > > > > > > > > > >
> > > > > > > > > > > > > > the store.
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > >
> > > > > > > > > > > > > > From: Josh Soref
> > > > > > > > > > > > > > [mailto:jsoref@blackberry.com]
> > > > > > > > > > >
> > > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > > > >
> > > > > > > > > > > > > > To: dev
> > > > > > > > > > >
> > > > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > if you do:
> > > > > > > > > > >
> > > > > > > > > > > > > > Cordova build --release,
> > > > > > > > > > >
> > > > > > > > > > > > > > The blackberry10 platform will generate a
> > > > > > > > > > > > > > signed
> > > > image...
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > > > agrieve@chromium.org
> > > > > > > > > <mailto:
> > > > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > >AFAIK, I don't think there's any technical
> > > roadblocks.
> > > > > > > > > > > > > > >Just need
> > > > > > > > > > >
> > > > > > > > > > > > > > >a proposal for how it should look, and then
> > > > > > > > > > > > > > >a patch & docs to add
> > > > > > > > > > > it!
> > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > >For Android's hot-off-the-press gradle
> > > > > > > > > > > > > > >support, you can set an
> > > > > > > > > > >
> > > > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > > > >.properties file for
> > > > > > > > > > >
> > > > > > > > > > > > > > >signing builds. This shows one way to go
> > > > > > > > > > > > > > >about it, but I'm not in
> > > > > > > > > > >
> > > > > > > > > > > > > > >love with
> > > > > > > > > > >
> > > > > > > > > > > > the
> > > > > > > > > > >
> > > > > > > > > > > > > > .properties idea.
> > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > > > > >
> > > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor
> > > > > > > > > > > > > > >@g
> > > > > > > > > > > > > > >ma
> > > > > > > > > > > > > > >il.c
> > > > > > > > > > > > > > >om>>
> > > > > > > > > > >
> > > > > > > > > > > > > > >wrote:
> > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Hi community.
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Been looking at this topic and wondering
> > > > > > > > > > > > > > >> why the build command
> > > > > > > > > > >
> > > > > > > > > > > > > > >>does not create signed archives. Digging a
> > > > > > > > > > > > > > >>little bit found a
> > > > > > > > > > >
> > > > > > > > > > > > > > >>lot of differences in the platforms to
> > > > > > > > > > > > > > >>create these
> > > > > > > archives.
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > > > >> Export your
> > > > > APK
> > > > > > > > > > > > > > >> in
> > > > > > > > > > >
> > > > > > > > > > > > > > >> release mode (--release flag) 2. Sign
> > > > > > > > > > > > > > >> your APK (you already
> > > > > > > > > > >
> > > > > > > > > > > > > > >> need a RSA key)
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > > > >
> > > > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > > > >> (--release
> > > > > seems
> > > > > > > > > > > > > > >> to
> > > > > > > > > > >
> > > > > > > > > > > > > > >> export
> > > > > > > > > > >
> > > > > > > > > > > > for
> > > > > > > > > > >
> > > > > > > > > > > > > > >>emulator only) 2. Either use XCode
> > > > > > > > > > > > > > >>(UI-based) and sign the
> > > > > > > > > > >
> > > > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > > > >
> > > > > > > > > > > > > > >> process)
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Besides these differences, what is
> > > > > > > > > > > > > > >> preventing Cordova from
> > > > > > > > > > >
> > > > > > > > > > > > > > >> providing a generic one-way to build
> > > > > > > > > > > > > > >> these signed,
> > > > > > > > > > > ready-to-publish archives?
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Perhaps I'm missing something here...? I
> > > > > > > > > > > > > > >> really appreciate your
> > > > > > > > > > >
> > > > > > > > > > > > > > >>insights on this topic
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Thanks!
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> --
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > > > >
> > > > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > --------------------------------------------------------
> > > > > > > > --
> > > > > > > > --
> > > > > > > > ----
> > > > > > > > > > > > > > --
> > > > > > > > > > >
> > > > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > > > >
> > > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > > > <mailto:
> > > > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > --
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > *
> > > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com.br
> > > > > > > > > > > > > >
> > > > > > > > > > > > > <
> > > > > > > > > > > http://www.pontoget.com/>
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > --
> > > > > > > > > >
> > > > > > > > > > *Frederico Galvão*
> > > > > > > > > >
> > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > >
> > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > >
> > > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > ----------------------------------------------------------
> > > > > > > --
> > > > > > > --
> > > > > > > ----
> > > > > > > --- To unsubscribe, e-mail:
> > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > For additional commands, e-mail:
> > > > > > > dev-help@cordova.apache.org
> > > > > > >
> > > > > > > ----------------------------------------------------------
> > > > > > > --
> > > > > > > --
> > > > > > > ----
> > > > > > > --- To unsubscribe, e-mail:
> > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > For additional commands, e-mail:
> > > > > > > dev-help@cordova.apache.org
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Carlos Santana
> > > > > > <cs...@gmail.com>
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Victor Adrian Sosa Herrera
> > > > > > IBM Software Engineer
> > > > > > Guadalajara, Jalisco
> > > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Victor Adrian Sosa Herrera
> > > > IBM Software Engineer
> > > > Guadalajara, Jalisco
> > > >
> > >
> > >
> > >
> > > --
> > > Victor Adrian Sosa Herrera
> > > IBM Software Engineer
> > > Guadalajara, Jalisco
> > >
> > B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> > [ X ܚX K K[XZ[
> > ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> > ] Z [ ܙ ݘK \ X K ܙ B
> >
>
>
>
> --
> Victor Adrian Sosa Herrera
> IBM Software Engineer
> Guadalajara, Jalisco
>
--
Carlos Santana
<cs...@gmail.com>
Re: Build signed archives using CLI
Posted by Carlos Santana <cs...@gmail.com>.
Thanks Nikhil I see this as a very good and important feature to have in
our CLI stack
On Fri, Feb 13, 2015 at 4:48 PM, Nikhil Khandelwal <ni...@microsoft.com>
wrote:
> I'm taking this over from Dan. I like the idea of having the release
> signing information persisted in a json file.
>
> I have made some updates on the specific issue of how keys/passwords can
> be passed through CLI and JSON:
>
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit#
>
> I'm still going through the details of packaging requirements of each
> platform. I expect to add some more details on how the packaging process
> will work with individual platform build systems in the coming days. I will
> update this thread when I do so.
>
> Here's the main JIRA with platform specific tasks here:
> https://issues.apache.org/jira/browse/CB-8483. I would love to
> collaborate with others who are interested in this area. Specifically, I
> plan to take up the task of implementing this for Android first.
>
> Thanks,
> Nikhil
>
>
> -----Original Message-----
> From: Victor Sosa [mailto:sosah.victor@gmail.com]
> Sent: Tuesday, February 10, 2015 2:29 PM
> To: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> I'm leaning to Andrew and Omar's idea. I like the idea of having a file
> where all the platform-specific information will be stored, then each
> platform will take that information to sign the archive and produce a
> usable, I mean ready-to-distribute, binary.
>
> As for Omar's comment, I also concur there. If a user has the signing info
> in gradle or ant properties and that info is also provided in the new file
> discussed here, then it should take precedence and override the
> platform-specific one.
>
> Wondering if Dan is feeling OK now and ready to be back in the game :D
>
> 2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
>
> > +1 for having an additional file to abstract away all the platform
> > specific stuff. Currently, we support both gradle and ant for android
> > for example, I think it wouldn't make sense for end-users to have to
> > change their specs depending on what specific tool is used behind the
> scenes.
> > Maybe we could also copy those properties to specific files during
> > build or prepare ? [copy from cordova's to ant.properties]
> >
> >
> > Thanks,
> > Mefire
> >
> > -----Original Message-----
> > From: Chuck Lantz [mailto:clantz@microsoft.com]
> > Sent: Wednesday, January 28, 2015 10:30 AM
> > To: dev@cordova.apache.org
> > Subject: RE: Build signed archives using CLI
> >
> > Yeah personally I am thinking that - particularly if we treat
> > platforms as dependencies in package.json as proposed - we'll need
> > some facility to set native build settings. We may be able to come up
> > with some sort of abstraction for this part, but I'm kind of thinking
> > we'll ultimately want a facility to include native build property
> > files (ant/gradle.properties, things like the signing identity in
> > build.xcconfig, etc) in the CLI project. That said, we could have
> > another facility for common settings like certs.
> >
> > -Chuck
> >
> > -----Original Message-----
> > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > Andrew Grieve
> > Sent: Wednesday, January 28, 2015 10:18 AM
> > To: dev
> > Subject: Re: Build signed archives using CLI
> >
> > Sounds good, let's wait until Dan is back to discuss. The main point
> > I'd like to cover is whether it'd be good to have layer of indirection
> > between cordova and the platform-specific files that dictate signing
> info.
> >
> > E.g.:
> > Instead of using ant.properties / gradle.properties / build.xcconfig,
> have:
> >
> > cordova-keys.json
> > {
> > ios: { identity: "", provisioning_profile: "" },
> > android-debug: { keystore: "", alias: "", password: "", type: "" },
> > android-release: { keystore: "", alias: "", password: "", type: "" }
> > ...
> > }
> >
> > Then, have a prepare step that makes the platforms do the right thing
> >
> > (Note that for android it's important to have debug siging keys as
> > well since they are used for Play Services and Cloud Console APIs).
> >
> >
> >
> >
> >
> >
> > On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa <so...@gmail.com>
> > wrote:
> >
> > > Yay!! Great news!
> > >
> > > Chuck, by any chance, do you have a link to the sandbox, or design
> > > doc or something worth to look at it? If no, we can wait until Dan
> > > is back (hope he feels better soon) I'm happy to help if needed.
> > >
> > > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> > >
> > > > Dan Levine whom some of you met at PhoneGap day actually has been
> > > > working on a PR based on Subhag's proposal for discussion - he is
> > > > out sick which
> > > is
> > > > why he didn't respond to this thread. I'll let him speak to it
> > > > once he's back but the good news is there is someone working on
> > > > something in this area.
> > > >
> > > > -Chuck
> > > >
> > > > -----Original Message-----
> > > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > > Sent: Wednesday, January 28, 2015 7:57 AM
> > > > To: dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > Hi Andrew.
> > > >
> > > > AFAICT, no one has done any work on this area, but I'd like to add
> > > > this topic to the hangout agenda, start discussing this. I think
> > > > Subhag has a very good design in the google doc in this thread. We
> > > > can start from
> > > there
> > > > and try to make this happen for a future release.
> > > >
> > > > Thoughts before adding it to the agenda?
> > > >
> > > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> > > >
> > > > > In anyone interested in working on any of this?
> > > > >
> > > > > Was just looking at it to see if there was anything I needed to
> > > > > do to add support to Android for release packaging.
> > > > >
> > > > > Main thing lacking to me is whether we should support specifying
> > > > > release key information outside of the platforms/android directory.
> > > > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > > > per-platform key locations & settings.
> > > > >
> > > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > > > <so...@gmail.com>
> > > > > wrote:
> > > > >
> > > > > > Hello Cordova community
> > > > > > Curious to know where we stand about this topic. Even though
> > > > > > this topic looks to have significant impact on Cordova, Subhag
> > > > > > has a document
> > > > > proposal
> > > > > > with little discussion activity.
> > > > > >
> > > > > > I like Subhag's proposal, but I want to bring back the idea of
> > > > > > a prompt-less keychain.
> > > > > >
> > > > > > Is anything else, besides what is depicted in the proposal,
> > > > > > missing
> > > > here?
> > > > > >
> > > > > > Document:
> > > > > >
> > > > > >
> > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQ
> > > > > u9
> > > > > PuNB
> > > > > L1auAMGFM/edit?usp=sharing
> > > > > >
> > > > > >
> > > > > > ---------- Forwarded message ----------
> > > > > > From: Carlos Santana <cs...@gmail.com>
> > > > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > > > Subject: Re: Build signed archives using CLI
> > > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > > > >
> > > > > >
> > > > > > +1 on having a new command "cordova package" this will allow
> > > > > > +IBM tooling
> > > > > to
> > > > > > hook into before_package and after_package for our own
> > > > > > customizations (direct update, authenticity, etc..)
> > > > > > +1 on using sane defaults and not prompting (i.e. default
> > > > > > +keychain maybe
> > > > > > used and unlock already) if not found what we need then prompt
> > > > > > or fail
> > > > > > +1 have some config/settings outside "platforms/" as I like to
> > > > > > +be
> > > > > transient
> > > > > > replaceable. using config.xml, something.json, or file
> > > > > > conventions like res/packaging/<platform>/ are all ok options.
> > > > > >
> > > > > >
> > > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > > > <Su...@microsoft.com>
> > > > > > wrote:
> > > > > >
> > > > > > > Here is the link to the proposal:
> > > > > > >
> > > > > >
> > > > > >
> > > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQ
> > > > > u9
> > > > > PuNB
> > > > > L1auAMGFM/edit?usp=sharing
> > > > > > > Jump on it people :)
> > > > > > >
> > > > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > > > Tools soak@microsoft.com
> > > > > > > 425 707 5598 office
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > > > To: dev@cordova.apache.org
> > > > > > > Subject: RE: Build signed archives using CLI
> > > > > > >
> > > > > > > Adding to what Shazron said, isn't config.xml supposed to be
> > > > > > > considered as app-wide settings/properties? Typically
> > > > > > > packaging information is per platform and hence in my
> > > > > > > opinion, should be decoupled from config
> > > > > > settings.
> > > > > > > Jesse, I am working on a documentation that I will share out
> > > > > > > soon for
> > > > > > the
> > > > > > > community to collaborate.
> > > > > > >
> > > > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > > > Tools soak@microsoft.com
> > > > > > > 425 707 5598 office
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > > > To: dev@cordova.apache.org
> > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > >
> > > > > > > Liking Subhag's proposal.
> > > > > > > Agree with Jesse on using conventions as a default plus
> > > > > > > config.xml
> > > > > > > --
> > > > > > with
> > > > > > > overrides/env-vars possible. The only caveat for including
> > > > > > > info in the config.xml is, the config.xml data is copied
> > > > > > > into the iOS platform and
> > > > > > will
> > > > > > > be included in the .app bundle, and will leak information
> > > > > > > (even though harmless, since it shouldn't contain passwords,
> > > > > > > etc) -- so maybe that
> > > > > is
> > > > > > > not desirable, using config.xml.
> > > > > > >
> > > > > > > We will need to provide the password each time at least for
> > > > > > > iOS, since
> > > > > we
> > > > > > > need to unlock the keychain for code signing.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > > > <ag...@chromium.org>
> > > > > > > wrote:
> > > > > > >
> > > > > > > > The prompting is actually pretty appropriate here since
> > > > > > > > passwords are involved I think. I think also that keys
> > > > > > > > will often not be checked into source control, but maybe
> > > > > > > > the best way to support that is to allow multiple ways of
> > > > > > > > specifying things (e.g. default to convention, allow
> > > > > > > > override via config.xml, allow override via command-line &
> > > > > > > > env variable as well)
> > > > > > > >
> > > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > > > <pu...@gmail.com>
> > > > > wrote:
> > > > > > > >
> > > > > > > > > I am liking all of this.
> > > > > > > > > Are we ready to move this to an editable plaintext doc
> > > > > > > > > to
> > > > > collaborate
> > > > > > > on?
> > > > > > > > >
> > > > > > > > > I agree that we should take advantage of as much
> > > > > > > > > 'by-convention' as we
> > > > > > > > can,
> > > > > > > > > meaning things like `cordova package ios` defaults to a
> > > > > > > > > code sign
> > > > > > > > identity
> > > > > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > > > > > >
> > > > > > > > > If it does not make sense as a convention, then I too
> > > > > > > > > would like to see
> > > > > > > > as
> > > > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > > > points out,
> > > > > and
> > > > > > > > agree
> > > > > > > > > on picking the most consistent names possible.
> > > > > > > > >
> > > > > > > > > I would prefer that we do not prompt, and simply fail
> > > > > > > > > fast, given that tools will typically be consuming the
> > > > > > > > > cli. Or we should at least
> > > > > > > > provide a
> > > > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > > > config.xml-able
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > @purplecabbage
> > > > > > > > > risingj.com
> > > > > > > > >
> > > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > > > <clantz@microsoft.com
> > > > > >
> > > > > > > > wrote:
> > > > > > > > >
> > > > > > > > > > One option here could be to build off of the idea of
> > > > > > > > > > the
> > > "res"
> > > > > > > > > > folder
> > > > > > > > > that
> > > > > > > > > > is in the current samples for splashscreens and icons
> > > > > > > > > > and introduce something like "res/native". Files
> > > > > > > > > > placed here would
> > > > > be
> > > > > > > > > > put into the native project folders "before_prepare"
> > > > > > > > > > and would be further enhanced
> > > > > > > > by
> > > > > > > > > > the plugin and build infrastructure. This would allow
> > > > > > > > > > you to place customized native assets that are unique
> > > > > > > > > > to your project in a place
> > > > > > > > that
> > > > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > > > >
> > > > > > > > > > Andrew's environment variable idea could also provide
> > > > > > > > > > an
> > > > > alternate
> > > > > > > > means
> > > > > > > > > > to specify platform specific values (what Soak
> > > > > > > > > > mentions in the {
> > > > > > }).
> > > > > > > > > >
> > > > > > > > > > -Chuck
> > > > > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > > > > > From: Frederico Galvão
> > > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > >
> > > > > > > > > > I agree with pretty much everything mentioned, but as
> > > > > > > > > > far as I know cordova is trying it's best to not
> > > > > > > > > > depend on anything to be in
> /platforms/<TARGET_PLATFORM>/.
> > > > > > > > > > Having said that, the package command
> > > > > > > > > should
> > > > > > > > > > always expect things to be in config.xml or something
> > > > > > > > > > like
> > > > that.
> > > > > > > > > >
> > > > > > > > > > Also, the closer we are in naming things to what they
> > > > > > > > > > are already known
> > > > > > > > > as
> > > > > > > > > > in the native platform, the better.
> > > > > > > > > >
> > > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > > > <Subhag.Oak@microsoft.com
> > > > > >:
> > > > > > > > > >
> > > > > > > > > > > Hey Cordova community,
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > I am Subhag Oak, senior program manager on the
> > > > > > > > > > > Visual Studio team working on VS tools for Multi
> > > > > > > > > > > device hybrid apps. In line with the discussion of
> > > > > > > > > > > having a generic
> > > > Cordova ‘packaging’
> > > > > > > > > > > command for all platforms, here is one
> > > > > > > > > > > proposal:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > As we all know, packaging an application for
> > > > > > > > > > > deployment
> > > > > requires
> > > > > > > > extra
> > > > > > > > > > > steps that are specific to the native platforms. A
> > > > > > > > > > > new generic Cordova CLI ‘package’ command can
> > > > > > > > > > > perform these platform specific actions to generate
> > > > > > > > > > > a final signed package ready for
> > > > > > > deployment:
> > > > > > > > > > >
> > > > > > > > > > > cordova package [platform] [--packageConfiguration]
> > > > > > > > > > > {-- –-sign[location]
> > > > > > > > > > > -- –-embed[location] -- --signIdentity[location]},
> > > > > > > > > > > where all
> > > > > the
> > > > > > > > > > > parameters within { } are platform specific overrides.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > If no platform is specified, the command will build
> > > > > > > > > > > packages
> > > > > for
> > > > > > > > > > > all platforms added.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > The values for –packageConfiguration are interpreted
> > > > > > > > > > > by the
> > > > > > > > respective
> > > > > > > > > > > platforms. For Android and Windows, the value can be
> > > > > > > > > > > debug or
> > > > > > > > release,
> > > > > > > > > > > with release being the default value. For iOS, the
> > > > > > > > > > > possible values are development, adhoc or store with
> > > > > > > > > > > development being the default value. The
> > > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are
> > > > > > > > > > > optional iOS specific signing arguments for
> > > > > > > > > > > specifying the location of
> > > > > > > > code-signing
> > > > > > > > > > > certificate, the provisioning profile or the code
> > > > > > > > > > > signing identity (certificates along with public and
> > > > > > > > > > > private keys)
> > > > > > > respectively.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > e.g:
> > > > > > > > > > >
> > > > > > > > > > > · ‘cordova package iOS’ would generate a signed
> > ipa
> > > > > with
> > > > > > > > > > > development profile, using code signing identity
> > > > > > > > > > > defined in
> > > > > > > > > > build.xcconfig:
> > > > > > > > > > >
> > > > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > > > >
> > > > > > > > > > > // security find-identity | sed -n
> > > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > > > >
> > > > > > > > > > > // generic 'iPhone Developer' (no quotes) will match
> > > > > > > > > > > the right Identity with the right Provisioning //
> > > > > > > > > > > Profile plus Certificate, based on the app bundle id
> > > > > > > > > > >
> > > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > · ‘cordova package android’ would generate a
> > > release
> > > > > > signed
> > > > > > > > > using
> > > > > > > > > > > the packaging assets (keystore, alias and password)
> > > > > > > > > > > defined in the ant.properties files using the ANT
> build.
> > > > > > > > > > > This would be using gradle.propoerties once cordova
> > > > > > > > > > > changes to gradle build like the one Andrew mentions
> > below.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > · ‘Cordova package windows’ would generate a
> > signed
> > > > > APPX
> > > > > > > > > package.
> > > > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > > > >
> > > > > > > > > > > • An unsigned packaged Windows Store
> > > app,
> > > > > for
> > > > > > > > > example,
> > > > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > > > >
> > > > > > > > > > > • A valid code signing certificate,
> > for
> > > > > > > example, a
> > > > > > > > > > > Personal Information Exchange (.pfx) file created
> > > > > > > > > > > with the MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > > > > >
> > > > > > > > > > > • SignTool, which is part of the
> > Windows
> > > > SDK
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Here is how the package command should work. The
> > > > > > > > > > > proposal is to make the ‘package’ command work on
> > > > > > > > > > > convention (similar to the Cordova
> > > > > > > > build
> > > > > > > > > > > command) rather than config settings. The command
> > > > > > > > > > > would look
> > > > > out
> > > > > > > > > > > for packaging assets in the “platform\
> [native-platform]”
> > > > > folder.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > > > (keystore, password, alias and alias password) would
> > > > > > > > > > > be used for
> > > > > packaging.
> > > > > > > > > > > If any of
> > > > > > > > these
> > > > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > > > gradle.properties for gradle build] or if the file
> > > > > > > > > > > is missing, the command would prompt the user for
> > > > > > > > > > > these value at the command prompt. If the values
> > > > > > > > > > > provided
> > > > > > > > are
> > > > > > > > > > > invalid, the command would fail.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > For iOS, the contents of build.xcconfig specify the
> > > > > > > > > > > code-sign certificate and the provisioning profile
> > > > > > > > > > > to be used. The
> > > > > default
> > > > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > > > information by build profile based on the
> > > > > > > > > > > configuration defined in the
> > > > > command.
> > > > > > > > > > > Build.xcconfig can also support signing identities
> > > > > > > > > > > that tie the code-sign certificate with the
> > > > > > > > > > > provisioning
> > > profile.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Tools like VS and other IDEs, which use cordova CLI,
> > > > > > > > > > > may need
> > > > > an
> > > > > > > > > > > explicit way to specify certs/profile for packaging
> > > > > > > > > > > for iOS (since
> > > > > > > > the
> > > > > > > > > > > build needs to happen on MAC agent) instead of the
> > > > > > > > > > > assets being defined in the build.xcconfig. One way
> > > > > > > > > > > to allow this is by
> > > > > using
> > > > > > > > > > > optional platform specific arguments to the package
> > > > > > > > > > > command
> > > > > like:
> > > > > > > > > > >
> > > > > > > > > > > Cordova package iOS --development --sign
> > > “d:\cert\mycert.cer”
> > > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > > > >
> > > > > > > > > > > This command will run the xcrun command to generate
> > > > > > > > > > > a signed
> > > > > IPA
> > > > > > > > > > > with development provisioning profile.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > > > feedback on this
> > > > > > > > > > proposal.
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > > > >
> > > > > > > > > > > Visual Studio, Client Tools
> > > > > > > > > > >
> > > > > > > > > > > soak@microsoft.com
> > > > > > > > > > >
> > > > > > > > > > > 425 707 5598 office
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > -----Original Message-----
> > > > > > > > > > > From: agrieve@google.com [mailto:agrieve@google.com]
> > > > > > > > > > > On Behalf Of Andrew Grieve
> > > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > > > To: Shazron
> > > > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > For Android Gradle, what's in (and experimental)
> > > > > > > > > > > right
> > now:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > > > points
> > > > > to
> > > > > > > > > > > a .properties file that contains:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > > > >
> > > > > > > > > > > storePassword=SECRET1
> > > > > > > > > > >
> > > > > > > > > > > storeType=pkcs12
> > > > > > > > > > >
> > > > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > > > >
> > > > > > > > > > > keyPassword=SECRET2
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Topics to discuss:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > 1) Combine platform info into one file, or leave
> > separate?
> > > > > > > > > > >
> > > > > > > > > > > - Leaning towards together
> > > > > > > > > > >
> > > > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > > > >
> > > > > > > > > > > - I think no, since signing info you often want to
> > > > > > > > > > > not check in /
> > > > > > > > keep
> > > > > > > > > > > secure
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Strawman:
> > > > > > > > > > >
> > > > > > > > > > > If a file "cordova-keys.json" exists as a sibling to
> > > > > > > > > > > www/, then use it. It should look like:
> > > > > > > > > > >
> > > > > > > > > > > {
> > > > > > > > > > >
> > > > > > > > > > > "android": {
> > > > > > > > > > >
> > > > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > > > >
> > > > > > > > > > > ...
> > > > > > > > > > >
> > > > > > > > > > > },
> > > > > > > > > > >
> > > > > > > > > > > "ios": {
> > > > > > > > > > >
> > > > > > > > > > > },
> > > > > > > > > > >
> > > > > > > > > > > ...
> > > > > > > > > > >
> > > > > > > > > > > }
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > Android signs debug builds as well (not sure if
> > > > > > > > > > > other platforms do this too?), so maybe also allow
> > > > > > > > > > >
> > > > > > > > > > > "android-release" as an alias for "android", and
> > > > > > > > > > >
> > > > > > > > > > > "android-debug"
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > > > <shazron@gmail.com
> > > > > > <mailto:
> > > > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > > > >
> > > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > > > >
> > > > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > > > >
> > > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > Seems to be of great value - so let's get going on
> > > > > > > > > > > > this
> > > > > > > > > > > > ;)
> > > > > The
> > > > > > > > > > > > CLI has
> > > > > > > > > > >
> > > > > > > > > > > > (I think) matured more since then to allow this
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > > > williams
> > > > > > > > > > >
> > > > > > > > > > > > <to...@devgeeks.org>>
> > > > > > > > > > >
> > > > > > > > > > > > wrote:
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > Frederico’s workflow is the same as ours. I
> > > > > > > > > > > > > would love to see
> > > > > > > > > > >
> > > > > > > > > > > > > something happen To improve this, the less time
> > > > > > > > > > > > > I spend in Xcode,
> > > > > > > > > > >
> > > > > > > > > > > > > the happier I am
> > > > > > > > > > >
> > > > > > > > > > > > ;)
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > > > > > >
> > > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > > > "cordova build
> > > > > > > > android
> > > > > > > > > > >
> > > > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > > > .properties properly
> > > > > > > > > > >
> > > > > > > > > > > > configured
> > > > > > > > > > >
> > > > > > > > > > > > > in my platform/android folder, specifying the
> > > > > > > > > > > > > path and name to my
> > > > > > > > > > >
> > > > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > > > already gives me
> > > > > > > > > > >
> > > > > > > > > > > > > the signed and ready .apk, all I have to do is
> > > > > > > > > > > > > upload it to
> > > > > > > > > > > play.google.com.
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > I have never, however, used cordova's CLI to
> > > > > > > > > > > > > build the
> > > > > final
> > > > > > > > > > >
> > > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is
> > > > > > > > > > > > > run "cordova
> > > > > > > > > > >
> > > > > > > > > > > > > prepare", and use xCode
> > > > > > > > > > >
> > > > > > > > > > > > from
> > > > > > > > > > >
> > > > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan
> > > > > > > > > > > > > (MS OPEN
> > > > > > > > > > > > > TECH) <
> > > > > > > > > > >
> > > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microsoft
> > > > > > > > > > > > > .c
> > > > > > > > > > > > > om
> > > >>:
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > How about a "cordova package" command, that
> > > > > > > > > > > > > > would be for packaging
> > > > > > > > > > >
> > > > > > > > > > > > > > the
> > > > > > > > > > >
> > > > > > > > > > > > > app
> > > > > > > > > > >
> > > > > > > > > > > > > > for the store? Note that different platforms
> > > > > > > > > > > > > > may have different
> > > > > > > > > > >
> > > > > > > > > > > > > > requirements for certs, signing etc. So it may
> > > > > > > > > > > > > > make sense to
> > > > > > > > > > >
> > > > > > > > > > > > > > promote
> > > > > > > > > > >
> > > > > > > > > > > > this
> > > > > > > > > > >
> > > > > > > > > > > > > > to a different command and let each command
> > > > > > > > > > > > > > take care of packaging
> > > > > > > > > > >
> > > > > > > > > > > > > > the
> > > > > > > > > > >
> > > > > > > > > > > > > app
> > > > > > > > > > >
> > > > > > > > > > > > > > for the store. This command will also mean
> > > > > > > > > > > > > > that
> > > > > developers
> > > > > > > > don’t
> > > > > > > > > > >
> > > > > > > > > > > > > > have
> > > > > > > > > > >
> > > > > > > > > > > > to
> > > > > > > > > > >
> > > > > > > > > > > > > go
> > > > > > > > > > >
> > > > > > > > > > > > > > over to the native projects when they finally
> > > > > > > > > > > > > > want to publish
> > > > > > > > > > >
> > > > > > > > > > > > > > their
> > > > > > > > > > >
> > > > > > > > > > > > apps
> > > > > > > > > > >
> > > > > > > > > > > > > to
> > > > > > > > > > >
> > > > > > > > > > > > > > the store.
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > > >
> > > > > > > > > > > > > > From: Josh Soref
> > > > > > > > > > > > > > [mailto:jsoref@blackberry.com]
> > > > > > > > > > >
> > > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > > > >
> > > > > > > > > > > > > > To: dev
> > > > > > > > > > >
> > > > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > if you do:
> > > > > > > > > > >
> > > > > > > > > > > > > > Cordova build --release,
> > > > > > > > > > >
> > > > > > > > > > > > > > The blackberry10 platform will generate a
> > > > > > > > > > > > > > signed
> > > > image...
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > > > agrieve@chromium.org
> > > > > > > > > <mailto:
> > > > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > >AFAIK, I don't think there's any technical
> > > roadblocks.
> > > > > > > > > > > > > > >Just need
> > > > > > > > > > >
> > > > > > > > > > > > > > >a proposal for how it should look, and then a
> > > > > > > > > > > > > > >patch & docs to add
> > > > > > > > > > > it!
> > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > >For Android's hot-off-the-press gradle
> > > > > > > > > > > > > > >support, you can set an
> > > > > > > > > > >
> > > > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > > > >.properties file for
> > > > > > > > > > >
> > > > > > > > > > > > > > >signing builds. This shows one way to go
> > > > > > > > > > > > > > >about it, but I'm not in
> > > > > > > > > > >
> > > > > > > > > > > > > > >love with
> > > > > > > > > > >
> > > > > > > > > > > > the
> > > > > > > > > > >
> > > > > > > > > > > > > > .properties idea.
> > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > > > > >
> > > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@g
> > > > > > > > > > > > > > >ma
> > > > > > > > > > > > > > >il.c
> > > > > > > > > > > > > > >om>>
> > > > > > > > > > >
> > > > > > > > > > > > > > >wrote:
> > > > > > > > > > >
> > > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Hi community.
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Been looking at this topic and wondering
> > > > > > > > > > > > > > >> why the build command
> > > > > > > > > > >
> > > > > > > > > > > > > > >>does not create signed archives. Digging a
> > > > > > > > > > > > > > >>little bit found a
> > > > > > > > > > >
> > > > > > > > > > > > > > >>lot of differences in the platforms to
> > > > > > > > > > > > > > >>create these
> > > > > > > archives.
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > > > >> Export your
> > > > > APK
> > > > > > > > > > > > > > >> in
> > > > > > > > > > >
> > > > > > > > > > > > > > >> release mode (--release flag) 2. Sign your
> > > > > > > > > > > > > > >> APK (you already
> > > > > > > > > > >
> > > > > > > > > > > > > > >> need a RSA key)
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > > > >
> > > > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > > > >> (--release
> > > > > seems
> > > > > > > > > > > > > > >> to
> > > > > > > > > > >
> > > > > > > > > > > > > > >> export
> > > > > > > > > > >
> > > > > > > > > > > > for
> > > > > > > > > > >
> > > > > > > > > > > > > > >>emulator only) 2. Either use XCode
> > > > > > > > > > > > > > >>(UI-based) and sign the
> > > > > > > > > > >
> > > > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > > > >
> > > > > > > > > > > > > > >> process)
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Besides these differences, what is
> > > > > > > > > > > > > > >> preventing Cordova from
> > > > > > > > > > >
> > > > > > > > > > > > > > >> providing a generic one-way to build these
> > > > > > > > > > > > > > >> signed,
> > > > > > > > > > > ready-to-publish archives?
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Perhaps I'm missing something here...? I
> > > > > > > > > > > > > > >> really appreciate your
> > > > > > > > > > >
> > > > > > > > > > > > > > >>insights on this topic
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Thanks!
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > > >> --
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > > > >
> > > > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > > > >
> > > > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > > > >
> > > > > > > > > > > > > > >>
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > ----------------------------------------------------------
> > > > > > > > --
> > > > > > > > ----
> > > > > > > > > > > > > > --
> > > > > > > > > > >
> > > > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > > > >
> > > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > > > <mailto:
> > > > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > --
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > > > *
> > > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com.br>
> > > > > > > > > > > > > <
> > > > > > > > > > > http://www.pontoget.com/>
> > > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > --
> > > > > > > > > >
> > > > > > > > > > *Frederico Galvão*
> > > > > > > > > >
> > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > >
> > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > >
> > > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > ------------------------------------------------------------
> > > > > > > --
> > > > > > > ----
> > > > > > > --- To unsubscribe, e-mail:
> > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > > > >
> > > > > > > ------------------------------------------------------------
> > > > > > > --
> > > > > > > ----
> > > > > > > --- To unsubscribe, e-mail:
> > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Carlos Santana
> > > > > > <cs...@gmail.com>
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > > Victor Adrian Sosa Herrera
> > > > > > IBM Software Engineer
> > > > > > Guadalajara, Jalisco
> > > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Victor Adrian Sosa Herrera
> > > > IBM Software Engineer
> > > > Guadalajara, Jalisco
> > > >
> > >
> > >
> > >
> > > --
> > > Victor Adrian Sosa Herrera
> > > IBM Software Engineer
> > > Guadalajara, Jalisco
> > >
> > B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> > [ X ܚX K K[XZ[
> > ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> > ] Z [ ܙ ݘK \ X K ܙ B
> >
>
>
>
> --
> Victor Adrian Sosa Herrera
> IBM Software Engineer
> Guadalajara, Jalisco
>
--
Carlos Santana
<cs...@gmail.com>
RE: Build signed archives using CLI
Posted by Nikhil Khandelwal <ni...@microsoft.com>.
I'm taking this over from Dan. I like the idea of having the release signing information persisted in a json file.
I have made some updates on the specific issue of how keys/passwords can be passed through CLI and JSON:
https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit#
I'm still going through the details of packaging requirements of each platform. I expect to add some more details on how the packaging process will work with individual platform build systems in the coming days. I will update this thread when I do so.
Here's the main JIRA with platform specific tasks here: https://issues.apache.org/jira/browse/CB-8483. I would love to collaborate with others who are interested in this area. Specifically, I plan to take up the task of implementing this for Android first.
Thanks,
Nikhil
-----Original Message-----
From: Victor Sosa [mailto:sosah.victor@gmail.com]
Sent: Tuesday, February 10, 2015 2:29 PM
To: dev@cordova.apache.org
Subject: Re: Build signed archives using CLI
I'm leaning to Andrew and Omar's idea. I like the idea of having a file where all the platform-specific information will be stored, then each platform will take that information to sign the archive and produce a usable, I mean ready-to-distribute, binary.
As for Omar's comment, I also concur there. If a user has the signing info in gradle or ant properties and that info is also provided in the new file discussed here, then it should take precedence and override the platform-specific one.
Wondering if Dan is feeling OK now and ready to be back in the game :D
2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
> +1 for having an additional file to abstract away all the platform
> specific stuff. Currently, we support both gradle and ant for android
> for example, I think it wouldn't make sense for end-users to have to
> change their specs depending on what specific tool is used behind the scenes.
> Maybe we could also copy those properties to specific files during
> build or prepare ? [copy from cordova's to ant.properties]
>
>
> Thanks,
> Mefire
>
> -----Original Message-----
> From: Chuck Lantz [mailto:clantz@microsoft.com]
> Sent: Wednesday, January 28, 2015 10:30 AM
> To: dev@cordova.apache.org
> Subject: RE: Build signed archives using CLI
>
> Yeah personally I am thinking that - particularly if we treat
> platforms as dependencies in package.json as proposed - we'll need
> some facility to set native build settings. We may be able to come up
> with some sort of abstraction for this part, but I'm kind of thinking
> we'll ultimately want a facility to include native build property
> files (ant/gradle.properties, things like the signing identity in
> build.xcconfig, etc) in the CLI project. That said, we could have
> another facility for common settings like certs.
>
> -Chuck
>
> -----Original Message-----
> From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> Andrew Grieve
> Sent: Wednesday, January 28, 2015 10:18 AM
> To: dev
> Subject: Re: Build signed archives using CLI
>
> Sounds good, let's wait until Dan is back to discuss. The main point
> I'd like to cover is whether it'd be good to have layer of indirection
> between cordova and the platform-specific files that dictate signing info.
>
> E.g.:
> Instead of using ant.properties / gradle.properties / build.xcconfig, have:
>
> cordova-keys.json
> {
> ios: { identity: "", provisioning_profile: "" },
> android-debug: { keystore: "", alias: "", password: "", type: "" },
> android-release: { keystore: "", alias: "", password: "", type: "" }
> ...
> }
>
> Then, have a prepare step that makes the platforms do the right thing
>
> (Note that for android it's important to have debug siging keys as
> well since they are used for Play Services and Cloud Console APIs).
>
>
>
>
>
>
> On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa <so...@gmail.com>
> wrote:
>
> > Yay!! Great news!
> >
> > Chuck, by any chance, do you have a link to the sandbox, or design
> > doc or something worth to look at it? If no, we can wait until Dan
> > is back (hope he feels better soon) I'm happy to help if needed.
> >
> > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> >
> > > Dan Levine whom some of you met at PhoneGap day actually has been
> > > working on a PR based on Subhag's proposal for discussion - he is
> > > out sick which
> > is
> > > why he didn't respond to this thread. I'll let him speak to it
> > > once he's back but the good news is there is someone working on
> > > something in this area.
> > >
> > > -Chuck
> > >
> > > -----Original Message-----
> > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > Sent: Wednesday, January 28, 2015 7:57 AM
> > > To: dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > > Hi Andrew.
> > >
> > > AFAICT, no one has done any work on this area, but I'd like to add
> > > this topic to the hangout agenda, start discussing this. I think
> > > Subhag has a very good design in the google doc in this thread. We
> > > can start from
> > there
> > > and try to make this happen for a future release.
> > >
> > > Thoughts before adding it to the agenda?
> > >
> > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> > >
> > > > In anyone interested in working on any of this?
> > > >
> > > > Was just looking at it to see if there was anything I needed to
> > > > do to add support to Android for release packaging.
> > > >
> > > > Main thing lacking to me is whether we should support specifying
> > > > release key information outside of the platforms/android directory.
> > > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > > per-platform key locations & settings.
> > > >
> > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > > <so...@gmail.com>
> > > > wrote:
> > > >
> > > > > Hello Cordova community
> > > > > Curious to know where we stand about this topic. Even though
> > > > > this topic looks to have significant impact on Cordova, Subhag
> > > > > has a document
> > > > proposal
> > > > > with little discussion activity.
> > > > >
> > > > > I like Subhag's proposal, but I want to bring back the idea of
> > > > > a prompt-less keychain.
> > > > >
> > > > > Is anything else, besides what is depicted in the proposal,
> > > > > missing
> > > here?
> > > > >
> > > > > Document:
> > > > >
> > > > >
> > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQ
> > > > u9
> > > > PuNB
> > > > L1auAMGFM/edit?usp=sharing
> > > > >
> > > > >
> > > > > ---------- Forwarded message ----------
> > > > > From: Carlos Santana <cs...@gmail.com>
> > > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > > Subject: Re: Build signed archives using CLI
> > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > > >
> > > > >
> > > > > +1 on having a new command "cordova package" this will allow
> > > > > +IBM tooling
> > > > to
> > > > > hook into before_package and after_package for our own
> > > > > customizations (direct update, authenticity, etc..)
> > > > > +1 on using sane defaults and not prompting (i.e. default
> > > > > +keychain maybe
> > > > > used and unlock already) if not found what we need then prompt
> > > > > or fail
> > > > > +1 have some config/settings outside "platforms/" as I like to
> > > > > +be
> > > > transient
> > > > > replaceable. using config.xml, something.json, or file
> > > > > conventions like res/packaging/<platform>/ are all ok options.
> > > > >
> > > > >
> > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > > <Su...@microsoft.com>
> > > > > wrote:
> > > > >
> > > > > > Here is the link to the proposal:
> > > > > >
> > > > >
> > > > >
> > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQ
> > > > u9
> > > > PuNB
> > > > L1auAMGFM/edit?usp=sharing
> > > > > > Jump on it people :)
> > > > > >
> > > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > > Tools soak@microsoft.com
> > > > > > 425 707 5598 office
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > > To: dev@cordova.apache.org
> > > > > > Subject: RE: Build signed archives using CLI
> > > > > >
> > > > > > Adding to what Shazron said, isn't config.xml supposed to be
> > > > > > considered as app-wide settings/properties? Typically
> > > > > > packaging information is per platform and hence in my
> > > > > > opinion, should be decoupled from config
> > > > > settings.
> > > > > > Jesse, I am working on a documentation that I will share out
> > > > > > soon for
> > > > > the
> > > > > > community to collaborate.
> > > > > >
> > > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > > Tools soak@microsoft.com
> > > > > > 425 707 5598 office
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > > To: dev@cordova.apache.org
> > > > > > Subject: Re: Build signed archives using CLI
> > > > > >
> > > > > > Liking Subhag's proposal.
> > > > > > Agree with Jesse on using conventions as a default plus
> > > > > > config.xml
> > > > > > --
> > > > > with
> > > > > > overrides/env-vars possible. The only caveat for including
> > > > > > info in the config.xml is, the config.xml data is copied
> > > > > > into the iOS platform and
> > > > > will
> > > > > > be included in the .app bundle, and will leak information
> > > > > > (even though harmless, since it shouldn't contain passwords,
> > > > > > etc) -- so maybe that
> > > > is
> > > > > > not desirable, using config.xml.
> > > > > >
> > > > > > We will need to provide the password each time at least for
> > > > > > iOS, since
> > > > we
> > > > > > need to unlock the keychain for code signing.
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > > <ag...@chromium.org>
> > > > > > wrote:
> > > > > >
> > > > > > > The prompting is actually pretty appropriate here since
> > > > > > > passwords are involved I think. I think also that keys
> > > > > > > will often not be checked into source control, but maybe
> > > > > > > the best way to support that is to allow multiple ways of
> > > > > > > specifying things (e.g. default to convention, allow
> > > > > > > override via config.xml, allow override via command-line &
> > > > > > > env variable as well)
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > > <pu...@gmail.com>
> > > > wrote:
> > > > > > >
> > > > > > > > I am liking all of this.
> > > > > > > > Are we ready to move this to an editable plaintext doc
> > > > > > > > to
> > > > collaborate
> > > > > > on?
> > > > > > > >
> > > > > > > > I agree that we should take advantage of as much
> > > > > > > > 'by-convention' as we
> > > > > > > can,
> > > > > > > > meaning things like `cordova package ios` defaults to a
> > > > > > > > code sign
> > > > > > > identity
> > > > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > > > > >
> > > > > > > > If it does not make sense as a convention, then I too
> > > > > > > > would like to see
> > > > > > > as
> > > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > > points out,
> > > > and
> > > > > > > agree
> > > > > > > > on picking the most consistent names possible.
> > > > > > > >
> > > > > > > > I would prefer that we do not prompt, and simply fail
> > > > > > > > fast, given that tools will typically be consuming the
> > > > > > > > cli. Or we should at least
> > > > > > > provide a
> > > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > > config.xml-able
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > @purplecabbage
> > > > > > > > risingj.com
> > > > > > > >
> > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > > <clantz@microsoft.com
> > > > >
> > > > > > > wrote:
> > > > > > > >
> > > > > > > > > One option here could be to build off of the idea of
> > > > > > > > > the
> > "res"
> > > > > > > > > folder
> > > > > > > > that
> > > > > > > > > is in the current samples for splashscreens and icons
> > > > > > > > > and introduce something like "res/native". Files
> > > > > > > > > placed here would
> > > > be
> > > > > > > > > put into the native project folders "before_prepare"
> > > > > > > > > and would be further enhanced
> > > > > > > by
> > > > > > > > > the plugin and build infrastructure. This would allow
> > > > > > > > > you to place customized native assets that are unique
> > > > > > > > > to your project in a place
> > > > > > > that
> > > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > > >
> > > > > > > > > Andrew's environment variable idea could also provide
> > > > > > > > > an
> > > > alternate
> > > > > > > means
> > > > > > > > > to specify platform specific values (what Soak
> > > > > > > > > mentions in the {
> > > > > }).
> > > > > > > > >
> > > > > > > > > -Chuck
> > > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Frederico Galvão
> > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > > I agree with pretty much everything mentioned, but as
> > > > > > > > > far as I know cordova is trying it's best to not
> > > > > > > > > depend on anything to be in /platforms/<TARGET_PLATFORM>/.
> > > > > > > > > Having said that, the package command
> > > > > > > > should
> > > > > > > > > always expect things to be in config.xml or something
> > > > > > > > > like
> > > that.
> > > > > > > > >
> > > > > > > > > Also, the closer we are in naming things to what they
> > > > > > > > > are already known
> > > > > > > > as
> > > > > > > > > in the native platform, the better.
> > > > > > > > >
> > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > > <Subhag.Oak@microsoft.com
> > > > >:
> > > > > > > > >
> > > > > > > > > > Hey Cordova community,
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > I am Subhag Oak, senior program manager on the
> > > > > > > > > > Visual Studio team working on VS tools for Multi
> > > > > > > > > > device hybrid apps. In line with the discussion of
> > > > > > > > > > having a generic
> > > Cordova ‘packaging’
> > > > > > > > > > command for all platforms, here is one
> > > > > > > > > > proposal:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > As we all know, packaging an application for
> > > > > > > > > > deployment
> > > > requires
> > > > > > > extra
> > > > > > > > > > steps that are specific to the native platforms. A
> > > > > > > > > > new generic Cordova CLI ‘package’ command can
> > > > > > > > > > perform these platform specific actions to generate
> > > > > > > > > > a final signed package ready for
> > > > > > deployment:
> > > > > > > > > >
> > > > > > > > > > cordova package [platform] [--packageConfiguration]
> > > > > > > > > > {-- –-sign[location]
> > > > > > > > > > -- –-embed[location] -- --signIdentity[location]},
> > > > > > > > > > where all
> > > > the
> > > > > > > > > > parameters within { } are platform specific overrides.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > If no platform is specified, the command will build
> > > > > > > > > > packages
> > > > for
> > > > > > > > > > all platforms added.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > The values for –packageConfiguration are interpreted
> > > > > > > > > > by the
> > > > > > > respective
> > > > > > > > > > platforms. For Android and Windows, the value can be
> > > > > > > > > > debug or
> > > > > > > release,
> > > > > > > > > > with release being the default value. For iOS, the
> > > > > > > > > > possible values are development, adhoc or store with
> > > > > > > > > > development being the default value. The
> > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are
> > > > > > > > > > optional iOS specific signing arguments for
> > > > > > > > > > specifying the location of
> > > > > > > code-signing
> > > > > > > > > > certificate, the provisioning profile or the code
> > > > > > > > > > signing identity (certificates along with public and
> > > > > > > > > > private keys)
> > > > > > respectively.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > e.g:
> > > > > > > > > >
> > > > > > > > > > · ‘cordova package iOS’ would generate a signed
> ipa
> > > > with
> > > > > > > > > > development profile, using code signing identity
> > > > > > > > > > defined in
> > > > > > > > > build.xcconfig:
> > > > > > > > > >
> > > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > > >
> > > > > > > > > > // security find-identity | sed -n
> > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > > >
> > > > > > > > > > // generic 'iPhone Developer' (no quotes) will match
> > > > > > > > > > the right Identity with the right Provisioning //
> > > > > > > > > > Profile plus Certificate, based on the app bundle id
> > > > > > > > > >
> > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > · ‘cordova package android’ would generate a
> > release
> > > > > signed
> > > > > > > > using
> > > > > > > > > > the packaging assets (keystore, alias and password)
> > > > > > > > > > defined in the ant.properties files using the ANT build.
> > > > > > > > > > This would be using gradle.propoerties once cordova
> > > > > > > > > > changes to gradle build like the one Andrew mentions
> below.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > · ‘Cordova package windows’ would generate a
> signed
> > > > APPX
> > > > > > > > package.
> > > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > > >
> > > > > > > > > > • An unsigned packaged Windows Store
> > app,
> > > > for
> > > > > > > > example,
> > > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > > >
> > > > > > > > > > • A valid code signing certificate,
> for
> > > > > > example, a
> > > > > > > > > > Personal Information Exchange (.pfx) file created
> > > > > > > > > > with the MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > > > >
> > > > > > > > > > • SignTool, which is part of the
> Windows
> > > SDK
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Here is how the package command should work. The
> > > > > > > > > > proposal is to make the ‘package’ command work on
> > > > > > > > > > convention (similar to the Cordova
> > > > > > > build
> > > > > > > > > > command) rather than config settings. The command
> > > > > > > > > > would look
> > > > out
> > > > > > > > > > for packaging assets in the “platform\ [native-platform]”
> > > > folder.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > > (keystore, password, alias and alias password) would
> > > > > > > > > > be used for
> > > > packaging.
> > > > > > > > > > If any of
> > > > > > > these
> > > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > > gradle.properties for gradle build] or if the file
> > > > > > > > > > is missing, the command would prompt the user for
> > > > > > > > > > these value at the command prompt. If the values
> > > > > > > > > > provided
> > > > > > > are
> > > > > > > > > > invalid, the command would fail.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > For iOS, the contents of build.xcconfig specify the
> > > > > > > > > > code-sign certificate and the provisioning profile
> > > > > > > > > > to be used. The
> > > > default
> > > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > > information by build profile based on the
> > > > > > > > > > configuration defined in the
> > > > command.
> > > > > > > > > > Build.xcconfig can also support signing identities
> > > > > > > > > > that tie the code-sign certificate with the
> > > > > > > > > > provisioning
> > profile.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Tools like VS and other IDEs, which use cordova CLI,
> > > > > > > > > > may need
> > > > an
> > > > > > > > > > explicit way to specify certs/profile for packaging
> > > > > > > > > > for iOS (since
> > > > > > > the
> > > > > > > > > > build needs to happen on MAC agent) instead of the
> > > > > > > > > > assets being defined in the build.xcconfig. One way
> > > > > > > > > > to allow this is by
> > > > using
> > > > > > > > > > optional platform specific arguments to the package
> > > > > > > > > > command
> > > > like:
> > > > > > > > > >
> > > > > > > > > > Cordova package iOS --development --sign
> > “d:\cert\mycert.cer”
> > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > > >
> > > > > > > > > > This command will run the xcrun command to generate
> > > > > > > > > > a signed
> > > > IPA
> > > > > > > > > > with development provisioning profile.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > > feedback on this
> > > > > > > > > proposal.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > > >
> > > > > > > > > > Visual Studio, Client Tools
> > > > > > > > > >
> > > > > > > > > > soak@microsoft.com
> > > > > > > > > >
> > > > > > > > > > 425 707 5598 office
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > > > > > From: agrieve@google.com [mailto:agrieve@google.com]
> > > > > > > > > > On Behalf Of Andrew Grieve
> > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > > To: Shazron
> > > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > For Android Gradle, what's in (and experimental)
> > > > > > > > > > right
> now:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > > points
> > > > to
> > > > > > > > > > a .properties file that contains:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > > >
> > > > > > > > > > storePassword=SECRET1
> > > > > > > > > >
> > > > > > > > > > storeType=pkcs12
> > > > > > > > > >
> > > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > > >
> > > > > > > > > > keyPassword=SECRET2
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Topics to discuss:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > 1) Combine platform info into one file, or leave
> separate?
> > > > > > > > > >
> > > > > > > > > > - Leaning towards together
> > > > > > > > > >
> > > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > > >
> > > > > > > > > > - I think no, since signing info you often want to
> > > > > > > > > > not check in /
> > > > > > > keep
> > > > > > > > > > secure
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Strawman:
> > > > > > > > > >
> > > > > > > > > > If a file "cordova-keys.json" exists as a sibling to
> > > > > > > > > > www/, then use it. It should look like:
> > > > > > > > > >
> > > > > > > > > > {
> > > > > > > > > >
> > > > > > > > > > "android": {
> > > > > > > > > >
> > > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > > >
> > > > > > > > > > ...
> > > > > > > > > >
> > > > > > > > > > },
> > > > > > > > > >
> > > > > > > > > > "ios": {
> > > > > > > > > >
> > > > > > > > > > },
> > > > > > > > > >
> > > > > > > > > > ...
> > > > > > > > > >
> > > > > > > > > > }
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Android signs debug builds as well (not sure if
> > > > > > > > > > other platforms do this too?), so maybe also allow
> > > > > > > > > >
> > > > > > > > > > "android-release" as an alias for "android", and
> > > > > > > > > >
> > > > > > > > > > "android-debug"
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > > <shazron@gmail.com
> > > > > <mailto:
> > > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > > >
> > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > > >
> > > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > > >
> > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > Seems to be of great value - so let's get going on
> > > > > > > > > > > this
> > > > > > > > > > > ;)
> > > > The
> > > > > > > > > > > CLI has
> > > > > > > > > >
> > > > > > > > > > > (I think) matured more since then to allow this
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > > williams
> > > > > > > > > >
> > > > > > > > > > > <to...@devgeeks.org>>
> > > > > > > > > >
> > > > > > > > > > > wrote:
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > Frederico’s workflow is the same as ours. I
> > > > > > > > > > > > would love to see
> > > > > > > > > >
> > > > > > > > > > > > something happen To improve this, the less time
> > > > > > > > > > > > I spend in Xcode,
> > > > > > > > > >
> > > > > > > > > > > > the happier I am
> > > > > > > > > >
> > > > > > > > > > > ;)
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > > > > >
> > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > > "cordova build
> > > > > > > android
> > > > > > > > > >
> > > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > > .properties properly
> > > > > > > > > >
> > > > > > > > > > > configured
> > > > > > > > > >
> > > > > > > > > > > > in my platform/android folder, specifying the
> > > > > > > > > > > > path and name to my
> > > > > > > > > >
> > > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > > already gives me
> > > > > > > > > >
> > > > > > > > > > > > the signed and ready .apk, all I have to do is
> > > > > > > > > > > > upload it to
> > > > > > > > > > play.google.com.
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > I have never, however, used cordova's CLI to
> > > > > > > > > > > > build the
> > > > final
> > > > > > > > > >
> > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is
> > > > > > > > > > > > run "cordova
> > > > > > > > > >
> > > > > > > > > > > > prepare", and use xCode
> > > > > > > > > >
> > > > > > > > > > > from
> > > > > > > > > >
> > > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan
> > > > > > > > > > > > (MS OPEN
> > > > > > > > > > > > TECH) <
> > > > > > > > > >
> > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microsoft
> > > > > > > > > > > > .c
> > > > > > > > > > > > om
> > >>:
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > How about a "cordova package" command, that
> > > > > > > > > > > > > would be for packaging
> > > > > > > > > >
> > > > > > > > > > > > > the
> > > > > > > > > >
> > > > > > > > > > > > app
> > > > > > > > > >
> > > > > > > > > > > > > for the store? Note that different platforms
> > > > > > > > > > > > > may have different
> > > > > > > > > >
> > > > > > > > > > > > > requirements for certs, signing etc. So it may
> > > > > > > > > > > > > make sense to
> > > > > > > > > >
> > > > > > > > > > > > > promote
> > > > > > > > > >
> > > > > > > > > > > this
> > > > > > > > > >
> > > > > > > > > > > > > to a different command and let each command
> > > > > > > > > > > > > take care of packaging
> > > > > > > > > >
> > > > > > > > > > > > > the
> > > > > > > > > >
> > > > > > > > > > > > app
> > > > > > > > > >
> > > > > > > > > > > > > for the store. This command will also mean
> > > > > > > > > > > > > that
> > > > developers
> > > > > > > don’t
> > > > > > > > > >
> > > > > > > > > > > > > have
> > > > > > > > > >
> > > > > > > > > > > to
> > > > > > > > > >
> > > > > > > > > > > > go
> > > > > > > > > >
> > > > > > > > > > > > > over to the native projects when they finally
> > > > > > > > > > > > > want to publish
> > > > > > > > > >
> > > > > > > > > > > > > their
> > > > > > > > > >
> > > > > > > > > > > apps
> > > > > > > > > >
> > > > > > > > > > > > to
> > > > > > > > > >
> > > > > > > > > > > > > the store.
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > >
> > > > > > > > > > > > > From: Josh Soref
> > > > > > > > > > > > > [mailto:jsoref@blackberry.com]
> > > > > > > > > >
> > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > > >
> > > > > > > > > > > > > To: dev
> > > > > > > > > >
> > > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > if you do:
> > > > > > > > > >
> > > > > > > > > > > > > Cordova build --release,
> > > > > > > > > >
> > > > > > > > > > > > > The blackberry10 platform will generate a
> > > > > > > > > > > > > signed
> > > image...
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > > agrieve@chromium.org
> > > > > > > > <mailto:
> > > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > >AFAIK, I don't think there's any technical
> > roadblocks.
> > > > > > > > > > > > > >Just need
> > > > > > > > > >
> > > > > > > > > > > > > >a proposal for how it should look, and then a
> > > > > > > > > > > > > >patch & docs to add
> > > > > > > > > > it!
> > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > >For Android's hot-off-the-press gradle
> > > > > > > > > > > > > >support, you can set an
> > > > > > > > > >
> > > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > > >.properties file for
> > > > > > > > > >
> > > > > > > > > > > > > >signing builds. This shows one way to go
> > > > > > > > > > > > > >about it, but I'm not in
> > > > > > > > > >
> > > > > > > > > > > > > >love with
> > > > > > > > > >
> > > > > > > > > > > the
> > > > > > > > > >
> > > > > > > > > > > > > .properties idea.
> > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > > > >
> > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@g
> > > > > > > > > > > > > >ma
> > > > > > > > > > > > > >il.c
> > > > > > > > > > > > > >om>>
> > > > > > > > > >
> > > > > > > > > > > > > >wrote:
> > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > >> Hi community.
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> Been looking at this topic and wondering
> > > > > > > > > > > > > >> why the build command
> > > > > > > > > >
> > > > > > > > > > > > > >>does not create signed archives. Digging a
> > > > > > > > > > > > > >>little bit found a
> > > > > > > > > >
> > > > > > > > > > > > > >>lot of differences in the platforms to
> > > > > > > > > > > > > >>create these
> > > > > > archives.
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > > >> Export your
> > > > APK
> > > > > > > > > > > > > >> in
> > > > > > > > > >
> > > > > > > > > > > > > >> release mode (--release flag) 2. Sign your
> > > > > > > > > > > > > >> APK (you already
> > > > > > > > > >
> > > > > > > > > > > > > >> need a RSA key)
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > > >
> > > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > > >> (--release
> > > > seems
> > > > > > > > > > > > > >> to
> > > > > > > > > >
> > > > > > > > > > > > > >> export
> > > > > > > > > >
> > > > > > > > > > > for
> > > > > > > > > >
> > > > > > > > > > > > > >>emulator only) 2. Either use XCode
> > > > > > > > > > > > > >>(UI-based) and sign the
> > > > > > > > > >
> > > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > > >
> > > > > > > > > > > > > >> process)
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> Besides these differences, what is
> > > > > > > > > > > > > >> preventing Cordova from
> > > > > > > > > >
> > > > > > > > > > > > > >> providing a generic one-way to build these
> > > > > > > > > > > > > >> signed,
> > > > > > > > > > ready-to-publish archives?
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> Perhaps I'm missing something here...? I
> > > > > > > > > > > > > >> really appreciate your
> > > > > > > > > >
> > > > > > > > > > > > > >>insights on this topic
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> Thanks!
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> --
> > > > > > > > > >
> > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > > >
> > > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > > >
> > > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > ----------------------------------------------------------
> > > > > > > --
> > > > > > > ----
> > > > > > > > > > > > > --
> > > > > > > > > >
> > > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > > >
> > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > > <mailto:
> > > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > --
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > *
> > > > > > > > > > > > www.pontoget.com.br<http://www.pontoget.com.br>
> > > > > > > > > > > > <
> > > > > > > > > > http://www.pontoget.com/>
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > --
> > > > > > > > >
> > > > > > > > > *Frederico Galvão*
> > > > > > > > >
> > > > > > > > > Diretor de Tecnologia
> > > > > > > > >
> > > > > > > > > PontoGet Inovação Web
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > >
> > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > > ------------------------------------------------------------
> > > > > > --
> > > > > > ----
> > > > > > --- To unsubscribe, e-mail:
> > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > > >
> > > > > > ------------------------------------------------------------
> > > > > > --
> > > > > > ----
> > > > > > --- To unsubscribe, e-mail:
> > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Carlos Santana
> > > > > <cs...@gmail.com>
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Victor Adrian Sosa Herrera
> > > > > IBM Software Engineer
> > > > > Guadalajara, Jalisco
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Victor Adrian Sosa Herrera
> > > IBM Software Engineer
> > > Guadalajara, Jalisco
> > >
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
> B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> [ X ܚX K K[XZ[
> ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> ] Z [ ܙ ݘK \ X K ܙ B
>
--
Victor Adrian Sosa Herrera
IBM Software Engineer
Guadalajara, Jalisco
Re: Build signed archives using CLI
Posted by Victor Sosa <so...@gmail.com>.
I'm leaning to Andrew and Omar's idea. I like the idea of having a file
where all the platform-specific information will be stored, then each
platform will take that information to sign the archive and produce a
usable, I mean ready-to-distribute, binary.
As for Omar's comment, I also concur there. If a user has the signing info
in gradle or ant properties and that info is also provided in the new file
discussed here, then it should take precedence and override the
platform-specific one.
Wondering if Dan is feeling OK now and ready to be back in the game :D
2015-02-02 14:58 GMT-06:00 Mefire O. <om...@microsoft.com>:
> +1 for having an additional file to abstract away all the platform
> specific stuff. Currently, we support both gradle and ant for android for
> example, I think it wouldn't make sense for end-users to have to change
> their specs depending on what specific tool is used behind the scenes.
> Maybe we could also copy those properties to specific files during build
> or prepare ? [copy from cordova's to ant.properties]
>
>
> Thanks,
> Mefire
>
> -----Original Message-----
> From: Chuck Lantz [mailto:clantz@microsoft.com]
> Sent: Wednesday, January 28, 2015 10:30 AM
> To: dev@cordova.apache.org
> Subject: RE: Build signed archives using CLI
>
> Yeah personally I am thinking that - particularly if we treat platforms as
> dependencies in package.json as proposed - we'll need some facility to set
> native build settings. We may be able to come up with some sort of
> abstraction for this part, but I'm kind of thinking we'll ultimately want a
> facility to include native build property files (ant/gradle.properties,
> things like the signing identity in build.xcconfig, etc) in the CLI
> project. That said, we could have another facility for common settings
> like certs.
>
> -Chuck
>
> -----Original Message-----
> From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew
> Grieve
> Sent: Wednesday, January 28, 2015 10:18 AM
> To: dev
> Subject: Re: Build signed archives using CLI
>
> Sounds good, let's wait until Dan is back to discuss. The main point I'd
> like to cover is whether it'd be good to have layer of indirection between
> cordova and the platform-specific files that dictate signing info.
>
> E.g.:
> Instead of using ant.properties / gradle.properties / build.xcconfig, have:
>
> cordova-keys.json
> {
> ios: { identity: "", provisioning_profile: "" },
> android-debug: { keystore: "", alias: "", password: "", type: "" },
> android-release: { keystore: "", alias: "", password: "", type: "" }
> ...
> }
>
> Then, have a prepare step that makes the platforms do the right thing
>
> (Note that for android it's important to have debug siging keys as well
> since they are used for Play Services and Cloud Console APIs).
>
>
>
>
>
>
> On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa <so...@gmail.com>
> wrote:
>
> > Yay!! Great news!
> >
> > Chuck, by any chance, do you have a link to the sandbox, or design doc
> > or something worth to look at it? If no, we can wait until Dan is back
> > (hope he feels better soon) I'm happy to help if needed.
> >
> > 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> >
> > > Dan Levine whom some of you met at PhoneGap day actually has been
> > > working on a PR based on Subhag's proposal for discussion - he is
> > > out sick which
> > is
> > > why he didn't respond to this thread. I'll let him speak to it once
> > > he's back but the good news is there is someone working on something
> > > in this area.
> > >
> > > -Chuck
> > >
> > > -----Original Message-----
> > > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > > Sent: Wednesday, January 28, 2015 7:57 AM
> > > To: dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > > Hi Andrew.
> > >
> > > AFAICT, no one has done any work on this area, but I'd like to add
> > > this topic to the hangout agenda, start discussing this. I think
> > > Subhag has a very good design in the google doc in this thread. We
> > > can start from
> > there
> > > and try to make this happen for a future release.
> > >
> > > Thoughts before adding it to the agenda?
> > >
> > > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> > >
> > > > In anyone interested in working on any of this?
> > > >
> > > > Was just looking at it to see if there was anything I needed to do
> > > > to add support to Android for release packaging.
> > > >
> > > > Main thing lacking to me is whether we should support specifying
> > > > release key information outside of the platforms/android directory.
> > > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > > per-platform key locations & settings.
> > > >
> > > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > > <so...@gmail.com>
> > > > wrote:
> > > >
> > > > > Hello Cordova community
> > > > > Curious to know where we stand about this topic. Even though
> > > > > this topic looks to have significant impact on Cordova, Subhag
> > > > > has a document
> > > > proposal
> > > > > with little discussion activity.
> > > > >
> > > > > I like Subhag's proposal, but I want to bring back the idea of a
> > > > > prompt-less keychain.
> > > > >
> > > > > Is anything else, besides what is depicted in the proposal,
> > > > > missing
> > > here?
> > > > >
> > > > > Document:
> > > > >
> > > > >
> > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9
> > > > PuNB
> > > > L1auAMGFM/edit?usp=sharing
> > > > >
> > > > >
> > > > > ---------- Forwarded message ----------
> > > > > From: Carlos Santana <cs...@gmail.com>
> > > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > > Subject: Re: Build signed archives using CLI
> > > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > > >
> > > > >
> > > > > +1 on having a new command "cordova package" this will allow IBM
> > > > > +tooling
> > > > to
> > > > > hook into before_package and after_package for our own
> > > > > customizations (direct update, authenticity, etc..)
> > > > > +1 on using sane defaults and not prompting (i.e. default
> > > > > +keychain maybe
> > > > > used and unlock already) if not found what we need then prompt
> > > > > or fail
> > > > > +1 have some config/settings outside "platforms/" as I like to
> > > > > +be
> > > > transient
> > > > > replaceable. using config.xml, something.json, or file
> > > > > conventions like res/packaging/<platform>/ are all ok options.
> > > > >
> > > > >
> > > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > > <Su...@microsoft.com>
> > > > > wrote:
> > > > >
> > > > > > Here is the link to the proposal:
> > > > > >
> > > > >
> > > > >
> > > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9
> > > > PuNB
> > > > L1auAMGFM/edit?usp=sharing
> > > > > > Jump on it people :)
> > > > > >
> > > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > > Tools soak@microsoft.com
> > > > > > 425 707 5598 office
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > > To: dev@cordova.apache.org
> > > > > > Subject: RE: Build signed archives using CLI
> > > > > >
> > > > > > Adding to what Shazron said, isn't config.xml supposed to be
> > > > > > considered as app-wide settings/properties? Typically
> > > > > > packaging information is per platform and hence in my opinion,
> > > > > > should be decoupled from config
> > > > > settings.
> > > > > > Jesse, I am working on a documentation that I will share out
> > > > > > soon for
> > > > > the
> > > > > > community to collaborate.
> > > > > >
> > > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > > Tools soak@microsoft.com
> > > > > > 425 707 5598 office
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > > To: dev@cordova.apache.org
> > > > > > Subject: Re: Build signed archives using CLI
> > > > > >
> > > > > > Liking Subhag's proposal.
> > > > > > Agree with Jesse on using conventions as a default plus
> > > > > > config.xml
> > > > > > --
> > > > > with
> > > > > > overrides/env-vars possible. The only caveat for including
> > > > > > info in the config.xml is, the config.xml data is copied into
> > > > > > the iOS platform and
> > > > > will
> > > > > > be included in the .app bundle, and will leak information
> > > > > > (even though harmless, since it shouldn't contain passwords,
> > > > > > etc) -- so maybe that
> > > > is
> > > > > > not desirable, using config.xml.
> > > > > >
> > > > > > We will need to provide the password each time at least for
> > > > > > iOS, since
> > > > we
> > > > > > need to unlock the keychain for code signing.
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > > <ag...@chromium.org>
> > > > > > wrote:
> > > > > >
> > > > > > > The prompting is actually pretty appropriate here since
> > > > > > > passwords are involved I think. I think also that keys will
> > > > > > > often not be checked into source control, but maybe the best
> > > > > > > way to support that is to allow multiple ways of specifying
> > > > > > > things (e.g. default to convention, allow override via
> > > > > > > config.xml, allow override via command-line & env variable
> > > > > > > as well)
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > > <pu...@gmail.com>
> > > > wrote:
> > > > > > >
> > > > > > > > I am liking all of this.
> > > > > > > > Are we ready to move this to an editable plaintext doc to
> > > > collaborate
> > > > > > on?
> > > > > > > >
> > > > > > > > I agree that we should take advantage of as much
> > > > > > > > 'by-convention' as we
> > > > > > > can,
> > > > > > > > meaning things like `cordova package ios` defaults to a
> > > > > > > > code sign
> > > > > > > identity
> > > > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > > > > >
> > > > > > > > If it does not make sense as a convention, then I too
> > > > > > > > would like to see
> > > > > > > as
> > > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > > points out,
> > > > and
> > > > > > > agree
> > > > > > > > on picking the most consistent names possible.
> > > > > > > >
> > > > > > > > I would prefer that we do not prompt, and simply fail
> > > > > > > > fast, given that tools will typically be consuming the
> > > > > > > > cli. Or we should at least
> > > > > > > provide a
> > > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > > config.xml-able
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > @purplecabbage
> > > > > > > > risingj.com
> > > > > > > >
> > > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > > <clantz@microsoft.com
> > > > >
> > > > > > > wrote:
> > > > > > > >
> > > > > > > > > One option here could be to build off of the idea of the
> > "res"
> > > > > > > > > folder
> > > > > > > > that
> > > > > > > > > is in the current samples for splashscreens and icons
> > > > > > > > > and introduce something like "res/native". Files placed
> > > > > > > > > here would
> > > > be
> > > > > > > > > put into the native project folders "before_prepare" and
> > > > > > > > > would be further enhanced
> > > > > > > by
> > > > > > > > > the plugin and build infrastructure. This would allow
> > > > > > > > > you to place customized native assets that are unique to
> > > > > > > > > your project in a place
> > > > > > > that
> > > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > > >
> > > > > > > > > Andrew's environment variable idea could also provide an
> > > > alternate
> > > > > > > means
> > > > > > > > > to specify platform specific values (what Soak mentions
> > > > > > > > > in the {
> > > > > }).
> > > > > > > > >
> > > > > > > > > -Chuck
> > > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: Frederico Galvão
> > > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > > I agree with pretty much everything mentioned, but as
> > > > > > > > > far as I know cordova is trying it's best to not depend
> > > > > > > > > on anything to be in /platforms/<TARGET_PLATFORM>/.
> > > > > > > > > Having said that, the package command
> > > > > > > > should
> > > > > > > > > always expect things to be in config.xml or something
> > > > > > > > > like
> > > that.
> > > > > > > > >
> > > > > > > > > Also, the closer we are in naming things to what they
> > > > > > > > > are already known
> > > > > > > > as
> > > > > > > > > in the native platform, the better.
> > > > > > > > >
> > > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > > <Subhag.Oak@microsoft.com
> > > > >:
> > > > > > > > >
> > > > > > > > > > Hey Cordova community,
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > I am Subhag Oak, senior program manager on the Visual
> > > > > > > > > > Studio team working on VS tools for Multi device
> > > > > > > > > > hybrid apps. In line with the discussion of having a
> > > > > > > > > > generic
> > > Cordova ‘packaging’
> > > > > > > > > > command for all platforms, here is one
> > > > > > > > > > proposal:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > As we all know, packaging an application for
> > > > > > > > > > deployment
> > > > requires
> > > > > > > extra
> > > > > > > > > > steps that are specific to the native platforms. A
> > > > > > > > > > new generic Cordova CLI ‘package’ command can perform
> > > > > > > > > > these platform specific actions to generate a final
> > > > > > > > > > signed package ready for
> > > > > > deployment:
> > > > > > > > > >
> > > > > > > > > > cordova package [platform] [--packageConfiguration]
> > > > > > > > > > {-- –-sign[location]
> > > > > > > > > > -- –-embed[location] -- --signIdentity[location]},
> > > > > > > > > > where all
> > > > the
> > > > > > > > > > parameters within { } are platform specific overrides.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > If no platform is specified, the command will build
> > > > > > > > > > packages
> > > > for
> > > > > > > > > > all platforms added.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > The values for –packageConfiguration are interpreted
> > > > > > > > > > by the
> > > > > > > respective
> > > > > > > > > > platforms. For Android and Windows, the value can be
> > > > > > > > > > debug or
> > > > > > > release,
> > > > > > > > > > with release being the default value. For iOS, the
> > > > > > > > > > possible values are development, adhoc or store with
> > > > > > > > > > development being the default value. The
> > > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are
> > > > > > > > > > optional iOS specific signing arguments for specifying
> > > > > > > > > > the location of
> > > > > > > code-signing
> > > > > > > > > > certificate, the provisioning profile or the code
> > > > > > > > > > signing identity (certificates along with public and
> > > > > > > > > > private keys)
> > > > > > respectively.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > e.g:
> > > > > > > > > >
> > > > > > > > > > · ‘cordova package iOS’ would generate a signed
> ipa
> > > > with
> > > > > > > > > > development profile, using code signing identity
> > > > > > > > > > defined in
> > > > > > > > > build.xcconfig:
> > > > > > > > > >
> > > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > > >
> > > > > > > > > > // security find-identity | sed -n
> > > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > > >
> > > > > > > > > > // generic 'iPhone Developer' (no quotes) will match
> > > > > > > > > > the right Identity with the right Provisioning //
> > > > > > > > > > Profile plus Certificate, based on the app bundle id
> > > > > > > > > >
> > > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > · ‘cordova package android’ would generate a
> > release
> > > > > signed
> > > > > > > > using
> > > > > > > > > > the packaging assets (keystore, alias and password)
> > > > > > > > > > defined in the ant.properties files using the ANT build.
> > > > > > > > > > This would be using gradle.propoerties once cordova
> > > > > > > > > > changes to gradle build like the one Andrew mentions
> below.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > · ‘Cordova package windows’ would generate a
> signed
> > > > APPX
> > > > > > > > package.
> > > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > > >
> > > > > > > > > > • An unsigned packaged Windows Store
> > app,
> > > > for
> > > > > > > > example,
> > > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > > >
> > > > > > > > > > • A valid code signing certificate,
> for
> > > > > > example, a
> > > > > > > > > > Personal Information Exchange (.pfx) file created with
> > > > > > > > > > the MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > > > >
> > > > > > > > > > • SignTool, which is part of the
> Windows
> > > SDK
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Here is how the package command should work. The
> > > > > > > > > > proposal is to make the ‘package’ command work on
> > > > > > > > > > convention (similar to the Cordova
> > > > > > > build
> > > > > > > > > > command) rather than config settings. The command
> > > > > > > > > > would look
> > > > out
> > > > > > > > > > for packaging assets in the “platform\ [native-platform]”
> > > > folder.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > > (keystore, password, alias and alias password) would
> > > > > > > > > > be used for
> > > > packaging.
> > > > > > > > > > If any of
> > > > > > > these
> > > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > > gradle.properties for gradle build] or if the file is
> > > > > > > > > > missing, the command would prompt the user for these
> > > > > > > > > > value at the command prompt. If the values provided
> > > > > > > are
> > > > > > > > > > invalid, the command would fail.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > For iOS, the contents of build.xcconfig specify the
> > > > > > > > > > code-sign certificate and the provisioning profile to
> > > > > > > > > > be used. The
> > > > default
> > > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > > information by build profile based on the
> > > > > > > > > > configuration defined in the
> > > > command.
> > > > > > > > > > Build.xcconfig can also support signing identities
> > > > > > > > > > that tie the code-sign certificate with the
> > > > > > > > > > provisioning
> > profile.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Tools like VS and other IDEs, which use cordova CLI,
> > > > > > > > > > may need
> > > > an
> > > > > > > > > > explicit way to specify certs/profile for packaging
> > > > > > > > > > for iOS (since
> > > > > > > the
> > > > > > > > > > build needs to happen on MAC agent) instead of the
> > > > > > > > > > assets being defined in the build.xcconfig. One way to
> > > > > > > > > > allow this is by
> > > > using
> > > > > > > > > > optional platform specific arguments to the package
> > > > > > > > > > command
> > > > like:
> > > > > > > > > >
> > > > > > > > > > Cordova package iOS --development --sign
> > “d:\cert\mycert.cer”
> > > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > > >
> > > > > > > > > > This command will run the xcrun command to generate a
> > > > > > > > > > signed
> > > > IPA
> > > > > > > > > > with development provisioning profile.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > > feedback on this
> > > > > > > > > proposal.
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > > >
> > > > > > > > > > Visual Studio, Client Tools
> > > > > > > > > >
> > > > > > > > > > soak@microsoft.com
> > > > > > > > > >
> > > > > > > > > > 425 707 5598 office
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > > > > > From: agrieve@google.com [mailto:agrieve@google.com]
> > > > > > > > > > On Behalf Of Andrew Grieve
> > > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > > To: Shazron
> > > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > For Android Gradle, what's in (and experimental) right
> now:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > > points
> > > > to
> > > > > > > > > > a .properties file that contains:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > > >
> > > > > > > > > > storePassword=SECRET1
> > > > > > > > > >
> > > > > > > > > > storeType=pkcs12
> > > > > > > > > >
> > > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > > >
> > > > > > > > > > keyPassword=SECRET2
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Topics to discuss:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > 1) Combine platform info into one file, or leave
> separate?
> > > > > > > > > >
> > > > > > > > > > - Leaning towards together
> > > > > > > > > >
> > > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > > >
> > > > > > > > > > - I think no, since signing info you often want to not
> > > > > > > > > > check in /
> > > > > > > keep
> > > > > > > > > > secure
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Strawman:
> > > > > > > > > >
> > > > > > > > > > If a file "cordova-keys.json" exists as a sibling to
> > > > > > > > > > www/, then use it. It should look like:
> > > > > > > > > >
> > > > > > > > > > {
> > > > > > > > > >
> > > > > > > > > > "android": {
> > > > > > > > > >
> > > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > > >
> > > > > > > > > > ...
> > > > > > > > > >
> > > > > > > > > > },
> > > > > > > > > >
> > > > > > > > > > "ios": {
> > > > > > > > > >
> > > > > > > > > > },
> > > > > > > > > >
> > > > > > > > > > ...
> > > > > > > > > >
> > > > > > > > > > }
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > Android signs debug builds as well (not sure if other
> > > > > > > > > > platforms do this too?), so maybe also allow
> > > > > > > > > >
> > > > > > > > > > "android-release" as an alias for "android", and
> > > > > > > > > >
> > > > > > > > > > "android-debug"
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > > <shazron@gmail.com
> > > > > <mailto:
> > > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > > >
> > > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > > >
> > > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > > >
> > > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > Seems to be of great value - so let's get going on
> > > > > > > > > > > this
> > > > > > > > > > > ;)
> > > > The
> > > > > > > > > > > CLI has
> > > > > > > > > >
> > > > > > > > > > > (I think) matured more since then to allow this
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > > williams
> > > > > > > > > >
> > > > > > > > > > > <to...@devgeeks.org>>
> > > > > > > > > >
> > > > > > > > > > > wrote:
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > Frederico’s workflow is the same as ours. I would
> > > > > > > > > > > > love to see
> > > > > > > > > >
> > > > > > > > > > > > something happen To improve this, the less time I
> > > > > > > > > > > > spend in Xcode,
> > > > > > > > > >
> > > > > > > > > > > > the happier I am
> > > > > > > > > >
> > > > > > > > > > > ;)
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > > > > >
> > > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > > "cordova build
> > > > > > > android
> > > > > > > > > >
> > > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > > .properties properly
> > > > > > > > > >
> > > > > > > > > > > configured
> > > > > > > > > >
> > > > > > > > > > > > in my platform/android folder, specifying the path
> > > > > > > > > > > > and name to my
> > > > > > > > > >
> > > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > > already gives me
> > > > > > > > > >
> > > > > > > > > > > > the signed and ready .apk, all I have to do is
> > > > > > > > > > > > upload it to
> > > > > > > > > > play.google.com.
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > I have never, however, used cordova's CLI to build
> > > > > > > > > > > > the
> > > > final
> > > > > > > > > >
> > > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run
> > > > > > > > > > > > "cordova
> > > > > > > > > >
> > > > > > > > > > > > prepare", and use xCode
> > > > > > > > > >
> > > > > > > > > > > from
> > > > > > > > > >
> > > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan
> > > > > > > > > > > > (MS OPEN
> > > > > > > > > > > > TECH) <
> > > > > > > > > >
> > > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microsoft.c
> > > > > > > > > > > > om
> > >>:
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > How about a "cordova package" command, that
> > > > > > > > > > > > > would be for packaging
> > > > > > > > > >
> > > > > > > > > > > > > the
> > > > > > > > > >
> > > > > > > > > > > > app
> > > > > > > > > >
> > > > > > > > > > > > > for the store? Note that different platforms may
> > > > > > > > > > > > > have different
> > > > > > > > > >
> > > > > > > > > > > > > requirements for certs, signing etc. So it may
> > > > > > > > > > > > > make sense to
> > > > > > > > > >
> > > > > > > > > > > > > promote
> > > > > > > > > >
> > > > > > > > > > > this
> > > > > > > > > >
> > > > > > > > > > > > > to a different command and let each command take
> > > > > > > > > > > > > care of packaging
> > > > > > > > > >
> > > > > > > > > > > > > the
> > > > > > > > > >
> > > > > > > > > > > > app
> > > > > > > > > >
> > > > > > > > > > > > > for the store. This command will also mean that
> > > > developers
> > > > > > > don’t
> > > > > > > > > >
> > > > > > > > > > > > > have
> > > > > > > > > >
> > > > > > > > > > > to
> > > > > > > > > >
> > > > > > > > > > > > go
> > > > > > > > > >
> > > > > > > > > > > > > over to the native projects when they finally
> > > > > > > > > > > > > want to publish
> > > > > > > > > >
> > > > > > > > > > > > > their
> > > > > > > > > >
> > > > > > > > > > > apps
> > > > > > > > > >
> > > > > > > > > > > > to
> > > > > > > > > >
> > > > > > > > > > > > > the store.
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > -----Original Message-----
> > > > > > > > > >
> > > > > > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > > > > > > >
> > > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > > >
> > > > > > > > > > > > > To: dev
> > > > > > > > > >
> > > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > if you do:
> > > > > > > > > >
> > > > > > > > > > > > > Cordova build --release,
> > > > > > > > > >
> > > > > > > > > > > > > The blackberry10 platform will generate a signed
> > > image...
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > > agrieve@chromium.org
> > > > > > > > <mailto:
> > > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > >AFAIK, I don't think there's any technical
> > roadblocks.
> > > > > > > > > > > > > >Just need
> > > > > > > > > >
> > > > > > > > > > > > > >a proposal for how it should look, and then a
> > > > > > > > > > > > > >patch & docs to add
> > > > > > > > > > it!
> > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > >For Android's hot-off-the-press gradle support,
> > > > > > > > > > > > > >you can set an
> > > > > > > > > >
> > > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > > >.properties file for
> > > > > > > > > >
> > > > > > > > > > > > > >signing builds. This shows one way to go about
> > > > > > > > > > > > > >it, but I'm not in
> > > > > > > > > >
> > > > > > > > > > > > > >love with
> > > > > > > > > >
> > > > > > > > > > > the
> > > > > > > > > >
> > > > > > > > > > > > > .properties idea.
> > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > > > >
> > > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@gma
> > > > > > > > > > > > > >il.c
> > > > > > > > > > > > > >om>>
> > > > > > > > > >
> > > > > > > > > > > > > >wrote:
> > > > > > > > > >
> > > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > > >> Hi community.
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> Been looking at this topic and wondering why
> > > > > > > > > > > > > >> the build command
> > > > > > > > > >
> > > > > > > > > > > > > >>does not create signed archives. Digging a
> > > > > > > > > > > > > >>little bit found a
> > > > > > > > > >
> > > > > > > > > > > > > >>lot of differences in the platforms to create
> > > > > > > > > > > > > >>these
> > > > > > archives.
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > > >> Export your
> > > > APK
> > > > > > > > > > > > > >> in
> > > > > > > > > >
> > > > > > > > > > > > > >> release mode (--release flag) 2. Sign your
> > > > > > > > > > > > > >> APK (you already
> > > > > > > > > >
> > > > > > > > > > > > > >> need a RSA key)
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > > >
> > > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > > >> (--release
> > > > seems
> > > > > > > > > > > > > >> to
> > > > > > > > > >
> > > > > > > > > > > > > >> export
> > > > > > > > > >
> > > > > > > > > > > for
> > > > > > > > > >
> > > > > > > > > > > > > >>emulator only) 2. Either use XCode (UI-based)
> > > > > > > > > > > > > >>and sign the
> > > > > > > > > >
> > > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > > >
> > > > > > > > > > > > > >> process)
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> Besides these differences, what is preventing
> > > > > > > > > > > > > >> Cordova from
> > > > > > > > > >
> > > > > > > > > > > > > >> providing a generic one-way to build these
> > > > > > > > > > > > > >> signed,
> > > > > > > > > > ready-to-publish archives?
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> Perhaps I'm missing something here...? I
> > > > > > > > > > > > > >> really appreciate your
> > > > > > > > > >
> > > > > > > > > > > > > >>insights on this topic
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> Thanks!
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > > >> --
> > > > > > > > > >
> > > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > > >
> > > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > > >
> > > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > > >
> > > > > > > > > > > > > >>
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > ------------------------------------------------------------
> > > > > > > ----
> > > > > > > > > > > > > --
> > > > > > > > > >
> > > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > > >
> > > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > > <mailto:
> > > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > --
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > *Frederico Galvão*
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br>
> > > > > > > > > > > > <
> > > > > > > > > > http://www.pontoget.com/>
> > > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > --
> > > > > > > > >
> > > > > > > > > *Frederico Galvão*
> > > > > > > > >
> > > > > > > > > Diretor de Tecnologia
> > > > > > > > >
> > > > > > > > > PontoGet Inovação Web
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > >
> > > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > > --------------------------------------------------------------
> > > > > > ----
> > > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > > >
> > > > > > --------------------------------------------------------------
> > > > > > ----
> > > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Carlos Santana
> > > > > <cs...@gmail.com>
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > > Victor Adrian Sosa Herrera
> > > > > IBM Software Engineer
> > > > > Guadalajara, Jalisco
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > > Victor Adrian Sosa Herrera
> > > IBM Software Engineer
> > > Guadalajara, Jalisco
> > >
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
> B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB
> [ X ܚX K K[XZ[
> ] ][ X ܚX P ܙ ݘK \ X K ܙ B ܈ Y ] [ۘ[ [X[ K[XZ[
> ] Z [ ܙ ݘK \ X K ܙ B
>
--
Victor Adrian Sosa Herrera
IBM Software Engineer
Guadalajara, Jalisco
RE: Build signed archives using CLI
Posted by "Mefire O." <om...@microsoft.com>.
+1 for having an additional file to abstract away all the platform specific stuff. Currently, we support both gradle and ant for android for example, I think it wouldn't make sense for end-users to have to change their specs depending on what specific tool is used behind the scenes.
Maybe we could also copy those properties to specific files during build or prepare ? [copy from cordova's to ant.properties]
Thanks,
Mefire
-----Original Message-----
From: Chuck Lantz [mailto:clantz@microsoft.com]
Sent: Wednesday, January 28, 2015 10:30 AM
To: dev@cordova.apache.org
Subject: RE: Build signed archives using CLI
Yeah personally I am thinking that - particularly if we treat platforms as dependencies in package.json as proposed - we'll need some facility to set native build settings. We may be able to come up with some sort of abstraction for this part, but I'm kind of thinking we'll ultimately want a facility to include native build property files (ant/gradle.properties, things like the signing identity in build.xcconfig, etc) in the CLI project. That said, we could have another facility for common settings like certs.
-Chuck
-----Original Message-----
From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew Grieve
Sent: Wednesday, January 28, 2015 10:18 AM
To: dev
Subject: Re: Build signed archives using CLI
Sounds good, let's wait until Dan is back to discuss. The main point I'd like to cover is whether it'd be good to have layer of indirection between cordova and the platform-specific files that dictate signing info.
E.g.:
Instead of using ant.properties / gradle.properties / build.xcconfig, have:
cordova-keys.json
{
ios: { identity: "", provisioning_profile: "" },
android-debug: { keystore: "", alias: "", password: "", type: "" },
android-release: { keystore: "", alias: "", password: "", type: "" }
...
}
Then, have a prepare step that makes the platforms do the right thing
(Note that for android it's important to have debug siging keys as well since they are used for Play Services and Cloud Console APIs).
On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa <so...@gmail.com>
wrote:
> Yay!! Great news!
>
> Chuck, by any chance, do you have a link to the sandbox, or design doc
> or something worth to look at it? If no, we can wait until Dan is back
> (hope he feels better soon) I'm happy to help if needed.
>
> 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
>
> > Dan Levine whom some of you met at PhoneGap day actually has been
> > working on a PR based on Subhag's proposal for discussion - he is
> > out sick which
> is
> > why he didn't respond to this thread. I'll let him speak to it once
> > he's back but the good news is there is someone working on something
> > in this area.
> >
> > -Chuck
> >
> > -----Original Message-----
> > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > Sent: Wednesday, January 28, 2015 7:57 AM
> > To: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > Hi Andrew.
> >
> > AFAICT, no one has done any work on this area, but I'd like to add
> > this topic to the hangout agenda, start discussing this. I think
> > Subhag has a very good design in the google doc in this thread. We
> > can start from
> there
> > and try to make this happen for a future release.
> >
> > Thoughts before adding it to the agenda?
> >
> > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> >
> > > In anyone interested in working on any of this?
> > >
> > > Was just looking at it to see if there was anything I needed to do
> > > to add support to Android for release packaging.
> > >
> > > Main thing lacking to me is whether we should support specifying
> > > release key information outside of the platforms/android directory.
> > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > per-platform key locations & settings.
> > >
> > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > <so...@gmail.com>
> > > wrote:
> > >
> > > > Hello Cordova community
> > > > Curious to know where we stand about this topic. Even though
> > > > this topic looks to have significant impact on Cordova, Subhag
> > > > has a document
> > > proposal
> > > > with little discussion activity.
> > > >
> > > > I like Subhag's proposal, but I want to bring back the idea of a
> > > > prompt-less keychain.
> > > >
> > > > Is anything else, besides what is depicted in the proposal,
> > > > missing
> > here?
> > > >
> > > > Document:
> > > >
> > > >
> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9
> > > PuNB
> > > L1auAMGFM/edit?usp=sharing
> > > >
> > > >
> > > > ---------- Forwarded message ----------
> > > > From: Carlos Santana <cs...@gmail.com>
> > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > Subject: Re: Build signed archives using CLI
> > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > >
> > > >
> > > > +1 on having a new command "cordova package" this will allow IBM
> > > > +tooling
> > > to
> > > > hook into before_package and after_package for our own
> > > > customizations (direct update, authenticity, etc..)
> > > > +1 on using sane defaults and not prompting (i.e. default
> > > > +keychain maybe
> > > > used and unlock already) if not found what we need then prompt
> > > > or fail
> > > > +1 have some config/settings outside "platforms/" as I like to
> > > > +be
> > > transient
> > > > replaceable. using config.xml, something.json, or file
> > > > conventions like res/packaging/<platform>/ are all ok options.
> > > >
> > > >
> > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > <Su...@microsoft.com>
> > > > wrote:
> > > >
> > > > > Here is the link to the proposal:
> > > > >
> > > >
> > > >
> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9
> > > PuNB
> > > L1auAMGFM/edit?usp=sharing
> > > > > Jump on it people :)
> > > > >
> > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > Tools soak@microsoft.com
> > > > > 425 707 5598 office
> > > > >
> > > > > -----Original Message-----
> > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: RE: Build signed archives using CLI
> > > > >
> > > > > Adding to what Shazron said, isn't config.xml supposed to be
> > > > > considered as app-wide settings/properties? Typically
> > > > > packaging information is per platform and hence in my opinion,
> > > > > should be decoupled from config
> > > > settings.
> > > > > Jesse, I am working on a documentation that I will share out
> > > > > soon for
> > > > the
> > > > > community to collaborate.
> > > > >
> > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > Tools soak@microsoft.com
> > > > > 425 707 5598 office
> > > > >
> > > > > -----Original Message-----
> > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > Liking Subhag's proposal.
> > > > > Agree with Jesse on using conventions as a default plus
> > > > > config.xml
> > > > > --
> > > > with
> > > > > overrides/env-vars possible. The only caveat for including
> > > > > info in the config.xml is, the config.xml data is copied into
> > > > > the iOS platform and
> > > > will
> > > > > be included in the .app bundle, and will leak information
> > > > > (even though harmless, since it shouldn't contain passwords,
> > > > > etc) -- so maybe that
> > > is
> > > > > not desirable, using config.xml.
> > > > >
> > > > > We will need to provide the password each time at least for
> > > > > iOS, since
> > > we
> > > > > need to unlock the keychain for code signing.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > <ag...@chromium.org>
> > > > > wrote:
> > > > >
> > > > > > The prompting is actually pretty appropriate here since
> > > > > > passwords are involved I think. I think also that keys will
> > > > > > often not be checked into source control, but maybe the best
> > > > > > way to support that is to allow multiple ways of specifying
> > > > > > things (e.g. default to convention, allow override via
> > > > > > config.xml, allow override via command-line & env variable
> > > > > > as well)
> > > > > >
> > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > <pu...@gmail.com>
> > > wrote:
> > > > > >
> > > > > > > I am liking all of this.
> > > > > > > Are we ready to move this to an editable plaintext doc to
> > > collaborate
> > > > > on?
> > > > > > >
> > > > > > > I agree that we should take advantage of as much
> > > > > > > 'by-convention' as we
> > > > > > can,
> > > > > > > meaning things like `cordova package ios` defaults to a
> > > > > > > code sign
> > > > > > identity
> > > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > > > >
> > > > > > > If it does not make sense as a convention, then I too
> > > > > > > would like to see
> > > > > > as
> > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > points out,
> > > and
> > > > > > agree
> > > > > > > on picking the most consistent names possible.
> > > > > > >
> > > > > > > I would prefer that we do not prompt, and simply fail
> > > > > > > fast, given that tools will typically be consuming the
> > > > > > > cli. Or we should at least
> > > > > > provide a
> > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > config.xml-able
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > @purplecabbage
> > > > > > > risingj.com
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > <clantz@microsoft.com
> > > >
> > > > > > wrote:
> > > > > > >
> > > > > > > > One option here could be to build off of the idea of the
> "res"
> > > > > > > > folder
> > > > > > > that
> > > > > > > > is in the current samples for splashscreens and icons
> > > > > > > > and introduce something like "res/native". Files placed
> > > > > > > > here would
> > > be
> > > > > > > > put into the native project folders "before_prepare" and
> > > > > > > > would be further enhanced
> > > > > > by
> > > > > > > > the plugin and build infrastructure. This would allow
> > > > > > > > you to place customized native assets that are unique to
> > > > > > > > your project in a place
> > > > > > that
> > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > >
> > > > > > > > Andrew's environment variable idea could also provide an
> > > alternate
> > > > > > means
> > > > > > > > to specify platform specific values (what Soak mentions
> > > > > > > > in the {
> > > > }).
> > > > > > > >
> > > > > > > > -Chuck
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Frederico Galvão
> > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > >
> > > > > > > > I agree with pretty much everything mentioned, but as
> > > > > > > > far as I know cordova is trying it's best to not depend
> > > > > > > > on anything to be in /platforms/<TARGET_PLATFORM>/.
> > > > > > > > Having said that, the package command
> > > > > > > should
> > > > > > > > always expect things to be in config.xml or something
> > > > > > > > like
> > that.
> > > > > > > >
> > > > > > > > Also, the closer we are in naming things to what they
> > > > > > > > are already known
> > > > > > > as
> > > > > > > > in the native platform, the better.
> > > > > > > >
> > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > <Subhag.Oak@microsoft.com
> > > >:
> > > > > > > >
> > > > > > > > > Hey Cordova community,
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > I am Subhag Oak, senior program manager on the Visual
> > > > > > > > > Studio team working on VS tools for Multi device
> > > > > > > > > hybrid apps. In line with the discussion of having a
> > > > > > > > > generic
> > Cordova ‘packaging’
> > > > > > > > > command for all platforms, here is one
> > > > > > > > > proposal:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > As we all know, packaging an application for
> > > > > > > > > deployment
> > > requires
> > > > > > extra
> > > > > > > > > steps that are specific to the native platforms. A
> > > > > > > > > new generic Cordova CLI ‘package’ command can perform
> > > > > > > > > these platform specific actions to generate a final
> > > > > > > > > signed package ready for
> > > > > deployment:
> > > > > > > > >
> > > > > > > > > cordova package [platform] [--packageConfiguration]
> > > > > > > > > {-- –-sign[location]
> > > > > > > > > -- –-embed[location] -- --signIdentity[location]},
> > > > > > > > > where all
> > > the
> > > > > > > > > parameters within { } are platform specific overrides.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > If no platform is specified, the command will build
> > > > > > > > > packages
> > > for
> > > > > > > > > all platforms added.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > The values for –packageConfiguration are interpreted
> > > > > > > > > by the
> > > > > > respective
> > > > > > > > > platforms. For Android and Windows, the value can be
> > > > > > > > > debug or
> > > > > > release,
> > > > > > > > > with release being the default value. For iOS, the
> > > > > > > > > possible values are development, adhoc or store with
> > > > > > > > > development being the default value. The
> > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are
> > > > > > > > > optional iOS specific signing arguments for specifying
> > > > > > > > > the location of
> > > > > > code-signing
> > > > > > > > > certificate, the provisioning profile or the code
> > > > > > > > > signing identity (certificates along with public and
> > > > > > > > > private keys)
> > > > > respectively.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > e.g:
> > > > > > > > >
> > > > > > > > > · ‘cordova package iOS’ would generate a signed ipa
> > > with
> > > > > > > > > development profile, using code signing identity
> > > > > > > > > defined in
> > > > > > > > build.xcconfig:
> > > > > > > > >
> > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > >
> > > > > > > > > // security find-identity | sed -n
> > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > >
> > > > > > > > > // generic 'iPhone Developer' (no quotes) will match
> > > > > > > > > the right Identity with the right Provisioning //
> > > > > > > > > Profile plus Certificate, based on the app bundle id
> > > > > > > > >
> > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > · ‘cordova package android’ would generate a
> release
> > > > signed
> > > > > > > using
> > > > > > > > > the packaging assets (keystore, alias and password)
> > > > > > > > > defined in the ant.properties files using the ANT build.
> > > > > > > > > This would be using gradle.propoerties once cordova
> > > > > > > > > changes to gradle build like the one Andrew mentions below.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > · ‘Cordova package windows’ would generate a signed
> > > APPX
> > > > > > > package.
> > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > >
> > > > > > > > > • An unsigned packaged Windows Store
> app,
> > > for
> > > > > > > example,
> > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > >
> > > > > > > > > • A valid code signing certificate, for
> > > > > example, a
> > > > > > > > > Personal Information Exchange (.pfx) file created with
> > > > > > > > > the MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > > >
> > > > > > > > > • SignTool, which is part of the Windows
> > SDK
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Here is how the package command should work. The
> > > > > > > > > proposal is to make the ‘package’ command work on
> > > > > > > > > convention (similar to the Cordova
> > > > > > build
> > > > > > > > > command) rather than config settings. The command
> > > > > > > > > would look
> > > out
> > > > > > > > > for packaging assets in the “platform\ [native-platform]”
> > > folder.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > (keystore, password, alias and alias password) would
> > > > > > > > > be used for
> > > packaging.
> > > > > > > > > If any of
> > > > > > these
> > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > gradle.properties for gradle build] or if the file is
> > > > > > > > > missing, the command would prompt the user for these
> > > > > > > > > value at the command prompt. If the values provided
> > > > > > are
> > > > > > > > > invalid, the command would fail.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For iOS, the contents of build.xcconfig specify the
> > > > > > > > > code-sign certificate and the provisioning profile to
> > > > > > > > > be used. The
> > > default
> > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > information by build profile based on the
> > > > > > > > > configuration defined in the
> > > command.
> > > > > > > > > Build.xcconfig can also support signing identities
> > > > > > > > > that tie the code-sign certificate with the
> > > > > > > > > provisioning
> profile.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Tools like VS and other IDEs, which use cordova CLI,
> > > > > > > > > may need
> > > an
> > > > > > > > > explicit way to specify certs/profile for packaging
> > > > > > > > > for iOS (since
> > > > > > the
> > > > > > > > > build needs to happen on MAC agent) instead of the
> > > > > > > > > assets being defined in the build.xcconfig. One way to
> > > > > > > > > allow this is by
> > > using
> > > > > > > > > optional platform specific arguments to the package
> > > > > > > > > command
> > > like:
> > > > > > > > >
> > > > > > > > > Cordova package iOS --development --sign
> “d:\cert\mycert.cer”
> > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > >
> > > > > > > > > This command will run the xcrun command to generate a
> > > > > > > > > signed
> > > IPA
> > > > > > > > > with development provisioning profile.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > feedback on this
> > > > > > > > proposal.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > >
> > > > > > > > > Visual Studio, Client Tools
> > > > > > > > >
> > > > > > > > > soak@microsoft.com
> > > > > > > > >
> > > > > > > > > 425 707 5598 office
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: agrieve@google.com [mailto:agrieve@google.com]
> > > > > > > > > On Behalf Of Andrew Grieve
> > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > To: Shazron
> > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For Android Gradle, what's in (and experimental) right now:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > points
> > > to
> > > > > > > > > a .properties file that contains:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > >
> > > > > > > > > storePassword=SECRET1
> > > > > > > > >
> > > > > > > > > storeType=pkcs12
> > > > > > > > >
> > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > >
> > > > > > > > > keyPassword=SECRET2
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Topics to discuss:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > 1) Combine platform info into one file, or leave separate?
> > > > > > > > >
> > > > > > > > > - Leaning towards together
> > > > > > > > >
> > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > >
> > > > > > > > > - I think no, since signing info you often want to not
> > > > > > > > > check in /
> > > > > > keep
> > > > > > > > > secure
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Strawman:
> > > > > > > > >
> > > > > > > > > If a file "cordova-keys.json" exists as a sibling to
> > > > > > > > > www/, then use it. It should look like:
> > > > > > > > >
> > > > > > > > > {
> > > > > > > > >
> > > > > > > > > "android": {
> > > > > > > > >
> > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > >
> > > > > > > > > ...
> > > > > > > > >
> > > > > > > > > },
> > > > > > > > >
> > > > > > > > > "ios": {
> > > > > > > > >
> > > > > > > > > },
> > > > > > > > >
> > > > > > > > > ...
> > > > > > > > >
> > > > > > > > > }
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Android signs debug builds as well (not sure if other
> > > > > > > > > platforms do this too?), so maybe also allow
> > > > > > > > >
> > > > > > > > > "android-release" as an alias for "android", and
> > > > > > > > >
> > > > > > > > > "android-debug"
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > <shazron@gmail.com
> > > > <mailto:
> > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > >
> > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > >
> > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > >
> > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > Seems to be of great value - so let's get going on
> > > > > > > > > > this
> > > > > > > > > > ;)
> > > The
> > > > > > > > > > CLI has
> > > > > > > > >
> > > > > > > > > > (I think) matured more since then to allow this
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > williams
> > > > > > > > >
> > > > > > > > > > <to...@devgeeks.org>>
> > > > > > > > >
> > > > > > > > > > wrote:
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > Frederico’s workflow is the same as ours. I would
> > > > > > > > > > > love to see
> > > > > > > > >
> > > > > > > > > > > something happen To improve this, the less time I
> > > > > > > > > > > spend in Xcode,
> > > > > > > > >
> > > > > > > > > > > the happier I am
> > > > > > > > >
> > > > > > > > > > ;)
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > > > >
> > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > "cordova build
> > > > > > android
> > > > > > > > >
> > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > .properties properly
> > > > > > > > >
> > > > > > > > > > configured
> > > > > > > > >
> > > > > > > > > > > in my platform/android folder, specifying the path
> > > > > > > > > > > and name to my
> > > > > > > > >
> > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > already gives me
> > > > > > > > >
> > > > > > > > > > > the signed and ready .apk, all I have to do is
> > > > > > > > > > > upload it to
> > > > > > > > > play.google.com.
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > I have never, however, used cordova's CLI to build
> > > > > > > > > > > the
> > > final
> > > > > > > > >
> > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run
> > > > > > > > > > > "cordova
> > > > > > > > >
> > > > > > > > > > > prepare", and use xCode
> > > > > > > > >
> > > > > > > > > > from
> > > > > > > > >
> > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan
> > > > > > > > > > > (MS OPEN
> > > > > > > > > > > TECH) <
> > > > > > > > >
> > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microsoft.c
> > > > > > > > > > > om
> >>:
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > How about a "cordova package" command, that
> > > > > > > > > > > > would be for packaging
> > > > > > > > >
> > > > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > app
> > > > > > > > >
> > > > > > > > > > > > for the store? Note that different platforms may
> > > > > > > > > > > > have different
> > > > > > > > >
> > > > > > > > > > > > requirements for certs, signing etc. So it may
> > > > > > > > > > > > make sense to
> > > > > > > > >
> > > > > > > > > > > > promote
> > > > > > > > >
> > > > > > > > > > this
> > > > > > > > >
> > > > > > > > > > > > to a different command and let each command take
> > > > > > > > > > > > care of packaging
> > > > > > > > >
> > > > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > app
> > > > > > > > >
> > > > > > > > > > > > for the store. This command will also mean that
> > > developers
> > > > > > don’t
> > > > > > > > >
> > > > > > > > > > > > have
> > > > > > > > >
> > > > > > > > > > to
> > > > > > > > >
> > > > > > > > > > > go
> > > > > > > > >
> > > > > > > > > > > > over to the native projects when they finally
> > > > > > > > > > > > want to publish
> > > > > > > > >
> > > > > > > > > > > > their
> > > > > > > > >
> > > > > > > > > > apps
> > > > > > > > >
> > > > > > > > > > > to
> > > > > > > > >
> > > > > > > > > > > > the store.
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > -----Original Message-----
> > > > > > > > >
> > > > > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > > > > > >
> > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > >
> > > > > > > > > > > > To: dev
> > > > > > > > >
> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > if you do:
> > > > > > > > >
> > > > > > > > > > > > Cordova build --release,
> > > > > > > > >
> > > > > > > > > > > > The blackberry10 platform will generate a signed
> > image...
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > agrieve@chromium.org
> > > > > > > <mailto:
> > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >AFAIK, I don't think there's any technical
> roadblocks.
> > > > > > > > > > > > >Just need
> > > > > > > > >
> > > > > > > > > > > > >a proposal for how it should look, and then a
> > > > > > > > > > > > >patch & docs to add
> > > > > > > > > it!
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >For Android's hot-off-the-press gradle support,
> > > > > > > > > > > > >you can set an
> > > > > > > > >
> > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > >.properties file for
> > > > > > > > >
> > > > > > > > > > > > >signing builds. This shows one way to go about
> > > > > > > > > > > > >it, but I'm not in
> > > > > > > > >
> > > > > > > > > > > > >love with
> > > > > > > > >
> > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > > .properties idea.
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > > >
> > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@gma
> > > > > > > > > > > > >il.c
> > > > > > > > > > > > >om>>
> > > > > > > > >
> > > > > > > > > > > > >wrote:
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >> Hi community.
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Been looking at this topic and wondering why
> > > > > > > > > > > > >> the build command
> > > > > > > > >
> > > > > > > > > > > > >>does not create signed archives. Digging a
> > > > > > > > > > > > >>little bit found a
> > > > > > > > >
> > > > > > > > > > > > >>lot of differences in the platforms to create
> > > > > > > > > > > > >>these
> > > > > archives.
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > >> Export your
> > > APK
> > > > > > > > > > > > >> in
> > > > > > > > >
> > > > > > > > > > > > >> release mode (--release flag) 2. Sign your
> > > > > > > > > > > > >> APK (you already
> > > > > > > > >
> > > > > > > > > > > > >> need a RSA key)
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > >
> > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > >> (--release
> > > seems
> > > > > > > > > > > > >> to
> > > > > > > > >
> > > > > > > > > > > > >> export
> > > > > > > > >
> > > > > > > > > > for
> > > > > > > > >
> > > > > > > > > > > > >>emulator only) 2. Either use XCode (UI-based)
> > > > > > > > > > > > >>and sign the
> > > > > > > > >
> > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > >
> > > > > > > > > > > > >> process)
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Besides these differences, what is preventing
> > > > > > > > > > > > >> Cordova from
> > > > > > > > >
> > > > > > > > > > > > >> providing a generic one-way to build these
> > > > > > > > > > > > >> signed,
> > > > > > > > > ready-to-publish archives?
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Perhaps I'm missing something here...? I
> > > > > > > > > > > > >> really appreciate your
> > > > > > > > >
> > > > > > > > > > > > >>insights on this topic
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Thanks!
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> --
> > > > > > > > >
> > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > >
> > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > >
> > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > ------------------------------------------------------------
> > > > > > ----
> > > > > > > > > > > > --
> > > > > > > > >
> > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > >
> > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > <mailto:
> > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > --
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > *Frederico Galvão*
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br>
> > > > > > > > > > > <
> > > > > > > > > http://www.pontoget.com/>
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > >
> > > > > > > > *Frederico Galvão*
> > > > > > > >
> > > > > > > > Diretor de Tecnologia
> > > > > > > >
> > > > > > > > PontoGet Inovação Web
> > > > > > > >
> > > > > > > >
> > > > > > > > ( +55(62) 8131-5720
> > > > > > > >
> > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > > > --------------------------------------------------------------
> > > > > ----
> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > >
> > > > > --------------------------------------------------------------
> > > > > ----
> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Carlos Santana
> > > > <cs...@gmail.com>
> > > >
> > > >
> > > >
> > > > --
> > > > Victor Adrian Sosa Herrera
> > > > IBM Software Engineer
> > > > Guadalajara, Jalisco
> > > >
> > >
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
>
>
>
> --
> Victor Adrian Sosa Herrera
> IBM Software Engineer
> Guadalajara, Jalisco
>
�B KKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKKCB � �[ X ܚX K��K[XZ[
��] ][ X ܚX P� ܙ�ݘK \�X �K ܙ B ܈�Y��]�[ۘ[�� [X[ � ��K[XZ[
��] Z�[��� ܙ�ݘK \�X �K ܙ B
RE: Build signed archives using CLI
Posted by Chuck Lantz <cl...@microsoft.com>.
Yeah personally I am thinking that - particularly if we treat platforms as dependencies in package.json as proposed - we'll need some facility to set native build settings. We may be able to come up with some sort of abstraction for this part, but I'm kind of thinking we'll ultimately want a facility to include native build property files (ant/gradle.properties, things like the signing identity in build.xcconfig, etc) in the CLI project. That said, we could have another facility for common settings like certs.
-Chuck
-----Original Message-----
From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew Grieve
Sent: Wednesday, January 28, 2015 10:18 AM
To: dev
Subject: Re: Build signed archives using CLI
Sounds good, let's wait until Dan is back to discuss. The main point I'd like to cover is whether it'd be good to have layer of indirection between cordova and the platform-specific files that dictate signing info.
E.g.:
Instead of using ant.properties / gradle.properties / build.xcconfig, have:
cordova-keys.json
{
ios: { identity: "", provisioning_profile: "" },
android-debug: { keystore: "", alias: "", password: "", type: "" },
android-release: { keystore: "", alias: "", password: "", type: "" }
...
}
Then, have a prepare step that makes the platforms do the right thing
(Note that for android it's important to have debug siging keys as well since they are used for Play Services and Cloud Console APIs).
On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa <so...@gmail.com>
wrote:
> Yay!! Great news!
>
> Chuck, by any chance, do you have a link to the sandbox, or design doc
> or something worth to look at it? If no, we can wait until Dan is back
> (hope he feels better soon) I'm happy to help if needed.
>
> 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
>
> > Dan Levine whom some of you met at PhoneGap day actually has been
> > working on a PR based on Subhag's proposal for discussion - he is
> > out sick which
> is
> > why he didn't respond to this thread. I'll let him speak to it once
> > he's back but the good news is there is someone working on something
> > in this area.
> >
> > -Chuck
> >
> > -----Original Message-----
> > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > Sent: Wednesday, January 28, 2015 7:57 AM
> > To: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > Hi Andrew.
> >
> > AFAICT, no one has done any work on this area, but I'd like to add
> > this topic to the hangout agenda, start discussing this. I think
> > Subhag has a very good design in the google doc in this thread. We
> > can start from
> there
> > and try to make this happen for a future release.
> >
> > Thoughts before adding it to the agenda?
> >
> > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> >
> > > In anyone interested in working on any of this?
> > >
> > > Was just looking at it to see if there was anything I needed to do
> > > to add support to Android for release packaging.
> > >
> > > Main thing lacking to me is whether we should support specifying
> > > release key information outside of the platforms/android directory.
> > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > per-platform key locations & settings.
> > >
> > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa
> > > <so...@gmail.com>
> > > wrote:
> > >
> > > > Hello Cordova community
> > > > Curious to know where we stand about this topic. Even though
> > > > this topic looks to have significant impact on Cordova, Subhag
> > > > has a document
> > > proposal
> > > > with little discussion activity.
> > > >
> > > > I like Subhag's proposal, but I want to bring back the idea of a
> > > > prompt-less keychain.
> > > >
> > > > Is anything else, besides what is depicted in the proposal,
> > > > missing
> > here?
> > > >
> > > > Document:
> > > >
> > > >
> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9
> > > PuNB
> > > L1auAMGFM/edit?usp=sharing
> > > >
> > > >
> > > > ---------- Forwarded message ----------
> > > > From: Carlos Santana <cs...@gmail.com>
> > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > Subject: Re: Build signed archives using CLI
> > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > >
> > > >
> > > > +1 on having a new command "cordova package" this will allow IBM
> > > > +tooling
> > > to
> > > > hook into before_package and after_package for our own
> > > > customizations (direct update, authenticity, etc..)
> > > > +1 on using sane defaults and not prompting (i.e. default
> > > > +keychain maybe
> > > > used and unlock already) if not found what we need then prompt
> > > > or fail
> > > > +1 have some config/settings outside "platforms/" as I like to
> > > > +be
> > > transient
> > > > replaceable. using config.xml, something.json, or file
> > > > conventions like res/packaging/<platform>/ are all ok options.
> > > >
> > > >
> > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > <Su...@microsoft.com>
> > > > wrote:
> > > >
> > > > > Here is the link to the proposal:
> > > > >
> > > >
> > > >
> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9
> > > PuNB
> > > L1auAMGFM/edit?usp=sharing
> > > > > Jump on it people :)
> > > > >
> > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > Tools soak@microsoft.com
> > > > > 425 707 5598 office
> > > > >
> > > > > -----Original Message-----
> > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: RE: Build signed archives using CLI
> > > > >
> > > > > Adding to what Shazron said, isn't config.xml supposed to be
> > > > > considered as app-wide settings/properties? Typically
> > > > > packaging information is per platform and hence in my opinion,
> > > > > should be decoupled from config
> > > > settings.
> > > > > Jesse, I am working on a documentation that I will share out
> > > > > soon for
> > > > the
> > > > > community to collaborate.
> > > > >
> > > > > Subhag Oak | Senior Program Manager Visual Studio, Client
> > > > > Tools soak@microsoft.com
> > > > > 425 707 5598 office
> > > > >
> > > > > -----Original Message-----
> > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > Liking Subhag's proposal.
> > > > > Agree with Jesse on using conventions as a default plus
> > > > > config.xml
> > > > > --
> > > > with
> > > > > overrides/env-vars possible. The only caveat for including
> > > > > info in the config.xml is, the config.xml data is copied into
> > > > > the iOS platform and
> > > > will
> > > > > be included in the .app bundle, and will leak information
> > > > > (even though harmless, since it shouldn't contain passwords,
> > > > > etc) -- so maybe that
> > > is
> > > > > not desirable, using config.xml.
> > > > >
> > > > > We will need to provide the password each time at least for
> > > > > iOS, since
> > > we
> > > > > need to unlock the keychain for code signing.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > <ag...@chromium.org>
> > > > > wrote:
> > > > >
> > > > > > The prompting is actually pretty appropriate here since
> > > > > > passwords are involved I think. I think also that keys will
> > > > > > often not be checked into source control, but maybe the best
> > > > > > way to support that is to allow multiple ways of specifying
> > > > > > things (e.g. default to convention, allow override via
> > > > > > config.xml, allow override via command-line & env variable
> > > > > > as well)
> > > > > >
> > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse
> > > > > > <pu...@gmail.com>
> > > wrote:
> > > > > >
> > > > > > > I am liking all of this.
> > > > > > > Are we ready to move this to an editable plaintext doc to
> > > collaborate
> > > > > on?
> > > > > > >
> > > > > > > I agree that we should take advantage of as much
> > > > > > > 'by-convention' as we
> > > > > > can,
> > > > > > > meaning things like `cordova package ios` defaults to a
> > > > > > > code sign
> > > > > > identity
> > > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > > > >
> > > > > > > If it does not make sense as a convention, then I too
> > > > > > > would like to see
> > > > > > as
> > > > > > > much as possible done through config.xml as Fredrico
> > > > > > > points out,
> > > and
> > > > > > agree
> > > > > > > on picking the most consistent names possible.
> > > > > > >
> > > > > > > I would prefer that we do not prompt, and simply fail
> > > > > > > fast, given that tools will typically be consuming the
> > > > > > > cli. Or we should at least
> > > > > > provide a
> > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > config.xml-able
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > @purplecabbage
> > > > > > > risingj.com
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > <clantz@microsoft.com
> > > >
> > > > > > wrote:
> > > > > > >
> > > > > > > > One option here could be to build off of the idea of the
> "res"
> > > > > > > > folder
> > > > > > > that
> > > > > > > > is in the current samples for splashscreens and icons
> > > > > > > > and introduce something like "res/native". Files placed
> > > > > > > > here would
> > > be
> > > > > > > > put into the native project folders "before_prepare" and
> > > > > > > > would be further enhanced
> > > > > > by
> > > > > > > > the plugin and build infrastructure. This would allow
> > > > > > > > you to place customized native assets that are unique to
> > > > > > > > your project in a place
> > > > > > that
> > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > >
> > > > > > > > Andrew's environment variable idea could also provide an
> > > alternate
> > > > > > means
> > > > > > > > to specify platform specific values (what Soak mentions
> > > > > > > > in the {
> > > > }).
> > > > > > > >
> > > > > > > > -Chuck
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Frederico Galvão
> > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > >
> > > > > > > > I agree with pretty much everything mentioned, but as
> > > > > > > > far as I know cordova is trying it's best to not depend
> > > > > > > > on anything to be in /platforms/<TARGET_PLATFORM>/.
> > > > > > > > Having said that, the package command
> > > > > > > should
> > > > > > > > always expect things to be in config.xml or something
> > > > > > > > like
> > that.
> > > > > > > >
> > > > > > > > Also, the closer we are in naming things to what they
> > > > > > > > are already known
> > > > > > > as
> > > > > > > > in the native platform, the better.
> > > > > > > >
> > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > <Subhag.Oak@microsoft.com
> > > >:
> > > > > > > >
> > > > > > > > > Hey Cordova community,
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > I am Subhag Oak, senior program manager on the Visual
> > > > > > > > > Studio team working on VS tools for Multi device
> > > > > > > > > hybrid apps. In line with the discussion of having a
> > > > > > > > > generic
> > Cordova ‘packaging’
> > > > > > > > > command for all platforms, here is one
> > > > > > > > > proposal:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > As we all know, packaging an application for
> > > > > > > > > deployment
> > > requires
> > > > > > extra
> > > > > > > > > steps that are specific to the native platforms. A
> > > > > > > > > new generic Cordova CLI ‘package’ command can perform
> > > > > > > > > these platform specific actions to generate a final
> > > > > > > > > signed package ready for
> > > > > deployment:
> > > > > > > > >
> > > > > > > > > cordova package [platform] [--packageConfiguration]
> > > > > > > > > {-- –-sign[location]
> > > > > > > > > -- –-embed[location] -- --signIdentity[location]},
> > > > > > > > > where all
> > > the
> > > > > > > > > parameters within { } are platform specific overrides.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > If no platform is specified, the command will build
> > > > > > > > > packages
> > > for
> > > > > > > > > all platforms added.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > The values for –packageConfiguration are interpreted
> > > > > > > > > by the
> > > > > > respective
> > > > > > > > > platforms. For Android and Windows, the value can be
> > > > > > > > > debug or
> > > > > > release,
> > > > > > > > > with release being the default value. For iOS, the
> > > > > > > > > possible values are development, adhoc or store with
> > > > > > > > > development being the default value. The
> > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are
> > > > > > > > > optional iOS specific signing arguments for specifying
> > > > > > > > > the location of
> > > > > > code-signing
> > > > > > > > > certificate, the provisioning profile or the code
> > > > > > > > > signing identity (certificates along with public and
> > > > > > > > > private keys)
> > > > > respectively.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > e.g:
> > > > > > > > >
> > > > > > > > > · ‘cordova package iOS’ would generate a signed ipa
> > > with
> > > > > > > > > development profile, using code signing identity
> > > > > > > > > defined in
> > > > > > > > build.xcconfig:
> > > > > > > > >
> > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > >
> > > > > > > > > // security find-identity | sed -n
> > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > >
> > > > > > > > > // generic 'iPhone Developer' (no quotes) will match
> > > > > > > > > the right Identity with the right Provisioning //
> > > > > > > > > Profile plus Certificate, based on the app bundle id
> > > > > > > > >
> > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > · ‘cordova package android’ would generate a
> release
> > > > signed
> > > > > > > using
> > > > > > > > > the packaging assets (keystore, alias and password)
> > > > > > > > > defined in the ant.properties files using the ANT build.
> > > > > > > > > This would be using gradle.propoerties once cordova
> > > > > > > > > changes to gradle build like the one Andrew mentions below.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > · ‘Cordova package windows’ would generate a signed
> > > APPX
> > > > > > > package.
> > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > >
> > > > > > > > > • An unsigned packaged Windows Store
> app,
> > > for
> > > > > > > example,
> > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > >
> > > > > > > > > • A valid code signing certificate, for
> > > > > example, a
> > > > > > > > > Personal Information Exchange (.pfx) file created with
> > > > > > > > > the MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > > >
> > > > > > > > > • SignTool, which is part of the Windows
> > SDK
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Here is how the package command should work. The
> > > > > > > > > proposal is to make the ‘package’ command work on
> > > > > > > > > convention (similar to the Cordova
> > > > > > build
> > > > > > > > > command) rather than config settings. The command
> > > > > > > > > would look
> > > out
> > > > > > > > > for packaging assets in the “platform\ [native-platform]”
> > > folder.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For android, the contents of the ant.properties
> > > > > > > > > (keystore, password, alias and alias password) would
> > > > > > > > > be used for
> > > packaging.
> > > > > > > > > If any of
> > > > > > these
> > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > gradle.properties for gradle build] or if the file is
> > > > > > > > > missing, the command would prompt the user for these
> > > > > > > > > value at the command prompt. If the values provided
> > > > > > are
> > > > > > > > > invalid, the command would fail.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For iOS, the contents of build.xcconfig specify the
> > > > > > > > > code-sign certificate and the provisioning profile to
> > > > > > > > > be used. The
> > > default
> > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > information by build profile based on the
> > > > > > > > > configuration defined in the
> > > command.
> > > > > > > > > Build.xcconfig can also support signing identities
> > > > > > > > > that tie the code-sign certificate with the
> > > > > > > > > provisioning
> profile.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Tools like VS and other IDEs, which use cordova CLI,
> > > > > > > > > may need
> > > an
> > > > > > > > > explicit way to specify certs/profile for packaging
> > > > > > > > > for iOS (since
> > > > > > the
> > > > > > > > > build needs to happen on MAC agent) instead of the
> > > > > > > > > assets being defined in the build.xcconfig. One way to
> > > > > > > > > allow this is by
> > > using
> > > > > > > > > optional platform specific arguments to the package
> > > > > > > > > command
> > > like:
> > > > > > > > >
> > > > > > > > > Cordova package iOS --development --sign
> “d:\cert\mycert.cer”
> > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > >
> > > > > > > > > This command will run the xcrun command to generate a
> > > > > > > > > signed
> > > IPA
> > > > > > > > > with development provisioning profile.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > I would love to hear your comments, insights and
> > > > > > > > > feedback on this
> > > > > > > > proposal.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > >
> > > > > > > > > Visual Studio, Client Tools
> > > > > > > > >
> > > > > > > > > soak@microsoft.com
> > > > > > > > >
> > > > > > > > > 425 707 5598 office
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: agrieve@google.com [mailto:agrieve@google.com]
> > > > > > > > > On Behalf Of Andrew Grieve
> > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > To: Shazron
> > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For Android Gradle, what's in (and experimental) right now:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > points
> > > to
> > > > > > > > > a .properties file that contains:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > >
> > > > > > > > > storePassword=SECRET1
> > > > > > > > >
> > > > > > > > > storeType=pkcs12
> > > > > > > > >
> > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > >
> > > > > > > > > keyPassword=SECRET2
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Topics to discuss:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > 1) Combine platform info into one file, or leave separate?
> > > > > > > > >
> > > > > > > > > - Leaning towards together
> > > > > > > > >
> > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > >
> > > > > > > > > - I think no, since signing info you often want to not
> > > > > > > > > check in /
> > > > > > keep
> > > > > > > > > secure
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Strawman:
> > > > > > > > >
> > > > > > > > > If a file "cordova-keys.json" exists as a sibling to
> > > > > > > > > www/, then use it. It should look like:
> > > > > > > > >
> > > > > > > > > {
> > > > > > > > >
> > > > > > > > > "android": {
> > > > > > > > >
> > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > >
> > > > > > > > > ...
> > > > > > > > >
> > > > > > > > > },
> > > > > > > > >
> > > > > > > > > "ios": {
> > > > > > > > >
> > > > > > > > > },
> > > > > > > > >
> > > > > > > > > ...
> > > > > > > > >
> > > > > > > > > }
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Android signs debug builds as well (not sure if other
> > > > > > > > > platforms do this too?), so maybe also allow
> > > > > > > > >
> > > > > > > > > "android-release" as an alias for "android", and
> > > > > > > > >
> > > > > > > > > "android-debug"
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron
> > > > > > > > > <shazron@gmail.com
> > > > <mailto:
> > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > >
> > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > >
> > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > >
> > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > Seems to be of great value - so let's get going on
> > > > > > > > > > this
> > > > > > > > > > ;)
> > > The
> > > > > > > > > > CLI has
> > > > > > > > >
> > > > > > > > > > (I think) matured more since then to allow this
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos
> > > > > > > > > > williams
> > > > > > > > >
> > > > > > > > > > <to...@devgeeks.org>>
> > > > > > > > >
> > > > > > > > > > wrote:
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > Frederico’s workflow is the same as ours. I would
> > > > > > > > > > > love to see
> > > > > > > > >
> > > > > > > > > > > something happen To improve this, the less time I
> > > > > > > > > > > spend in Xcode,
> > > > > > > > >
> > > > > > > > > > > the happier I am
> > > > > > > > >
> > > > > > > > > > ;)
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > > > >
> > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > I can already get the ultimate .apk through
> > > > > > > > > > > "cordova build
> > > > > > android
> > > > > > > > >
> > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > .properties properly
> > > > > > > > >
> > > > > > > > > > configured
> > > > > > > > >
> > > > > > > > > > > in my platform/android folder, specifying the path
> > > > > > > > > > > and name to my
> > > > > > > > >
> > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > already gives me
> > > > > > > > >
> > > > > > > > > > > the signed and ready .apk, all I have to do is
> > > > > > > > > > > upload it to
> > > > > > > > > play.google.com.
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > I have never, however, used cordova's CLI to build
> > > > > > > > > > > the
> > > final
> > > > > > > > >
> > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run
> > > > > > > > > > > "cordova
> > > > > > > > >
> > > > > > > > > > > prepare", and use xCode
> > > > > > > > >
> > > > > > > > > > from
> > > > > > > > >
> > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan
> > > > > > > > > > > (MS OPEN
> > > > > > > > > > > TECH) <
> > > > > > > > >
> > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microsoft.c
> > > > > > > > > > > om
> >>:
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > How about a "cordova package" command, that
> > > > > > > > > > > > would be for packaging
> > > > > > > > >
> > > > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > app
> > > > > > > > >
> > > > > > > > > > > > for the store? Note that different platforms may
> > > > > > > > > > > > have different
> > > > > > > > >
> > > > > > > > > > > > requirements for certs, signing etc. So it may
> > > > > > > > > > > > make sense to
> > > > > > > > >
> > > > > > > > > > > > promote
> > > > > > > > >
> > > > > > > > > > this
> > > > > > > > >
> > > > > > > > > > > > to a different command and let each command take
> > > > > > > > > > > > care of packaging
> > > > > > > > >
> > > > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > app
> > > > > > > > >
> > > > > > > > > > > > for the store. This command will also mean that
> > > developers
> > > > > > don’t
> > > > > > > > >
> > > > > > > > > > > > have
> > > > > > > > >
> > > > > > > > > > to
> > > > > > > > >
> > > > > > > > > > > go
> > > > > > > > >
> > > > > > > > > > > > over to the native projects when they finally
> > > > > > > > > > > > want to publish
> > > > > > > > >
> > > > > > > > > > > > their
> > > > > > > > >
> > > > > > > > > > apps
> > > > > > > > >
> > > > > > > > > > > to
> > > > > > > > >
> > > > > > > > > > > > the store.
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > -----Original Message-----
> > > > > > > > >
> > > > > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > > > > > >
> > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > >
> > > > > > > > > > > > To: dev
> > > > > > > > >
> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > if you do:
> > > > > > > > >
> > > > > > > > > > > > Cordova build --release,
> > > > > > > > >
> > > > > > > > > > > > The blackberry10 platform will generate a signed
> > image...
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > agrieve@chromium.org
> > > > > > > <mailto:
> > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >AFAIK, I don't think there's any technical
> roadblocks.
> > > > > > > > > > > > >Just need
> > > > > > > > >
> > > > > > > > > > > > >a proposal for how it should look, and then a
> > > > > > > > > > > > >patch & docs to add
> > > > > > > > > it!
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >For Android's hot-off-the-press gradle support,
> > > > > > > > > > > > >you can set an
> > > > > > > > >
> > > > > > > > > > > > >environment variable that points to a
> > > > > > > > > > > > >.properties file for
> > > > > > > > >
> > > > > > > > > > > > >signing builds. This shows one way to go about
> > > > > > > > > > > > >it, but I'm not in
> > > > > > > > >
> > > > > > > > > > > > >love with
> > > > > > > > >
> > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > > .properties idea.
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > > >
> > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@gma
> > > > > > > > > > > > >il.c
> > > > > > > > > > > > >om>>
> > > > > > > > >
> > > > > > > > > > > > >wrote:
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >> Hi community.
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Been looking at this topic and wondering why
> > > > > > > > > > > > >> the build command
> > > > > > > > >
> > > > > > > > > > > > >>does not create signed archives. Digging a
> > > > > > > > > > > > >>little bit found a
> > > > > > > > >
> > > > > > > > > > > > >>lot of differences in the platforms to create
> > > > > > > > > > > > >>these
> > > > > archives.
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> For instance, in Android you need to 1.
> > > > > > > > > > > > >> Export your
> > > APK
> > > > > > > > > > > > >> in
> > > > > > > > >
> > > > > > > > > > > > >> release mode (--release flag) 2. Sign your
> > > > > > > > > > > > >> APK (you already
> > > > > > > > >
> > > > > > > > > > > > >> need a RSA key)
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > >
> > > > > > > > > > > > >> 1. Export your APP using --device flag
> > > > > > > > > > > > >> (--release
> > > seems
> > > > > > > > > > > > >> to
> > > > > > > > >
> > > > > > > > > > > > >> export
> > > > > > > > >
> > > > > > > > > > for
> > > > > > > > >
> > > > > > > > > > > > >>emulator only) 2. Either use XCode (UI-based)
> > > > > > > > > > > > >>and sign the
> > > > > > > > >
> > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > >
> > > > > > > > > > > > >> process)
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Besides these differences, what is preventing
> > > > > > > > > > > > >> Cordova from
> > > > > > > > >
> > > > > > > > > > > > >> providing a generic one-way to build these
> > > > > > > > > > > > >> signed,
> > > > > > > > > ready-to-publish archives?
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Perhaps I'm missing something here...? I
> > > > > > > > > > > > >> really appreciate your
> > > > > > > > >
> > > > > > > > > > > > >>insights on this topic
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Thanks!
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> --
> > > > > > > > >
> > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > >
> > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > >
> > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > ------------------------------------------------------------
> > > > > > ----
> > > > > > > > > > > > --
> > > > > > > > >
> > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > >
> > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > <mailto:
> > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > --
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > *Frederico Galvão*
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br>
> > > > > > > > > > > <
> > > > > > > > > http://www.pontoget.com/>
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > >
> > > > > > > > *Frederico Galvão*
> > > > > > > >
> > > > > > > > Diretor de Tecnologia
> > > > > > > >
> > > > > > > > PontoGet Inovação Web
> > > > > > > >
> > > > > > > >
> > > > > > > > ( +55(62) 8131-5720
> > > > > > > >
> > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > > > --------------------------------------------------------------
> > > > > ----
> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > >
> > > > > --------------------------------------------------------------
> > > > > ----
> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Carlos Santana
> > > > <cs...@gmail.com>
> > > >
> > > >
> > > >
> > > > --
> > > > Victor Adrian Sosa Herrera
> > > > IBM Software Engineer
> > > > Guadalajara, Jalisco
> > > >
> > >
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
>
>
>
> --
> Victor Adrian Sosa Herrera
> IBM Software Engineer
> Guadalajara, Jalisco
>
Re: Build signed archives using CLI
Posted by Darryl Pogue <dv...@gmail.com>.
One issue we've run into on iOS is that the xcconfig specifies "iPhone
Developer" by default, and for release builds that needs to be "iPhone
Distribution".
We ended up using a before_compile JS hook to check if we're building
with --release and modify the xcconfig:
https://gist.github.com/dpogue/8ed1945c7464b448820e
On 28 January 2015 at 10:17, Andrew Grieve <ag...@chromium.org> wrote:
> Sounds good, let's wait until Dan is back to discuss. The main point I'd
> like to cover is whether it'd be good to have layer of indirection between
> cordova and the platform-specific files that dictate signing info.
>
> E.g.:
> Instead of using ant.properties / gradle.properties / build.xcconfig, have:
>
> cordova-keys.json
> {
> ios: { identity: "", provisioning_profile: "" },
> android-debug: { keystore: "", alias: "", password: "", type: "" },
> android-release: { keystore: "", alias: "", password: "", type: "" }
> ...
> }
>
> Then, have a prepare step that makes the platforms do the right thing
>
> (Note that for android it's important to have debug siging keys as well
> since they are used for Play Services and Cloud Console APIs).
>
>
>
>
>
>
> On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa <so...@gmail.com>
> wrote:
>
>> Yay!! Great news!
>>
>> Chuck, by any chance, do you have a link to the sandbox, or design doc or
>> something worth to look at it? If no, we can wait until Dan is back (hope
>> he feels better soon)
>> I'm happy to help if needed.
>>
>> 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
>>
>> > Dan Levine whom some of you met at PhoneGap day actually has been working
>> > on a PR based on Subhag's proposal for discussion - he is out sick which
>> is
>> > why he didn't respond to this thread. I'll let him speak to it once he's
>> > back but the good news is there is someone working on something in this
>> > area.
>> >
>> > -Chuck
>> >
>> > -----Original Message-----
>> > From: Victor Sosa [mailto:sosah.victor@gmail.com]
>> > Sent: Wednesday, January 28, 2015 7:57 AM
>> > To: dev@cordova.apache.org
>> > Subject: Re: Build signed archives using CLI
>> >
>> > Hi Andrew.
>> >
>> > AFAICT, no one has done any work on this area, but I'd like to add this
>> > topic to the hangout agenda, start discussing this. I think Subhag has a
>> > very good design in the google doc in this thread. We can start from
>> there
>> > and try to make this happen for a future release.
>> >
>> > Thoughts before adding it to the agenda?
>> >
>> > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
>> >
>> > > In anyone interested in working on any of this?
>> > >
>> > > Was just looking at it to see if there was anything I needed to do to
>> > > add support to Android for release packaging.
>> > >
>> > > Main thing lacking to me is whether we should support specifying
>> > > release key information outside of the platforms/android directory.
>> > > E.g. have a cordova-keys.json as a sibling to www/ that has
>> > > per-platform key locations & settings.
>> > >
>> > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa <so...@gmail.com>
>> > > wrote:
>> > >
>> > > > Hello Cordova community
>> > > > Curious to know where we stand about this topic. Even though this
>> > > > topic looks to have significant impact on Cordova, Subhag has a
>> > > > document
>> > > proposal
>> > > > with little discussion activity.
>> > > >
>> > > > I like Subhag's proposal, but I want to bring back the idea of a
>> > > > prompt-less keychain.
>> > > >
>> > > > Is anything else, besides what is depicted in the proposal, missing
>> > here?
>> > > >
>> > > > Document:
>> > > >
>> > > >
>> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
>> > > L1auAMGFM/edit?usp=sharing
>> > > >
>> > > >
>> > > > ---------- Forwarded message ----------
>> > > > From: Carlos Santana <cs...@gmail.com>
>> > > > Date: 2014-10-15 12:42 GMT-05:00
>> > > > Subject: Re: Build signed archives using CLI
>> > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
>> > > >
>> > > >
>> > > > +1 on having a new command "cordova package" this will allow IBM
>> > > > +tooling
>> > > to
>> > > > hook into before_package and after_package for our own
>> > > > customizations (direct update, authenticity, etc..)
>> > > > +1 on using sane defaults and not prompting (i.e. default keychain
>> > > > +maybe
>> > > > used and unlock already) if not found what we need then prompt or
>> > > > fail
>> > > > +1 have some config/settings outside "platforms/" as I like to be
>> > > transient
>> > > > replaceable. using config.xml, something.json, or file conventions
>> > > > like res/packaging/<platform>/ are all ok options.
>> > > >
>> > > >
>> > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
>> > > > <Su...@microsoft.com>
>> > > > wrote:
>> > > >
>> > > > > Here is the link to the proposal:
>> > > > >
>> > > >
>> > > >
>> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
>> > > L1auAMGFM/edit?usp=sharing
>> > > > > Jump on it people :)
>> > > > >
>> > > > > Subhag Oak | Senior Program Manager Visual Studio, Client Tools
>> > > > > soak@microsoft.com
>> > > > > 425 707 5598 office
>> > > > >
>> > > > > -----Original Message-----
>> > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
>> > > > > Sent: Thursday, October 9, 2014 12:58 PM
>> > > > > To: dev@cordova.apache.org
>> > > > > Subject: RE: Build signed archives using CLI
>> > > > >
>> > > > > Adding to what Shazron said, isn't config.xml supposed to be
>> > > > > considered as app-wide settings/properties? Typically packaging
>> > > > > information is per platform and hence in my opinion, should be
>> > > > > decoupled from config
>> > > > settings.
>> > > > > Jesse, I am working on a documentation that I will share out soon
>> > > > > for
>> > > > the
>> > > > > community to collaborate.
>> > > > >
>> > > > > Subhag Oak | Senior Program Manager Visual Studio, Client Tools
>> > > > > soak@microsoft.com
>> > > > > 425 707 5598 office
>> > > > >
>> > > > > -----Original Message-----
>> > > > > From: Shazron [mailto:shazron@gmail.com]
>> > > > > Sent: Thursday, October 9, 2014 12:02 PM
>> > > > > To: dev@cordova.apache.org
>> > > > > Subject: Re: Build signed archives using CLI
>> > > > >
>> > > > > Liking Subhag's proposal.
>> > > > > Agree with Jesse on using conventions as a default plus config.xml
>> > > > > --
>> > > > with
>> > > > > overrides/env-vars possible. The only caveat for including info in
>> > > > > the config.xml is, the config.xml data is copied into the iOS
>> > > > > platform and
>> > > > will
>> > > > > be included in the .app bundle, and will leak information (even
>> > > > > though harmless, since it shouldn't contain passwords, etc) -- so
>> > > > > maybe that
>> > > is
>> > > > > not desirable, using config.xml.
>> > > > >
>> > > > > We will need to provide the password each time at least for iOS,
>> > > > > since
>> > > we
>> > > > > need to unlock the keychain for code signing.
>> > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
>> > > > > <ag...@chromium.org>
>> > > > > wrote:
>> > > > >
>> > > > > > The prompting is actually pretty appropriate here since
>> > > > > > passwords are involved I think. I think also that keys will
>> > > > > > often not be checked into source control, but maybe the best way
>> > > > > > to support that is to allow multiple ways of specifying things
>> > > > > > (e.g. default to convention, allow override via config.xml,
>> > > > > > allow override via command-line & env variable as well)
>> > > > > >
>> > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com>
>> > > wrote:
>> > > > > >
>> > > > > > > I am liking all of this.
>> > > > > > > Are we ready to move this to an editable plaintext doc to
>> > > collaborate
>> > > > > on?
>> > > > > > >
>> > > > > > > I agree that we should take advantage of as much
>> > > > > > > 'by-convention' as we
>> > > > > > can,
>> > > > > > > meaning things like `cordova package ios` defaults to a code
>> > > > > > > sign
>> > > > > > identity
>> > > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
>> > > > > > >
>> > > > > > > If it does not make sense as a convention, then I too would
>> > > > > > > like to see
>> > > > > > as
>> > > > > > > much as possible done through config.xml as Fredrico points
>> > > > > > > out,
>> > > and
>> > > > > > agree
>> > > > > > > on picking the most consistent names possible.
>> > > > > > >
>> > > > > > > I would prefer that we do not prompt, and simply fail fast,
>> > > > > > > given that tools will typically be consuming the cli. Or we
>> > > > > > > should at least
>> > > > > > provide a
>> > > > > > > --noPrompt option. Anything prompt-able should be
>> > > > > > > config.xml-able
>> > > > > > >
>> > > > > > >
>> > > > > > >
>> > > > > > >
>> > > > > > >
>> > > > > > >
>> > > > > > >
>> > > > > > >
>> > > > > > > @purplecabbage
>> > > > > > > risingj.com
>> > > > > > >
>> > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
>> > > > > > > <clantz@microsoft.com
>> > > >
>> > > > > > wrote:
>> > > > > > >
>> > > > > > > > One option here could be to build off of the idea of the
>> "res"
>> > > > > > > > folder
>> > > > > > > that
>> > > > > > > > is in the current samples for splashscreens and icons and
>> > > > > > > > introduce something like "res/native". Files placed here
>> > > > > > > > would
>> > > be
>> > > > > > > > put into the native project folders "before_prepare" and
>> > > > > > > > would be further enhanced
>> > > > > > by
>> > > > > > > > the plugin and build infrastructure. This would allow you
>> > > > > > > > to place customized native assets that are unique to your
>> > > > > > > > project in a place
>> > > > > > that
>> > > > > > > > you can check in and would be unaffected by an upgrade.
>> > > > > > > >
>> > > > > > > > Andrew's environment variable idea could also provide an
>> > > alternate
>> > > > > > means
>> > > > > > > > to specify platform specific values (what Soak mentions in
>> > > > > > > > the {
>> > > > }).
>> > > > > > > >
>> > > > > > > > -Chuck
>> > > > > > > >
>> > > > > > > > -----Original Message-----
>> > > > > > > > From: Frederico Galvão
>> > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
>> > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
>> > > > > > > > Cc: dev@cordova.apache.org
>> > > > > > > > Subject: Re: Build signed archives using CLI
>> > > > > > > >
>> > > > > > > > I agree with pretty much everything mentioned, but as far as
>> > > > > > > > I know cordova is trying it's best to not depend on anything
>> > > > > > > > to be in /platforms/<TARGET_PLATFORM>/. Having said that,
>> > > > > > > > the package command
>> > > > > > > should
>> > > > > > > > always expect things to be in config.xml or something like
>> > that.
>> > > > > > > >
>> > > > > > > > Also, the closer we are in naming things to what they are
>> > > > > > > > already known
>> > > > > > > as
>> > > > > > > > in the native platform, the better.
>> > > > > > > >
>> > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
>> > > > > > > > <Subhag.Oak@microsoft.com
>> > > >:
>> > > > > > > >
>> > > > > > > > > Hey Cordova community,
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > I am Subhag Oak, senior program manager on the Visual
>> > > > > > > > > Studio team working on VS tools for Multi device hybrid
>> > > > > > > > > apps. In line with the discussion of having a generic
>> > Cordova ‘packaging’
>> > > > > > > > > command for all platforms, here is one
>> > > > > > > > > proposal:
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > As we all know, packaging an application for deployment
>> > > requires
>> > > > > > extra
>> > > > > > > > > steps that are specific to the native platforms. A new
>> > > > > > > > > generic Cordova CLI ‘package’ command can perform these
>> > > > > > > > > platform specific actions to generate a final signed
>> > > > > > > > > package ready for
>> > > > > deployment:
>> > > > > > > > >
>> > > > > > > > > cordova package [platform] [--packageConfiguration] {--
>> > > > > > > > > –-sign[location]
>> > > > > > > > > -- –-embed[location] -- --signIdentity[location]}, where
>> > > > > > > > > all
>> > > the
>> > > > > > > > > parameters within { } are platform specific overrides.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > If no platform is specified, the command will build
>> > > > > > > > > packages
>> > > for
>> > > > > > > > > all platforms added.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > The values for –packageConfiguration are interpreted by
>> > > > > > > > > the
>> > > > > > respective
>> > > > > > > > > platforms. For Android and Windows, the value can be debug
>> > > > > > > > > or
>> > > > > > release,
>> > > > > > > > > with release being the default value. For iOS, the
>> > > > > > > > > possible values are development, adhoc or store with
>> > > > > > > > > development being the default value. The
>> > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are optional
>> > > > > > > > > iOS specific signing arguments for specifying the location
>> > > > > > > > > of
>> > > > > > code-signing
>> > > > > > > > > certificate, the provisioning profile or the code signing
>> > > > > > > > > identity (certificates along with public and private keys)
>> > > > > respectively.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > e.g:
>> > > > > > > > >
>> > > > > > > > > · ‘cordova package iOS’ would generate a signed ipa
>> > > with
>> > > > > > > > > development profile, using code signing identity defined
>> > > > > > > > > in
>> > > > > > > > build.xcconfig:
>> > > > > > > > >
>> > > > > > > > > // to list all installed iOS identities, run:
>> > > > > > > > >
>> > > > > > > > > // security find-identity | sed -n
>> > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
>> > > > > > > > >
>> > > > > > > > > // generic 'iPhone Developer' (no quotes) will match the
>> > > > > > > > > right Identity with the right Provisioning // Profile plus
>> > > > > > > > > Certificate, based on the app bundle id
>> > > > > > > > >
>> > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > · ‘cordova package android’ would generate a
>> release
>> > > > signed
>> > > > > > > using
>> > > > > > > > > the packaging assets (keystore, alias and password)
>> > > > > > > > > defined in the ant.properties files using the ANT build.
>> > > > > > > > > This would be using gradle.propoerties once cordova
>> > > > > > > > > changes to gradle build like the one Andrew mentions below.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > · ‘Cordova package windows’ would generate a signed
>> > > APPX
>> > > > > > > package.
>> > > > > > > > > This will use the following tools in the Windows SDK:
>> > > > > > > > >
>> > > > > > > > > • An unsigned packaged Windows Store
>> app,
>> > > for
>> > > > > > > example,
>> > > > > > > > > an .APPX file created by using the app packager
>> > > > > > > > > (MakeAppx.exe) tool
>> > > > > > > > >
>> > > > > > > > > • A valid code signing certificate, for
>> > > > > example, a
>> > > > > > > > > Personal Information Exchange (.pfx) file created with the
>> > > > > > > > > MakeCert.exe and Pvk2Pfx.exe tools
>> > > > > > > > >
>> > > > > > > > > • SignTool, which is part of the Windows
>> > SDK
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > Here is how the package command should work. The proposal
>> > > > > > > > > is to make the ‘package’ command work on convention
>> > > > > > > > > (similar to the Cordova
>> > > > > > build
>> > > > > > > > > command) rather than config settings. The command would
>> > > > > > > > > look
>> > > out
>> > > > > > > > > for packaging assets in the “platform\ [native-platform]”
>> > > folder.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > For android, the contents of the ant.properties (keystore,
>> > > > > > > > > password, alias and alias password) would be used for
>> > > packaging.
>> > > > > > > > > If any of
>> > > > > > these
>> > > > > > > > > properties is missing in ant.properties [or
>> > > > > > > > > gradle.properties for gradle build] or if the file is
>> > > > > > > > > missing, the command would prompt the user for these value
>> > > > > > > > > at the command prompt. If the values provided
>> > > > > > are
>> > > > > > > > > invalid, the command would fail.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > For iOS, the contents of build.xcconfig specify the
>> > > > > > > > > code-sign certificate and the provisioning profile to be
>> > > > > > > > > used. The
>> > > default
>> > > > > > > > > build.xcconfig file is setup to handle different
>> > > > > > > > > information by build profile based on the configuration
>> > > > > > > > > defined in the
>> > > command.
>> > > > > > > > > Build.xcconfig can also support signing identities that
>> > > > > > > > > tie the code-sign certificate with the provisioning
>> profile.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > Tools like VS and other IDEs, which use cordova CLI, may
>> > > > > > > > > need
>> > > an
>> > > > > > > > > explicit way to specify certs/profile for packaging for
>> > > > > > > > > iOS (since
>> > > > > > the
>> > > > > > > > > build needs to happen on MAC agent) instead of the assets
>> > > > > > > > > being defined in the build.xcconfig. One way to allow this
>> > > > > > > > > is by
>> > > using
>> > > > > > > > > optional platform specific arguments to the package
>> > > > > > > > > command
>> > > like:
>> > > > > > > > >
>> > > > > > > > > Cordova package iOS --development --sign
>> “d:\cert\mycert.cer”
>> > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
>> > > > > > > > >
>> > > > > > > > > This command will run the xcrun command to generate a
>> > > > > > > > > signed
>> > > IPA
>> > > > > > > > > with development provisioning profile.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > I would love to hear your comments, insights and feedback
>> > > > > > > > > on this
>> > > > > > > > proposal.
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > Subhag Oak | Senior Program Manager
>> > > > > > > > >
>> > > > > > > > > Visual Studio, Client Tools
>> > > > > > > > >
>> > > > > > > > > soak@microsoft.com
>> > > > > > > > >
>> > > > > > > > > 425 707 5598 office
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > -----Original Message-----
>> > > > > > > > > From: agrieve@google.com [mailto:agrieve@google.com] On
>> > > > > > > > > Behalf Of Andrew Grieve
>> > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
>> > > > > > > > > To: Shazron
>> > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
>> > > > > > > > > Subject: Re: Build signed archives using CLI
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > For Android Gradle, what's in (and experimental) right now:
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
>> > > > > > > > > points
>> > > to
>> > > > > > > > > a .properties file that contains:
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > storeFile=relative/path/to/keystore.p12
>> > > > > > > > >
>> > > > > > > > > storePassword=SECRET1
>> > > > > > > > >
>> > > > > > > > > storeType=pkcs12
>> > > > > > > > >
>> > > > > > > > > keyAlias=DebugSigningKey
>> > > > > > > > >
>> > > > > > > > > keyPassword=SECRET2
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > Topics to discuss:
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > 1) Combine platform info into one file, or leave separate?
>> > > > > > > > >
>> > > > > > > > > - Leaning towards together
>> > > > > > > > >
>> > > > > > > > > 2) have config.xml point to signing info?
>> > > > > > > > >
>> > > > > > > > > - I think no, since signing info you often want to not
>> > > > > > > > > check in /
>> > > > > > keep
>> > > > > > > > > secure
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > Strawman:
>> > > > > > > > >
>> > > > > > > > > If a file "cordova-keys.json" exists as a sibling to www/,
>> > > > > > > > > then use it. It should look like:
>> > > > > > > > >
>> > > > > > > > > {
>> > > > > > > > >
>> > > > > > > > > "android": {
>> > > > > > > > >
>> > > > > > > > > "storeFile": "relative/path.p12"
>> > > > > > > > >
>> > > > > > > > > ...
>> > > > > > > > >
>> > > > > > > > > },
>> > > > > > > > >
>> > > > > > > > > "ios": {
>> > > > > > > > >
>> > > > > > > > > },
>> > > > > > > > >
>> > > > > > > > > ...
>> > > > > > > > >
>> > > > > > > > > }
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > Android signs debug builds as well (not sure if other
>> > > > > > > > > platforms do this too?), so maybe also allow
>> > > > > > > > >
>> > > > > > > > > "android-release" as an alias for "android", and
>> > > > > > > > >
>> > > > > > > > > "android-debug"
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com
>> > > > <mailto:
>> > > > > > > > > shazron@gmail.com>> wrote:
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > I did open an issue for this two years ago:
>> > > > > > > > >
>> > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
>> > > > > > > > >
>> > > > > > > > > > and we did discuss this as well 2 yrs ago:
>> > > > > > > > >
>> > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
>> > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > Seems to be of great value - so let's get going on this
>> > > > > > > > > > ;)
>> > > The
>> > > > > > > > > > CLI has
>> > > > > > > > >
>> > > > > > > > > > (I think) matured more since then to allow this
>> > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
>> > > > > > > > >
>> > > > > > > > > > <to...@devgeeks.org>>
>> > > > > > > > >
>> > > > > > > > > > wrote:
>> > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > Frederico’s workflow is the same as ours. I would love
>> > > > > > > > > > > to see
>> > > > > > > > >
>> > > > > > > > > > > something happen To improve this, the less time I
>> > > > > > > > > > > spend in Xcode,
>> > > > > > > > >
>> > > > > > > > > > > the happier I am
>> > > > > > > > >
>> > > > > > > > > > ;)
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
>> > > > > > > > >
>> > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
>> > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > I can already get the ultimate .apk through "cordova
>> > > > > > > > > > > build
>> > > > > > android
>> > > > > > > > >
>> > > > > > > > > > > --release", but I already have the required
>> > > > > > > > > > > .properties properly
>> > > > > > > > >
>> > > > > > > > > > configured
>> > > > > > > > >
>> > > > > > > > > > > in my platform/android folder, specifying the path and
>> > > > > > > > > > > name to my
>> > > > > > > > >
>> > > > > > > > > > > keystores. The "cordova build android --release"
>> > > > > > > > > > > already gives me
>> > > > > > > > >
>> > > > > > > > > > > the signed and ready .apk, all I have to do is upload
>> > > > > > > > > > > it to
>> > > > > > > > > play.google.com.
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > I have never, however, used cordova's CLI to build the
>> > > final
>> > > > > > > > >
>> > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run
>> > > > > > > > > > > "cordova
>> > > > > > > > >
>> > > > > > > > > > > prepare", and use xCode
>> > > > > > > > >
>> > > > > > > > > > from
>> > > > > > > > >
>> > > > > > > > > > > then on to build, package, sign, and upload.
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS
>> > > > > > > > > > > OPEN
>> > > > > > > > > > > TECH) <
>> > > > > > > > >
>> > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microsoft.com
>> >>:
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > > How about a "cordova package" command, that would be
>> > > > > > > > > > > > for packaging
>> > > > > > > > >
>> > > > > > > > > > > > the
>> > > > > > > > >
>> > > > > > > > > > > app
>> > > > > > > > >
>> > > > > > > > > > > > for the store? Note that different platforms may
>> > > > > > > > > > > > have different
>> > > > > > > > >
>> > > > > > > > > > > > requirements for certs, signing etc. So it may make
>> > > > > > > > > > > > sense to
>> > > > > > > > >
>> > > > > > > > > > > > promote
>> > > > > > > > >
>> > > > > > > > > > this
>> > > > > > > > >
>> > > > > > > > > > > > to a different command and let each command take
>> > > > > > > > > > > > care of packaging
>> > > > > > > > >
>> > > > > > > > > > > > the
>> > > > > > > > >
>> > > > > > > > > > > app
>> > > > > > > > >
>> > > > > > > > > > > > for the store. This command will also mean that
>> > > developers
>> > > > > > don’t
>> > > > > > > > >
>> > > > > > > > > > > > have
>> > > > > > > > >
>> > > > > > > > > > to
>> > > > > > > > >
>> > > > > > > > > > > go
>> > > > > > > > >
>> > > > > > > > > > > > over to the native projects when they finally want
>> > > > > > > > > > > > to publish
>> > > > > > > > >
>> > > > > > > > > > > > their
>> > > > > > > > >
>> > > > > > > > > > apps
>> > > > > > > > >
>> > > > > > > > > > > to
>> > > > > > > > >
>> > > > > > > > > > > > the store.
>> > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > > -----Original Message-----
>> > > > > > > > >
>> > > > > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
>> > > > > > > > >
>> > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
>> > > > > > > > >
>> > > > > > > > > > > > To: dev
>> > > > > > > > >
>> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
>> > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > > if you do:
>> > > > > > > > >
>> > > > > > > > > > > > Cordova build --release,
>> > > > > > > > >
>> > > > > > > > > > > > The blackberry10 platform will generate a signed
>> > image...
>> > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
>> > > agrieve@chromium.org
>> > > > > > > <mailto:
>> > > > > > > > > agrieve@chromium.org>> wrote:
>> > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > > >AFAIK, I don't think there's any technical
>> roadblocks.
>> > > > > > > > > > > > >Just need
>> > > > > > > > >
>> > > > > > > > > > > > >a proposal for how it should look, and then a patch
>> > > > > > > > > > > > >& docs to add
>> > > > > > > > > it!
>> > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > > >For Android's hot-off-the-press gradle support, you
>> > > > > > > > > > > > >can set an
>> > > > > > > > >
>> > > > > > > > > > > > >environment variable that points to a .properties
>> > > > > > > > > > > > >file for
>> > > > > > > > >
>> > > > > > > > > > > > >signing builds. This shows one way to go about it,
>> > > > > > > > > > > > >but I'm not in
>> > > > > > > > >
>> > > > > > > > > > > > >love with
>> > > > > > > > >
>> > > > > > > > > > the
>> > > > > > > > >
>> > > > > > > > > > > > .properties idea.
>> > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
>> > > > > > > > >
>> > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@gmail.c
>> > > > > > > > > > > > >om>>
>> > > > > > > > >
>> > > > > > > > > > > > >wrote:
>> > > > > > > > >
>> > > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > > >> Hi community.
>> > > > > > > > >
>> > > > > > > > > > > > >>
>> > > > > > > > >
>> > > > > > > > > > > > >> Been looking at this topic and wondering why the
>> > > > > > > > > > > > >> build command
>> > > > > > > > >
>> > > > > > > > > > > > >>does not create signed archives. Digging a little
>> > > > > > > > > > > > >>bit found a
>> > > > > > > > >
>> > > > > > > > > > > > >>lot of differences in the platforms to create
>> > > > > > > > > > > > >>these
>> > > > > archives.
>> > > > > > > > >
>> > > > > > > > > > > > >>
>> > > > > > > > >
>> > > > > > > > > > > > >> For instance, in Android you need to 1. Export
>> > > > > > > > > > > > >> your
>> > > APK
>> > > > > > > > > > > > >> in
>> > > > > > > > >
>> > > > > > > > > > > > >> release mode (--release flag) 2. Sign your APK
>> > > > > > > > > > > > >> (you already
>> > > > > > > > >
>> > > > > > > > > > > > >> need a RSA key)
>> > > > > > > > >
>> > > > > > > > > > > > >>
>> > > > > > > > >
>> > > > > > > > > > > > >> In iOS, you need to:
>> > > > > > > > >
>> > > > > > > > > > > > >> 1. Export your APP using --device flag (--release
>> > > seems
>> > > > > > > > > > > > >> to
>> > > > > > > > >
>> > > > > > > > > > > > >> export
>> > > > > > > > >
>> > > > > > > > > > for
>> > > > > > > > >
>> > > > > > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and
>> > > > > > > > > > > > >>sign the
>> > > > > > > > >
>> > > > > > > > > > > > >>archive or use xcrun (headless
>> > > > > > > > >
>> > > > > > > > > > > > >> process)
>> > > > > > > > >
>> > > > > > > > > > > > >>
>> > > > > > > > >
>> > > > > > > > > > > > >> Besides these differences, what is preventing
>> > > > > > > > > > > > >> Cordova from
>> > > > > > > > >
>> > > > > > > > > > > > >> providing a generic one-way to build these
>> > > > > > > > > > > > >> signed,
>> > > > > > > > > ready-to-publish archives?
>> > > > > > > > >
>> > > > > > > > > > > > >>
>> > > > > > > > >
>> > > > > > > > > > > > >> Perhaps I'm missing something here...? I really
>> > > > > > > > > > > > >> appreciate your
>> > > > > > > > >
>> > > > > > > > > > > > >>insights on this topic
>> > > > > > > > >
>> > > > > > > > > > > > >>
>> > > > > > > > >
>> > > > > > > > > > > > >> Thanks!
>> > > > > > > > >
>> > > > > > > > > > > > >>
>> > > > > > > > >
>> > > > > > > > > > > > >> --
>> > > > > > > > >
>> > > > > > > > > > > > >> Victor Adrian Sosa Herrera
>> > > > > > > > >
>> > > > > > > > > > > > >> IBM Software Engineer
>> > > > > > > > >
>> > > > > > > > > > > > >> Guadalajara, Jalisco
>> > > > > > > > >
>> > > > > > > > > > > > >>
>> > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > ----------------------------------------------------------------
>> > > > > > > > > > > > --
>> > > > > > > > >
>> > > > > > > > > > > > --- To unsubscribe, e-mail:
>> > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
>> > > > > > > > > <ma...@cordova.apache.org>
>> > > > > > > > >
>> > > > > > > > > > > > For additional commands, e-mail:
>> > > > > > > > > > > > dev-help@cordova.apache.org
>> > > > > > > > <mailto:
>> > > > > > > > > dev-help@cordova.apache.org>
>> > > > > > > > >
>> > > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > --
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > *Frederico Galvão*
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > Diretor de Tecnologia
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > PontoGet Inovação Web
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > ( +55(62) 8131-5720
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
>> > > > > > > > > http://www.pontoget.com/>
>> > > > > > > > >
>> > > > > > > > > > >
>> > > > > > > > >
>> > > > > > > > > >
>> > > > > > > > >
>> > > > > > > >
>> > > > > > > >
>> > > > > > > >
>> > > > > > > > --
>> > > > > > > >
>> > > > > > > > *Frederico Galvão*
>> > > > > > > >
>> > > > > > > > Diretor de Tecnologia
>> > > > > > > >
>> > > > > > > > PontoGet Inovação Web
>> > > > > > > >
>> > > > > > > >
>> > > > > > > > ( +55(62) 8131-5720
>> > > > > > > >
>> > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
>> > > > > > > >
>> > > > > > >
>> > > > > >
>> > > > >
>> > > > > ------------------------------------------------------------------
>> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
>> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
>> > > > >
>> > > > > ------------------------------------------------------------------
>> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
>> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
>> > > > >
>> > > >
>> > > >
>> > > >
>> > > > --
>> > > > Carlos Santana
>> > > > <cs...@gmail.com>
>> > > >
>> > > >
>> > > >
>> > > > --
>> > > > Victor Adrian Sosa Herrera
>> > > > IBM Software Engineer
>> > > > Guadalajara, Jalisco
>> > > >
>> > >
>> >
>> >
>> >
>> > --
>> > Victor Adrian Sosa Herrera
>> > IBM Software Engineer
>> > Guadalajara, Jalisco
>> >
>>
>>
>>
>> --
>> Victor Adrian Sosa Herrera
>> IBM Software Engineer
>> Guadalajara, Jalisco
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org
Re: Build signed archives using CLI
Posted by Andrew Grieve <ag...@chromium.org>.
Sounds good, let's wait until Dan is back to discuss. The main point I'd
like to cover is whether it'd be good to have layer of indirection between
cordova and the platform-specific files that dictate signing info.
E.g.:
Instead of using ant.properties / gradle.properties / build.xcconfig, have:
cordova-keys.json
{
ios: { identity: "", provisioning_profile: "" },
android-debug: { keystore: "", alias: "", password: "", type: "" },
android-release: { keystore: "", alias: "", password: "", type: "" }
...
}
Then, have a prepare step that makes the platforms do the right thing
(Note that for android it's important to have debug siging keys as well
since they are used for Play Services and Cloud Console APIs).
On Wed, Jan 28, 2015 at 11:29 AM, Victor Sosa <so...@gmail.com>
wrote:
> Yay!! Great news!
>
> Chuck, by any chance, do you have a link to the sandbox, or design doc or
> something worth to look at it? If no, we can wait until Dan is back (hope
> he feels better soon)
> I'm happy to help if needed.
>
> 2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
>
> > Dan Levine whom some of you met at PhoneGap day actually has been working
> > on a PR based on Subhag's proposal for discussion - he is out sick which
> is
> > why he didn't respond to this thread. I'll let him speak to it once he's
> > back but the good news is there is someone working on something in this
> > area.
> >
> > -Chuck
> >
> > -----Original Message-----
> > From: Victor Sosa [mailto:sosah.victor@gmail.com]
> > Sent: Wednesday, January 28, 2015 7:57 AM
> > To: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > Hi Andrew.
> >
> > AFAICT, no one has done any work on this area, but I'd like to add this
> > topic to the hangout agenda, start discussing this. I think Subhag has a
> > very good design in the google doc in this thread. We can start from
> there
> > and try to make this happen for a future release.
> >
> > Thoughts before adding it to the agenda?
> >
> > 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> >
> > > In anyone interested in working on any of this?
> > >
> > > Was just looking at it to see if there was anything I needed to do to
> > > add support to Android for release packaging.
> > >
> > > Main thing lacking to me is whether we should support specifying
> > > release key information outside of the platforms/android directory.
> > > E.g. have a cordova-keys.json as a sibling to www/ that has
> > > per-platform key locations & settings.
> > >
> > > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa <so...@gmail.com>
> > > wrote:
> > >
> > > > Hello Cordova community
> > > > Curious to know where we stand about this topic. Even though this
> > > > topic looks to have significant impact on Cordova, Subhag has a
> > > > document
> > > proposal
> > > > with little discussion activity.
> > > >
> > > > I like Subhag's proposal, but I want to bring back the idea of a
> > > > prompt-less keychain.
> > > >
> > > > Is anything else, besides what is depicted in the proposal, missing
> > here?
> > > >
> > > > Document:
> > > >
> > > >
> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
> > > L1auAMGFM/edit?usp=sharing
> > > >
> > > >
> > > > ---------- Forwarded message ----------
> > > > From: Carlos Santana <cs...@gmail.com>
> > > > Date: 2014-10-15 12:42 GMT-05:00
> > > > Subject: Re: Build signed archives using CLI
> > > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > > >
> > > >
> > > > +1 on having a new command "cordova package" this will allow IBM
> > > > +tooling
> > > to
> > > > hook into before_package and after_package for our own
> > > > customizations (direct update, authenticity, etc..)
> > > > +1 on using sane defaults and not prompting (i.e. default keychain
> > > > +maybe
> > > > used and unlock already) if not found what we need then prompt or
> > > > fail
> > > > +1 have some config/settings outside "platforms/" as I like to be
> > > transient
> > > > replaceable. using config.xml, something.json, or file conventions
> > > > like res/packaging/<platform>/ are all ok options.
> > > >
> > > >
> > > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > > <Su...@microsoft.com>
> > > > wrote:
> > > >
> > > > > Here is the link to the proposal:
> > > > >
> > > >
> > > >
> > > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
> > > L1auAMGFM/edit?usp=sharing
> > > > > Jump on it people :)
> > > > >
> > > > > Subhag Oak | Senior Program Manager Visual Studio, Client Tools
> > > > > soak@microsoft.com
> > > > > 425 707 5598 office
> > > > >
> > > > > -----Original Message-----
> > > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: RE: Build signed archives using CLI
> > > > >
> > > > > Adding to what Shazron said, isn't config.xml supposed to be
> > > > > considered as app-wide settings/properties? Typically packaging
> > > > > information is per platform and hence in my opinion, should be
> > > > > decoupled from config
> > > > settings.
> > > > > Jesse, I am working on a documentation that I will share out soon
> > > > > for
> > > > the
> > > > > community to collaborate.
> > > > >
> > > > > Subhag Oak | Senior Program Manager Visual Studio, Client Tools
> > > > > soak@microsoft.com
> > > > > 425 707 5598 office
> > > > >
> > > > > -----Original Message-----
> > > > > From: Shazron [mailto:shazron@gmail.com]
> > > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > > To: dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > Liking Subhag's proposal.
> > > > > Agree with Jesse on using conventions as a default plus config.xml
> > > > > --
> > > > with
> > > > > overrides/env-vars possible. The only caveat for including info in
> > > > > the config.xml is, the config.xml data is copied into the iOS
> > > > > platform and
> > > > will
> > > > > be included in the .app bundle, and will leak information (even
> > > > > though harmless, since it shouldn't contain passwords, etc) -- so
> > > > > maybe that
> > > is
> > > > > not desirable, using config.xml.
> > > > >
> > > > > We will need to provide the password each time at least for iOS,
> > > > > since
> > > we
> > > > > need to unlock the keychain for code signing.
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > > <ag...@chromium.org>
> > > > > wrote:
> > > > >
> > > > > > The prompting is actually pretty appropriate here since
> > > > > > passwords are involved I think. I think also that keys will
> > > > > > often not be checked into source control, but maybe the best way
> > > > > > to support that is to allow multiple ways of specifying things
> > > > > > (e.g. default to convention, allow override via config.xml,
> > > > > > allow override via command-line & env variable as well)
> > > > > >
> > > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com>
> > > wrote:
> > > > > >
> > > > > > > I am liking all of this.
> > > > > > > Are we ready to move this to an editable plaintext doc to
> > > collaborate
> > > > > on?
> > > > > > >
> > > > > > > I agree that we should take advantage of as much
> > > > > > > 'by-convention' as we
> > > > > > can,
> > > > > > > meaning things like `cordova package ios` defaults to a code
> > > > > > > sign
> > > > > > identity
> > > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > > > >
> > > > > > > If it does not make sense as a convention, then I too would
> > > > > > > like to see
> > > > > > as
> > > > > > > much as possible done through config.xml as Fredrico points
> > > > > > > out,
> > > and
> > > > > > agree
> > > > > > > on picking the most consistent names possible.
> > > > > > >
> > > > > > > I would prefer that we do not prompt, and simply fail fast,
> > > > > > > given that tools will typically be consuming the cli. Or we
> > > > > > > should at least
> > > > > > provide a
> > > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > > config.xml-able
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > @purplecabbage
> > > > > > > risingj.com
> > > > > > >
> > > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > > <clantz@microsoft.com
> > > >
> > > > > > wrote:
> > > > > > >
> > > > > > > > One option here could be to build off of the idea of the
> "res"
> > > > > > > > folder
> > > > > > > that
> > > > > > > > is in the current samples for splashscreens and icons and
> > > > > > > > introduce something like "res/native". Files placed here
> > > > > > > > would
> > > be
> > > > > > > > put into the native project folders "before_prepare" and
> > > > > > > > would be further enhanced
> > > > > > by
> > > > > > > > the plugin and build infrastructure. This would allow you
> > > > > > > > to place customized native assets that are unique to your
> > > > > > > > project in a place
> > > > > > that
> > > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > > >
> > > > > > > > Andrew's environment variable idea could also provide an
> > > alternate
> > > > > > means
> > > > > > > > to specify platform specific values (what Soak mentions in
> > > > > > > > the {
> > > > }).
> > > > > > > >
> > > > > > > > -Chuck
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: Frederico Galvão
> > > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > > Cc: dev@cordova.apache.org
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > >
> > > > > > > > I agree with pretty much everything mentioned, but as far as
> > > > > > > > I know cordova is trying it's best to not depend on anything
> > > > > > > > to be in /platforms/<TARGET_PLATFORM>/. Having said that,
> > > > > > > > the package command
> > > > > > > should
> > > > > > > > always expect things to be in config.xml or something like
> > that.
> > > > > > > >
> > > > > > > > Also, the closer we are in naming things to what they are
> > > > > > > > already known
> > > > > > > as
> > > > > > > > in the native platform, the better.
> > > > > > > >
> > > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > > <Subhag.Oak@microsoft.com
> > > >:
> > > > > > > >
> > > > > > > > > Hey Cordova community,
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > I am Subhag Oak, senior program manager on the Visual
> > > > > > > > > Studio team working on VS tools for Multi device hybrid
> > > > > > > > > apps. In line with the discussion of having a generic
> > Cordova ‘packaging’
> > > > > > > > > command for all platforms, here is one
> > > > > > > > > proposal:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > As we all know, packaging an application for deployment
> > > requires
> > > > > > extra
> > > > > > > > > steps that are specific to the native platforms. A new
> > > > > > > > > generic Cordova CLI ‘package’ command can perform these
> > > > > > > > > platform specific actions to generate a final signed
> > > > > > > > > package ready for
> > > > > deployment:
> > > > > > > > >
> > > > > > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > > > > > –-sign[location]
> > > > > > > > > -- –-embed[location] -- --signIdentity[location]}, where
> > > > > > > > > all
> > > the
> > > > > > > > > parameters within { } are platform specific overrides.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > If no platform is specified, the command will build
> > > > > > > > > packages
> > > for
> > > > > > > > > all platforms added.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > The values for –packageConfiguration are interpreted by
> > > > > > > > > the
> > > > > > respective
> > > > > > > > > platforms. For Android and Windows, the value can be debug
> > > > > > > > > or
> > > > > > release,
> > > > > > > > > with release being the default value. For iOS, the
> > > > > > > > > possible values are development, adhoc or store with
> > > > > > > > > development being the default value. The
> > > > > > > > > -- --sign, -- -- embed and -- --signIdentity are optional
> > > > > > > > > iOS specific signing arguments for specifying the location
> > > > > > > > > of
> > > > > > code-signing
> > > > > > > > > certificate, the provisioning profile or the code signing
> > > > > > > > > identity (certificates along with public and private keys)
> > > > > respectively.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > e.g:
> > > > > > > > >
> > > > > > > > > · ‘cordova package iOS’ would generate a signed ipa
> > > with
> > > > > > > > > development profile, using code signing identity defined
> > > > > > > > > in
> > > > > > > > build.xcconfig:
> > > > > > > > >
> > > > > > > > > // to list all installed iOS identities, run:
> > > > > > > > >
> > > > > > > > > // security find-identity | sed -n
> > > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > > >
> > > > > > > > > // generic 'iPhone Developer' (no quotes) will match the
> > > > > > > > > right Identity with the right Provisioning // Profile plus
> > > > > > > > > Certificate, based on the app bundle id
> > > > > > > > >
> > > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > · ‘cordova package android’ would generate a
> release
> > > > signed
> > > > > > > using
> > > > > > > > > the packaging assets (keystore, alias and password)
> > > > > > > > > defined in the ant.properties files using the ANT build.
> > > > > > > > > This would be using gradle.propoerties once cordova
> > > > > > > > > changes to gradle build like the one Andrew mentions below.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > · ‘Cordova package windows’ would generate a signed
> > > APPX
> > > > > > > package.
> > > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > > >
> > > > > > > > > • An unsigned packaged Windows Store
> app,
> > > for
> > > > > > > example,
> > > > > > > > > an .APPX file created by using the app packager
> > > > > > > > > (MakeAppx.exe) tool
> > > > > > > > >
> > > > > > > > > • A valid code signing certificate, for
> > > > > example, a
> > > > > > > > > Personal Information Exchange (.pfx) file created with the
> > > > > > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > > >
> > > > > > > > > • SignTool, which is part of the Windows
> > SDK
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Here is how the package command should work. The proposal
> > > > > > > > > is to make the ‘package’ command work on convention
> > > > > > > > > (similar to the Cordova
> > > > > > build
> > > > > > > > > command) rather than config settings. The command would
> > > > > > > > > look
> > > out
> > > > > > > > > for packaging assets in the “platform\ [native-platform]”
> > > folder.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For android, the contents of the ant.properties (keystore,
> > > > > > > > > password, alias and alias password) would be used for
> > > packaging.
> > > > > > > > > If any of
> > > > > > these
> > > > > > > > > properties is missing in ant.properties [or
> > > > > > > > > gradle.properties for gradle build] or if the file is
> > > > > > > > > missing, the command would prompt the user for these value
> > > > > > > > > at the command prompt. If the values provided
> > > > > > are
> > > > > > > > > invalid, the command would fail.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For iOS, the contents of build.xcconfig specify the
> > > > > > > > > code-sign certificate and the provisioning profile to be
> > > > > > > > > used. The
> > > default
> > > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > > information by build profile based on the configuration
> > > > > > > > > defined in the
> > > command.
> > > > > > > > > Build.xcconfig can also support signing identities that
> > > > > > > > > tie the code-sign certificate with the provisioning
> profile.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Tools like VS and other IDEs, which use cordova CLI, may
> > > > > > > > > need
> > > an
> > > > > > > > > explicit way to specify certs/profile for packaging for
> > > > > > > > > iOS (since
> > > > > > the
> > > > > > > > > build needs to happen on MAC agent) instead of the assets
> > > > > > > > > being defined in the build.xcconfig. One way to allow this
> > > > > > > > > is by
> > > using
> > > > > > > > > optional platform specific arguments to the package
> > > > > > > > > command
> > > like:
> > > > > > > > >
> > > > > > > > > Cordova package iOS --development --sign
> “d:\cert\mycert.cer”
> > > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > > >
> > > > > > > > > This command will run the xcrun command to generate a
> > > > > > > > > signed
> > > IPA
> > > > > > > > > with development provisioning profile.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > I would love to hear your comments, insights and feedback
> > > > > > > > > on this
> > > > > > > > proposal.
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > > >
> > > > > > > > > Visual Studio, Client Tools
> > > > > > > > >
> > > > > > > > > soak@microsoft.com
> > > > > > > > >
> > > > > > > > > 425 707 5598 office
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > -----Original Message-----
> > > > > > > > > From: agrieve@google.com [mailto:agrieve@google.com] On
> > > > > > > > > Behalf Of Andrew Grieve
> > > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > > To: Shazron
> > > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > For Android Gradle, what's in (and experimental) right now:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > > points
> > > to
> > > > > > > > > a .properties file that contains:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > > >
> > > > > > > > > storePassword=SECRET1
> > > > > > > > >
> > > > > > > > > storeType=pkcs12
> > > > > > > > >
> > > > > > > > > keyAlias=DebugSigningKey
> > > > > > > > >
> > > > > > > > > keyPassword=SECRET2
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Topics to discuss:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > 1) Combine platform info into one file, or leave separate?
> > > > > > > > >
> > > > > > > > > - Leaning towards together
> > > > > > > > >
> > > > > > > > > 2) have config.xml point to signing info?
> > > > > > > > >
> > > > > > > > > - I think no, since signing info you often want to not
> > > > > > > > > check in /
> > > > > > keep
> > > > > > > > > secure
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Strawman:
> > > > > > > > >
> > > > > > > > > If a file "cordova-keys.json" exists as a sibling to www/,
> > > > > > > > > then use it. It should look like:
> > > > > > > > >
> > > > > > > > > {
> > > > > > > > >
> > > > > > > > > "android": {
> > > > > > > > >
> > > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > > >
> > > > > > > > > ...
> > > > > > > > >
> > > > > > > > > },
> > > > > > > > >
> > > > > > > > > "ios": {
> > > > > > > > >
> > > > > > > > > },
> > > > > > > > >
> > > > > > > > > ...
> > > > > > > > >
> > > > > > > > > }
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > Android signs debug builds as well (not sure if other
> > > > > > > > > platforms do this too?), so maybe also allow
> > > > > > > > >
> > > > > > > > > "android-release" as an alias for "android", and
> > > > > > > > >
> > > > > > > > > "android-debug"
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com
> > > > <mailto:
> > > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > > >
> > > > > > > > >
> > > > > > > > >
> > > > > > > > > > I did open an issue for this two years ago:
> > > > > > > > >
> > > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > > >
> > > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > > >
> > > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > Seems to be of great value - so let's get going on this
> > > > > > > > > > ;)
> > > The
> > > > > > > > > > CLI has
> > > > > > > > >
> > > > > > > > > > (I think) matured more since then to allow this
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > > > > > >
> > > > > > > > > > <to...@devgeeks.org>>
> > > > > > > > >
> > > > > > > > > > wrote:
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > Frederico’s workflow is the same as ours. I would love
> > > > > > > > > > > to see
> > > > > > > > >
> > > > > > > > > > > something happen To improve this, the less time I
> > > > > > > > > > > spend in Xcode,
> > > > > > > > >
> > > > > > > > > > > the happier I am
> > > > > > > > >
> > > > > > > > > > ;)
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > > > >
> > > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > I can already get the ultimate .apk through "cordova
> > > > > > > > > > > build
> > > > > > android
> > > > > > > > >
> > > > > > > > > > > --release", but I already have the required
> > > > > > > > > > > .properties properly
> > > > > > > > >
> > > > > > > > > > configured
> > > > > > > > >
> > > > > > > > > > > in my platform/android folder, specifying the path and
> > > > > > > > > > > name to my
> > > > > > > > >
> > > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > > already gives me
> > > > > > > > >
> > > > > > > > > > > the signed and ready .apk, all I have to do is upload
> > > > > > > > > > > it to
> > > > > > > > > play.google.com.
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > I have never, however, used cordova's CLI to build the
> > > final
> > > > > > > > >
> > > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run
> > > > > > > > > > > "cordova
> > > > > > > > >
> > > > > > > > > > > prepare", and use xCode
> > > > > > > > >
> > > > > > > > > > from
> > > > > > > > >
> > > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS
> > > > > > > > > > > OPEN
> > > > > > > > > > > TECH) <
> > > > > > > > >
> > > > > > > > > > > panarasi@microsoft.com<mailto:panarasi@microsoft.com
> >>:
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > How about a "cordova package" command, that would be
> > > > > > > > > > > > for packaging
> > > > > > > > >
> > > > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > app
> > > > > > > > >
> > > > > > > > > > > > for the store? Note that different platforms may
> > > > > > > > > > > > have different
> > > > > > > > >
> > > > > > > > > > > > requirements for certs, signing etc. So it may make
> > > > > > > > > > > > sense to
> > > > > > > > >
> > > > > > > > > > > > promote
> > > > > > > > >
> > > > > > > > > > this
> > > > > > > > >
> > > > > > > > > > > > to a different command and let each command take
> > > > > > > > > > > > care of packaging
> > > > > > > > >
> > > > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > app
> > > > > > > > >
> > > > > > > > > > > > for the store. This command will also mean that
> > > developers
> > > > > > don’t
> > > > > > > > >
> > > > > > > > > > > > have
> > > > > > > > >
> > > > > > > > > > to
> > > > > > > > >
> > > > > > > > > > > go
> > > > > > > > >
> > > > > > > > > > > > over to the native projects when they finally want
> > > > > > > > > > > > to publish
> > > > > > > > >
> > > > > > > > > > > > their
> > > > > > > > >
> > > > > > > > > > apps
> > > > > > > > >
> > > > > > > > > > > to
> > > > > > > > >
> > > > > > > > > > > > the store.
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > -----Original Message-----
> > > > > > > > >
> > > > > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > > > > > >
> > > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > > >
> > > > > > > > > > > > To: dev
> > > > > > > > >
> > > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > if you do:
> > > > > > > > >
> > > > > > > > > > > > Cordova build --release,
> > > > > > > > >
> > > > > > > > > > > > The blackberry10 platform will generate a signed
> > image...
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > > agrieve@chromium.org
> > > > > > > <mailto:
> > > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >AFAIK, I don't think there's any technical
> roadblocks.
> > > > > > > > > > > > >Just need
> > > > > > > > >
> > > > > > > > > > > > >a proposal for how it should look, and then a patch
> > > > > > > > > > > > >& docs to add
> > > > > > > > > it!
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >For Android's hot-off-the-press gradle support, you
> > > > > > > > > > > > >can set an
> > > > > > > > >
> > > > > > > > > > > > >environment variable that points to a .properties
> > > > > > > > > > > > >file for
> > > > > > > > >
> > > > > > > > > > > > >signing builds. This shows one way to go about it,
> > > > > > > > > > > > >but I'm not in
> > > > > > > > >
> > > > > > > > > > > > >love with
> > > > > > > > >
> > > > > > > > > > the
> > > > > > > > >
> > > > > > > > > > > > .properties idea.
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > > >
> > > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@gmail.c
> > > > > > > > > > > > >om>>
> > > > > > > > >
> > > > > > > > > > > > >wrote:
> > > > > > > > >
> > > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > > >> Hi community.
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Been looking at this topic and wondering why the
> > > > > > > > > > > > >> build command
> > > > > > > > >
> > > > > > > > > > > > >>does not create signed archives. Digging a little
> > > > > > > > > > > > >>bit found a
> > > > > > > > >
> > > > > > > > > > > > >>lot of differences in the platforms to create
> > > > > > > > > > > > >>these
> > > > > archives.
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> For instance, in Android you need to 1. Export
> > > > > > > > > > > > >> your
> > > APK
> > > > > > > > > > > > >> in
> > > > > > > > >
> > > > > > > > > > > > >> release mode (--release flag) 2. Sign your APK
> > > > > > > > > > > > >> (you already
> > > > > > > > >
> > > > > > > > > > > > >> need a RSA key)
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> In iOS, you need to:
> > > > > > > > >
> > > > > > > > > > > > >> 1. Export your APP using --device flag (--release
> > > seems
> > > > > > > > > > > > >> to
> > > > > > > > >
> > > > > > > > > > > > >> export
> > > > > > > > >
> > > > > > > > > > for
> > > > > > > > >
> > > > > > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and
> > > > > > > > > > > > >>sign the
> > > > > > > > >
> > > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > > >
> > > > > > > > > > > > >> process)
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Besides these differences, what is preventing
> > > > > > > > > > > > >> Cordova from
> > > > > > > > >
> > > > > > > > > > > > >> providing a generic one-way to build these
> > > > > > > > > > > > >> signed,
> > > > > > > > > ready-to-publish archives?
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > > > > > > >> appreciate your
> > > > > > > > >
> > > > > > > > > > > > >>insights on this topic
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> Thanks!
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > > >> --
> > > > > > > > >
> > > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > > >
> > > > > > > > > > > > >> IBM Software Engineer
> > > > > > > > >
> > > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > > >
> > > > > > > > > > > > >>
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > ----------------------------------------------------------------
> > > > > > > > > > > > --
> > > > > > > > >
> > > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > > <ma...@cordova.apache.org>
> > > > > > > > >
> > > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > > <mailto:
> > > > > > > > > dev-help@cordova.apache.org>
> > > > > > > > >
> > > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > --
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > *Frederico Galvão*
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > Diretor de Tecnologia
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > PontoGet Inovação Web
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > > > > > http://www.pontoget.com/>
> > > > > > > > >
> > > > > > > > > > >
> > > > > > > > >
> > > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > --
> > > > > > > >
> > > > > > > > *Frederico Galvão*
> > > > > > > >
> > > > > > > > Diretor de Tecnologia
> > > > > > > >
> > > > > > > > PontoGet Inovação Web
> > > > > > > >
> > > > > > > >
> > > > > > > > ( +55(62) 8131-5720
> > > > > > > >
> > > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > > > ------------------------------------------------------------------
> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > >
> > > > > ------------------------------------------------------------------
> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > > Carlos Santana
> > > > <cs...@gmail.com>
> > > >
> > > >
> > > >
> > > > --
> > > > Victor Adrian Sosa Herrera
> > > > IBM Software Engineer
> > > > Guadalajara, Jalisco
> > > >
> > >
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
>
>
>
> --
> Victor Adrian Sosa Herrera
> IBM Software Engineer
> Guadalajara, Jalisco
>
Re: Build signed archives using CLI
Posted by Victor Sosa <so...@gmail.com>.
Yay!! Great news!
Chuck, by any chance, do you have a link to the sandbox, or design doc or
something worth to look at it? If no, we can wait until Dan is back (hope
he feels better soon)
I'm happy to help if needed.
2015-01-28 10:05 GMT-06:00 Chuck Lantz <cl...@microsoft.com>:
> Dan Levine whom some of you met at PhoneGap day actually has been working
> on a PR based on Subhag's proposal for discussion - he is out sick which is
> why he didn't respond to this thread. I'll let him speak to it once he's
> back but the good news is there is someone working on something in this
> area.
>
> -Chuck
>
> -----Original Message-----
> From: Victor Sosa [mailto:sosah.victor@gmail.com]
> Sent: Wednesday, January 28, 2015 7:57 AM
> To: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> Hi Andrew.
>
> AFAICT, no one has done any work on this area, but I'd like to add this
> topic to the hangout agenda, start discussing this. I think Subhag has a
> very good design in the google doc in this thread. We can start from there
> and try to make this happen for a future release.
>
> Thoughts before adding it to the agenda?
>
> 2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
>
> > In anyone interested in working on any of this?
> >
> > Was just looking at it to see if there was anything I needed to do to
> > add support to Android for release packaging.
> >
> > Main thing lacking to me is whether we should support specifying
> > release key information outside of the platforms/android directory.
> > E.g. have a cordova-keys.json as a sibling to www/ that has
> > per-platform key locations & settings.
> >
> > On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa <so...@gmail.com>
> > wrote:
> >
> > > Hello Cordova community
> > > Curious to know where we stand about this topic. Even though this
> > > topic looks to have significant impact on Cordova, Subhag has a
> > > document
> > proposal
> > > with little discussion activity.
> > >
> > > I like Subhag's proposal, but I want to bring back the idea of a
> > > prompt-less keychain.
> > >
> > > Is anything else, besides what is depicted in the proposal, missing
> here?
> > >
> > > Document:
> > >
> > >
> > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
> > L1auAMGFM/edit?usp=sharing
> > >
> > >
> > > ---------- Forwarded message ----------
> > > From: Carlos Santana <cs...@gmail.com>
> > > Date: 2014-10-15 12:42 GMT-05:00
> > > Subject: Re: Build signed archives using CLI
> > > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> > >
> > >
> > > +1 on having a new command "cordova package" this will allow IBM
> > > +tooling
> > to
> > > hook into before_package and after_package for our own
> > > customizations (direct update, authenticity, etc..)
> > > +1 on using sane defaults and not prompting (i.e. default keychain
> > > +maybe
> > > used and unlock already) if not found what we need then prompt or
> > > fail
> > > +1 have some config/settings outside "platforms/" as I like to be
> > transient
> > > replaceable. using config.xml, something.json, or file conventions
> > > like res/packaging/<platform>/ are all ok options.
> > >
> > >
> > > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > > <Su...@microsoft.com>
> > > wrote:
> > >
> > > > Here is the link to the proposal:
> > > >
> > >
> > >
> > https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
> > L1auAMGFM/edit?usp=sharing
> > > > Jump on it people :)
> > > >
> > > > Subhag Oak | Senior Program Manager Visual Studio, Client Tools
> > > > soak@microsoft.com
> > > > 425 707 5598 office
> > > >
> > > > -----Original Message-----
> > > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > > Sent: Thursday, October 9, 2014 12:58 PM
> > > > To: dev@cordova.apache.org
> > > > Subject: RE: Build signed archives using CLI
> > > >
> > > > Adding to what Shazron said, isn't config.xml supposed to be
> > > > considered as app-wide settings/properties? Typically packaging
> > > > information is per platform and hence in my opinion, should be
> > > > decoupled from config
> > > settings.
> > > > Jesse, I am working on a documentation that I will share out soon
> > > > for
> > > the
> > > > community to collaborate.
> > > >
> > > > Subhag Oak | Senior Program Manager Visual Studio, Client Tools
> > > > soak@microsoft.com
> > > > 425 707 5598 office
> > > >
> > > > -----Original Message-----
> > > > From: Shazron [mailto:shazron@gmail.com]
> > > > Sent: Thursday, October 9, 2014 12:02 PM
> > > > To: dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > Liking Subhag's proposal.
> > > > Agree with Jesse on using conventions as a default plus config.xml
> > > > --
> > > with
> > > > overrides/env-vars possible. The only caveat for including info in
> > > > the config.xml is, the config.xml data is copied into the iOS
> > > > platform and
> > > will
> > > > be included in the .app bundle, and will leak information (even
> > > > though harmless, since it shouldn't contain passwords, etc) -- so
> > > > maybe that
> > is
> > > > not desirable, using config.xml.
> > > >
> > > > We will need to provide the password each time at least for iOS,
> > > > since
> > we
> > > > need to unlock the keychain for code signing.
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > > <ag...@chromium.org>
> > > > wrote:
> > > >
> > > > > The prompting is actually pretty appropriate here since
> > > > > passwords are involved I think. I think also that keys will
> > > > > often not be checked into source control, but maybe the best way
> > > > > to support that is to allow multiple ways of specifying things
> > > > > (e.g. default to convention, allow override via config.xml,
> > > > > allow override via command-line & env variable as well)
> > > > >
> > > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com>
> > wrote:
> > > > >
> > > > > > I am liking all of this.
> > > > > > Are we ready to move this to an editable plaintext doc to
> > collaborate
> > > > on?
> > > > > >
> > > > > > I agree that we should take advantage of as much
> > > > > > 'by-convention' as we
> > > > > can,
> > > > > > meaning things like `cordova package ios` defaults to a code
> > > > > > sign
> > > > > identity
> > > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > > >
> > > > > > If it does not make sense as a convention, then I too would
> > > > > > like to see
> > > > > as
> > > > > > much as possible done through config.xml as Fredrico points
> > > > > > out,
> > and
> > > > > agree
> > > > > > on picking the most consistent names possible.
> > > > > >
> > > > > > I would prefer that we do not prompt, and simply fail fast,
> > > > > > given that tools will typically be consuming the cli. Or we
> > > > > > should at least
> > > > > provide a
> > > > > > --noPrompt option. Anything prompt-able should be
> > > > > > config.xml-able
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > @purplecabbage
> > > > > > risingj.com
> > > > > >
> > > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > > <clantz@microsoft.com
> > >
> > > > > wrote:
> > > > > >
> > > > > > > One option here could be to build off of the idea of the "res"
> > > > > > > folder
> > > > > > that
> > > > > > > is in the current samples for splashscreens and icons and
> > > > > > > introduce something like "res/native". Files placed here
> > > > > > > would
> > be
> > > > > > > put into the native project folders "before_prepare" and
> > > > > > > would be further enhanced
> > > > > by
> > > > > > > the plugin and build infrastructure. This would allow you
> > > > > > > to place customized native assets that are unique to your
> > > > > > > project in a place
> > > > > that
> > > > > > > you can check in and would be unaffected by an upgrade.
> > > > > > >
> > > > > > > Andrew's environment variable idea could also provide an
> > alternate
> > > > > means
> > > > > > > to specify platform specific values (what Soak mentions in
> > > > > > > the {
> > > }).
> > > > > > >
> > > > > > > -Chuck
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: Frederico Galvão
> > > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > > Cc: dev@cordova.apache.org
> > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > >
> > > > > > > I agree with pretty much everything mentioned, but as far as
> > > > > > > I know cordova is trying it's best to not depend on anything
> > > > > > > to be in /platforms/<TARGET_PLATFORM>/. Having said that,
> > > > > > > the package command
> > > > > > should
> > > > > > > always expect things to be in config.xml or something like
> that.
> > > > > > >
> > > > > > > Also, the closer we are in naming things to what they are
> > > > > > > already known
> > > > > > as
> > > > > > > in the native platform, the better.
> > > > > > >
> > > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > > <Subhag.Oak@microsoft.com
> > >:
> > > > > > >
> > > > > > > > Hey Cordova community,
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > I am Subhag Oak, senior program manager on the Visual
> > > > > > > > Studio team working on VS tools for Multi device hybrid
> > > > > > > > apps. In line with the discussion of having a generic
> Cordova ‘packaging’
> > > > > > > > command for all platforms, here is one
> > > > > > > > proposal:
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > As we all know, packaging an application for deployment
> > requires
> > > > > extra
> > > > > > > > steps that are specific to the native platforms. A new
> > > > > > > > generic Cordova CLI ‘package’ command can perform these
> > > > > > > > platform specific actions to generate a final signed
> > > > > > > > package ready for
> > > > deployment:
> > > > > > > >
> > > > > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > > > > –-sign[location]
> > > > > > > > -- –-embed[location] -- --signIdentity[location]}, where
> > > > > > > > all
> > the
> > > > > > > > parameters within { } are platform specific overrides.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > If no platform is specified, the command will build
> > > > > > > > packages
> > for
> > > > > > > > all platforms added.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > The values for –packageConfiguration are interpreted by
> > > > > > > > the
> > > > > respective
> > > > > > > > platforms. For Android and Windows, the value can be debug
> > > > > > > > or
> > > > > release,
> > > > > > > > with release being the default value. For iOS, the
> > > > > > > > possible values are development, adhoc or store with
> > > > > > > > development being the default value. The
> > > > > > > > -- --sign, -- -- embed and -- --signIdentity are optional
> > > > > > > > iOS specific signing arguments for specifying the location
> > > > > > > > of
> > > > > code-signing
> > > > > > > > certificate, the provisioning profile or the code signing
> > > > > > > > identity (certificates along with public and private keys)
> > > > respectively.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > e.g:
> > > > > > > >
> > > > > > > > · ‘cordova package iOS’ would generate a signed ipa
> > with
> > > > > > > > development profile, using code signing identity defined
> > > > > > > > in
> > > > > > > build.xcconfig:
> > > > > > > >
> > > > > > > > // to list all installed iOS identities, run:
> > > > > > > >
> > > > > > > > // security find-identity | sed -n
> > > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > > >
> > > > > > > > // generic 'iPhone Developer' (no quotes) will match the
> > > > > > > > right Identity with the right Provisioning // Profile plus
> > > > > > > > Certificate, based on the app bundle id
> > > > > > > >
> > > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > · ‘cordova package android’ would generate a release
> > > signed
> > > > > > using
> > > > > > > > the packaging assets (keystore, alias and password)
> > > > > > > > defined in the ant.properties files using the ANT build.
> > > > > > > > This would be using gradle.propoerties once cordova
> > > > > > > > changes to gradle build like the one Andrew mentions below.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > · ‘Cordova package windows’ would generate a signed
> > APPX
> > > > > > package.
> > > > > > > > This will use the following tools in the Windows SDK:
> > > > > > > >
> > > > > > > > • An unsigned packaged Windows Store app,
> > for
> > > > > > example,
> > > > > > > > an .APPX file created by using the app packager
> > > > > > > > (MakeAppx.exe) tool
> > > > > > > >
> > > > > > > > • A valid code signing certificate, for
> > > > example, a
> > > > > > > > Personal Information Exchange (.pfx) file created with the
> > > > > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > > >
> > > > > > > > • SignTool, which is part of the Windows
> SDK
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > Here is how the package command should work. The proposal
> > > > > > > > is to make the ‘package’ command work on convention
> > > > > > > > (similar to the Cordova
> > > > > build
> > > > > > > > command) rather than config settings. The command would
> > > > > > > > look
> > out
> > > > > > > > for packaging assets in the “platform\ [native-platform]”
> > folder.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > For android, the contents of the ant.properties (keystore,
> > > > > > > > password, alias and alias password) would be used for
> > packaging.
> > > > > > > > If any of
> > > > > these
> > > > > > > > properties is missing in ant.properties [or
> > > > > > > > gradle.properties for gradle build] or if the file is
> > > > > > > > missing, the command would prompt the user for these value
> > > > > > > > at the command prompt. If the values provided
> > > > > are
> > > > > > > > invalid, the command would fail.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > For iOS, the contents of build.xcconfig specify the
> > > > > > > > code-sign certificate and the provisioning profile to be
> > > > > > > > used. The
> > default
> > > > > > > > build.xcconfig file is setup to handle different
> > > > > > > > information by build profile based on the configuration
> > > > > > > > defined in the
> > command.
> > > > > > > > Build.xcconfig can also support signing identities that
> > > > > > > > tie the code-sign certificate with the provisioning profile.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > Tools like VS and other IDEs, which use cordova CLI, may
> > > > > > > > need
> > an
> > > > > > > > explicit way to specify certs/profile for packaging for
> > > > > > > > iOS (since
> > > > > the
> > > > > > > > build needs to happen on MAC agent) instead of the assets
> > > > > > > > being defined in the build.xcconfig. One way to allow this
> > > > > > > > is by
> > using
> > > > > > > > optional platform specific arguments to the package
> > > > > > > > command
> > like:
> > > > > > > >
> > > > > > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> > > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > > >
> > > > > > > > This command will run the xcrun command to generate a
> > > > > > > > signed
> > IPA
> > > > > > > > with development provisioning profile.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > I would love to hear your comments, insights and feedback
> > > > > > > > on this
> > > > > > > proposal.
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > Subhag Oak | Senior Program Manager
> > > > > > > >
> > > > > > > > Visual Studio, Client Tools
> > > > > > > >
> > > > > > > > soak@microsoft.com
> > > > > > > >
> > > > > > > > 425 707 5598 office
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > -----Original Message-----
> > > > > > > > From: agrieve@google.com [mailto:agrieve@google.com] On
> > > > > > > > Behalf Of Andrew Grieve
> > > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > > To: Shazron
> > > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > For Android Gradle, what's in (and experimental) right now:
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > > points
> > to
> > > > > > > > a .properties file that contains:
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > > >
> > > > > > > > storePassword=SECRET1
> > > > > > > >
> > > > > > > > storeType=pkcs12
> > > > > > > >
> > > > > > > > keyAlias=DebugSigningKey
> > > > > > > >
> > > > > > > > keyPassword=SECRET2
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > Topics to discuss:
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > 1) Combine platform info into one file, or leave separate?
> > > > > > > >
> > > > > > > > - Leaning towards together
> > > > > > > >
> > > > > > > > 2) have config.xml point to signing info?
> > > > > > > >
> > > > > > > > - I think no, since signing info you often want to not
> > > > > > > > check in /
> > > > > keep
> > > > > > > > secure
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > Strawman:
> > > > > > > >
> > > > > > > > If a file "cordova-keys.json" exists as a sibling to www/,
> > > > > > > > then use it. It should look like:
> > > > > > > >
> > > > > > > > {
> > > > > > > >
> > > > > > > > "android": {
> > > > > > > >
> > > > > > > > "storeFile": "relative/path.p12"
> > > > > > > >
> > > > > > > > ...
> > > > > > > >
> > > > > > > > },
> > > > > > > >
> > > > > > > > "ios": {
> > > > > > > >
> > > > > > > > },
> > > > > > > >
> > > > > > > > ...
> > > > > > > >
> > > > > > > > }
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > Android signs debug builds as well (not sure if other
> > > > > > > > platforms do this too?), so maybe also allow
> > > > > > > >
> > > > > > > > "android-release" as an alias for "android", and
> > > > > > > >
> > > > > > > > "android-debug"
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com
> > > <mailto:
> > > > > > > > shazron@gmail.com>> wrote:
> > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > > > > I did open an issue for this two years ago:
> > > > > > > >
> > > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > > >
> > > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > > >
> > > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > > > Seems to be of great value - so let's get going on this
> > > > > > > > > ;)
> > The
> > > > > > > > > CLI has
> > > > > > > >
> > > > > > > > > (I think) matured more since then to allow this
> > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > > > > >
> > > > > > > > > <to...@devgeeks.org>>
> > > > > > > >
> > > > > > > > > wrote:
> > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > > > > Frederico’s workflow is the same as ours. I would love
> > > > > > > > > > to see
> > > > > > > >
> > > > > > > > > > something happen To improve this, the less time I
> > > > > > > > > > spend in Xcode,
> > > > > > > >
> > > > > > > > > > the happier I am
> > > > > > > >
> > > > > > > > > ;)
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > > >
> > > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > I can already get the ultimate .apk through "cordova
> > > > > > > > > > build
> > > > > android
> > > > > > > >
> > > > > > > > > > --release", but I already have the required
> > > > > > > > > > .properties properly
> > > > > > > >
> > > > > > > > > configured
> > > > > > > >
> > > > > > > > > > in my platform/android folder, specifying the path and
> > > > > > > > > > name to my
> > > > > > > >
> > > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > > already gives me
> > > > > > > >
> > > > > > > > > > the signed and ready .apk, all I have to do is upload
> > > > > > > > > > it to
> > > > > > > > play.google.com.
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > I have never, however, used cordova's CLI to build the
> > final
> > > > > > > >
> > > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run
> > > > > > > > > > "cordova
> > > > > > > >
> > > > > > > > > > prepare", and use xCode
> > > > > > > >
> > > > > > > > > from
> > > > > > > >
> > > > > > > > > > then on to build, package, sign, and upload.
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS
> > > > > > > > > > OPEN
> > > > > > > > > > TECH) <
> > > > > > > >
> > > > > > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > > How about a "cordova package" command, that would be
> > > > > > > > > > > for packaging
> > > > > > > >
> > > > > > > > > > > the
> > > > > > > >
> > > > > > > > > > app
> > > > > > > >
> > > > > > > > > > > for the store? Note that different platforms may
> > > > > > > > > > > have different
> > > > > > > >
> > > > > > > > > > > requirements for certs, signing etc. So it may make
> > > > > > > > > > > sense to
> > > > > > > >
> > > > > > > > > > > promote
> > > > > > > >
> > > > > > > > > this
> > > > > > > >
> > > > > > > > > > > to a different command and let each command take
> > > > > > > > > > > care of packaging
> > > > > > > >
> > > > > > > > > > > the
> > > > > > > >
> > > > > > > > > > app
> > > > > > > >
> > > > > > > > > > > for the store. This command will also mean that
> > developers
> > > > > don’t
> > > > > > > >
> > > > > > > > > > > have
> > > > > > > >
> > > > > > > > > to
> > > > > > > >
> > > > > > > > > > go
> > > > > > > >
> > > > > > > > > > > over to the native projects when they finally want
> > > > > > > > > > > to publish
> > > > > > > >
> > > > > > > > > > > their
> > > > > > > >
> > > > > > > > > apps
> > > > > > > >
> > > > > > > > > > to
> > > > > > > >
> > > > > > > > > > > the store.
> > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > > -----Original Message-----
> > > > > > > >
> > > > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > > > > >
> > > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > > >
> > > > > > > > > > > To: dev
> > > > > > > >
> > > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > > if you do:
> > > > > > > >
> > > > > > > > > > > Cordova build --release,
> > > > > > > >
> > > > > > > > > > > The blackberry10 platform will generate a signed
> image...
> > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> > agrieve@chromium.org
> > > > > > <mailto:
> > > > > > > > agrieve@chromium.org>> wrote:
> > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > > >AFAIK, I don't think there's any technical roadblocks.
> > > > > > > > > > > >Just need
> > > > > > > >
> > > > > > > > > > > >a proposal for how it should look, and then a patch
> > > > > > > > > > > >& docs to add
> > > > > > > > it!
> > > > > > > >
> > > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > > >For Android's hot-off-the-press gradle support, you
> > > > > > > > > > > >can set an
> > > > > > > >
> > > > > > > > > > > >environment variable that points to a .properties
> > > > > > > > > > > >file for
> > > > > > > >
> > > > > > > > > > > >signing builds. This shows one way to go about it,
> > > > > > > > > > > >but I'm not in
> > > > > > > >
> > > > > > > > > > > >love with
> > > > > > > >
> > > > > > > > > the
> > > > > > > >
> > > > > > > > > > > .properties idea.
> > > > > > > >
> > > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > > >
> > > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@gmail.c
> > > > > > > > > > > >om>>
> > > > > > > >
> > > > > > > > > > > >wrote:
> > > > > > > >
> > > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > > >> Hi community.
> > > > > > > >
> > > > > > > > > > > >>
> > > > > > > >
> > > > > > > > > > > >> Been looking at this topic and wondering why the
> > > > > > > > > > > >> build command
> > > > > > > >
> > > > > > > > > > > >>does not create signed archives. Digging a little
> > > > > > > > > > > >>bit found a
> > > > > > > >
> > > > > > > > > > > >>lot of differences in the platforms to create
> > > > > > > > > > > >>these
> > > > archives.
> > > > > > > >
> > > > > > > > > > > >>
> > > > > > > >
> > > > > > > > > > > >> For instance, in Android you need to 1. Export
> > > > > > > > > > > >> your
> > APK
> > > > > > > > > > > >> in
> > > > > > > >
> > > > > > > > > > > >> release mode (--release flag) 2. Sign your APK
> > > > > > > > > > > >> (you already
> > > > > > > >
> > > > > > > > > > > >> need a RSA key)
> > > > > > > >
> > > > > > > > > > > >>
> > > > > > > >
> > > > > > > > > > > >> In iOS, you need to:
> > > > > > > >
> > > > > > > > > > > >> 1. Export your APP using --device flag (--release
> > seems
> > > > > > > > > > > >> to
> > > > > > > >
> > > > > > > > > > > >> export
> > > > > > > >
> > > > > > > > > for
> > > > > > > >
> > > > > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and
> > > > > > > > > > > >>sign the
> > > > > > > >
> > > > > > > > > > > >>archive or use xcrun (headless
> > > > > > > >
> > > > > > > > > > > >> process)
> > > > > > > >
> > > > > > > > > > > >>
> > > > > > > >
> > > > > > > > > > > >> Besides these differences, what is preventing
> > > > > > > > > > > >> Cordova from
> > > > > > > >
> > > > > > > > > > > >> providing a generic one-way to build these
> > > > > > > > > > > >> signed,
> > > > > > > > ready-to-publish archives?
> > > > > > > >
> > > > > > > > > > > >>
> > > > > > > >
> > > > > > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > > > > > >> appreciate your
> > > > > > > >
> > > > > > > > > > > >>insights on this topic
> > > > > > > >
> > > > > > > > > > > >>
> > > > > > > >
> > > > > > > > > > > >> Thanks!
> > > > > > > >
> > > > > > > > > > > >>
> > > > > > > >
> > > > > > > > > > > >> --
> > > > > > > >
> > > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > > >
> > > > > > > > > > > >> IBM Software Engineer
> > > > > > > >
> > > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > > >
> > > > > > > > > > > >>
> > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > > > > > > > > >
> > > > > ----------------------------------------------------------------
> > > > > > > > > > > --
> > > > > > > >
> > > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > > <ma...@cordova.apache.org>
> > > > > > > >
> > > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > > dev-help@cordova.apache.org
> > > > > > > <mailto:
> > > > > > > > dev-help@cordova.apache.org>
> > > > > > > >
> > > > > > > > > > >
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > --
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > *Frederico Galvão*
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > Diretor de Tecnologia
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > PontoGet Inovação Web
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > ( +55(62) 8131-5720
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > > > > http://www.pontoget.com/>
> > > > > > > >
> > > > > > > > > >
> > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > --
> > > > > > >
> > > > > > > *Frederico Galvão*
> > > > > > >
> > > > > > > Diretor de Tecnologia
> > > > > > >
> > > > > > > PontoGet Inovação Web
> > > > > > >
> > > > > > >
> > > > > > > ( +55(62) 8131-5720
> > > > > > >
> > > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > > >
> > > > > >
> > > > >
> > > >
> > > > ------------------------------------------------------------------
> > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > >
> > > > ------------------------------------------------------------------
> > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > >
> > >
> > >
> > >
> > > --
> > > Carlos Santana
> > > <cs...@gmail.com>
> > >
> > >
> > >
> > > --
> > > Victor Adrian Sosa Herrera
> > > IBM Software Engineer
> > > Guadalajara, Jalisco
> > >
> >
>
>
>
> --
> Victor Adrian Sosa Herrera
> IBM Software Engineer
> Guadalajara, Jalisco
>
--
Victor Adrian Sosa Herrera
IBM Software Engineer
Guadalajara, Jalisco
RE: Build signed archives using CLI
Posted by Chuck Lantz <cl...@microsoft.com>.
Dan Levine whom some of you met at PhoneGap day actually has been working on a PR based on Subhag's proposal for discussion - he is out sick which is why he didn't respond to this thread. I'll let him speak to it once he's back but the good news is there is someone working on something in this area.
-Chuck
-----Original Message-----
From: Victor Sosa [mailto:sosah.victor@gmail.com]
Sent: Wednesday, January 28, 2015 7:57 AM
To: dev@cordova.apache.org
Subject: Re: Build signed archives using CLI
Hi Andrew.
AFAICT, no one has done any work on this area, but I'd like to add this topic to the hangout agenda, start discussing this. I think Subhag has a very good design in the google doc in this thread. We can start from there and try to make this happen for a future release.
Thoughts before adding it to the agenda?
2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> In anyone interested in working on any of this?
>
> Was just looking at it to see if there was anything I needed to do to
> add support to Android for release packaging.
>
> Main thing lacking to me is whether we should support specifying
> release key information outside of the platforms/android directory.
> E.g. have a cordova-keys.json as a sibling to www/ that has
> per-platform key locations & settings.
>
> On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa <so...@gmail.com>
> wrote:
>
> > Hello Cordova community
> > Curious to know where we stand about this topic. Even though this
> > topic looks to have significant impact on Cordova, Subhag has a
> > document
> proposal
> > with little discussion activity.
> >
> > I like Subhag's proposal, but I want to bring back the idea of a
> > prompt-less keychain.
> >
> > Is anything else, besides what is depicted in the proposal, missing here?
> >
> > Document:
> >
> >
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
> L1auAMGFM/edit?usp=sharing
> >
> >
> > ---------- Forwarded message ----------
> > From: Carlos Santana <cs...@gmail.com>
> > Date: 2014-10-15 12:42 GMT-05:00
> > Subject: Re: Build signed archives using CLI
> > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> >
> >
> > +1 on having a new command "cordova package" this will allow IBM
> > +tooling
> to
> > hook into before_package and after_package for our own
> > customizations (direct update, authenticity, etc..)
> > +1 on using sane defaults and not prompting (i.e. default keychain
> > +maybe
> > used and unlock already) if not found what we need then prompt or
> > fail
> > +1 have some config/settings outside "platforms/" as I like to be
> transient
> > replaceable. using config.xml, something.json, or file conventions
> > like res/packaging/<platform>/ are all ok options.
> >
> >
> > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak
> > <Su...@microsoft.com>
> > wrote:
> >
> > > Here is the link to the proposal:
> > >
> >
> >
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNB
> L1auAMGFM/edit?usp=sharing
> > > Jump on it people :)
> > >
> > > Subhag Oak | Senior Program Manager Visual Studio, Client Tools
> > > soak@microsoft.com
> > > 425 707 5598 office
> > >
> > > -----Original Message-----
> > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > Sent: Thursday, October 9, 2014 12:58 PM
> > > To: dev@cordova.apache.org
> > > Subject: RE: Build signed archives using CLI
> > >
> > > Adding to what Shazron said, isn't config.xml supposed to be
> > > considered as app-wide settings/properties? Typically packaging
> > > information is per platform and hence in my opinion, should be
> > > decoupled from config
> > settings.
> > > Jesse, I am working on a documentation that I will share out soon
> > > for
> > the
> > > community to collaborate.
> > >
> > > Subhag Oak | Senior Program Manager Visual Studio, Client Tools
> > > soak@microsoft.com
> > > 425 707 5598 office
> > >
> > > -----Original Message-----
> > > From: Shazron [mailto:shazron@gmail.com]
> > > Sent: Thursday, October 9, 2014 12:02 PM
> > > To: dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > > Liking Subhag's proposal.
> > > Agree with Jesse on using conventions as a default plus config.xml
> > > --
> > with
> > > overrides/env-vars possible. The only caveat for including info in
> > > the config.xml is, the config.xml data is copied into the iOS
> > > platform and
> > will
> > > be included in the .app bundle, and will leak information (even
> > > though harmless, since it shouldn't contain passwords, etc) -- so
> > > maybe that
> is
> > > not desirable, using config.xml.
> > >
> > > We will need to provide the password each time at least for iOS,
> > > since
> we
> > > need to unlock the keychain for code signing.
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve
> > > <ag...@chromium.org>
> > > wrote:
> > >
> > > > The prompting is actually pretty appropriate here since
> > > > passwords are involved I think. I think also that keys will
> > > > often not be checked into source control, but maybe the best way
> > > > to support that is to allow multiple ways of specifying things
> > > > (e.g. default to convention, allow override via config.xml,
> > > > allow override via command-line & env variable as well)
> > > >
> > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com>
> wrote:
> > > >
> > > > > I am liking all of this.
> > > > > Are we ready to move this to an editable plaintext doc to
> collaborate
> > > on?
> > > > >
> > > > > I agree that we should take advantage of as much
> > > > > 'by-convention' as we
> > > > can,
> > > > > meaning things like `cordova package ios` defaults to a code
> > > > > sign
> > > > identity
> > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > >
> > > > > If it does not make sense as a convention, then I too would
> > > > > like to see
> > > > as
> > > > > much as possible done through config.xml as Fredrico points
> > > > > out,
> and
> > > > agree
> > > > > on picking the most consistent names possible.
> > > > >
> > > > > I would prefer that we do not prompt, and simply fail fast,
> > > > > given that tools will typically be consuming the cli. Or we
> > > > > should at least
> > > > provide a
> > > > > --noPrompt option. Anything prompt-able should be
> > > > > config.xml-able
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > @purplecabbage
> > > > > risingj.com
> > > > >
> > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz
> > > > > <clantz@microsoft.com
> >
> > > > wrote:
> > > > >
> > > > > > One option here could be to build off of the idea of the "res"
> > > > > > folder
> > > > > that
> > > > > > is in the current samples for splashscreens and icons and
> > > > > > introduce something like "res/native". Files placed here
> > > > > > would
> be
> > > > > > put into the native project folders "before_prepare" and
> > > > > > would be further enhanced
> > > > by
> > > > > > the plugin and build infrastructure. This would allow you
> > > > > > to place customized native assets that are unique to your
> > > > > > project in a place
> > > > that
> > > > > > you can check in and would be unaffected by an upgrade.
> > > > > >
> > > > > > Andrew's environment variable idea could also provide an
> alternate
> > > > means
> > > > > > to specify platform specific values (what Soak mentions in
> > > > > > the {
> > }).
> > > > > >
> > > > > > -Chuck
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Frederico Galvão
> > > > > > [mailto:frederico.galvao@pontoget.com.br]
> > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > Cc: dev@cordova.apache.org
> > > > > > Subject: Re: Build signed archives using CLI
> > > > > >
> > > > > > I agree with pretty much everything mentioned, but as far as
> > > > > > I know cordova is trying it's best to not depend on anything
> > > > > > to be in /platforms/<TARGET_PLATFORM>/. Having said that,
> > > > > > the package command
> > > > > should
> > > > > > always expect things to be in config.xml or something like that.
> > > > > >
> > > > > > Also, the closer we are in naming things to what they are
> > > > > > already known
> > > > > as
> > > > > > in the native platform, the better.
> > > > > >
> > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak
> > > > > > <Subhag.Oak@microsoft.com
> >:
> > > > > >
> > > > > > > Hey Cordova community,
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > I am Subhag Oak, senior program manager on the Visual
> > > > > > > Studio team working on VS tools for Multi device hybrid
> > > > > > > apps. In line with the discussion of having a generic Cordova ‘packaging’
> > > > > > > command for all platforms, here is one
> > > > > > > proposal:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > As we all know, packaging an application for deployment
> requires
> > > > extra
> > > > > > > steps that are specific to the native platforms. A new
> > > > > > > generic Cordova CLI ‘package’ command can perform these
> > > > > > > platform specific actions to generate a final signed
> > > > > > > package ready for
> > > deployment:
> > > > > > >
> > > > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > > > –-sign[location]
> > > > > > > -- –-embed[location] -- --signIdentity[location]}, where
> > > > > > > all
> the
> > > > > > > parameters within { } are platform specific overrides.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > If no platform is specified, the command will build
> > > > > > > packages
> for
> > > > > > > all platforms added.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > The values for –packageConfiguration are interpreted by
> > > > > > > the
> > > > respective
> > > > > > > platforms. For Android and Windows, the value can be debug
> > > > > > > or
> > > > release,
> > > > > > > with release being the default value. For iOS, the
> > > > > > > possible values are development, adhoc or store with
> > > > > > > development being the default value. The
> > > > > > > -- --sign, -- -- embed and -- --signIdentity are optional
> > > > > > > iOS specific signing arguments for specifying the location
> > > > > > > of
> > > > code-signing
> > > > > > > certificate, the provisioning profile or the code signing
> > > > > > > identity (certificates along with public and private keys)
> > > respectively.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > e.g:
> > > > > > >
> > > > > > > · ‘cordova package iOS’ would generate a signed ipa
> with
> > > > > > > development profile, using code signing identity defined
> > > > > > > in
> > > > > > build.xcconfig:
> > > > > > >
> > > > > > > // to list all installed iOS identities, run:
> > > > > > >
> > > > > > > // security find-identity | sed -n
> > > > > > > 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
> > > > > > >
> > > > > > > // generic 'iPhone Developer' (no quotes) will match the
> > > > > > > right Identity with the right Provisioning // Profile plus
> > > > > > > Certificate, based on the app bundle id
> > > > > > >
> > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > · ‘cordova package android’ would generate a release
> > signed
> > > > > using
> > > > > > > the packaging assets (keystore, alias and password)
> > > > > > > defined in the ant.properties files using the ANT build.
> > > > > > > This would be using gradle.propoerties once cordova
> > > > > > > changes to gradle build like the one Andrew mentions below.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > · ‘Cordova package windows’ would generate a signed
> APPX
> > > > > package.
> > > > > > > This will use the following tools in the Windows SDK:
> > > > > > >
> > > > > > > • An unsigned packaged Windows Store app,
> for
> > > > > example,
> > > > > > > an .APPX file created by using the app packager
> > > > > > > (MakeAppx.exe) tool
> > > > > > >
> > > > > > > • A valid code signing certificate, for
> > > example, a
> > > > > > > Personal Information Exchange (.pfx) file created with the
> > > > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > >
> > > > > > > • SignTool, which is part of the Windows SDK
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Here is how the package command should work. The proposal
> > > > > > > is to make the ‘package’ command work on convention
> > > > > > > (similar to the Cordova
> > > > build
> > > > > > > command) rather than config settings. The command would
> > > > > > > look
> out
> > > > > > > for packaging assets in the “platform\ [native-platform]”
> folder.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > For android, the contents of the ant.properties (keystore,
> > > > > > > password, alias and alias password) would be used for
> packaging.
> > > > > > > If any of
> > > > these
> > > > > > > properties is missing in ant.properties [or
> > > > > > > gradle.properties for gradle build] or if the file is
> > > > > > > missing, the command would prompt the user for these value
> > > > > > > at the command prompt. If the values provided
> > > > are
> > > > > > > invalid, the command would fail.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > For iOS, the contents of build.xcconfig specify the
> > > > > > > code-sign certificate and the provisioning profile to be
> > > > > > > used. The
> default
> > > > > > > build.xcconfig file is setup to handle different
> > > > > > > information by build profile based on the configuration
> > > > > > > defined in the
> command.
> > > > > > > Build.xcconfig can also support signing identities that
> > > > > > > tie the code-sign certificate with the provisioning profile.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Tools like VS and other IDEs, which use cordova CLI, may
> > > > > > > need
> an
> > > > > > > explicit way to specify certs/profile for packaging for
> > > > > > > iOS (since
> > > > the
> > > > > > > build needs to happen on MAC agent) instead of the assets
> > > > > > > being defined in the build.xcconfig. One way to allow this
> > > > > > > is by
> using
> > > > > > > optional platform specific arguments to the package
> > > > > > > command
> like:
> > > > > > >
> > > > > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > >
> > > > > > > This command will run the xcrun command to generate a
> > > > > > > signed
> IPA
> > > > > > > with development provisioning profile.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > I would love to hear your comments, insights and feedback
> > > > > > > on this
> > > > > > proposal.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Subhag Oak | Senior Program Manager
> > > > > > >
> > > > > > > Visual Studio, Client Tools
> > > > > > >
> > > > > > > soak@microsoft.com
> > > > > > >
> > > > > > > 425 707 5598 office
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: agrieve@google.com [mailto:agrieve@google.com] On
> > > > > > > Behalf Of Andrew Grieve
> > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > To: Shazron
> > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > For Android Gradle, what's in (and experimental) right now:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE"
> > > > > > > points
> to
> > > > > > > a .properties file that contains:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > >
> > > > > > > storePassword=SECRET1
> > > > > > >
> > > > > > > storeType=pkcs12
> > > > > > >
> > > > > > > keyAlias=DebugSigningKey
> > > > > > >
> > > > > > > keyPassword=SECRET2
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Topics to discuss:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > 1) Combine platform info into one file, or leave separate?
> > > > > > >
> > > > > > > - Leaning towards together
> > > > > > >
> > > > > > > 2) have config.xml point to signing info?
> > > > > > >
> > > > > > > - I think no, since signing info you often want to not
> > > > > > > check in /
> > > > keep
> > > > > > > secure
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Strawman:
> > > > > > >
> > > > > > > If a file "cordova-keys.json" exists as a sibling to www/,
> > > > > > > then use it. It should look like:
> > > > > > >
> > > > > > > {
> > > > > > >
> > > > > > > "android": {
> > > > > > >
> > > > > > > "storeFile": "relative/path.p12"
> > > > > > >
> > > > > > > ...
> > > > > > >
> > > > > > > },
> > > > > > >
> > > > > > > "ios": {
> > > > > > >
> > > > > > > },
> > > > > > >
> > > > > > > ...
> > > > > > >
> > > > > > > }
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Android signs debug builds as well (not sure if other
> > > > > > > platforms do this too?), so maybe also allow
> > > > > > >
> > > > > > > "android-release" as an alias for "android", and
> > > > > > >
> > > > > > > "android-debug"
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com
> > <mailto:
> > > > > > > shazron@gmail.com>> wrote:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > > I did open an issue for this two years ago:
> > > > > > >
> > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > >
> > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > >
> > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > > Seems to be of great value - so let's get going on this
> > > > > > > > ;)
> The
> > > > > > > > CLI has
> > > > > > >
> > > > > > > > (I think) matured more since then to allow this
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > > > >
> > > > > > > > <to...@devgeeks.org>>
> > > > > > >
> > > > > > > > wrote:
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > > > Frederico’s workflow is the same as ours. I would love
> > > > > > > > > to see
> > > > > > >
> > > > > > > > > something happen To improve this, the less time I
> > > > > > > > > spend in Xcode,
> > > > > > >
> > > > > > > > > the happier I am
> > > > > > >
> > > > > > > > ;)
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > >
> > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > I can already get the ultimate .apk through "cordova
> > > > > > > > > build
> > > > android
> > > > > > >
> > > > > > > > > --release", but I already have the required
> > > > > > > > > .properties properly
> > > > > > >
> > > > > > > > configured
> > > > > > >
> > > > > > > > > in my platform/android folder, specifying the path and
> > > > > > > > > name to my
> > > > > > >
> > > > > > > > > keystores. The "cordova build android --release"
> > > > > > > > > already gives me
> > > > > > >
> > > > > > > > > the signed and ready .apk, all I have to do is upload
> > > > > > > > > it to
> > > > > > > play.google.com.
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > I have never, however, used cordova's CLI to build the
> final
> > > > > > >
> > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run
> > > > > > > > > "cordova
> > > > > > >
> > > > > > > > > prepare", and use xCode
> > > > > > >
> > > > > > > > from
> > > > > > >
> > > > > > > > > then on to build, package, sign, and upload.
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS
> > > > > > > > > OPEN
> > > > > > > > > TECH) <
> > > > > > >
> > > > > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > > How about a "cordova package" command, that would be
> > > > > > > > > > for packaging
> > > > > > >
> > > > > > > > > > the
> > > > > > >
> > > > > > > > > app
> > > > > > >
> > > > > > > > > > for the store? Note that different platforms may
> > > > > > > > > > have different
> > > > > > >
> > > > > > > > > > requirements for certs, signing etc. So it may make
> > > > > > > > > > sense to
> > > > > > >
> > > > > > > > > > promote
> > > > > > >
> > > > > > > > this
> > > > > > >
> > > > > > > > > > to a different command and let each command take
> > > > > > > > > > care of packaging
> > > > > > >
> > > > > > > > > > the
> > > > > > >
> > > > > > > > > app
> > > > > > >
> > > > > > > > > > for the store. This command will also mean that
> developers
> > > > don’t
> > > > > > >
> > > > > > > > > > have
> > > > > > >
> > > > > > > > to
> > > > > > >
> > > > > > > > > go
> > > > > > >
> > > > > > > > > > over to the native projects when they finally want
> > > > > > > > > > to publish
> > > > > > >
> > > > > > > > > > their
> > > > > > >
> > > > > > > > apps
> > > > > > >
> > > > > > > > > to
> > > > > > >
> > > > > > > > > > the store.
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > >
> > > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > > > >
> > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > >
> > > > > > > > > > To: dev
> > > > > > >
> > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > > if you do:
> > > > > > >
> > > > > > > > > > Cordova build --release,
> > > > > > >
> > > > > > > > > > The blackberry10 platform will generate a signed image...
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> agrieve@chromium.org
> > > > > <mailto:
> > > > > > > agrieve@chromium.org>> wrote:
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > > >AFAIK, I don't think there's any technical roadblocks.
> > > > > > > > > > >Just need
> > > > > > >
> > > > > > > > > > >a proposal for how it should look, and then a patch
> > > > > > > > > > >& docs to add
> > > > > > > it!
> > > > > > >
> > > > > > > > > > >
> > > > > > >
> > > > > > > > > > >For Android's hot-off-the-press gradle support, you
> > > > > > > > > > >can set an
> > > > > > >
> > > > > > > > > > >environment variable that points to a .properties
> > > > > > > > > > >file for
> > > > > > >
> > > > > > > > > > >signing builds. This shows one way to go about it,
> > > > > > > > > > >but I'm not in
> > > > > > >
> > > > > > > > > > >love with
> > > > > > >
> > > > > > > > the
> > > > > > >
> > > > > > > > > > .properties idea.
> > > > > > >
> > > > > > > > > > >
> > > > > > >
> > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > >
> > > > > > > > > > ><sosah.victor@gmail.com<mailto:sosah.victor@gmail.c
> > > > > > > > > > >om>>
> > > > > > >
> > > > > > > > > > >wrote:
> > > > > > >
> > > > > > > > > > >
> > > > > > >
> > > > > > > > > > >> Hi community.
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> Been looking at this topic and wondering why the
> > > > > > > > > > >> build command
> > > > > > >
> > > > > > > > > > >>does not create signed archives. Digging a little
> > > > > > > > > > >>bit found a
> > > > > > >
> > > > > > > > > > >>lot of differences in the platforms to create
> > > > > > > > > > >>these
> > > archives.
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> For instance, in Android you need to 1. Export
> > > > > > > > > > >> your
> APK
> > > > > > > > > > >> in
> > > > > > >
> > > > > > > > > > >> release mode (--release flag) 2. Sign your APK
> > > > > > > > > > >> (you already
> > > > > > >
> > > > > > > > > > >> need a RSA key)
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> In iOS, you need to:
> > > > > > >
> > > > > > > > > > >> 1. Export your APP using --device flag (--release
> seems
> > > > > > > > > > >> to
> > > > > > >
> > > > > > > > > > >> export
> > > > > > >
> > > > > > > > for
> > > > > > >
> > > > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and
> > > > > > > > > > >>sign the
> > > > > > >
> > > > > > > > > > >>archive or use xcrun (headless
> > > > > > >
> > > > > > > > > > >> process)
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> Besides these differences, what is preventing
> > > > > > > > > > >> Cordova from
> > > > > > >
> > > > > > > > > > >> providing a generic one-way to build these
> > > > > > > > > > >> signed,
> > > > > > > ready-to-publish archives?
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > > > > >> appreciate your
> > > > > > >
> > > > > > > > > > >>insights on this topic
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> Thanks!
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> --
> > > > > > >
> > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > >
> > > > > > > > > > >> IBM Software Engineer
> > > > > > >
> > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > >
> > > > ----------------------------------------------------------------
> > > > > > > > > > --
> > > > > > >
> > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > <ma...@cordova.apache.org>
> > > > > > >
> > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > dev-help@cordova.apache.org
> > > > > > <mailto:
> > > > > > > dev-help@cordova.apache.org>
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > --
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > *Frederico Galvão*
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > Diretor de Tecnologia
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > PontoGet Inovação Web
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > ( +55(62) 8131-5720
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > > > http://www.pontoget.com/>
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > >
> > > > > > *Frederico Galvão*
> > > > > >
> > > > > > Diretor de Tecnologia
> > > > > >
> > > > > > PontoGet Inovação Web
> > > > > >
> > > > > >
> > > > > > ( +55(62) 8131-5720
> > > > > >
> > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > >
> > > > >
> > > >
> > >
> > > ------------------------------------------------------------------
> > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > For additional commands, e-mail: dev-help@cordova.apache.org
> > >
> > > ------------------------------------------------------------------
> > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > For additional commands, e-mail: dev-help@cordova.apache.org
> > >
> >
> >
> >
> > --
> > Carlos Santana
> > <cs...@gmail.com>
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
>
--
Victor Adrian Sosa Herrera
IBM Software Engineer
Guadalajara, Jalisco
Re: Build signed archives using CLI
Posted by Victor Sosa <so...@gmail.com>.
Hi Andrew.
AFAICT, no one has done any work on this area, but I'd like to add this
topic to the hangout agenda, start discussing this. I think Subhag has a
very good design in the google doc in this thread. We can start from there
and try to make this happen for a future release.
Thoughts before adding it to the agenda?
2015-01-26 20:08 GMT-06:00 Andrew Grieve <ag...@chromium.org>:
> In anyone interested in working on any of this?
>
> Was just looking at it to see if there was anything I needed to do to add
> support to Android for release packaging.
>
> Main thing lacking to me is whether we should support specifying release
> key information outside of the platforms/android directory. E.g. have a
> cordova-keys.json as a sibling to www/ that has per-platform key locations
> & settings.
>
> On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa <so...@gmail.com>
> wrote:
>
> > Hello Cordova community
> > Curious to know where we stand about this topic. Even though this topic
> > looks to have significant impact on Cordova, Subhag has a document
> proposal
> > with little discussion activity.
> >
> > I like Subhag's proposal, but I want to bring back the idea of a
> > prompt-less keychain.
> >
> > Is anything else, besides what is depicted in the proposal, missing here?
> >
> > Document:
> >
> >
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit?usp=sharing
> >
> >
> > ---------- Forwarded message ----------
> > From: Carlos Santana <cs...@gmail.com>
> > Date: 2014-10-15 12:42 GMT-05:00
> > Subject: Re: Build signed archives using CLI
> > To: "dev@cordova.apache.org" <de...@cordova.apache.org>
> >
> >
> > +1 on having a new command "cordova package" this will allow IBM tooling
> to
> > hook into before_package and after_package for our own customizations
> > (direct update, authenticity, etc..)
> > +1 on using sane defaults and not prompting (i.e. default keychain maybe
> > used and unlock already) if not found what we need then prompt or fail
> > +1 have some config/settings outside "platforms/" as I like to be
> transient
> > replaceable. using config.xml, something.json, or file conventions like
> > res/packaging/<platform>/ are all ok options.
> >
> >
> > On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak <Su...@microsoft.com>
> > wrote:
> >
> > > Here is the link to the proposal:
> > >
> >
> >
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit?usp=sharing
> > > Jump on it people :)
> > >
> > > Subhag Oak | Senior Program Manager
> > > Visual Studio, Client Tools
> > > soak@microsoft.com
> > > 425 707 5598 office
> > >
> > > -----Original Message-----
> > > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > > Sent: Thursday, October 9, 2014 12:58 PM
> > > To: dev@cordova.apache.org
> > > Subject: RE: Build signed archives using CLI
> > >
> > > Adding to what Shazron said, isn't config.xml supposed to be considered
> > > as app-wide settings/properties? Typically packaging information is per
> > > platform and hence in my opinion, should be decoupled from config
> > settings.
> > > Jesse, I am working on a documentation that I will share out soon for
> > the
> > > community to collaborate.
> > >
> > > Subhag Oak | Senior Program Manager
> > > Visual Studio, Client Tools
> > > soak@microsoft.com
> > > 425 707 5598 office
> > >
> > > -----Original Message-----
> > > From: Shazron [mailto:shazron@gmail.com]
> > > Sent: Thursday, October 9, 2014 12:02 PM
> > > To: dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > > Liking Subhag's proposal.
> > > Agree with Jesse on using conventions as a default plus config.xml --
> > with
> > > overrides/env-vars possible. The only caveat for including info in the
> > > config.xml is, the config.xml data is copied into the iOS platform and
> > will
> > > be included in the .app bundle, and will leak information (even though
> > > harmless, since it shouldn't contain passwords, etc) -- so maybe that
> is
> > > not desirable, using config.xml.
> > >
> > > We will need to provide the password each time at least for iOS, since
> we
> > > need to unlock the keychain for code signing.
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org>
> > > wrote:
> > >
> > > > The prompting is actually pretty appropriate here since passwords are
> > > > involved I think. I think also that keys will often not be checked
> > > > into source control, but maybe the best way to support that is to
> > > > allow multiple ways of specifying things (e.g. default to convention,
> > > > allow override via config.xml, allow override via command-line & env
> > > > variable as well)
> > > >
> > > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com>
> wrote:
> > > >
> > > > > I am liking all of this.
> > > > > Are we ready to move this to an editable plaintext doc to
> collaborate
> > > on?
> > > > >
> > > > > I agree that we should take advantage of as much 'by-convention' as
> > > > > we
> > > > can,
> > > > > meaning things like `cordova package ios` defaults to a code sign
> > > > identity
> > > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > > >
> > > > > If it does not make sense as a convention, then I too would like to
> > > > > see
> > > > as
> > > > > much as possible done through config.xml as Fredrico points out,
> and
> > > > agree
> > > > > on picking the most consistent names possible.
> > > > >
> > > > > I would prefer that we do not prompt, and simply fail fast, given
> > > > > that tools will typically be consuming the cli. Or we should at
> > > > > least
> > > > provide a
> > > > > --noPrompt option. Anything prompt-able should be config.xml-able
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > @purplecabbage
> > > > > risingj.com
> > > > >
> > > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <clantz@microsoft.com
> >
> > > > wrote:
> > > > >
> > > > > > One option here could be to build off of the idea of the "res"
> > > > > > folder
> > > > > that
> > > > > > is in the current samples for splashscreens and icons and
> > > > > > introduce something like "res/native". Files placed here would
> be
> > > > > > put into the native project folders "before_prepare" and would be
> > > > > > further enhanced
> > > > by
> > > > > > the plugin and build infrastructure. This would allow you to
> > > > > > place customized native assets that are unique to your project in
> > > > > > a place
> > > > that
> > > > > > you can check in and would be unaffected by an upgrade.
> > > > > >
> > > > > > Andrew's environment variable idea could also provide an
> alternate
> > > > means
> > > > > > to specify platform specific values (what Soak mentions in the {
> > }).
> > > > > >
> > > > > > -Chuck
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > > Cc: dev@cordova.apache.org
> > > > > > Subject: Re: Build signed archives using CLI
> > > > > >
> > > > > > I agree with pretty much everything mentioned, but as far as I
> > > > > > know cordova is trying it's best to not depend on anything to be
> > > > > > in /platforms/<TARGET_PLATFORM>/. Having said that, the package
> > > > > > command
> > > > > should
> > > > > > always expect things to be in config.xml or something like that.
> > > > > >
> > > > > > Also, the closer we are in naming things to what they are already
> > > > > > known
> > > > > as
> > > > > > in the native platform, the better.
> > > > > >
> > > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Subhag.Oak@microsoft.com
> >:
> > > > > >
> > > > > > > Hey Cordova community,
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > I am Subhag Oak, senior program manager on the Visual Studio
> > > > > > > team working on VS tools for Multi device hybrid apps. In line
> > > > > > > with the discussion of having a generic Cordova ‘packaging’
> > > > > > > command for all platforms, here is one
> > > > > > > proposal:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > As we all know, packaging an application for deployment
> requires
> > > > extra
> > > > > > > steps that are specific to the native platforms. A new generic
> > > > > > > Cordova CLI ‘package’ command can perform these platform
> > > > > > > specific actions to generate a final signed package ready for
> > > deployment:
> > > > > > >
> > > > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > > > –-sign[location]
> > > > > > > -- –-embed[location] -- --signIdentity[location]}, where all
> the
> > > > > > > parameters within { } are platform specific overrides.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > If no platform is specified, the command will build packages
> for
> > > > > > > all platforms added.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > The values for –packageConfiguration are interpreted by the
> > > > respective
> > > > > > > platforms. For Android and Windows, the value can be debug or
> > > > release,
> > > > > > > with release being the default value. For iOS, the possible
> > > > > > > values are development, adhoc or store with development being
> > > > > > > the default value. The
> > > > > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > > > > specific signing arguments for specifying the location of
> > > > code-signing
> > > > > > > certificate, the provisioning profile or the code signing
> > > > > > > identity (certificates along with public and private keys)
> > > respectively.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > e.g:
> > > > > > >
> > > > > > > · ‘cordova package iOS’ would generate a signed ipa
> with
> > > > > > > development profile, using code signing identity defined in
> > > > > > build.xcconfig:
> > > > > > >
> > > > > > > // to list all installed iOS identities, run:
> > > > > > >
> > > > > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' |
> > > > > > > grep 'iPhone'
> > > > > > >
> > > > > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > > > > Identity with the right Provisioning // Profile plus
> > > > > > > Certificate, based on the app bundle id
> > > > > > >
> > > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > · ‘cordova package android’ would generate a release
> > signed
> > > > > using
> > > > > > > the packaging assets (keystore, alias and password) defined in
> > > > > > > the ant.properties files using the ANT build. This would be
> > > > > > > using gradle.propoerties once cordova changes to gradle build
> > > > > > > like the one Andrew mentions below.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > · ‘Cordova package windows’ would generate a signed
> APPX
> > > > > package.
> > > > > > > This will use the following tools in the Windows SDK:
> > > > > > >
> > > > > > > • An unsigned packaged Windows Store app,
> for
> > > > > example,
> > > > > > > an .APPX file created by using the app packager (MakeAppx.exe)
> > > > > > > tool
> > > > > > >
> > > > > > > • A valid code signing certificate, for
> > > example, a
> > > > > > > Personal Information Exchange (.pfx) file created with the
> > > > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > > > >
> > > > > > > • SignTool, which is part of the Windows SDK
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Here is how the package command should work. The proposal is to
> > > > > > > make the ‘package’ command work on convention (similar to the
> > > > > > > Cordova
> > > > build
> > > > > > > command) rather than config settings. The command would look
> out
> > > > > > > for packaging assets in the “platform\ [native-platform]”
> folder.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > For android, the contents of the ant.properties (keystore,
> > > > > > > password, alias and alias password) would be used for
> packaging.
> > > > > > > If any of
> > > > these
> > > > > > > properties is missing in ant.properties [or gradle.properties
> > > > > > > for gradle build] or if the file is missing, the command would
> > > > > > > prompt the user for these value at the command prompt. If the
> > > > > > > values provided
> > > > are
> > > > > > > invalid, the command would fail.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > > > > certificate and the provisioning profile to be used. The
> default
> > > > > > > build.xcconfig file is setup to handle different information by
> > > > > > > build profile based on the configuration defined in the
> command.
> > > > > > > Build.xcconfig can also support signing identities that tie the
> > > > > > > code-sign certificate with the provisioning profile.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Tools like VS and other IDEs, which use cordova CLI, may need
> an
> > > > > > > explicit way to specify certs/profile for packaging for iOS
> > > > > > > (since
> > > > the
> > > > > > > build needs to happen on MAC agent) instead of the assets being
> > > > > > > defined in the build.xcconfig. One way to allow this is by
> using
> > > > > > > optional platform specific arguments to the package command
> like:
> > > > > > >
> > > > > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> > > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > > >
> > > > > > > This command will run the xcrun command to generate a signed
> IPA
> > > > > > > with development provisioning profile.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > I would love to hear your comments, insights and feedback on
> > > > > > > this
> > > > > > proposal.
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Subhag Oak | Senior Program Manager
> > > > > > >
> > > > > > > Visual Studio, Client Tools
> > > > > > >
> > > > > > > soak@microsoft.com
> > > > > > >
> > > > > > > 425 707 5598 office
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > -----Original Message-----
> > > > > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf
> > > > > > > Of Andrew Grieve
> > > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > > To: Shazron
> > > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > For Android Gradle, what's in (and experimental) right now:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points
> to
> > > > > > > a .properties file that contains:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > storeFile=relative/path/to/keystore.p12
> > > > > > >
> > > > > > > storePassword=SECRET1
> > > > > > >
> > > > > > > storeType=pkcs12
> > > > > > >
> > > > > > > keyAlias=DebugSigningKey
> > > > > > >
> > > > > > > keyPassword=SECRET2
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Topics to discuss:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > 1) Combine platform info into one file, or leave separate?
> > > > > > >
> > > > > > > - Leaning towards together
> > > > > > >
> > > > > > > 2) have config.xml point to signing info?
> > > > > > >
> > > > > > > - I think no, since signing info you often want to not check in
> > > > > > > /
> > > > keep
> > > > > > > secure
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Strawman:
> > > > > > >
> > > > > > > If a file "cordova-keys.json" exists as a sibling to www/, then
> > > > > > > use it. It should look like:
> > > > > > >
> > > > > > > {
> > > > > > >
> > > > > > > "android": {
> > > > > > >
> > > > > > > "storeFile": "relative/path.p12"
> > > > > > >
> > > > > > > ...
> > > > > > >
> > > > > > > },
> > > > > > >
> > > > > > > "ios": {
> > > > > > >
> > > > > > > },
> > > > > > >
> > > > > > > ...
> > > > > > >
> > > > > > > }
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > Android signs debug builds as well (not sure if other platforms
> > > > > > > do this too?), so maybe also allow
> > > > > > >
> > > > > > > "android-release" as an alias for "android", and
> > > > > > >
> > > > > > > "android-debug"
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com
> > <mailto:
> > > > > > > shazron@gmail.com>> wrote:
> > > > > > >
> > > > > > >
> > > > > > >
> > > > > > > > I did open an issue for this two years ago:
> > > > > > >
> > > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > > >
> > > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > > >
> > > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > > Seems to be of great value - so let's get going on this ;)
> The
> > > > > > > > CLI has
> > > > > > >
> > > > > > > > (I think) matured more since then to allow this
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > > > >
> > > > > > > > <to...@devgeeks.org>>
> > > > > > >
> > > > > > > > wrote:
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > > > > Frederico’s workflow is the same as ours. I would love to
> > > > > > > > > see
> > > > > > >
> > > > > > > > > something happen To improve this, the less time I spend in
> > > > > > > > > Xcode,
> > > > > > >
> > > > > > > > > the happier I am
> > > > > > >
> > > > > > > > ;)
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > > >
> > > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > I can already get the ultimate .apk through "cordova build
> > > > android
> > > > > > >
> > > > > > > > > --release", but I already have the required .properties
> > > > > > > > > properly
> > > > > > >
> > > > > > > > configured
> > > > > > >
> > > > > > > > > in my platform/android folder, specifying the path and name
> > > > > > > > > to my
> > > > > > >
> > > > > > > > > keystores. The "cordova build android --release" already
> > > > > > > > > gives me
> > > > > > >
> > > > > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > > > > play.google.com.
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > I have never, however, used cordova's CLI to build the
> final
> > > > > > >
> > > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > > > > >
> > > > > > > > > prepare", and use xCode
> > > > > > >
> > > > > > > > from
> > > > > > >
> > > > > > > > > then on to build, package, sign, and upload.
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN
> > > > > > > > > TECH) <
> > > > > > >
> > > > > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > > How about a "cordova package" command, that would be for
> > > > > > > > > > packaging
> > > > > > >
> > > > > > > > > > the
> > > > > > >
> > > > > > > > > app
> > > > > > >
> > > > > > > > > > for the store? Note that different platforms may have
> > > > > > > > > > different
> > > > > > >
> > > > > > > > > > requirements for certs, signing etc. So it may make sense
> > > > > > > > > > to
> > > > > > >
> > > > > > > > > > promote
> > > > > > >
> > > > > > > > this
> > > > > > >
> > > > > > > > > > to a different command and let each command take care of
> > > > > > > > > > packaging
> > > > > > >
> > > > > > > > > > the
> > > > > > >
> > > > > > > > > app
> > > > > > >
> > > > > > > > > > for the store. This command will also mean that
> developers
> > > > don’t
> > > > > > >
> > > > > > > > > > have
> > > > > > >
> > > > > > > > to
> > > > > > >
> > > > > > > > > go
> > > > > > >
> > > > > > > > > > over to the native projects when they finally want to
> > > > > > > > > > publish
> > > > > > >
> > > > > > > > > > their
> > > > > > >
> > > > > > > > apps
> > > > > > >
> > > > > > > > > to
> > > > > > >
> > > > > > > > > > the store.
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > > -----Original Message-----
> > > > > > >
> > > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > > > >
> > > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > > >
> > > > > > > > > > To: dev
> > > > > > >
> > > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > > if you do:
> > > > > > >
> > > > > > > > > > Cordova build --release,
> > > > > > >
> > > > > > > > > > The blackberry10 platform will generate a signed image...
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <
> agrieve@chromium.org
> > > > > <mailto:
> > > > > > > agrieve@chromium.org>> wrote:
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > > >AFAIK, I don't think there's any technical roadblocks.
> > > > > > > > > > >Just need
> > > > > > >
> > > > > > > > > > >a proposal for how it should look, and then a patch &
> > > > > > > > > > >docs to add
> > > > > > > it!
> > > > > > >
> > > > > > > > > > >
> > > > > > >
> > > > > > > > > > >For Android's hot-off-the-press gradle support, you can
> > > > > > > > > > >set an
> > > > > > >
> > > > > > > > > > >environment variable that points to a .properties file
> > > > > > > > > > >for
> > > > > > >
> > > > > > > > > > >signing builds. This shows one way to go about it, but
> > > > > > > > > > >I'm not in
> > > > > > >
> > > > > > > > > > >love with
> > > > > > >
> > > > > > > > the
> > > > > > >
> > > > > > > > > > .properties idea.
> > > > > > >
> > > > > > > > > > >
> > > > > > >
> > > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > > >
> > > > > > > > > > ><so...@gmail.com>>
> > > > > > >
> > > > > > > > > > >wrote:
> > > > > > >
> > > > > > > > > > >
> > > > > > >
> > > > > > > > > > >> Hi community.
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > > > > >> command
> > > > > > >
> > > > > > > > > > >>does not create signed archives. Digging a little bit
> > > > > > > > > > >>found a
> > > > > > >
> > > > > > > > > > >>lot of differences in the platforms to create these
> > > archives.
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> For instance, in Android you need to 1. Export your
> APK
> > > > > > > > > > >> in
> > > > > > >
> > > > > > > > > > >> release mode (--release flag) 2. Sign your APK (you
> > > > > > > > > > >> already
> > > > > > >
> > > > > > > > > > >> need a RSA key)
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> In iOS, you need to:
> > > > > > >
> > > > > > > > > > >> 1. Export your APP using --device flag (--release
> seems
> > > > > > > > > > >> to
> > > > > > >
> > > > > > > > > > >> export
> > > > > > >
> > > > > > > > for
> > > > > > >
> > > > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign
> > > > > > > > > > >>the
> > > > > > >
> > > > > > > > > > >>archive or use xcrun (headless
> > > > > > >
> > > > > > > > > > >> process)
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> Besides these differences, what is preventing Cordova
> > > > > > > > > > >> from
> > > > > > >
> > > > > > > > > > >> providing a generic one-way to build these signed,
> > > > > > > ready-to-publish archives?
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > > > > >> appreciate your
> > > > > > >
> > > > > > > > > > >>insights on this topic
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> Thanks!
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > > >> --
> > > > > > >
> > > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > > >
> > > > > > > > > > >> IBM Software Engineer
> > > > > > >
> > > > > > > > > > >> Guadalajara, Jalisco
> > > > > > >
> > > > > > > > > > >>
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > > >
> > > > ----------------------------------------------------------------
> > > > > > > > > > --
> > > > > > >
> > > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > > <ma...@cordova.apache.org>
> > > > > > >
> > > > > > > > > > For additional commands, e-mail:
> > > > > > > > > > dev-help@cordova.apache.org
> > > > > > <mailto:
> > > > > > > dev-help@cordova.apache.org>
> > > > > > >
> > > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > --
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > *Frederico Galvão*
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > Diretor de Tecnologia
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > PontoGet Inovação Web
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > ( +55(62) 8131-5720
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > > > http://www.pontoget.com/>
> > > > > > >
> > > > > > > > >
> > > > > > >
> > > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > --
> > > > > >
> > > > > > *Frederico Galvão*
> > > > > >
> > > > > > Diretor de Tecnologia
> > > > > >
> > > > > > PontoGet Inovação Web
> > > > > >
> > > > > >
> > > > > > ( +55(62) 8131-5720
> > > > > >
> > > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > > >
> > > > >
> > > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > For additional commands, e-mail: dev-help@cordova.apache.org
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > For additional commands, e-mail: dev-help@cordova.apache.org
> > >
> >
> >
> >
> > --
> > Carlos Santana
> > <cs...@gmail.com>
> >
> >
> >
> > --
> > Victor Adrian Sosa Herrera
> > IBM Software Engineer
> > Guadalajara, Jalisco
> >
>
--
Victor Adrian Sosa Herrera
IBM Software Engineer
Guadalajara, Jalisco
Re: Build signed archives using CLI
Posted by Andrew Grieve <ag...@chromium.org>.
In anyone interested in working on any of this?
Was just looking at it to see if there was anything I needed to do to add
support to Android for release packaging.
Main thing lacking to me is whether we should support specifying release
key information outside of the platforms/android directory. E.g. have a
cordova-keys.json as a sibling to www/ that has per-platform key locations
& settings.
On Wed, Nov 5, 2014 at 3:15 PM, Victor Sosa <so...@gmail.com> wrote:
> Hello Cordova community
> Curious to know where we stand about this topic. Even though this topic
> looks to have significant impact on Cordova, Subhag has a document proposal
> with little discussion activity.
>
> I like Subhag's proposal, but I want to bring back the idea of a
> prompt-less keychain.
>
> Is anything else, besides what is depicted in the proposal, missing here?
>
> Document:
>
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit?usp=sharing
>
>
> ---------- Forwarded message ----------
> From: Carlos Santana <cs...@gmail.com>
> Date: 2014-10-15 12:42 GMT-05:00
> Subject: Re: Build signed archives using CLI
> To: "dev@cordova.apache.org" <de...@cordova.apache.org>
>
>
> +1 on having a new command "cordova package" this will allow IBM tooling to
> hook into before_package and after_package for our own customizations
> (direct update, authenticity, etc..)
> +1 on using sane defaults and not prompting (i.e. default keychain maybe
> used and unlock already) if not found what we need then prompt or fail
> +1 have some config/settings outside "platforms/" as I like to be transient
> replaceable. using config.xml, something.json, or file conventions like
> res/packaging/<platform>/ are all ok options.
>
>
> On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak <Su...@microsoft.com>
> wrote:
>
> > Here is the link to the proposal:
> >
>
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit?usp=sharing
> > Jump on it people :)
> >
> > Subhag Oak | Senior Program Manager
> > Visual Studio, Client Tools
> > soak@microsoft.com
> > 425 707 5598 office
> >
> > -----Original Message-----
> > From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> > Sent: Thursday, October 9, 2014 12:58 PM
> > To: dev@cordova.apache.org
> > Subject: RE: Build signed archives using CLI
> >
> > Adding to what Shazron said, isn't config.xml supposed to be considered
> > as app-wide settings/properties? Typically packaging information is per
> > platform and hence in my opinion, should be decoupled from config
> settings.
> > Jesse, I am working on a documentation that I will share out soon for
> the
> > community to collaborate.
> >
> > Subhag Oak | Senior Program Manager
> > Visual Studio, Client Tools
> > soak@microsoft.com
> > 425 707 5598 office
> >
> > -----Original Message-----
> > From: Shazron [mailto:shazron@gmail.com]
> > Sent: Thursday, October 9, 2014 12:02 PM
> > To: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > Liking Subhag's proposal.
> > Agree with Jesse on using conventions as a default plus config.xml --
> with
> > overrides/env-vars possible. The only caveat for including info in the
> > config.xml is, the config.xml data is copied into the iOS platform and
> will
> > be included in the .app bundle, and will leak information (even though
> > harmless, since it shouldn't contain passwords, etc) -- so maybe that is
> > not desirable, using config.xml.
> >
> > We will need to provide the password each time at least for iOS, since we
> > need to unlock the keychain for code signing.
> >
> >
> >
> >
> >
> >
> >
> >
> > On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org>
> > wrote:
> >
> > > The prompting is actually pretty appropriate here since passwords are
> > > involved I think. I think also that keys will often not be checked
> > > into source control, but maybe the best way to support that is to
> > > allow multiple ways of specifying things (e.g. default to convention,
> > > allow override via config.xml, allow override via command-line & env
> > > variable as well)
> > >
> > > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
> > >
> > > > I am liking all of this.
> > > > Are we ready to move this to an editable plaintext doc to collaborate
> > on?
> > > >
> > > > I agree that we should take advantage of as much 'by-convention' as
> > > > we
> > > can,
> > > > meaning things like `cordova package ios` defaults to a code sign
> > > identity
> > > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > > >
> > > > If it does not make sense as a convention, then I too would like to
> > > > see
> > > as
> > > > much as possible done through config.xml as Fredrico points out, and
> > > agree
> > > > on picking the most consistent names possible.
> > > >
> > > > I would prefer that we do not prompt, and simply fail fast, given
> > > > that tools will typically be consuming the cli. Or we should at
> > > > least
> > > provide a
> > > > --noPrompt option. Anything prompt-able should be config.xml-able
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > @purplecabbage
> > > > risingj.com
> > > >
> > > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com>
> > > wrote:
> > > >
> > > > > One option here could be to build off of the idea of the "res"
> > > > > folder
> > > > that
> > > > > is in the current samples for splashscreens and icons and
> > > > > introduce something like "res/native". Files placed here would be
> > > > > put into the native project folders "before_prepare" and would be
> > > > > further enhanced
> > > by
> > > > > the plugin and build infrastructure. This would allow you to
> > > > > place customized native assets that are unique to your project in
> > > > > a place
> > > that
> > > > > you can check in and would be unaffected by an upgrade.
> > > > >
> > > > > Andrew's environment variable idea could also provide an alternate
> > > means
> > > > > to specify platform specific values (what Soak mentions in the {
> }).
> > > > >
> > > > > -Chuck
> > > > >
> > > > > -----Original Message-----
> > > > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > > Cc: dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > I agree with pretty much everything mentioned, but as far as I
> > > > > know cordova is trying it's best to not depend on anything to be
> > > > > in /platforms/<TARGET_PLATFORM>/. Having said that, the package
> > > > > command
> > > > should
> > > > > always expect things to be in config.xml or something like that.
> > > > >
> > > > > Also, the closer we are in naming things to what they are already
> > > > > known
> > > > as
> > > > > in the native platform, the better.
> > > > >
> > > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> > > > >
> > > > > > Hey Cordova community,
> > > > > >
> > > > > >
> > > > > >
> > > > > > I am Subhag Oak, senior program manager on the Visual Studio
> > > > > > team working on VS tools for Multi device hybrid apps. In line
> > > > > > with the discussion of having a generic Cordova ‘packaging’
> > > > > > command for all platforms, here is one
> > > > > > proposal:
> > > > > >
> > > > > >
> > > > > >
> > > > > > As we all know, packaging an application for deployment requires
> > > extra
> > > > > > steps that are specific to the native platforms. A new generic
> > > > > > Cordova CLI ‘package’ command can perform these platform
> > > > > > specific actions to generate a final signed package ready for
> > deployment:
> > > > > >
> > > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > > –-sign[location]
> > > > > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > > > > parameters within { } are platform specific overrides.
> > > > > >
> > > > > >
> > > > > >
> > > > > > If no platform is specified, the command will build packages for
> > > > > > all platforms added.
> > > > > >
> > > > > >
> > > > > >
> > > > > > The values for –packageConfiguration are interpreted by the
> > > respective
> > > > > > platforms. For Android and Windows, the value can be debug or
> > > release,
> > > > > > with release being the default value. For iOS, the possible
> > > > > > values are development, adhoc or store with development being
> > > > > > the default value. The
> > > > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > > > specific signing arguments for specifying the location of
> > > code-signing
> > > > > > certificate, the provisioning profile or the code signing
> > > > > > identity (certificates along with public and private keys)
> > respectively.
> > > > > >
> > > > > >
> > > > > >
> > > > > > e.g:
> > > > > >
> > > > > > · ‘cordova package iOS’ would generate a signed ipa with
> > > > > > development profile, using code signing identity defined in
> > > > > build.xcconfig:
> > > > > >
> > > > > > // to list all installed iOS identities, run:
> > > > > >
> > > > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' |
> > > > > > grep 'iPhone'
> > > > > >
> > > > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > > > Identity with the right Provisioning // Profile plus
> > > > > > Certificate, based on the app bundle id
> > > > > >
> > > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > > >
> > > > > >
> > > > > >
> > > > > > · ‘cordova package android’ would generate a release
> signed
> > > > using
> > > > > > the packaging assets (keystore, alias and password) defined in
> > > > > > the ant.properties files using the ANT build. This would be
> > > > > > using gradle.propoerties once cordova changes to gradle build
> > > > > > like the one Andrew mentions below.
> > > > > >
> > > > > >
> > > > > >
> > > > > > · ‘Cordova package windows’ would generate a signed APPX
> > > > package.
> > > > > > This will use the following tools in the Windows SDK:
> > > > > >
> > > > > > • An unsigned packaged Windows Store app, for
> > > > example,
> > > > > > an .APPX file created by using the app packager (MakeAppx.exe)
> > > > > > tool
> > > > > >
> > > > > > • A valid code signing certificate, for
> > example, a
> > > > > > Personal Information Exchange (.pfx) file created with the
> > > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > > >
> > > > > > • SignTool, which is part of the Windows SDK
> > > > > >
> > > > > >
> > > > > >
> > > > > > Here is how the package command should work. The proposal is to
> > > > > > make the ‘package’ command work on convention (similar to the
> > > > > > Cordova
> > > build
> > > > > > command) rather than config settings. The command would look out
> > > > > > for packaging assets in the “platform\ [native-platform]” folder.
> > > > > >
> > > > > >
> > > > > >
> > > > > > For android, the contents of the ant.properties (keystore,
> > > > > > password, alias and alias password) would be used for packaging.
> > > > > > If any of
> > > these
> > > > > > properties is missing in ant.properties [or gradle.properties
> > > > > > for gradle build] or if the file is missing, the command would
> > > > > > prompt the user for these value at the command prompt. If the
> > > > > > values provided
> > > are
> > > > > > invalid, the command would fail.
> > > > > >
> > > > > >
> > > > > >
> > > > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > > > certificate and the provisioning profile to be used. The default
> > > > > > build.xcconfig file is setup to handle different information by
> > > > > > build profile based on the configuration defined in the command.
> > > > > > Build.xcconfig can also support signing identities that tie the
> > > > > > code-sign certificate with the provisioning profile.
> > > > > >
> > > > > >
> > > > > >
> > > > > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > > > > explicit way to specify certs/profile for packaging for iOS
> > > > > > (since
> > > the
> > > > > > build needs to happen on MAC agent) instead of the assets being
> > > > > > defined in the build.xcconfig. One way to allow this is by using
> > > > > > optional platform specific arguments to the package command like:
> > > > > >
> > > > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> > > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > > >
> > > > > > This command will run the xcrun command to generate a signed IPA
> > > > > > with development provisioning profile.
> > > > > >
> > > > > >
> > > > > >
> > > > > > I would love to hear your comments, insights and feedback on
> > > > > > this
> > > > > proposal.
> > > > > >
> > > > > >
> > > > > >
> > > > > > Subhag Oak | Senior Program Manager
> > > > > >
> > > > > > Visual Studio, Client Tools
> > > > > >
> > > > > > soak@microsoft.com
> > > > > >
> > > > > > 425 707 5598 office
> > > > > >
> > > > > >
> > > > > >
> > > > > > -----Original Message-----
> > > > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf
> > > > > > Of Andrew Grieve
> > > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > > To: Shazron
> > > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > > Subject: Re: Build signed archives using CLI
> > > > > >
> > > > > >
> > > > > >
> > > > > > For Android Gradle, what's in (and experimental) right now:
> > > > > >
> > > > > >
> > > > > >
> > > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to
> > > > > > a .properties file that contains:
> > > > > >
> > > > > >
> > > > > >
> > > > > > storeFile=relative/path/to/keystore.p12
> > > > > >
> > > > > > storePassword=SECRET1
> > > > > >
> > > > > > storeType=pkcs12
> > > > > >
> > > > > > keyAlias=DebugSigningKey
> > > > > >
> > > > > > keyPassword=SECRET2
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > Topics to discuss:
> > > > > >
> > > > > >
> > > > > >
> > > > > > 1) Combine platform info into one file, or leave separate?
> > > > > >
> > > > > > - Leaning towards together
> > > > > >
> > > > > > 2) have config.xml point to signing info?
> > > > > >
> > > > > > - I think no, since signing info you often want to not check in
> > > > > > /
> > > keep
> > > > > > secure
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > Strawman:
> > > > > >
> > > > > > If a file "cordova-keys.json" exists as a sibling to www/, then
> > > > > > use it. It should look like:
> > > > > >
> > > > > > {
> > > > > >
> > > > > > "android": {
> > > > > >
> > > > > > "storeFile": "relative/path.p12"
> > > > > >
> > > > > > ...
> > > > > >
> > > > > > },
> > > > > >
> > > > > > "ios": {
> > > > > >
> > > > > > },
> > > > > >
> > > > > > ...
> > > > > >
> > > > > > }
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > Android signs debug builds as well (not sure if other platforms
> > > > > > do this too?), so maybe also allow
> > > > > >
> > > > > > "android-release" as an alias for "android", and
> > > > > >
> > > > > > "android-debug"
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com
> <mailto:
> > > > > > shazron@gmail.com>> wrote:
> > > > > >
> > > > > >
> > > > > >
> > > > > > > I did open an issue for this two years ago:
> > > > > >
> > > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > > >
> > > > > > > and we did discuss this as well 2 yrs ago:
> > > > > >
> > > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > > >
> > > > > > >
> > > > > >
> > > > > > > Seems to be of great value - so let's get going on this ;) The
> > > > > > > CLI has
> > > > > >
> > > > > > > (I think) matured more since then to allow this
> > > > > >
> > > > > > >
> > > > > >
> > > > > > >
> > > > > >
> > > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > > >
> > > > > > > <to...@devgeeks.org>>
> > > > > >
> > > > > > > wrote:
> > > > > >
> > > > > > >
> > > > > >
> > > > > > > > Frederico’s workflow is the same as ours. I would love to
> > > > > > > > see
> > > > > >
> > > > > > > > something happen To improve this, the less time I spend in
> > > > > > > > Xcode,
> > > > > >
> > > > > > > > the happier I am
> > > > > >
> > > > > > > ;)
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > > >
> > > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > I can already get the ultimate .apk through "cordova build
> > > android
> > > > > >
> > > > > > > > --release", but I already have the required .properties
> > > > > > > > properly
> > > > > >
> > > > > > > configured
> > > > > >
> > > > > > > > in my platform/android folder, specifying the path and name
> > > > > > > > to my
> > > > > >
> > > > > > > > keystores. The "cordova build android --release" already
> > > > > > > > gives me
> > > > > >
> > > > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > > > play.google.com.
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > I have never, however, used cordova's CLI to build the final
> > > > > >
> > > > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > > > >
> > > > > > > > prepare", and use xCode
> > > > > >
> > > > > > > from
> > > > > >
> > > > > > > > then on to build, package, sign, and upload.
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN
> > > > > > > > TECH) <
> > > > > >
> > > > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > > How about a "cordova package" command, that would be for
> > > > > > > > > packaging
> > > > > >
> > > > > > > > > the
> > > > > >
> > > > > > > > app
> > > > > >
> > > > > > > > > for the store? Note that different platforms may have
> > > > > > > > > different
> > > > > >
> > > > > > > > > requirements for certs, signing etc. So it may make sense
> > > > > > > > > to
> > > > > >
> > > > > > > > > promote
> > > > > >
> > > > > > > this
> > > > > >
> > > > > > > > > to a different command and let each command take care of
> > > > > > > > > packaging
> > > > > >
> > > > > > > > > the
> > > > > >
> > > > > > > > app
> > > > > >
> > > > > > > > > for the store. This command will also mean that developers
> > > don’t
> > > > > >
> > > > > > > > > have
> > > > > >
> > > > > > > to
> > > > > >
> > > > > > > > go
> > > > > >
> > > > > > > > > over to the native projects when they finally want to
> > > > > > > > > publish
> > > > > >
> > > > > > > > > their
> > > > > >
> > > > > > > apps
> > > > > >
> > > > > > > > to
> > > > > >
> > > > > > > > > the store.
> > > > > >
> > > > > > > > >
> > > > > >
> > > > > > > > > -----Original Message-----
> > > > > >
> > > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > > >
> > > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > > >
> > > > > > > > > To: dev
> > > > > >
> > > > > > > > > Subject: Re: Build signed archives using CLI
> > > > > >
> > > > > > > > >
> > > > > >
> > > > > > > > > if you do:
> > > > > >
> > > > > > > > > Cordova build --release,
> > > > > >
> > > > > > > > > The blackberry10 platform will generate a signed image...
> > > > > >
> > > > > > > > >
> > > > > >
> > > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> > > > <mailto:
> > > > > > agrieve@chromium.org>> wrote:
> > > > > >
> > > > > > > > >
> > > > > >
> > > > > > > > > >AFAIK, I don't think there's any technical roadblocks.
> > > > > > > > > >Just need
> > > > > >
> > > > > > > > > >a proposal for how it should look, and then a patch &
> > > > > > > > > >docs to add
> > > > > > it!
> > > > > >
> > > > > > > > > >
> > > > > >
> > > > > > > > > >For Android's hot-off-the-press gradle support, you can
> > > > > > > > > >set an
> > > > > >
> > > > > > > > > >environment variable that points to a .properties file
> > > > > > > > > >for
> > > > > >
> > > > > > > > > >signing builds. This shows one way to go about it, but
> > > > > > > > > >I'm not in
> > > > > >
> > > > > > > > > >love with
> > > > > >
> > > > > > > the
> > > > > >
> > > > > > > > > .properties idea.
> > > > > >
> > > > > > > > > >
> > > > > >
> > > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > > >
> > > > > > > > > ><so...@gmail.com>>
> > > > > >
> > > > > > > > > >wrote:
> > > > > >
> > > > > > > > > >
> > > > > >
> > > > > > > > > >> Hi community.
> > > > > >
> > > > > > > > > >>
> > > > > >
> > > > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > > > >> command
> > > > > >
> > > > > > > > > >>does not create signed archives. Digging a little bit
> > > > > > > > > >>found a
> > > > > >
> > > > > > > > > >>lot of differences in the platforms to create these
> > archives.
> > > > > >
> > > > > > > > > >>
> > > > > >
> > > > > > > > > >> For instance, in Android you need to 1. Export your APK
> > > > > > > > > >> in
> > > > > >
> > > > > > > > > >> release mode (--release flag) 2. Sign your APK (you
> > > > > > > > > >> already
> > > > > >
> > > > > > > > > >> need a RSA key)
> > > > > >
> > > > > > > > > >>
> > > > > >
> > > > > > > > > >> In iOS, you need to:
> > > > > >
> > > > > > > > > >> 1. Export your APP using --device flag (--release seems
> > > > > > > > > >> to
> > > > > >
> > > > > > > > > >> export
> > > > > >
> > > > > > > for
> > > > > >
> > > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign
> > > > > > > > > >>the
> > > > > >
> > > > > > > > > >>archive or use xcrun (headless
> > > > > >
> > > > > > > > > >> process)
> > > > > >
> > > > > > > > > >>
> > > > > >
> > > > > > > > > >> Besides these differences, what is preventing Cordova
> > > > > > > > > >> from
> > > > > >
> > > > > > > > > >> providing a generic one-way to build these signed,
> > > > > > ready-to-publish archives?
> > > > > >
> > > > > > > > > >>
> > > > > >
> > > > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > > > >> appreciate your
> > > > > >
> > > > > > > > > >>insights on this topic
> > > > > >
> > > > > > > > > >>
> > > > > >
> > > > > > > > > >> Thanks!
> > > > > >
> > > > > > > > > >>
> > > > > >
> > > > > > > > > >> --
> > > > > >
> > > > > > > > > >> Victor Adrian Sosa Herrera
> > > > > >
> > > > > > > > > >> IBM Software Engineer
> > > > > >
> > > > > > > > > >> Guadalajara, Jalisco
> > > > > >
> > > > > > > > > >>
> > > > > >
> > > > > > > > >
> > > > > >
> > > > > > > > >
> > > > > >
> > > > > > > > >
> > > ----------------------------------------------------------------
> > > > > > > > > --
> > > > > >
> > > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > > <ma...@cordova.apache.org>
> > > > > >
> > > > > > > > > For additional commands, e-mail:
> > > > > > > > > dev-help@cordova.apache.org
> > > > > <mailto:
> > > > > > dev-help@cordova.apache.org>
> > > > > >
> > > > > > > > >
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > --
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > *Frederico Galvão*
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > Diretor de Tecnologia
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > PontoGet Inovação Web
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > ( +55(62) 8131-5720
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > > http://www.pontoget.com/>
> > > > > >
> > > > > > > >
> > > > > >
> > > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > >
> > > > > *Frederico Galvão*
> > > > >
> > > > > Diretor de Tecnologia
> > > > >
> > > > > PontoGet Inovação Web
> > > > >
> > > > >
> > > > > ( +55(62) 8131-5720
> > > > >
> > > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > > >
> > > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > For additional commands, e-mail: dev-help@cordova.apache.org
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > For additional commands, e-mail: dev-help@cordova.apache.org
> >
>
>
>
> --
> Carlos Santana
> <cs...@gmail.com>
>
>
>
> --
> Victor Adrian Sosa Herrera
> IBM Software Engineer
> Guadalajara, Jalisco
>
Fwd: Build signed archives using CLI
Posted by Victor Sosa <so...@gmail.com>.
Hello Cordova community
Curious to know where we stand about this topic. Even though this topic
looks to have significant impact on Cordova, Subhag has a document proposal
with little discussion activity.
I like Subhag's proposal, but I want to bring back the idea of a
prompt-less keychain.
Is anything else, besides what is depicted in the proposal, missing here?
Document:
https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit?usp=sharing
---------- Forwarded message ----------
From: Carlos Santana <cs...@gmail.com>
Date: 2014-10-15 12:42 GMT-05:00
Subject: Re: Build signed archives using CLI
To: "dev@cordova.apache.org" <de...@cordova.apache.org>
+1 on having a new command "cordova package" this will allow IBM tooling to
hook into before_package and after_package for our own customizations
(direct update, authenticity, etc..)
+1 on using sane defaults and not prompting (i.e. default keychain maybe
used and unlock already) if not found what we need then prompt or fail
+1 have some config/settings outside "platforms/" as I like to be transient
replaceable. using config.xml, something.json, or file conventions like
res/packaging/<platform>/ are all ok options.
On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak <Su...@microsoft.com> wrote:
> Here is the link to the proposal:
>
https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit?usp=sharing
> Jump on it people :)
>
> Subhag Oak | Senior Program Manager
> Visual Studio, Client Tools
> soak@microsoft.com
> 425 707 5598 office
>
> -----Original Message-----
> From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> Sent: Thursday, October 9, 2014 12:58 PM
> To: dev@cordova.apache.org
> Subject: RE: Build signed archives using CLI
>
> Adding to what Shazron said, isn't config.xml supposed to be considered
> as app-wide settings/properties? Typically packaging information is per
> platform and hence in my opinion, should be decoupled from config
settings.
> Jesse, I am working on a documentation that I will share out soon for the
> community to collaborate.
>
> Subhag Oak | Senior Program Manager
> Visual Studio, Client Tools
> soak@microsoft.com
> 425 707 5598 office
>
> -----Original Message-----
> From: Shazron [mailto:shazron@gmail.com]
> Sent: Thursday, October 9, 2014 12:02 PM
> To: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> Liking Subhag's proposal.
> Agree with Jesse on using conventions as a default plus config.xml -- with
> overrides/env-vars possible. The only caveat for including info in the
> config.xml is, the config.xml data is copied into the iOS platform and
will
> be included in the .app bundle, and will leak information (even though
> harmless, since it shouldn't contain passwords, etc) -- so maybe that is
> not desirable, using config.xml.
>
> We will need to provide the password each time at least for iOS, since we
> need to unlock the keychain for code signing.
>
>
>
>
>
>
>
>
> On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org>
> wrote:
>
> > The prompting is actually pretty appropriate here since passwords are
> > involved I think. I think also that keys will often not be checked
> > into source control, but maybe the best way to support that is to
> > allow multiple ways of specifying things (e.g. default to convention,
> > allow override via config.xml, allow override via command-line & env
> > variable as well)
> >
> > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
> >
> > > I am liking all of this.
> > > Are we ready to move this to an editable plaintext doc to collaborate
> on?
> > >
> > > I agree that we should take advantage of as much 'by-convention' as
> > > we
> > can,
> > > meaning things like `cordova package ios` defaults to a code sign
> > identity
> > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > >
> > > If it does not make sense as a convention, then I too would like to
> > > see
> > as
> > > much as possible done through config.xml as Fredrico points out, and
> > agree
> > > on picking the most consistent names possible.
> > >
> > > I would prefer that we do not prompt, and simply fail fast, given
> > > that tools will typically be consuming the cli. Or we should at
> > > least
> > provide a
> > > --noPrompt option. Anything prompt-able should be config.xml-able
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > @purplecabbage
> > > risingj.com
> > >
> > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com>
> > wrote:
> > >
> > > > One option here could be to build off of the idea of the "res"
> > > > folder
> > > that
> > > > is in the current samples for splashscreens and icons and
> > > > introduce something like "res/native". Files placed here would be
> > > > put into the native project folders "before_prepare" and would be
> > > > further enhanced
> > by
> > > > the plugin and build infrastructure. This would allow you to
> > > > place customized native assets that are unique to your project in
> > > > a place
> > that
> > > > you can check in and would be unaffected by an upgrade.
> > > >
> > > > Andrew's environment variable idea could also provide an alternate
> > means
> > > > to specify platform specific values (what Soak mentions in the { }).
> > > >
> > > > -Chuck
> > > >
> > > > -----Original Message-----
> > > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > Cc: dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > I agree with pretty much everything mentioned, but as far as I
> > > > know cordova is trying it's best to not depend on anything to be
> > > > in /platforms/<TARGET_PLATFORM>/. Having said that, the package
> > > > command
> > > should
> > > > always expect things to be in config.xml or something like that.
> > > >
> > > > Also, the closer we are in naming things to what they are already
> > > > known
> > > as
> > > > in the native platform, the better.
> > > >
> > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> > > >
> > > > > Hey Cordova community,
> > > > >
> > > > >
> > > > >
> > > > > I am Subhag Oak, senior program manager on the Visual Studio
> > > > > team working on VS tools for Multi device hybrid apps. In line
> > > > > with the discussion of having a generic Cordova ‘packaging’
> > > > > command for all platforms, here is one
> > > > > proposal:
> > > > >
> > > > >
> > > > >
> > > > > As we all know, packaging an application for deployment requires
> > extra
> > > > > steps that are specific to the native platforms. A new generic
> > > > > Cordova CLI ‘package’ command can perform these platform
> > > > > specific actions to generate a final signed package ready for
> deployment:
> > > > >
> > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > –-sign[location]
> > > > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > > > parameters within { } are platform specific overrides.
> > > > >
> > > > >
> > > > >
> > > > > If no platform is specified, the command will build packages for
> > > > > all platforms added.
> > > > >
> > > > >
> > > > >
> > > > > The values for –packageConfiguration are interpreted by the
> > respective
> > > > > platforms. For Android and Windows, the value can be debug or
> > release,
> > > > > with release being the default value. For iOS, the possible
> > > > > values are development, adhoc or store with development being
> > > > > the default value. The
> > > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > > specific signing arguments for specifying the location of
> > code-signing
> > > > > certificate, the provisioning profile or the code signing
> > > > > identity (certificates along with public and private keys)
> respectively.
> > > > >
> > > > >
> > > > >
> > > > > e.g:
> > > > >
> > > > > · ‘cordova package iOS’ would generate a signed ipa with
> > > > > development profile, using code signing identity defined in
> > > > build.xcconfig:
> > > > >
> > > > > // to list all installed iOS identities, run:
> > > > >
> > > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' |
> > > > > grep 'iPhone'
> > > > >
> > > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > > Identity with the right Provisioning // Profile plus
> > > > > Certificate, based on the app bundle id
> > > > >
> > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > >
> > > > >
> > > > >
> > > > > · ‘cordova package android’ would generate a release
signed
> > > using
> > > > > the packaging assets (keystore, alias and password) defined in
> > > > > the ant.properties files using the ANT build. This would be
> > > > > using gradle.propoerties once cordova changes to gradle build
> > > > > like the one Andrew mentions below.
> > > > >
> > > > >
> > > > >
> > > > > · ‘Cordova package windows’ would generate a signed APPX
> > > package.
> > > > > This will use the following tools in the Windows SDK:
> > > > >
> > > > > • An unsigned packaged Windows Store app, for
> > > example,
> > > > > an .APPX file created by using the app packager (MakeAppx.exe)
> > > > > tool
> > > > >
> > > > > • A valid code signing certificate, for
> example, a
> > > > > Personal Information Exchange (.pfx) file created with the
> > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > >
> > > > > • SignTool, which is part of the Windows SDK
> > > > >
> > > > >
> > > > >
> > > > > Here is how the package command should work. The proposal is to
> > > > > make the ‘package’ command work on convention (similar to the
> > > > > Cordova
> > build
> > > > > command) rather than config settings. The command would look out
> > > > > for packaging assets in the “platform\ [native-platform]” folder.
> > > > >
> > > > >
> > > > >
> > > > > For android, the contents of the ant.properties (keystore,
> > > > > password, alias and alias password) would be used for packaging.
> > > > > If any of
> > these
> > > > > properties is missing in ant.properties [or gradle.properties
> > > > > for gradle build] or if the file is missing, the command would
> > > > > prompt the user for these value at the command prompt. If the
> > > > > values provided
> > are
> > > > > invalid, the command would fail.
> > > > >
> > > > >
> > > > >
> > > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > > certificate and the provisioning profile to be used. The default
> > > > > build.xcconfig file is setup to handle different information by
> > > > > build profile based on the configuration defined in the command.
> > > > > Build.xcconfig can also support signing identities that tie the
> > > > > code-sign certificate with the provisioning profile.
> > > > >
> > > > >
> > > > >
> > > > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > > > explicit way to specify certs/profile for packaging for iOS
> > > > > (since
> > the
> > > > > build needs to happen on MAC agent) instead of the assets being
> > > > > defined in the build.xcconfig. One way to allow this is by using
> > > > > optional platform specific arguments to the package command like:
> > > > >
> > > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > >
> > > > > This command will run the xcrun command to generate a signed IPA
> > > > > with development provisioning profile.
> > > > >
> > > > >
> > > > >
> > > > > I would love to hear your comments, insights and feedback on
> > > > > this
> > > > proposal.
> > > > >
> > > > >
> > > > >
> > > > > Subhag Oak | Senior Program Manager
> > > > >
> > > > > Visual Studio, Client Tools
> > > > >
> > > > > soak@microsoft.com
> > > > >
> > > > > 425 707 5598 office
> > > > >
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf
> > > > > Of Andrew Grieve
> > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > To: Shazron
> > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > >
> > > > >
> > > > > For Android Gradle, what's in (and experimental) right now:
> > > > >
> > > > >
> > > > >
> > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to
> > > > > a .properties file that contains:
> > > > >
> > > > >
> > > > >
> > > > > storeFile=relative/path/to/keystore.p12
> > > > >
> > > > > storePassword=SECRET1
> > > > >
> > > > > storeType=pkcs12
> > > > >
> > > > > keyAlias=DebugSigningKey
> > > > >
> > > > > keyPassword=SECRET2
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Topics to discuss:
> > > > >
> > > > >
> > > > >
> > > > > 1) Combine platform info into one file, or leave separate?
> > > > >
> > > > > - Leaning towards together
> > > > >
> > > > > 2) have config.xml point to signing info?
> > > > >
> > > > > - I think no, since signing info you often want to not check in
> > > > > /
> > keep
> > > > > secure
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Strawman:
> > > > >
> > > > > If a file "cordova-keys.json" exists as a sibling to www/, then
> > > > > use it. It should look like:
> > > > >
> > > > > {
> > > > >
> > > > > "android": {
> > > > >
> > > > > "storeFile": "relative/path.p12"
> > > > >
> > > > > ...
> > > > >
> > > > > },
> > > > >
> > > > > "ios": {
> > > > >
> > > > > },
> > > > >
> > > > > ...
> > > > >
> > > > > }
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Android signs debug builds as well (not sure if other platforms
> > > > > do this too?), so maybe also allow
> > > > >
> > > > > "android-release" as an alias for "android", and
> > > > >
> > > > > "android-debug"
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > > > > shazron@gmail.com>> wrote:
> > > > >
> > > > >
> > > > >
> > > > > > I did open an issue for this two years ago:
> > > > >
> > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > >
> > > > > > and we did discuss this as well 2 yrs ago:
> > > > >
> > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > >
> > > > > >
> > > > >
> > > > > > Seems to be of great value - so let's get going on this ;) The
> > > > > > CLI has
> > > > >
> > > > > > (I think) matured more since then to allow this
> > > > >
> > > > > >
> > > > >
> > > > > >
> > > > >
> > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > >
> > > > > > <to...@devgeeks.org>>
> > > > >
> > > > > > wrote:
> > > > >
> > > > > >
> > > > >
> > > > > > > Frederico’s workflow is the same as ours. I would love to
> > > > > > > see
> > > > >
> > > > > > > something happen To improve this, the less time I spend in
> > > > > > > Xcode,
> > > > >
> > > > > > > the happier I am
> > > > >
> > > > > > ;)
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > >
> > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > >
> > > > > > >
> > > > >
> > > > > > > I can already get the ultimate .apk through "cordova build
> > android
> > > > >
> > > > > > > --release", but I already have the required .properties
> > > > > > > properly
> > > > >
> > > > > > configured
> > > > >
> > > > > > > in my platform/android folder, specifying the path and name
> > > > > > > to my
> > > > >
> > > > > > > keystores. The "cordova build android --release" already
> > > > > > > gives me
> > > > >
> > > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > > play.google.com.
> > > > >
> > > > > > >
> > > > >
> > > > > > > I have never, however, used cordova's CLI to build the final
> > > > >
> > > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > > >
> > > > > > > prepare", and use xCode
> > > > >
> > > > > > from
> > > > >
> > > > > > > then on to build, package, sign, and upload.
> > > > >
> > > > > > >
> > > > >
> > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN
> > > > > > > TECH) <
> > > > >
> > > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > > >
> > > > > > >
> > > > >
> > > > > > > > How about a "cordova package" command, that would be for
> > > > > > > > packaging
> > > > >
> > > > > > > > the
> > > > >
> > > > > > > app
> > > > >
> > > > > > > > for the store? Note that different platforms may have
> > > > > > > > different
> > > > >
> > > > > > > > requirements for certs, signing etc. So it may make sense
> > > > > > > > to
> > > > >
> > > > > > > > promote
> > > > >
> > > > > > this
> > > > >
> > > > > > > > to a different command and let each command take care of
> > > > > > > > packaging
> > > > >
> > > > > > > > the
> > > > >
> > > > > > > app
> > > > >
> > > > > > > > for the store. This command will also mean that developers
> > don’t
> > > > >
> > > > > > > > have
> > > > >
> > > > > > to
> > > > >
> > > > > > > go
> > > > >
> > > > > > > > over to the native projects when they finally want to
> > > > > > > > publish
> > > > >
> > > > > > > > their
> > > > >
> > > > > > apps
> > > > >
> > > > > > > to
> > > > >
> > > > > > > > the store.
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > -----Original Message-----
> > > > >
> > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > >
> > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > >
> > > > > > > > To: dev
> > > > >
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > if you do:
> > > > >
> > > > > > > > Cordova build --release,
> > > > >
> > > > > > > > The blackberry10 platform will generate a signed image...
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> > > <mailto:
> > > > > agrieve@chromium.org>> wrote:
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > >AFAIK, I don't think there's any technical roadblocks.
> > > > > > > > >Just need
> > > > >
> > > > > > > > >a proposal for how it should look, and then a patch &
> > > > > > > > >docs to add
> > > > > it!
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >For Android's hot-off-the-press gradle support, you can
> > > > > > > > >set an
> > > > >
> > > > > > > > >environment variable that points to a .properties file
> > > > > > > > >for
> > > > >
> > > > > > > > >signing builds. This shows one way to go about it, but
> > > > > > > > >I'm not in
> > > > >
> > > > > > > > >love with
> > > > >
> > > > > > the
> > > > >
> > > > > > > > .properties idea.
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > >
> > > > > > > > ><so...@gmail.com>>
> > > > >
> > > > > > > > >wrote:
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >> Hi community.
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > > >> command
> > > > >
> > > > > > > > >>does not create signed archives. Digging a little bit
> > > > > > > > >>found a
> > > > >
> > > > > > > > >>lot of differences in the platforms to create these
> archives.
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> For instance, in Android you need to 1. Export your APK
> > > > > > > > >> in
> > > > >
> > > > > > > > >> release mode (--release flag) 2. Sign your APK (you
> > > > > > > > >> already
> > > > >
> > > > > > > > >> need a RSA key)
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> In iOS, you need to:
> > > > >
> > > > > > > > >> 1. Export your APP using --device flag (--release seems
> > > > > > > > >> to
> > > > >
> > > > > > > > >> export
> > > > >
> > > > > > for
> > > > >
> > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign
> > > > > > > > >>the
> > > > >
> > > > > > > > >>archive or use xcrun (headless
> > > > >
> > > > > > > > >> process)
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Besides these differences, what is preventing Cordova
> > > > > > > > >> from
> > > > >
> > > > > > > > >> providing a generic one-way to build these signed,
> > > > > ready-to-publish archives?
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > > >> appreciate your
> > > > >
> > > > > > > > >>insights on this topic
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Thanks!
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> --
> > > > >
> > > > > > > > >> Victor Adrian Sosa Herrera
> > > > >
> > > > > > > > >> IBM Software Engineer
> > > > >
> > > > > > > > >> Guadalajara, Jalisco
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > >
> > > > >
> > > > > > > >
> > > > >
> > > > > > > >
> > ----------------------------------------------------------------
> > > > > > > > --
> > > > >
> > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > <ma...@cordova.apache.org>
> > > > >
> > > > > > > > For additional commands, e-mail:
> > > > > > > > dev-help@cordova.apache.org
> > > > <mailto:
> > > > > dev-help@cordova.apache.org>
> > > > >
> > > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > --
> > > > >
> > > > > > >
> > > > >
> > > > > > > *Frederico Galvão*
> > > > >
> > > > > > >
> > > > >
> > > > > > > Diretor de Tecnologia
> > > > >
> > > > > > >
> > > > >
> > > > > > > PontoGet Inovação Web
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > ( +55(62) 8131-5720
> > > > >
> > > > > > >
> > > > >
> > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > http://www.pontoget.com/>
> > > > >
> > > > > > >
> > > > >
> > > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > >
> > > > *Frederico Galvão*
> > > >
> > > > Diretor de Tecnologia
> > > >
> > > > PontoGet Inovação Web
> > > >
> > > >
> > > > ( +55(62) 8131-5720
> > > >
> > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > >
> > >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> For additional commands, e-mail: dev-help@cordova.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> For additional commands, e-mail: dev-help@cordova.apache.org
>
--
Carlos Santana
<cs...@gmail.com>
--
Victor Adrian Sosa Herrera
IBM Software Engineer
Guadalajara, Jalisco
Re: Build signed archives using CLI
Posted by Carlos Santana <cs...@gmail.com>.
+1 on having a new command "cordova package" this will allow IBM tooling to
hook into before_package and after_package for our own customizations
(direct update, authenticity, etc..)
+1 on using sane defaults and not prompting (i.e. default keychain maybe
used and unlock already) if not found what we need then prompt or fail
+1 have some config/settings outside "platforms/" as I like to be transient
replaceable. using config.xml, something.json, or file conventions like
res/packaging/<platform>/ are all ok options.
On Thu, Oct 9, 2014 at 5:16 PM, Subhag Oak <Su...@microsoft.com> wrote:
> Here is the link to the proposal:
> https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit?usp=sharing
> Jump on it people :)
>
> Subhag Oak | Senior Program Manager
> Visual Studio, Client Tools
> soak@microsoft.com
> 425 707 5598 office
>
> -----Original Message-----
> From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
> Sent: Thursday, October 9, 2014 12:58 PM
> To: dev@cordova.apache.org
> Subject: RE: Build signed archives using CLI
>
> Adding to what Shazron said, isn't config.xml supposed to be considered
> as app-wide settings/properties? Typically packaging information is per
> platform and hence in my opinion, should be decoupled from config settings.
> Jesse, I am working on a documentation that I will share out soon for the
> community to collaborate.
>
> Subhag Oak | Senior Program Manager
> Visual Studio, Client Tools
> soak@microsoft.com
> 425 707 5598 office
>
> -----Original Message-----
> From: Shazron [mailto:shazron@gmail.com]
> Sent: Thursday, October 9, 2014 12:02 PM
> To: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> Liking Subhag's proposal.
> Agree with Jesse on using conventions as a default plus config.xml -- with
> overrides/env-vars possible. The only caveat for including info in the
> config.xml is, the config.xml data is copied into the iOS platform and will
> be included in the .app bundle, and will leak information (even though
> harmless, since it shouldn't contain passwords, etc) -- so maybe that is
> not desirable, using config.xml.
>
> We will need to provide the password each time at least for iOS, since we
> need to unlock the keychain for code signing.
>
>
>
>
>
>
>
>
> On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org>
> wrote:
>
> > The prompting is actually pretty appropriate here since passwords are
> > involved I think. I think also that keys will often not be checked
> > into source control, but maybe the best way to support that is to
> > allow multiple ways of specifying things (e.g. default to convention,
> > allow override via config.xml, allow override via command-line & env
> > variable as well)
> >
> > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
> >
> > > I am liking all of this.
> > > Are we ready to move this to an editable plaintext doc to collaborate
> on?
> > >
> > > I agree that we should take advantage of as much 'by-convention' as
> > > we
> > can,
> > > meaning things like `cordova package ios` defaults to a code sign
> > identity
> > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > >
> > > If it does not make sense as a convention, then I too would like to
> > > see
> > as
> > > much as possible done through config.xml as Fredrico points out, and
> > agree
> > > on picking the most consistent names possible.
> > >
> > > I would prefer that we do not prompt, and simply fail fast, given
> > > that tools will typically be consuming the cli. Or we should at
> > > least
> > provide a
> > > --noPrompt option. Anything prompt-able should be config.xml-able
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > @purplecabbage
> > > risingj.com
> > >
> > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com>
> > wrote:
> > >
> > > > One option here could be to build off of the idea of the "res"
> > > > folder
> > > that
> > > > is in the current samples for splashscreens and icons and
> > > > introduce something like "res/native". Files placed here would be
> > > > put into the native project folders "before_prepare" and would be
> > > > further enhanced
> > by
> > > > the plugin and build infrastructure. This would allow you to
> > > > place customized native assets that are unique to your project in
> > > > a place
> > that
> > > > you can check in and would be unaffected by an upgrade.
> > > >
> > > > Andrew's environment variable idea could also provide an alternate
> > means
> > > > to specify platform specific values (what Soak mentions in the { }).
> > > >
> > > > -Chuck
> > > >
> > > > -----Original Message-----
> > > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > Cc: dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > I agree with pretty much everything mentioned, but as far as I
> > > > know cordova is trying it's best to not depend on anything to be
> > > > in /platforms/<TARGET_PLATFORM>/. Having said that, the package
> > > > command
> > > should
> > > > always expect things to be in config.xml or something like that.
> > > >
> > > > Also, the closer we are in naming things to what they are already
> > > > known
> > > as
> > > > in the native platform, the better.
> > > >
> > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> > > >
> > > > > Hey Cordova community,
> > > > >
> > > > >
> > > > >
> > > > > I am Subhag Oak, senior program manager on the Visual Studio
> > > > > team working on VS tools for Multi device hybrid apps. In line
> > > > > with the discussion of having a generic Cordova ‘packaging’
> > > > > command for all platforms, here is one
> > > > > proposal:
> > > > >
> > > > >
> > > > >
> > > > > As we all know, packaging an application for deployment requires
> > extra
> > > > > steps that are specific to the native platforms. A new generic
> > > > > Cordova CLI ‘package’ command can perform these platform
> > > > > specific actions to generate a final signed package ready for
> deployment:
> > > > >
> > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > –-sign[location]
> > > > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > > > parameters within { } are platform specific overrides.
> > > > >
> > > > >
> > > > >
> > > > > If no platform is specified, the command will build packages for
> > > > > all platforms added.
> > > > >
> > > > >
> > > > >
> > > > > The values for –packageConfiguration are interpreted by the
> > respective
> > > > > platforms. For Android and Windows, the value can be debug or
> > release,
> > > > > with release being the default value. For iOS, the possible
> > > > > values are development, adhoc or store with development being
> > > > > the default value. The
> > > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > > specific signing arguments for specifying the location of
> > code-signing
> > > > > certificate, the provisioning profile or the code signing
> > > > > identity (certificates along with public and private keys)
> respectively.
> > > > >
> > > > >
> > > > >
> > > > > e.g:
> > > > >
> > > > > · ‘cordova package iOS’ would generate a signed ipa with
> > > > > development profile, using code signing identity defined in
> > > > build.xcconfig:
> > > > >
> > > > > // to list all installed iOS identities, run:
> > > > >
> > > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' |
> > > > > grep 'iPhone'
> > > > >
> > > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > > Identity with the right Provisioning // Profile plus
> > > > > Certificate, based on the app bundle id
> > > > >
> > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > >
> > > > >
> > > > >
> > > > > · ‘cordova package android’ would generate a release signed
> > > using
> > > > > the packaging assets (keystore, alias and password) defined in
> > > > > the ant.properties files using the ANT build. This would be
> > > > > using gradle.propoerties once cordova changes to gradle build
> > > > > like the one Andrew mentions below.
> > > > >
> > > > >
> > > > >
> > > > > · ‘Cordova package windows’ would generate a signed APPX
> > > package.
> > > > > This will use the following tools in the Windows SDK:
> > > > >
> > > > > • An unsigned packaged Windows Store app, for
> > > example,
> > > > > an .APPX file created by using the app packager (MakeAppx.exe)
> > > > > tool
> > > > >
> > > > > • A valid code signing certificate, for
> example, a
> > > > > Personal Information Exchange (.pfx) file created with the
> > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > >
> > > > > • SignTool, which is part of the Windows SDK
> > > > >
> > > > >
> > > > >
> > > > > Here is how the package command should work. The proposal is to
> > > > > make the ‘package’ command work on convention (similar to the
> > > > > Cordova
> > build
> > > > > command) rather than config settings. The command would look out
> > > > > for packaging assets in the “platform\ [native-platform]” folder.
> > > > >
> > > > >
> > > > >
> > > > > For android, the contents of the ant.properties (keystore,
> > > > > password, alias and alias password) would be used for packaging.
> > > > > If any of
> > these
> > > > > properties is missing in ant.properties [or gradle.properties
> > > > > for gradle build] or if the file is missing, the command would
> > > > > prompt the user for these value at the command prompt. If the
> > > > > values provided
> > are
> > > > > invalid, the command would fail.
> > > > >
> > > > >
> > > > >
> > > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > > certificate and the provisioning profile to be used. The default
> > > > > build.xcconfig file is setup to handle different information by
> > > > > build profile based on the configuration defined in the command.
> > > > > Build.xcconfig can also support signing identities that tie the
> > > > > code-sign certificate with the provisioning profile.
> > > > >
> > > > >
> > > > >
> > > > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > > > explicit way to specify certs/profile for packaging for iOS
> > > > > (since
> > the
> > > > > build needs to happen on MAC agent) instead of the assets being
> > > > > defined in the build.xcconfig. One way to allow this is by using
> > > > > optional platform specific arguments to the package command like:
> > > > >
> > > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> > > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > > >
> > > > > This command will run the xcrun command to generate a signed IPA
> > > > > with development provisioning profile.
> > > > >
> > > > >
> > > > >
> > > > > I would love to hear your comments, insights and feedback on
> > > > > this
> > > > proposal.
> > > > >
> > > > >
> > > > >
> > > > > Subhag Oak | Senior Program Manager
> > > > >
> > > > > Visual Studio, Client Tools
> > > > >
> > > > > soak@microsoft.com
> > > > >
> > > > > 425 707 5598 office
> > > > >
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf
> > > > > Of Andrew Grieve
> > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > To: Shazron
> > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > >
> > > > >
> > > > > For Android Gradle, what's in (and experimental) right now:
> > > > >
> > > > >
> > > > >
> > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to
> > > > > a .properties file that contains:
> > > > >
> > > > >
> > > > >
> > > > > storeFile=relative/path/to/keystore.p12
> > > > >
> > > > > storePassword=SECRET1
> > > > >
> > > > > storeType=pkcs12
> > > > >
> > > > > keyAlias=DebugSigningKey
> > > > >
> > > > > keyPassword=SECRET2
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Topics to discuss:
> > > > >
> > > > >
> > > > >
> > > > > 1) Combine platform info into one file, or leave separate?
> > > > >
> > > > > - Leaning towards together
> > > > >
> > > > > 2) have config.xml point to signing info?
> > > > >
> > > > > - I think no, since signing info you often want to not check in
> > > > > /
> > keep
> > > > > secure
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Strawman:
> > > > >
> > > > > If a file "cordova-keys.json" exists as a sibling to www/, then
> > > > > use it. It should look like:
> > > > >
> > > > > {
> > > > >
> > > > > "android": {
> > > > >
> > > > > "storeFile": "relative/path.p12"
> > > > >
> > > > > ...
> > > > >
> > > > > },
> > > > >
> > > > > "ios": {
> > > > >
> > > > > },
> > > > >
> > > > > ...
> > > > >
> > > > > }
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Android signs debug builds as well (not sure if other platforms
> > > > > do this too?), so maybe also allow
> > > > >
> > > > > "android-release" as an alias for "android", and
> > > > >
> > > > > "android-debug"
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > > > > shazron@gmail.com>> wrote:
> > > > >
> > > > >
> > > > >
> > > > > > I did open an issue for this two years ago:
> > > > >
> > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > >
> > > > > > and we did discuss this as well 2 yrs ago:
> > > > >
> > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > >
> > > > > >
> > > > >
> > > > > > Seems to be of great value - so let's get going on this ;) The
> > > > > > CLI has
> > > > >
> > > > > > (I think) matured more since then to allow this
> > > > >
> > > > > >
> > > > >
> > > > > >
> > > > >
> > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > >
> > > > > > <to...@devgeeks.org>>
> > > > >
> > > > > > wrote:
> > > > >
> > > > > >
> > > > >
> > > > > > > Frederico’s workflow is the same as ours. I would love to
> > > > > > > see
> > > > >
> > > > > > > something happen To improve this, the less time I spend in
> > > > > > > Xcode,
> > > > >
> > > > > > > the happier I am
> > > > >
> > > > > > ;)
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > >
> > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > >
> > > > > > >
> > > > >
> > > > > > > I can already get the ultimate .apk through "cordova build
> > android
> > > > >
> > > > > > > --release", but I already have the required .properties
> > > > > > > properly
> > > > >
> > > > > > configured
> > > > >
> > > > > > > in my platform/android folder, specifying the path and name
> > > > > > > to my
> > > > >
> > > > > > > keystores. The "cordova build android --release" already
> > > > > > > gives me
> > > > >
> > > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > > play.google.com.
> > > > >
> > > > > > >
> > > > >
> > > > > > > I have never, however, used cordova's CLI to build the final
> > > > >
> > > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > > >
> > > > > > > prepare", and use xCode
> > > > >
> > > > > > from
> > > > >
> > > > > > > then on to build, package, sign, and upload.
> > > > >
> > > > > > >
> > > > >
> > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN
> > > > > > > TECH) <
> > > > >
> > > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > > >
> > > > > > >
> > > > >
> > > > > > > > How about a "cordova package" command, that would be for
> > > > > > > > packaging
> > > > >
> > > > > > > > the
> > > > >
> > > > > > > app
> > > > >
> > > > > > > > for the store? Note that different platforms may have
> > > > > > > > different
> > > > >
> > > > > > > > requirements for certs, signing etc. So it may make sense
> > > > > > > > to
> > > > >
> > > > > > > > promote
> > > > >
> > > > > > this
> > > > >
> > > > > > > > to a different command and let each command take care of
> > > > > > > > packaging
> > > > >
> > > > > > > > the
> > > > >
> > > > > > > app
> > > > >
> > > > > > > > for the store. This command will also mean that developers
> > don’t
> > > > >
> > > > > > > > have
> > > > >
> > > > > > to
> > > > >
> > > > > > > go
> > > > >
> > > > > > > > over to the native projects when they finally want to
> > > > > > > > publish
> > > > >
> > > > > > > > their
> > > > >
> > > > > > apps
> > > > >
> > > > > > > to
> > > > >
> > > > > > > > the store.
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > -----Original Message-----
> > > > >
> > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > >
> > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > >
> > > > > > > > To: dev
> > > > >
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > if you do:
> > > > >
> > > > > > > > Cordova build --release,
> > > > >
> > > > > > > > The blackberry10 platform will generate a signed image...
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> > > <mailto:
> > > > > agrieve@chromium.org>> wrote:
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > >AFAIK, I don't think there's any technical roadblocks.
> > > > > > > > >Just need
> > > > >
> > > > > > > > >a proposal for how it should look, and then a patch &
> > > > > > > > >docs to add
> > > > > it!
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >For Android's hot-off-the-press gradle support, you can
> > > > > > > > >set an
> > > > >
> > > > > > > > >environment variable that points to a .properties file
> > > > > > > > >for
> > > > >
> > > > > > > > >signing builds. This shows one way to go about it, but
> > > > > > > > >I'm not in
> > > > >
> > > > > > > > >love with
> > > > >
> > > > > > the
> > > > >
> > > > > > > > .properties idea.
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > >
> > > > > > > > ><so...@gmail.com>>
> > > > >
> > > > > > > > >wrote:
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >> Hi community.
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > > >> command
> > > > >
> > > > > > > > >>does not create signed archives. Digging a little bit
> > > > > > > > >>found a
> > > > >
> > > > > > > > >>lot of differences in the platforms to create these
> archives.
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> For instance, in Android you need to 1. Export your APK
> > > > > > > > >> in
> > > > >
> > > > > > > > >> release mode (--release flag) 2. Sign your APK (you
> > > > > > > > >> already
> > > > >
> > > > > > > > >> need a RSA key)
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> In iOS, you need to:
> > > > >
> > > > > > > > >> 1. Export your APP using --device flag (--release seems
> > > > > > > > >> to
> > > > >
> > > > > > > > >> export
> > > > >
> > > > > > for
> > > > >
> > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign
> > > > > > > > >>the
> > > > >
> > > > > > > > >>archive or use xcrun (headless
> > > > >
> > > > > > > > >> process)
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Besides these differences, what is preventing Cordova
> > > > > > > > >> from
> > > > >
> > > > > > > > >> providing a generic one-way to build these signed,
> > > > > ready-to-publish archives?
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > > >> appreciate your
> > > > >
> > > > > > > > >>insights on this topic
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Thanks!
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> --
> > > > >
> > > > > > > > >> Victor Adrian Sosa Herrera
> > > > >
> > > > > > > > >> IBM Software Engineer
> > > > >
> > > > > > > > >> Guadalajara, Jalisco
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > >
> > > > >
> > > > > > > >
> > > > >
> > > > > > > >
> > ----------------------------------------------------------------
> > > > > > > > --
> > > > >
> > > > > > > > --- To unsubscribe, e-mail:
> > > > > > > > dev-unsubscribe@cordova.apache.org
> > > > > <ma...@cordova.apache.org>
> > > > >
> > > > > > > > For additional commands, e-mail:
> > > > > > > > dev-help@cordova.apache.org
> > > > <mailto:
> > > > > dev-help@cordova.apache.org>
> > > > >
> > > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > --
> > > > >
> > > > > > >
> > > > >
> > > > > > > *Frederico Galvão*
> > > > >
> > > > > > >
> > > > >
> > > > > > > Diretor de Tecnologia
> > > > >
> > > > > > >
> > > > >
> > > > > > > PontoGet Inovação Web
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > ( +55(62) 8131-5720
> > > > >
> > > > > > >
> > > > >
> > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > http://www.pontoget.com/>
> > > > >
> > > > > > >
> > > > >
> > > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > >
> > > > *Frederico Galvão*
> > > >
> > > > Diretor de Tecnologia
> > > >
> > > > PontoGet Inovação Web
> > > >
> > > >
> > > > ( +55(62) 8131-5720
> > > >
> > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > >
> > >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> For additional commands, e-mail: dev-help@cordova.apache.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> For additional commands, e-mail: dev-help@cordova.apache.org
>
--
Carlos Santana
<cs...@gmail.com>
RE: Build signed archives using CLI
Posted by Subhag Oak <Su...@microsoft.com>.
Here is the link to the proposal: https://docs.google.com/document/d/1tJQ9OoGrrMhZcLI3mg46rGzAfbiQu9PuNBL1auAMGFM/edit?usp=sharing
Jump on it people :)
Subhag Oak | Senior Program Manager
Visual Studio, Client Tools
soak@microsoft.com
425 707 5598 office
-----Original Message-----
From: Subhag Oak [mailto:Subhag.Oak@microsoft.com]
Sent: Thursday, October 9, 2014 12:58 PM
To: dev@cordova.apache.org
Subject: RE: Build signed archives using CLI
Adding to what Shazron said, isn't config.xml supposed to be considered as app-wide settings/properties? Typically packaging information is per platform and hence in my opinion, should be decoupled from config settings.
Jesse, I am working on a documentation that I will share out soon for the community to collaborate.
Subhag Oak | Senior Program Manager
Visual Studio, Client Tools
soak@microsoft.com
425 707 5598 office
-----Original Message-----
From: Shazron [mailto:shazron@gmail.com]
Sent: Thursday, October 9, 2014 12:02 PM
To: dev@cordova.apache.org
Subject: Re: Build signed archives using CLI
Liking Subhag's proposal.
Agree with Jesse on using conventions as a default plus config.xml -- with overrides/env-vars possible. The only caveat for including info in the config.xml is, the config.xml data is copied into the iOS platform and will be included in the .app bundle, and will leak information (even though harmless, since it shouldn't contain passwords, etc) -- so maybe that is not desirable, using config.xml.
We will need to provide the password each time at least for iOS, since we need to unlock the keychain for code signing.
On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org> wrote:
> The prompting is actually pretty appropriate here since passwords are
> involved I think. I think also that keys will often not be checked
> into source control, but maybe the best way to support that is to
> allow multiple ways of specifying things (e.g. default to convention,
> allow override via config.xml, allow override via command-line & env
> variable as well)
>
> On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
>
> > I am liking all of this.
> > Are we ready to move this to an editable plaintext doc to collaborate on?
> >
> > I agree that we should take advantage of as much 'by-convention' as
> > we
> can,
> > meaning things like `cordova package ios` defaults to a code sign
> identity
> > of 'iPhone Developer' and signs based on app-bundle-id, ...
> >
> > If it does not make sense as a convention, then I too would like to
> > see
> as
> > much as possible done through config.xml as Fredrico points out, and
> agree
> > on picking the most consistent names possible.
> >
> > I would prefer that we do not prompt, and simply fail fast, given
> > that tools will typically be consuming the cli. Or we should at
> > least
> provide a
> > --noPrompt option. Anything prompt-able should be config.xml-able
> >
> >
> >
> >
> >
> >
> >
> >
> > @purplecabbage
> > risingj.com
> >
> > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com>
> wrote:
> >
> > > One option here could be to build off of the idea of the "res"
> > > folder
> > that
> > > is in the current samples for splashscreens and icons and
> > > introduce something like "res/native". Files placed here would be
> > > put into the native project folders "before_prepare" and would be
> > > further enhanced
> by
> > > the plugin and build infrastructure. This would allow you to
> > > place customized native assets that are unique to your project in
> > > a place
> that
> > > you can check in and would be unaffected by an upgrade.
> > >
> > > Andrew's environment variable idea could also provide an alternate
> means
> > > to specify platform specific values (what Soak mentions in the { }).
> > >
> > > -Chuck
> > >
> > > -----Original Message-----
> > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > Sent: Thursday, October 9, 2014 10:33 AM
> > > Cc: dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > > I agree with pretty much everything mentioned, but as far as I
> > > know cordova is trying it's best to not depend on anything to be
> > > in /platforms/<TARGET_PLATFORM>/. Having said that, the package
> > > command
> > should
> > > always expect things to be in config.xml or something like that.
> > >
> > > Also, the closer we are in naming things to what they are already
> > > known
> > as
> > > in the native platform, the better.
> > >
> > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> > >
> > > > Hey Cordova community,
> > > >
> > > >
> > > >
> > > > I am Subhag Oak, senior program manager on the Visual Studio
> > > > team working on VS tools for Multi device hybrid apps. In line
> > > > with the discussion of having a generic Cordova ‘packaging’
> > > > command for all platforms, here is one
> > > > proposal:
> > > >
> > > >
> > > >
> > > > As we all know, packaging an application for deployment requires
> extra
> > > > steps that are specific to the native platforms. A new generic
> > > > Cordova CLI ‘package’ command can perform these platform
> > > > specific actions to generate a final signed package ready for deployment:
> > > >
> > > > cordova package [platform] [--packageConfiguration] {--
> > > > –-sign[location]
> > > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > > parameters within { } are platform specific overrides.
> > > >
> > > >
> > > >
> > > > If no platform is specified, the command will build packages for
> > > > all platforms added.
> > > >
> > > >
> > > >
> > > > The values for –packageConfiguration are interpreted by the
> respective
> > > > platforms. For Android and Windows, the value can be debug or
> release,
> > > > with release being the default value. For iOS, the possible
> > > > values are development, adhoc or store with development being
> > > > the default value. The
> > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > specific signing arguments for specifying the location of
> code-signing
> > > > certificate, the provisioning profile or the code signing
> > > > identity (certificates along with public and private keys) respectively.
> > > >
> > > >
> > > >
> > > > e.g:
> > > >
> > > > · ‘cordova package iOS’ would generate a signed ipa with
> > > > development profile, using code signing identity defined in
> > > build.xcconfig:
> > > >
> > > > // to list all installed iOS identities, run:
> > > >
> > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' |
> > > > grep 'iPhone'
> > > >
> > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > Identity with the right Provisioning // Profile plus
> > > > Certificate, based on the app bundle id
> > > >
> > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > >
> > > >
> > > >
> > > > · ‘cordova package android’ would generate a release signed
> > using
> > > > the packaging assets (keystore, alias and password) defined in
> > > > the ant.properties files using the ANT build. This would be
> > > > using gradle.propoerties once cordova changes to gradle build
> > > > like the one Andrew mentions below.
> > > >
> > > >
> > > >
> > > > · ‘Cordova package windows’ would generate a signed APPX
> > package.
> > > > This will use the following tools in the Windows SDK:
> > > >
> > > > • An unsigned packaged Windows Store app, for
> > example,
> > > > an .APPX file created by using the app packager (MakeAppx.exe)
> > > > tool
> > > >
> > > > • A valid code signing certificate, for example, a
> > > > Personal Information Exchange (.pfx) file created with the
> > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > >
> > > > • SignTool, which is part of the Windows SDK
> > > >
> > > >
> > > >
> > > > Here is how the package command should work. The proposal is to
> > > > make the ‘package’ command work on convention (similar to the
> > > > Cordova
> build
> > > > command) rather than config settings. The command would look out
> > > > for packaging assets in the “platform\ [native-platform]” folder.
> > > >
> > > >
> > > >
> > > > For android, the contents of the ant.properties (keystore,
> > > > password, alias and alias password) would be used for packaging.
> > > > If any of
> these
> > > > properties is missing in ant.properties [or gradle.properties
> > > > for gradle build] or if the file is missing, the command would
> > > > prompt the user for these value at the command prompt. If the
> > > > values provided
> are
> > > > invalid, the command would fail.
> > > >
> > > >
> > > >
> > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > certificate and the provisioning profile to be used. The default
> > > > build.xcconfig file is setup to handle different information by
> > > > build profile based on the configuration defined in the command.
> > > > Build.xcconfig can also support signing identities that tie the
> > > > code-sign certificate with the provisioning profile.
> > > >
> > > >
> > > >
> > > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > > explicit way to specify certs/profile for packaging for iOS
> > > > (since
> the
> > > > build needs to happen on MAC agent) instead of the assets being
> > > > defined in the build.xcconfig. One way to allow this is by using
> > > > optional platform specific arguments to the package command like:
> > > >
> > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > >
> > > > This command will run the xcrun command to generate a signed IPA
> > > > with development provisioning profile.
> > > >
> > > >
> > > >
> > > > I would love to hear your comments, insights and feedback on
> > > > this
> > > proposal.
> > > >
> > > >
> > > >
> > > > Subhag Oak | Senior Program Manager
> > > >
> > > > Visual Studio, Client Tools
> > > >
> > > > soak@microsoft.com
> > > >
> > > > 425 707 5598 office
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf
> > > > Of Andrew Grieve
> > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > To: Shazron
> > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > >
> > > >
> > > > For Android Gradle, what's in (and experimental) right now:
> > > >
> > > >
> > > >
> > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to
> > > > a .properties file that contains:
> > > >
> > > >
> > > >
> > > > storeFile=relative/path/to/keystore.p12
> > > >
> > > > storePassword=SECRET1
> > > >
> > > > storeType=pkcs12
> > > >
> > > > keyAlias=DebugSigningKey
> > > >
> > > > keyPassword=SECRET2
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Topics to discuss:
> > > >
> > > >
> > > >
> > > > 1) Combine platform info into one file, or leave separate?
> > > >
> > > > - Leaning towards together
> > > >
> > > > 2) have config.xml point to signing info?
> > > >
> > > > - I think no, since signing info you often want to not check in
> > > > /
> keep
> > > > secure
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Strawman:
> > > >
> > > > If a file "cordova-keys.json" exists as a sibling to www/, then
> > > > use it. It should look like:
> > > >
> > > > {
> > > >
> > > > "android": {
> > > >
> > > > "storeFile": "relative/path.p12"
> > > >
> > > > ...
> > > >
> > > > },
> > > >
> > > > "ios": {
> > > >
> > > > },
> > > >
> > > > ...
> > > >
> > > > }
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Android signs debug builds as well (not sure if other platforms
> > > > do this too?), so maybe also allow
> > > >
> > > > "android-release" as an alias for "android", and
> > > >
> > > > "android-debug"
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > > > shazron@gmail.com>> wrote:
> > > >
> > > >
> > > >
> > > > > I did open an issue for this two years ago:
> > > >
> > > > > https://issues.apache.org/jira/browse/CB-1369
> > > >
> > > > > and we did discuss this as well 2 yrs ago:
> > > >
> > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > >
> > > > >
> > > >
> > > > > Seems to be of great value - so let's get going on this ;) The
> > > > > CLI has
> > > >
> > > > > (I think) matured more since then to allow this
> > > >
> > > > >
> > > >
> > > > >
> > > >
> > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > >
> > > > > <to...@devgeeks.org>>
> > > >
> > > > > wrote:
> > > >
> > > > >
> > > >
> > > > > > Frederico’s workflow is the same as ours. I would love to
> > > > > > see
> > > >
> > > > > > something happen To improve this, the less time I spend in
> > > > > > Xcode,
> > > >
> > > > > > the happier I am
> > > >
> > > > > ;)
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > >
> > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > frederico.galvao@pontoget.com.br>) wrote:
> > > >
> > > > > >
> > > >
> > > > > > I can already get the ultimate .apk through "cordova build
> android
> > > >
> > > > > > --release", but I already have the required .properties
> > > > > > properly
> > > >
> > > > > configured
> > > >
> > > > > > in my platform/android folder, specifying the path and name
> > > > > > to my
> > > >
> > > > > > keystores. The "cordova build android --release" already
> > > > > > gives me
> > > >
> > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > play.google.com.
> > > >
> > > > > >
> > > >
> > > > > > I have never, however, used cordova's CLI to build the final
> > > >
> > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > >
> > > > > > prepare", and use xCode
> > > >
> > > > > from
> > > >
> > > > > > then on to build, package, sign, and upload.
> > > >
> > > > > >
> > > >
> > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN
> > > > > > TECH) <
> > > >
> > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > >
> > > > > >
> > > >
> > > > > > > How about a "cordova package" command, that would be for
> > > > > > > packaging
> > > >
> > > > > > > the
> > > >
> > > > > > app
> > > >
> > > > > > > for the store? Note that different platforms may have
> > > > > > > different
> > > >
> > > > > > > requirements for certs, signing etc. So it may make sense
> > > > > > > to
> > > >
> > > > > > > promote
> > > >
> > > > > this
> > > >
> > > > > > > to a different command and let each command take care of
> > > > > > > packaging
> > > >
> > > > > > > the
> > > >
> > > > > > app
> > > >
> > > > > > > for the store. This command will also mean that developers
> don’t
> > > >
> > > > > > > have
> > > >
> > > > > to
> > > >
> > > > > > go
> > > >
> > > > > > > over to the native projects when they finally want to
> > > > > > > publish
> > > >
> > > > > > > their
> > > >
> > > > > apps
> > > >
> > > > > > to
> > > >
> > > > > > > the store.
> > > >
> > > > > > >
> > > >
> > > > > > > -----Original Message-----
> > > >
> > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > >
> > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > >
> > > > > > > To: dev
> > > >
> > > > > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > > > >
> > > >
> > > > > > > if you do:
> > > >
> > > > > > > Cordova build --release,
> > > >
> > > > > > > The blackberry10 platform will generate a signed image...
> > > >
> > > > > > >
> > > >
> > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> > <mailto:
> > > > agrieve@chromium.org>> wrote:
> > > >
> > > > > > >
> > > >
> > > > > > > >AFAIK, I don't think there's any technical roadblocks.
> > > > > > > >Just need
> > > >
> > > > > > > >a proposal for how it should look, and then a patch &
> > > > > > > >docs to add
> > > > it!
> > > >
> > > > > > > >
> > > >
> > > > > > > >For Android's hot-off-the-press gradle support, you can
> > > > > > > >set an
> > > >
> > > > > > > >environment variable that points to a .properties file
> > > > > > > >for
> > > >
> > > > > > > >signing builds. This shows one way to go about it, but
> > > > > > > >I'm not in
> > > >
> > > > > > > >love with
> > > >
> > > > > the
> > > >
> > > > > > > .properties idea.
> > > >
> > > > > > > >
> > > >
> > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > >
> > > > > > > ><so...@gmail.com>>
> > > >
> > > > > > > >wrote:
> > > >
> > > > > > > >
> > > >
> > > > > > > >> Hi community.
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > >> command
> > > >
> > > > > > > >>does not create signed archives. Digging a little bit
> > > > > > > >>found a
> > > >
> > > > > > > >>lot of differences in the platforms to create these archives.
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> For instance, in Android you need to 1. Export your APK
> > > > > > > >> in
> > > >
> > > > > > > >> release mode (--release flag) 2. Sign your APK (you
> > > > > > > >> already
> > > >
> > > > > > > >> need a RSA key)
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> In iOS, you need to:
> > > >
> > > > > > > >> 1. Export your APP using --device flag (--release seems
> > > > > > > >> to
> > > >
> > > > > > > >> export
> > > >
> > > > > for
> > > >
> > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign
> > > > > > > >>the
> > > >
> > > > > > > >>archive or use xcrun (headless
> > > >
> > > > > > > >> process)
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Besides these differences, what is preventing Cordova
> > > > > > > >> from
> > > >
> > > > > > > >> providing a generic one-way to build these signed,
> > > > ready-to-publish archives?
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > >> appreciate your
> > > >
> > > > > > > >>insights on this topic
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Thanks!
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> --
> > > >
> > > > > > > >> Victor Adrian Sosa Herrera
> > > >
> > > > > > > >> IBM Software Engineer
> > > >
> > > > > > > >> Guadalajara, Jalisco
> > > >
> > > > > > > >>
> > > >
> > > > > > >
> > > >
> > > > > > >
> > > >
> > > > > > >
> ----------------------------------------------------------------
> > > > > > > --
> > > >
> > > > > > > --- To unsubscribe, e-mail:
> > > > > > > dev-unsubscribe@cordova.apache.org
> > > > <ma...@cordova.apache.org>
> > > >
> > > > > > > For additional commands, e-mail:
> > > > > > > dev-help@cordova.apache.org
> > > <mailto:
> > > > dev-help@cordova.apache.org>
> > > >
> > > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > --
> > > >
> > > > > >
> > > >
> > > > > > *Frederico Galvão*
> > > >
> > > > > >
> > > >
> > > > > > Diretor de Tecnologia
> > > >
> > > > > >
> > > >
> > > > > > PontoGet Inovação Web
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > ( +55(62) 8131-5720
> > > >
> > > > > >
> > > >
> > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > http://www.pontoget.com/>
> > > >
> > > > > >
> > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > >
> > > *Frederico Galvão*
> > >
> > > Diretor de Tecnologia
> > >
> > > PontoGet Inovação Web
> > >
> > >
> > > ( +55(62) 8131-5720
> > >
> > > * www.pontoget.com.br <http://www.pontoget.com/>
> > >
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org
RE: Build signed archives using CLI
Posted by Subhag Oak <Su...@microsoft.com>.
Adding to what Shazron said, isn't config.xml supposed to be considered as app-wide settings/properties? Typically packaging information is per platform and hence in my opinion, should be decoupled from config settings.
Jesse, I am working on a documentation that I will share out soon for the community to collaborate.
Subhag Oak | Senior Program Manager
Visual Studio, Client Tools
soak@microsoft.com
425 707 5598 office
-----Original Message-----
From: Shazron [mailto:shazron@gmail.com]
Sent: Thursday, October 9, 2014 12:02 PM
To: dev@cordova.apache.org
Subject: Re: Build signed archives using CLI
Liking Subhag's proposal.
Agree with Jesse on using conventions as a default plus config.xml -- with overrides/env-vars possible. The only caveat for including info in the config.xml is, the config.xml data is copied into the iOS platform and will be included in the .app bundle, and will leak information (even though harmless, since it shouldn't contain passwords, etc) -- so maybe that is not desirable, using config.xml.
We will need to provide the password each time at least for iOS, since we need to unlock the keychain for code signing.
On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org> wrote:
> The prompting is actually pretty appropriate here since passwords are
> involved I think. I think also that keys will often not be checked
> into source control, but maybe the best way to support that is to
> allow multiple ways of specifying things (e.g. default to convention,
> allow override via config.xml, allow override via command-line & env
> variable as well)
>
> On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
>
> > I am liking all of this.
> > Are we ready to move this to an editable plaintext doc to collaborate on?
> >
> > I agree that we should take advantage of as much 'by-convention' as
> > we
> can,
> > meaning things like `cordova package ios` defaults to a code sign
> identity
> > of 'iPhone Developer' and signs based on app-bundle-id, ...
> >
> > If it does not make sense as a convention, then I too would like to
> > see
> as
> > much as possible done through config.xml as Fredrico points out, and
> agree
> > on picking the most consistent names possible.
> >
> > I would prefer that we do not prompt, and simply fail fast, given
> > that tools will typically be consuming the cli. Or we should at
> > least
> provide a
> > --noPrompt option. Anything prompt-able should be config.xml-able
> >
> >
> >
> >
> >
> >
> >
> >
> > @purplecabbage
> > risingj.com
> >
> > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com>
> wrote:
> >
> > > One option here could be to build off of the idea of the "res"
> > > folder
> > that
> > > is in the current samples for splashscreens and icons and
> > > introduce something like "res/native". Files placed here would be
> > > put into the native project folders "before_prepare" and would be
> > > further enhanced
> by
> > > the plugin and build infrastructure. This would allow you to
> > > place customized native assets that are unique to your project in
> > > a place
> that
> > > you can check in and would be unaffected by an upgrade.
> > >
> > > Andrew's environment variable idea could also provide an alternate
> means
> > > to specify platform specific values (what Soak mentions in the { }).
> > >
> > > -Chuck
> > >
> > > -----Original Message-----
> > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > Sent: Thursday, October 9, 2014 10:33 AM
> > > Cc: dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > > I agree with pretty much everything mentioned, but as far as I
> > > know cordova is trying it's best to not depend on anything to be
> > > in /platforms/<TARGET_PLATFORM>/. Having said that, the package
> > > command
> > should
> > > always expect things to be in config.xml or something like that.
> > >
> > > Also, the closer we are in naming things to what they are already
> > > known
> > as
> > > in the native platform, the better.
> > >
> > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> > >
> > > > Hey Cordova community,
> > > >
> > > >
> > > >
> > > > I am Subhag Oak, senior program manager on the Visual Studio
> > > > team working on VS tools for Multi device hybrid apps. In line
> > > > with the discussion of having a generic Cordova ‘packaging’
> > > > command for all platforms, here is one
> > > > proposal:
> > > >
> > > >
> > > >
> > > > As we all know, packaging an application for deployment requires
> extra
> > > > steps that are specific to the native platforms. A new generic
> > > > Cordova CLI ‘package’ command can perform these platform
> > > > specific actions to generate a final signed package ready for deployment:
> > > >
> > > > cordova package [platform] [--packageConfiguration] {--
> > > > –-sign[location]
> > > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > > parameters within { } are platform specific overrides.
> > > >
> > > >
> > > >
> > > > If no platform is specified, the command will build packages for
> > > > all platforms added.
> > > >
> > > >
> > > >
> > > > The values for –packageConfiguration are interpreted by the
> respective
> > > > platforms. For Android and Windows, the value can be debug or
> release,
> > > > with release being the default value. For iOS, the possible
> > > > values are development, adhoc or store with development being
> > > > the default value. The
> > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > specific signing arguments for specifying the location of
> code-signing
> > > > certificate, the provisioning profile or the code signing
> > > > identity (certificates along with public and private keys) respectively.
> > > >
> > > >
> > > >
> > > > e.g:
> > > >
> > > > · ‘cordova package iOS’ would generate a signed ipa with
> > > > development profile, using code signing identity defined in
> > > build.xcconfig:
> > > >
> > > > // to list all installed iOS identities, run:
> > > >
> > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' |
> > > > grep 'iPhone'
> > > >
> > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > Identity with the right Provisioning // Profile plus
> > > > Certificate, based on the app bundle id
> > > >
> > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > >
> > > >
> > > >
> > > > · ‘cordova package android’ would generate a release signed
> > using
> > > > the packaging assets (keystore, alias and password) defined in
> > > > the ant.properties files using the ANT build. This would be
> > > > using gradle.propoerties once cordova changes to gradle build
> > > > like the one Andrew mentions below.
> > > >
> > > >
> > > >
> > > > · ‘Cordova package windows’ would generate a signed APPX
> > package.
> > > > This will use the following tools in the Windows SDK:
> > > >
> > > > • An unsigned packaged Windows Store app, for
> > example,
> > > > an .APPX file created by using the app packager (MakeAppx.exe)
> > > > tool
> > > >
> > > > • A valid code signing certificate, for example, a
> > > > Personal Information Exchange (.pfx) file created with the
> > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > >
> > > > • SignTool, which is part of the Windows SDK
> > > >
> > > >
> > > >
> > > > Here is how the package command should work. The proposal is to
> > > > make the ‘package’ command work on convention (similar to the
> > > > Cordova
> build
> > > > command) rather than config settings. The command would look out
> > > > for packaging assets in the “platform\ [native-platform]” folder.
> > > >
> > > >
> > > >
> > > > For android, the contents of the ant.properties (keystore,
> > > > password, alias and alias password) would be used for packaging.
> > > > If any of
> these
> > > > properties is missing in ant.properties [or gradle.properties
> > > > for gradle build] or if the file is missing, the command would
> > > > prompt the user for these value at the command prompt. If the
> > > > values provided
> are
> > > > invalid, the command would fail.
> > > >
> > > >
> > > >
> > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > certificate and the provisioning profile to be used. The default
> > > > build.xcconfig file is setup to handle different information by
> > > > build profile based on the configuration defined in the command.
> > > > Build.xcconfig can also support signing identities that tie the
> > > > code-sign certificate with the provisioning profile.
> > > >
> > > >
> > > >
> > > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > > explicit way to specify certs/profile for packaging for iOS
> > > > (since
> the
> > > > build needs to happen on MAC agent) instead of the assets being
> > > > defined in the build.xcconfig. One way to allow this is by using
> > > > optional platform specific arguments to the package command like:
> > > >
> > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> > > > --embed “d:\cert\devprovision.mobileprovisioning”
> > > >
> > > > This command will run the xcrun command to generate a signed IPA
> > > > with development provisioning profile.
> > > >
> > > >
> > > >
> > > > I would love to hear your comments, insights and feedback on
> > > > this
> > > proposal.
> > > >
> > > >
> > > >
> > > > Subhag Oak | Senior Program Manager
> > > >
> > > > Visual Studio, Client Tools
> > > >
> > > > soak@microsoft.com
> > > >
> > > > 425 707 5598 office
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf
> > > > Of Andrew Grieve
> > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > To: Shazron
> > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > >
> > > >
> > > > For Android Gradle, what's in (and experimental) right now:
> > > >
> > > >
> > > >
> > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to
> > > > a .properties file that contains:
> > > >
> > > >
> > > >
> > > > storeFile=relative/path/to/keystore.p12
> > > >
> > > > storePassword=SECRET1
> > > >
> > > > storeType=pkcs12
> > > >
> > > > keyAlias=DebugSigningKey
> > > >
> > > > keyPassword=SECRET2
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Topics to discuss:
> > > >
> > > >
> > > >
> > > > 1) Combine platform info into one file, or leave separate?
> > > >
> > > > - Leaning towards together
> > > >
> > > > 2) have config.xml point to signing info?
> > > >
> > > > - I think no, since signing info you often want to not check in
> > > > /
> keep
> > > > secure
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Strawman:
> > > >
> > > > If a file "cordova-keys.json" exists as a sibling to www/, then
> > > > use it. It should look like:
> > > >
> > > > {
> > > >
> > > > "android": {
> > > >
> > > > "storeFile": "relative/path.p12"
> > > >
> > > > ...
> > > >
> > > > },
> > > >
> > > > "ios": {
> > > >
> > > > },
> > > >
> > > > ...
> > > >
> > > > }
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Android signs debug builds as well (not sure if other platforms
> > > > do this too?), so maybe also allow
> > > >
> > > > "android-release" as an alias for "android", and
> > > >
> > > > "android-debug"
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > > > shazron@gmail.com>> wrote:
> > > >
> > > >
> > > >
> > > > > I did open an issue for this two years ago:
> > > >
> > > > > https://issues.apache.org/jira/browse/CB-1369
> > > >
> > > > > and we did discuss this as well 2 yrs ago:
> > > >
> > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > >
> > > > >
> > > >
> > > > > Seems to be of great value - so let's get going on this ;) The
> > > > > CLI has
> > > >
> > > > > (I think) matured more since then to allow this
> > > >
> > > > >
> > > >
> > > > >
> > > >
> > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > >
> > > > > <to...@devgeeks.org>>
> > > >
> > > > > wrote:
> > > >
> > > > >
> > > >
> > > > > > Frederico’s workflow is the same as ours. I would love to
> > > > > > see
> > > >
> > > > > > something happen To improve this, the less time I spend in
> > > > > > Xcode,
> > > >
> > > > > > the happier I am
> > > >
> > > > > ;)
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > >
> > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > frederico.galvao@pontoget.com.br>) wrote:
> > > >
> > > > > >
> > > >
> > > > > > I can already get the ultimate .apk through "cordova build
> android
> > > >
> > > > > > --release", but I already have the required .properties
> > > > > > properly
> > > >
> > > > > configured
> > > >
> > > > > > in my platform/android folder, specifying the path and name
> > > > > > to my
> > > >
> > > > > > keystores. The "cordova build android --release" already
> > > > > > gives me
> > > >
> > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > play.google.com.
> > > >
> > > > > >
> > > >
> > > > > > I have never, however, used cordova's CLI to build the final
> > > >
> > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > >
> > > > > > prepare", and use xCode
> > > >
> > > > > from
> > > >
> > > > > > then on to build, package, sign, and upload.
> > > >
> > > > > >
> > > >
> > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN
> > > > > > TECH) <
> > > >
> > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > >
> > > > > >
> > > >
> > > > > > > How about a "cordova package" command, that would be for
> > > > > > > packaging
> > > >
> > > > > > > the
> > > >
> > > > > > app
> > > >
> > > > > > > for the store? Note that different platforms may have
> > > > > > > different
> > > >
> > > > > > > requirements for certs, signing etc. So it may make sense
> > > > > > > to
> > > >
> > > > > > > promote
> > > >
> > > > > this
> > > >
> > > > > > > to a different command and let each command take care of
> > > > > > > packaging
> > > >
> > > > > > > the
> > > >
> > > > > > app
> > > >
> > > > > > > for the store. This command will also mean that developers
> don’t
> > > >
> > > > > > > have
> > > >
> > > > > to
> > > >
> > > > > > go
> > > >
> > > > > > > over to the native projects when they finally want to
> > > > > > > publish
> > > >
> > > > > > > their
> > > >
> > > > > apps
> > > >
> > > > > > to
> > > >
> > > > > > > the store.
> > > >
> > > > > > >
> > > >
> > > > > > > -----Original Message-----
> > > >
> > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > >
> > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > >
> > > > > > > To: dev
> > > >
> > > > > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > > > >
> > > >
> > > > > > > if you do:
> > > >
> > > > > > > Cordova build --release,
> > > >
> > > > > > > The blackberry10 platform will generate a signed image...
> > > >
> > > > > > >
> > > >
> > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> > <mailto:
> > > > agrieve@chromium.org>> wrote:
> > > >
> > > > > > >
> > > >
> > > > > > > >AFAIK, I don't think there's any technical roadblocks.
> > > > > > > >Just need
> > > >
> > > > > > > >a proposal for how it should look, and then a patch &
> > > > > > > >docs to add
> > > > it!
> > > >
> > > > > > > >
> > > >
> > > > > > > >For Android's hot-off-the-press gradle support, you can
> > > > > > > >set an
> > > >
> > > > > > > >environment variable that points to a .properties file
> > > > > > > >for
> > > >
> > > > > > > >signing builds. This shows one way to go about it, but
> > > > > > > >I'm not in
> > > >
> > > > > > > >love with
> > > >
> > > > > the
> > > >
> > > > > > > .properties idea.
> > > >
> > > > > > > >
> > > >
> > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > >
> > > > > > > ><so...@gmail.com>>
> > > >
> > > > > > > >wrote:
> > > >
> > > > > > > >
> > > >
> > > > > > > >> Hi community.
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > >> command
> > > >
> > > > > > > >>does not create signed archives. Digging a little bit
> > > > > > > >>found a
> > > >
> > > > > > > >>lot of differences in the platforms to create these archives.
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> For instance, in Android you need to 1. Export your APK
> > > > > > > >> in
> > > >
> > > > > > > >> release mode (--release flag) 2. Sign your APK (you
> > > > > > > >> already
> > > >
> > > > > > > >> need a RSA key)
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> In iOS, you need to:
> > > >
> > > > > > > >> 1. Export your APP using --device flag (--release seems
> > > > > > > >> to
> > > >
> > > > > > > >> export
> > > >
> > > > > for
> > > >
> > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign
> > > > > > > >>the
> > > >
> > > > > > > >>archive or use xcrun (headless
> > > >
> > > > > > > >> process)
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Besides these differences, what is preventing Cordova
> > > > > > > >> from
> > > >
> > > > > > > >> providing a generic one-way to build these signed,
> > > > ready-to-publish archives?
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Perhaps I'm missing something here...? I really
> > > > > > > >> appreciate your
> > > >
> > > > > > > >>insights on this topic
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Thanks!
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> --
> > > >
> > > > > > > >> Victor Adrian Sosa Herrera
> > > >
> > > > > > > >> IBM Software Engineer
> > > >
> > > > > > > >> Guadalajara, Jalisco
> > > >
> > > > > > > >>
> > > >
> > > > > > >
> > > >
> > > > > > >
> > > >
> > > > > > >
> ----------------------------------------------------------------
> > > > > > > --
> > > >
> > > > > > > --- To unsubscribe, e-mail:
> > > > > > > dev-unsubscribe@cordova.apache.org
> > > > <ma...@cordova.apache.org>
> > > >
> > > > > > > For additional commands, e-mail:
> > > > > > > dev-help@cordova.apache.org
> > > <mailto:
> > > > dev-help@cordova.apache.org>
> > > >
> > > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > --
> > > >
> > > > > >
> > > >
> > > > > > *Frederico Galvão*
> > > >
> > > > > >
> > > >
> > > > > > Diretor de Tecnologia
> > > >
> > > > > >
> > > >
> > > > > > PontoGet Inovação Web
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > ( +55(62) 8131-5720
> > > >
> > > > > >
> > > >
> > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > http://www.pontoget.com/>
> > > >
> > > > > >
> > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > >
> > > *Frederico Galvão*
> > >
> > > Diretor de Tecnologia
> > >
> > > PontoGet Inovação Web
> > >
> > >
> > > ( +55(62) 8131-5720
> > >
> > > * www.pontoget.com.br <http://www.pontoget.com/>
> > >
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org
Re: Build signed archives using CLI
Posted by Jesse <pu...@gmail.com>.
Yeah, I agree, the password prompt makes sense, I relax my position against
prompting.
.. and config.xml may not be the best, I was just hoping to avoid another
configuration file discussion.
I believe MS already has the answers to all these questions since Visual
Studio can do all of this, so once we have a more formal document posted we
can dig in.
@purplecabbage
risingj.com
On Thu, Oct 9, 2014 at 12:02 PM, Shazron <sh...@gmail.com> wrote:
> Liking Subhag's proposal.
> Agree with Jesse on using conventions as a default plus config.xml -- with
> overrides/env-vars possible. The only caveat for including info in the
> config.xml is, the config.xml data is copied into the iOS platform and will
> be included in the .app bundle, and will leak information (even though
> harmless, since it shouldn't contain passwords, etc) -- so maybe that is
> not desirable, using config.xml.
>
> We will need to provide the password each time at least for iOS, since we
> need to unlock the keychain for code signing.
>
>
>
>
>
>
>
>
> On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org>
> wrote:
>
> > The prompting is actually pretty appropriate here since passwords are
> > involved I think. I think also that keys will often not be checked into
> > source control, but maybe the best way to support that is to allow
> multiple
> > ways of specifying things (e.g. default to convention, allow override via
> > config.xml, allow override via command-line & env variable as well)
> >
> > On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
> >
> > > I am liking all of this.
> > > Are we ready to move this to an editable plaintext doc to collaborate
> on?
> > >
> > > I agree that we should take advantage of as much 'by-convention' as we
> > can,
> > > meaning things like `cordova package ios` defaults to a code sign
> > identity
> > > of 'iPhone Developer' and signs based on app-bundle-id, ...
> > >
> > > If it does not make sense as a convention, then I too would like to see
> > as
> > > much as possible done through config.xml as Fredrico points out, and
> > agree
> > > on picking the most consistent names possible.
> > >
> > > I would prefer that we do not prompt, and simply fail fast, given that
> > > tools will typically be consuming the cli. Or we should at least
> > provide a
> > > --noPrompt option. Anything prompt-able should be config.xml-able
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > @purplecabbage
> > > risingj.com
> > >
> > > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com>
> > wrote:
> > >
> > > > One option here could be to build off of the idea of the "res" folder
> > > that
> > > > is in the current samples for splashscreens and icons and introduce
> > > > something like "res/native". Files placed here would be put into the
> > > > native project folders "before_prepare" and would be further enhanced
> > by
> > > > the plugin and build infrastructure. This would allow you to place
> > > > customized native assets that are unique to your project in a place
> > that
> > > > you can check in and would be unaffected by an upgrade.
> > > >
> > > > Andrew's environment variable idea could also provide an alternate
> > means
> > > > to specify platform specific values (what Soak mentions in the { }).
> > > >
> > > > -Chuck
> > > >
> > > > -----Original Message-----
> > > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > > Sent: Thursday, October 9, 2014 10:33 AM
> > > > Cc: dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > I agree with pretty much everything mentioned, but as far as I know
> > > > cordova is trying it's best to not depend on anything to be in
> > > > /platforms/<TARGET_PLATFORM>/. Having said that, the package command
> > > should
> > > > always expect things to be in config.xml or something like that.
> > > >
> > > > Also, the closer we are in naming things to what they are already
> known
> > > as
> > > > in the native platform, the better.
> > > >
> > > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> > > >
> > > > > Hey Cordova community,
> > > > >
> > > > >
> > > > >
> > > > > I am Subhag Oak, senior program manager on the Visual Studio team
> > > > > working on VS tools for Multi device hybrid apps. In line with the
> > > > > discussion of having a generic Cordova ‘packaging’ command for all
> > > > > platforms, here is one
> > > > > proposal:
> > > > >
> > > > >
> > > > >
> > > > > As we all know, packaging an application for deployment requires
> > extra
> > > > > steps that are specific to the native platforms. A new generic
> > > > > Cordova CLI ‘package’ command can perform these platform specific
> > > > > actions to generate a final signed package ready for deployment:
> > > > >
> > > > > cordova package [platform] [--packageConfiguration] {--
> > > > > –-sign[location]
> > > > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > > > parameters within { } are platform specific overrides.
> > > > >
> > > > >
> > > > >
> > > > > If no platform is specified, the command will build packages for
> all
> > > > > platforms added.
> > > > >
> > > > >
> > > > >
> > > > > The values for –packageConfiguration are interpreted by the
> > respective
> > > > > platforms. For Android and Windows, the value can be debug or
> > release,
> > > > > with release being the default value. For iOS, the possible values
> > > > > are development, adhoc or store with development being the default
> > > > > value. The
> > > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > > specific signing arguments for specifying the location of
> > code-signing
> > > > > certificate, the provisioning profile or the code signing identity
> > > > > (certificates along with public and private keys) respectively.
> > > > >
> > > > >
> > > > >
> > > > > e.g:
> > > > >
> > > > > · ‘cordova package iOS’ would generate a signed ipa with
> > > > > development profile, using code signing identity defined in
> > > > build.xcconfig:
> > > > >
> > > > > // to list all installed iOS identities, run:
> > > > >
> > > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' | grep
> > > > > 'iPhone'
> > > > >
> > > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > > Identity with the right Provisioning // Profile plus Certificate,
> > > > > based on the app bundle id
> > > > >
> > > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > > >
> > > > >
> > > > >
> > > > > · ‘cordova package android’ would generate a release signed
> > > using
> > > > > the packaging assets (keystore, alias and password) defined in the
> > > > > ant.properties files using the ANT build. This would be using
> > > > > gradle.propoerties once cordova changes to gradle build like the
> one
> > > > > Andrew mentions below.
> > > > >
> > > > >
> > > > >
> > > > > · ‘Cordova package windows’ would generate a signed APPX
> > > package.
> > > > > This will use the following tools in the Windows SDK:
> > > > >
> > > > > • An unsigned packaged Windows Store app, for
> > > example,
> > > > > an .APPX file created by using the app packager (MakeAppx.exe) tool
> > > > >
> > > > > • A valid code signing certificate, for
> example, a
> > > > > Personal Information Exchange (.pfx) file created with the
> > > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > > >
> > > > > • SignTool, which is part of the Windows SDK
> > > > >
> > > > >
> > > > >
> > > > > Here is how the package command should work. The proposal is to
> make
> > > > > the ‘package’ command work on convention (similar to the Cordova
> > build
> > > > > command) rather than config settings. The command would look out
> for
> > > > > packaging assets in the “platform\ [native-platform]” folder.
> > > > >
> > > > >
> > > > >
> > > > > For android, the contents of the ant.properties (keystore,
> password,
> > > > > alias and alias password) would be used for packaging. If any of
> > these
> > > > > properties is missing in ant.properties [or gradle.properties for
> > > > > gradle build] or if the file is missing, the command would prompt
> the
> > > > > user for these value at the command prompt. If the values provided
> > are
> > > > > invalid, the command would fail.
> > > > >
> > > > >
> > > > >
> > > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > > certificate and the provisioning profile to be used. The default
> > > > > build.xcconfig file is setup to handle different information by
> build
> > > > > profile based on the configuration defined in the command.
> > > > > Build.xcconfig can also support signing identities that tie the
> > > > > code-sign certificate with the provisioning profile.
> > > > >
> > > > >
> > > > >
> > > > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > > > explicit way to specify certs/profile for packaging for iOS (since
> > the
> > > > > build needs to happen on MAC agent) instead of the assets being
> > > > > defined in the build.xcconfig. One way to allow this is by using
> > > > > optional platform specific arguments to the package command like:
> > > > >
> > > > > Cordova package iOS --development --sign “d:\cert\mycert.cer”
> --embed
> > > > > “d:\cert\devprovision.mobileprovisioning”
> > > > >
> > > > > This command will run the xcrun command to generate a signed IPA
> with
> > > > > development provisioning profile.
> > > > >
> > > > >
> > > > >
> > > > > I would love to hear your comments, insights and feedback on this
> > > > proposal.
> > > > >
> > > > >
> > > > >
> > > > > Subhag Oak | Senior Program Manager
> > > > >
> > > > > Visual Studio, Client Tools
> > > > >
> > > > > soak@microsoft.com
> > > > >
> > > > > 425 707 5598 office
> > > > >
> > > > >
> > > > >
> > > > > -----Original Message-----
> > > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > > > > Andrew Grieve
> > > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > > To: Shazron
> > > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > >
> > > > >
> > > > > For Android Gradle, what's in (and experimental) right now:
> > > > >
> > > > >
> > > > >
> > > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a
> > > > > .properties file that contains:
> > > > >
> > > > >
> > > > >
> > > > > storeFile=relative/path/to/keystore.p12
> > > > >
> > > > > storePassword=SECRET1
> > > > >
> > > > > storeType=pkcs12
> > > > >
> > > > > keyAlias=DebugSigningKey
> > > > >
> > > > > keyPassword=SECRET2
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Topics to discuss:
> > > > >
> > > > >
> > > > >
> > > > > 1) Combine platform info into one file, or leave separate?
> > > > >
> > > > > - Leaning towards together
> > > > >
> > > > > 2) have config.xml point to signing info?
> > > > >
> > > > > - I think no, since signing info you often want to not check in /
> > keep
> > > > > secure
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Strawman:
> > > > >
> > > > > If a file "cordova-keys.json" exists as a sibling to www/, then use
> > > > > it. It should look like:
> > > > >
> > > > > {
> > > > >
> > > > > "android": {
> > > > >
> > > > > "storeFile": "relative/path.p12"
> > > > >
> > > > > ...
> > > > >
> > > > > },
> > > > >
> > > > > "ios": {
> > > > >
> > > > > },
> > > > >
> > > > > ...
> > > > >
> > > > > }
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > Android signs debug builds as well (not sure if other platforms do
> > > > > this too?), so maybe also allow
> > > > >
> > > > > "android-release" as an alias for "android", and
> > > > >
> > > > > "android-debug"
> > > > >
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > > > > shazron@gmail.com>> wrote:
> > > > >
> > > > >
> > > > >
> > > > > > I did open an issue for this two years ago:
> > > > >
> > > > > > https://issues.apache.org/jira/browse/CB-1369
> > > > >
> > > > > > and we did discuss this as well 2 yrs ago:
> > > > >
> > > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > > >
> > > > > >
> > > > >
> > > > > > Seems to be of great value - so let's get going on this ;) The
> CLI
> > > > > > has
> > > > >
> > > > > > (I think) matured more since then to allow this
> > > > >
> > > > > >
> > > > >
> > > > > >
> > > > >
> > > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > > >
> > > > > > <to...@devgeeks.org>>
> > > > >
> > > > > > wrote:
> > > > >
> > > > > >
> > > > >
> > > > > > > Frederico’s workflow is the same as ours. I would love to see
> > > > >
> > > > > > > something happen To improve this, the less time I spend in
> Xcode,
> > > > >
> > > > > > > the happier I am
> > > > >
> > > > > > ;)
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > > >
> > > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > > frederico.galvao@pontoget.com.br>) wrote:
> > > > >
> > > > > > >
> > > > >
> > > > > > > I can already get the ultimate .apk through "cordova build
> > android
> > > > >
> > > > > > > --release", but I already have the required .properties
> properly
> > > > >
> > > > > > configured
> > > > >
> > > > > > > in my platform/android folder, specifying the path and name to
> my
> > > > >
> > > > > > > keystores. The "cordova build android --release" already gives
> me
> > > > >
> > > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > > play.google.com.
> > > > >
> > > > > > >
> > > > >
> > > > > > > I have never, however, used cordova's CLI to build the final
> > > > >
> > > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > > >
> > > > > > > prepare", and use xCode
> > > > >
> > > > > > from
> > > > >
> > > > > > > then on to build, package, sign, and upload.
> > > > >
> > > > > > >
> > > > >
> > > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN
> TECH) <
> > > > >
> > > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > > >
> > > > > > >
> > > > >
> > > > > > > > How about a "cordova package" command, that would be for
> > > > > > > > packaging
> > > > >
> > > > > > > > the
> > > > >
> > > > > > > app
> > > > >
> > > > > > > > for the store? Note that different platforms may have
> different
> > > > >
> > > > > > > > requirements for certs, signing etc. So it may make sense to
> > > > >
> > > > > > > > promote
> > > > >
> > > > > > this
> > > > >
> > > > > > > > to a different command and let each command take care of
> > > > > > > > packaging
> > > > >
> > > > > > > > the
> > > > >
> > > > > > > app
> > > > >
> > > > > > > > for the store. This command will also mean that developers
> > don’t
> > > > >
> > > > > > > > have
> > > > >
> > > > > > to
> > > > >
> > > > > > > go
> > > > >
> > > > > > > > over to the native projects when they finally want to publish
> > > > >
> > > > > > > > their
> > > > >
> > > > > > apps
> > > > >
> > > > > > > to
> > > > >
> > > > > > > > the store.
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > -----Original Message-----
> > > > >
> > > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > > >
> > > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > > >
> > > > > > > > To: dev
> > > > >
> > > > > > > > Subject: Re: Build signed archives using CLI
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > if you do:
> > > > >
> > > > > > > > Cordova build --release,
> > > > >
> > > > > > > > The blackberry10 platform will generate a signed image...
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> > > <mailto:
> > > > > agrieve@chromium.org>> wrote:
> > > > >
> > > > > > > >
> > > > >
> > > > > > > > >AFAIK, I don't think there's any technical roadblocks. Just
> > > > > > > > >need
> > > > >
> > > > > > > > >a proposal for how it should look, and then a patch & docs
> to
> > > > > > > > >add
> > > > > it!
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >For Android's hot-off-the-press gradle support, you can set
> an
> > > > >
> > > > > > > > >environment variable that points to a .properties file for
> > > > >
> > > > > > > > >signing builds. This shows one way to go about it, but I'm
> not
> > > > > > > > >in
> > > > >
> > > > > > > > >love with
> > > > >
> > > > > > the
> > > > >
> > > > > > > > .properties idea.
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > > >
> > > > > > > > ><so...@gmail.com>>
> > > > >
> > > > > > > > >wrote:
> > > > >
> > > > > > > > >
> > > > >
> > > > > > > > >> Hi community.
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > > >> command
> > > > >
> > > > > > > > >>does not create signed archives. Digging a little bit
> found a
> > > > >
> > > > > > > > >>lot of differences in the platforms to create these
> archives.
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> For instance, in Android you need to 1. Export your APK in
> > > > >
> > > > > > > > >> release mode (--release flag) 2. Sign your APK (you
> already
> > > > >
> > > > > > > > >> need a RSA key)
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> In iOS, you need to:
> > > > >
> > > > > > > > >> 1. Export your APP using --device flag (--release seems to
> > > > >
> > > > > > > > >> export
> > > > >
> > > > > > for
> > > > >
> > > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign the
> > > > >
> > > > > > > > >>archive or use xcrun (headless
> > > > >
> > > > > > > > >> process)
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Besides these differences, what is preventing Cordova from
> > > > >
> > > > > > > > >> providing a generic one-way to build these signed,
> > > > > ready-to-publish archives?
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Perhaps I'm missing something here...? I really appreciate
> > > > > > > > >> your
> > > > >
> > > > > > > > >>insights on this topic
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> Thanks!
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > > >> --
> > > > >
> > > > > > > > >> Victor Adrian Sosa Herrera
> > > > >
> > > > > > > > >> IBM Software Engineer
> > > > >
> > > > > > > > >> Guadalajara, Jalisco
> > > > >
> > > > > > > > >>
> > > > >
> > > > > > > >
> > > > >
> > > > > > > >
> > > > >
> > > > > > > >
> > ----------------------------------------------------------------
> > > > > > > > --
> > > > >
> > > > > > > > --- To unsubscribe, e-mail:
> dev-unsubscribe@cordova.apache.org
> > > > > <ma...@cordova.apache.org>
> > > > >
> > > > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > > <mailto:
> > > > > dev-help@cordova.apache.org>
> > > > >
> > > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > --
> > > > >
> > > > > > >
> > > > >
> > > > > > > *Frederico Galvão*
> > > > >
> > > > > > >
> > > > >
> > > > > > > Diretor de Tecnologia
> > > > >
> > > > > > >
> > > > >
> > > > > > > PontoGet Inovação Web
> > > > >
> > > > > > >
> > > > >
> > > > > > >
> > > > >
> > > > > > > ( +55(62) 8131-5720
> > > > >
> > > > > > >
> > > > >
> > > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > > http://www.pontoget.com/>
> > > > >
> > > > > > >
> > > > >
> > > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > --
> > > >
> > > > *Frederico Galvão*
> > > >
> > > > Diretor de Tecnologia
> > > >
> > > > PontoGet Inovação Web
> > > >
> > > >
> > > > ( +55(62) 8131-5720
> > > >
> > > > * www.pontoget.com.br <http://www.pontoget.com/>
> > > >
> > >
> >
>
Re: Build signed archives using CLI
Posted by Shazron <sh...@gmail.com>.
Liking Subhag's proposal.
Agree with Jesse on using conventions as a default plus config.xml -- with
overrides/env-vars possible. The only caveat for including info in the
config.xml is, the config.xml data is copied into the iOS platform and will
be included in the .app bundle, and will leak information (even though
harmless, since it shouldn't contain passwords, etc) -- so maybe that is
not desirable, using config.xml.
We will need to provide the password each time at least for iOS, since we
need to unlock the keychain for code signing.
On Thu, Oct 9, 2014 at 11:25 AM, Andrew Grieve <ag...@chromium.org> wrote:
> The prompting is actually pretty appropriate here since passwords are
> involved I think. I think also that keys will often not be checked into
> source control, but maybe the best way to support that is to allow multiple
> ways of specifying things (e.g. default to convention, allow override via
> config.xml, allow override via command-line & env variable as well)
>
> On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
>
> > I am liking all of this.
> > Are we ready to move this to an editable plaintext doc to collaborate on?
> >
> > I agree that we should take advantage of as much 'by-convention' as we
> can,
> > meaning things like `cordova package ios` defaults to a code sign
> identity
> > of 'iPhone Developer' and signs based on app-bundle-id, ...
> >
> > If it does not make sense as a convention, then I too would like to see
> as
> > much as possible done through config.xml as Fredrico points out, and
> agree
> > on picking the most consistent names possible.
> >
> > I would prefer that we do not prompt, and simply fail fast, given that
> > tools will typically be consuming the cli. Or we should at least
> provide a
> > --noPrompt option. Anything prompt-able should be config.xml-able
> >
> >
> >
> >
> >
> >
> >
> >
> > @purplecabbage
> > risingj.com
> >
> > On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com>
> wrote:
> >
> > > One option here could be to build off of the idea of the "res" folder
> > that
> > > is in the current samples for splashscreens and icons and introduce
> > > something like "res/native". Files placed here would be put into the
> > > native project folders "before_prepare" and would be further enhanced
> by
> > > the plugin and build infrastructure. This would allow you to place
> > > customized native assets that are unique to your project in a place
> that
> > > you can check in and would be unaffected by an upgrade.
> > >
> > > Andrew's environment variable idea could also provide an alternate
> means
> > > to specify platform specific values (what Soak mentions in the { }).
> > >
> > > -Chuck
> > >
> > > -----Original Message-----
> > > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > > Sent: Thursday, October 9, 2014 10:33 AM
> > > Cc: dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > > I agree with pretty much everything mentioned, but as far as I know
> > > cordova is trying it's best to not depend on anything to be in
> > > /platforms/<TARGET_PLATFORM>/. Having said that, the package command
> > should
> > > always expect things to be in config.xml or something like that.
> > >
> > > Also, the closer we are in naming things to what they are already known
> > as
> > > in the native platform, the better.
> > >
> > > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> > >
> > > > Hey Cordova community,
> > > >
> > > >
> > > >
> > > > I am Subhag Oak, senior program manager on the Visual Studio team
> > > > working on VS tools for Multi device hybrid apps. In line with the
> > > > discussion of having a generic Cordova ‘packaging’ command for all
> > > > platforms, here is one
> > > > proposal:
> > > >
> > > >
> > > >
> > > > As we all know, packaging an application for deployment requires
> extra
> > > > steps that are specific to the native platforms. A new generic
> > > > Cordova CLI ‘package’ command can perform these platform specific
> > > > actions to generate a final signed package ready for deployment:
> > > >
> > > > cordova package [platform] [--packageConfiguration] {--
> > > > –-sign[location]
> > > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > > parameters within { } are platform specific overrides.
> > > >
> > > >
> > > >
> > > > If no platform is specified, the command will build packages for all
> > > > platforms added.
> > > >
> > > >
> > > >
> > > > The values for –packageConfiguration are interpreted by the
> respective
> > > > platforms. For Android and Windows, the value can be debug or
> release,
> > > > with release being the default value. For iOS, the possible values
> > > > are development, adhoc or store with development being the default
> > > > value. The
> > > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > > specific signing arguments for specifying the location of
> code-signing
> > > > certificate, the provisioning profile or the code signing identity
> > > > (certificates along with public and private keys) respectively.
> > > >
> > > >
> > > >
> > > > e.g:
> > > >
> > > > · ‘cordova package iOS’ would generate a signed ipa with
> > > > development profile, using code signing identity defined in
> > > build.xcconfig:
> > > >
> > > > // to list all installed iOS identities, run:
> > > >
> > > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' | grep
> > > > 'iPhone'
> > > >
> > > > // generic 'iPhone Developer' (no quotes) will match the right
> > > > Identity with the right Provisioning // Profile plus Certificate,
> > > > based on the app bundle id
> > > >
> > > > CODE_SIGN_IDENTITY = iPhone Developer
> > > >
> > > >
> > > >
> > > > · ‘cordova package android’ would generate a release signed
> > using
> > > > the packaging assets (keystore, alias and password) defined in the
> > > > ant.properties files using the ANT build. This would be using
> > > > gradle.propoerties once cordova changes to gradle build like the one
> > > > Andrew mentions below.
> > > >
> > > >
> > > >
> > > > · ‘Cordova package windows’ would generate a signed APPX
> > package.
> > > > This will use the following tools in the Windows SDK:
> > > >
> > > > • An unsigned packaged Windows Store app, for
> > example,
> > > > an .APPX file created by using the app packager (MakeAppx.exe) tool
> > > >
> > > > • A valid code signing certificate, for example, a
> > > > Personal Information Exchange (.pfx) file created with the
> > > > MakeCert.exe and Pvk2Pfx.exe tools
> > > >
> > > > • SignTool, which is part of the Windows SDK
> > > >
> > > >
> > > >
> > > > Here is how the package command should work. The proposal is to make
> > > > the ‘package’ command work on convention (similar to the Cordova
> build
> > > > command) rather than config settings. The command would look out for
> > > > packaging assets in the “platform\ [native-platform]” folder.
> > > >
> > > >
> > > >
> > > > For android, the contents of the ant.properties (keystore, password,
> > > > alias and alias password) would be used for packaging. If any of
> these
> > > > properties is missing in ant.properties [or gradle.properties for
> > > > gradle build] or if the file is missing, the command would prompt the
> > > > user for these value at the command prompt. If the values provided
> are
> > > > invalid, the command would fail.
> > > >
> > > >
> > > >
> > > > For iOS, the contents of build.xcconfig specify the code-sign
> > > > certificate and the provisioning profile to be used. The default
> > > > build.xcconfig file is setup to handle different information by build
> > > > profile based on the configuration defined in the command.
> > > > Build.xcconfig can also support signing identities that tie the
> > > > code-sign certificate with the provisioning profile.
> > > >
> > > >
> > > >
> > > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > > explicit way to specify certs/profile for packaging for iOS (since
> the
> > > > build needs to happen on MAC agent) instead of the assets being
> > > > defined in the build.xcconfig. One way to allow this is by using
> > > > optional platform specific arguments to the package command like:
> > > >
> > > > Cordova package iOS --development --sign “d:\cert\mycert.cer” --embed
> > > > “d:\cert\devprovision.mobileprovisioning”
> > > >
> > > > This command will run the xcrun command to generate a signed IPA with
> > > > development provisioning profile.
> > > >
> > > >
> > > >
> > > > I would love to hear your comments, insights and feedback on this
> > > proposal.
> > > >
> > > >
> > > >
> > > > Subhag Oak | Senior Program Manager
> > > >
> > > > Visual Studio, Client Tools
> > > >
> > > > soak@microsoft.com
> > > >
> > > > 425 707 5598 office
> > > >
> > > >
> > > >
> > > > -----Original Message-----
> > > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > > > Andrew Grieve
> > > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > > To: Shazron
> > > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > > Subject: Re: Build signed archives using CLI
> > > >
> > > >
> > > >
> > > > For Android Gradle, what's in (and experimental) right now:
> > > >
> > > >
> > > >
> > > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a
> > > > .properties file that contains:
> > > >
> > > >
> > > >
> > > > storeFile=relative/path/to/keystore.p12
> > > >
> > > > storePassword=SECRET1
> > > >
> > > > storeType=pkcs12
> > > >
> > > > keyAlias=DebugSigningKey
> > > >
> > > > keyPassword=SECRET2
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Topics to discuss:
> > > >
> > > >
> > > >
> > > > 1) Combine platform info into one file, or leave separate?
> > > >
> > > > - Leaning towards together
> > > >
> > > > 2) have config.xml point to signing info?
> > > >
> > > > - I think no, since signing info you often want to not check in /
> keep
> > > > secure
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Strawman:
> > > >
> > > > If a file "cordova-keys.json" exists as a sibling to www/, then use
> > > > it. It should look like:
> > > >
> > > > {
> > > >
> > > > "android": {
> > > >
> > > > "storeFile": "relative/path.p12"
> > > >
> > > > ...
> > > >
> > > > },
> > > >
> > > > "ios": {
> > > >
> > > > },
> > > >
> > > > ...
> > > >
> > > > }
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > Android signs debug builds as well (not sure if other platforms do
> > > > this too?), so maybe also allow
> > > >
> > > > "android-release" as an alias for "android", and
> > > >
> > > > "android-debug"
> > > >
> > > >
> > > >
> > > >
> > > >
> > > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > > > shazron@gmail.com>> wrote:
> > > >
> > > >
> > > >
> > > > > I did open an issue for this two years ago:
> > > >
> > > > > https://issues.apache.org/jira/browse/CB-1369
> > > >
> > > > > and we did discuss this as well 2 yrs ago:
> > > >
> > > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > > >
> > > > >
> > > >
> > > > > Seems to be of great value - so let's get going on this ;) The CLI
> > > > > has
> > > >
> > > > > (I think) matured more since then to allow this
> > > >
> > > > >
> > > >
> > > > >
> > > >
> > > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > > >
> > > > > <to...@devgeeks.org>>
> > > >
> > > > > wrote:
> > > >
> > > > >
> > > >
> > > > > > Frederico’s workflow is the same as ours. I would love to see
> > > >
> > > > > > something happen To improve this, the less time I spend in Xcode,
> > > >
> > > > > > the happier I am
> > > >
> > > > > ;)
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > > >
> > > > > > frederico.galvao@pontoget.com.br<mailto:
> > > > frederico.galvao@pontoget.com.br>) wrote:
> > > >
> > > > > >
> > > >
> > > > > > I can already get the ultimate .apk through "cordova build
> android
> > > >
> > > > > > --release", but I already have the required .properties properly
> > > >
> > > > > configured
> > > >
> > > > > > in my platform/android folder, specifying the path and name to my
> > > >
> > > > > > keystores. The "cordova build android --release" already gives me
> > > >
> > > > > > the signed and ready .apk, all I have to do is upload it to
> > > > play.google.com.
> > > >
> > > > > >
> > > >
> > > > > > I have never, however, used cordova's CLI to build the final
> > > >
> > > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > > >
> > > > > > prepare", and use xCode
> > > >
> > > > > from
> > > >
> > > > > > then on to build, package, sign, and upload.
> > > >
> > > > > >
> > > >
> > > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
> > > >
> > > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > > >
> > > > > >
> > > >
> > > > > > > How about a "cordova package" command, that would be for
> > > > > > > packaging
> > > >
> > > > > > > the
> > > >
> > > > > > app
> > > >
> > > > > > > for the store? Note that different platforms may have different
> > > >
> > > > > > > requirements for certs, signing etc. So it may make sense to
> > > >
> > > > > > > promote
> > > >
> > > > > this
> > > >
> > > > > > > to a different command and let each command take care of
> > > > > > > packaging
> > > >
> > > > > > > the
> > > >
> > > > > > app
> > > >
> > > > > > > for the store. This command will also mean that developers
> don’t
> > > >
> > > > > > > have
> > > >
> > > > > to
> > > >
> > > > > > go
> > > >
> > > > > > > over to the native projects when they finally want to publish
> > > >
> > > > > > > their
> > > >
> > > > > apps
> > > >
> > > > > > to
> > > >
> > > > > > > the store.
> > > >
> > > > > > >
> > > >
> > > > > > > -----Original Message-----
> > > >
> > > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > >
> > > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > > >
> > > > > > > To: dev
> > > >
> > > > > > > Subject: Re: Build signed archives using CLI
> > > >
> > > > > > >
> > > >
> > > > > > > if you do:
> > > >
> > > > > > > Cordova build --release,
> > > >
> > > > > > > The blackberry10 platform will generate a signed image...
> > > >
> > > > > > >
> > > >
> > > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> > <mailto:
> > > > agrieve@chromium.org>> wrote:
> > > >
> > > > > > >
> > > >
> > > > > > > >AFAIK, I don't think there's any technical roadblocks. Just
> > > > > > > >need
> > > >
> > > > > > > >a proposal for how it should look, and then a patch & docs to
> > > > > > > >add
> > > > it!
> > > >
> > > > > > > >
> > > >
> > > > > > > >For Android's hot-off-the-press gradle support, you can set an
> > > >
> > > > > > > >environment variable that points to a .properties file for
> > > >
> > > > > > > >signing builds. This shows one way to go about it, but I'm not
> > > > > > > >in
> > > >
> > > > > > > >love with
> > > >
> > > > > the
> > > >
> > > > > > > .properties idea.
> > > >
> > > > > > > >
> > > >
> > > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > >
> > > > > > > ><so...@gmail.com>>
> > > >
> > > > > > > >wrote:
> > > >
> > > > > > > >
> > > >
> > > > > > > >> Hi community.
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Been looking at this topic and wondering why the build
> > > > > > > >> command
> > > >
> > > > > > > >>does not create signed archives. Digging a little bit found a
> > > >
> > > > > > > >>lot of differences in the platforms to create these archives.
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> For instance, in Android you need to 1. Export your APK in
> > > >
> > > > > > > >> release mode (--release flag) 2. Sign your APK (you already
> > > >
> > > > > > > >> need a RSA key)
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> In iOS, you need to:
> > > >
> > > > > > > >> 1. Export your APP using --device flag (--release seems to
> > > >
> > > > > > > >> export
> > > >
> > > > > for
> > > >
> > > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign the
> > > >
> > > > > > > >>archive or use xcrun (headless
> > > >
> > > > > > > >> process)
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Besides these differences, what is preventing Cordova from
> > > >
> > > > > > > >> providing a generic one-way to build these signed,
> > > > ready-to-publish archives?
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Perhaps I'm missing something here...? I really appreciate
> > > > > > > >> your
> > > >
> > > > > > > >>insights on this topic
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> Thanks!
> > > >
> > > > > > > >>
> > > >
> > > > > > > >> --
> > > >
> > > > > > > >> Victor Adrian Sosa Herrera
> > > >
> > > > > > > >> IBM Software Engineer
> > > >
> > > > > > > >> Guadalajara, Jalisco
> > > >
> > > > > > > >>
> > > >
> > > > > > >
> > > >
> > > > > > >
> > > >
> > > > > > >
> ----------------------------------------------------------------
> > > > > > > --
> > > >
> > > > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > > <ma...@cordova.apache.org>
> > > >
> > > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > > <mailto:
> > > > dev-help@cordova.apache.org>
> > > >
> > > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > --
> > > >
> > > > > >
> > > >
> > > > > > *Frederico Galvão*
> > > >
> > > > > >
> > > >
> > > > > > Diretor de Tecnologia
> > > >
> > > > > >
> > > >
> > > > > > PontoGet Inovação Web
> > > >
> > > > > >
> > > >
> > > > > >
> > > >
> > > > > > ( +55(62) 8131-5720
> > > >
> > > > > >
> > > >
> > > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > > http://www.pontoget.com/>
> > > >
> > > > > >
> > > >
> > > > >
> > > >
> > >
> > >
> > >
> > > --
> > >
> > > *Frederico Galvão*
> > >
> > > Diretor de Tecnologia
> > >
> > > PontoGet Inovação Web
> > >
> > >
> > > ( +55(62) 8131-5720
> > >
> > > * www.pontoget.com.br <http://www.pontoget.com/>
> > >
> >
>
Re: Build signed archives using CLI
Posted by Andrew Grieve <ag...@chromium.org>.
The prompting is actually pretty appropriate here since passwords are
involved I think. I think also that keys will often not be checked into
source control, but maybe the best way to support that is to allow multiple
ways of specifying things (e.g. default to convention, allow override via
config.xml, allow override via command-line & env variable as well)
On Thu, Oct 9, 2014 at 2:17 PM, Jesse <pu...@gmail.com> wrote:
> I am liking all of this.
> Are we ready to move this to an editable plaintext doc to collaborate on?
>
> I agree that we should take advantage of as much 'by-convention' as we can,
> meaning things like `cordova package ios` defaults to a code sign identity
> of 'iPhone Developer' and signs based on app-bundle-id, ...
>
> If it does not make sense as a convention, then I too would like to see as
> much as possible done through config.xml as Fredrico points out, and agree
> on picking the most consistent names possible.
>
> I would prefer that we do not prompt, and simply fail fast, given that
> tools will typically be consuming the cli. Or we should at least provide a
> --noPrompt option. Anything prompt-able should be config.xml-able
>
>
>
>
>
>
>
>
> @purplecabbage
> risingj.com
>
> On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com> wrote:
>
> > One option here could be to build off of the idea of the "res" folder
> that
> > is in the current samples for splashscreens and icons and introduce
> > something like "res/native". Files placed here would be put into the
> > native project folders "before_prepare" and would be further enhanced by
> > the plugin and build infrastructure. This would allow you to place
> > customized native assets that are unique to your project in a place that
> > you can check in and would be unaffected by an upgrade.
> >
> > Andrew's environment variable idea could also provide an alternate means
> > to specify platform specific values (what Soak mentions in the { }).
> >
> > -Chuck
> >
> > -----Original Message-----
> > From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> > Sent: Thursday, October 9, 2014 10:33 AM
> > Cc: dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> > I agree with pretty much everything mentioned, but as far as I know
> > cordova is trying it's best to not depend on anything to be in
> > /platforms/<TARGET_PLATFORM>/. Having said that, the package command
> should
> > always expect things to be in config.xml or something like that.
> >
> > Also, the closer we are in naming things to what they are already known
> as
> > in the native platform, the better.
> >
> > 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> >
> > > Hey Cordova community,
> > >
> > >
> > >
> > > I am Subhag Oak, senior program manager on the Visual Studio team
> > > working on VS tools for Multi device hybrid apps. In line with the
> > > discussion of having a generic Cordova ‘packaging’ command for all
> > > platforms, here is one
> > > proposal:
> > >
> > >
> > >
> > > As we all know, packaging an application for deployment requires extra
> > > steps that are specific to the native platforms. A new generic
> > > Cordova CLI ‘package’ command can perform these platform specific
> > > actions to generate a final signed package ready for deployment:
> > >
> > > cordova package [platform] [--packageConfiguration] {--
> > > –-sign[location]
> > > -- –-embed[location] -- --signIdentity[location]}, where all the
> > > parameters within { } are platform specific overrides.
> > >
> > >
> > >
> > > If no platform is specified, the command will build packages for all
> > > platforms added.
> > >
> > >
> > >
> > > The values for –packageConfiguration are interpreted by the respective
> > > platforms. For Android and Windows, the value can be debug or release,
> > > with release being the default value. For iOS, the possible values
> > > are development, adhoc or store with development being the default
> > > value. The
> > > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > > specific signing arguments for specifying the location of code-signing
> > > certificate, the provisioning profile or the code signing identity
> > > (certificates along with public and private keys) respectively.
> > >
> > >
> > >
> > > e.g:
> > >
> > > · ‘cordova package iOS’ would generate a signed ipa with
> > > development profile, using code signing identity defined in
> > build.xcconfig:
> > >
> > > // to list all installed iOS identities, run:
> > >
> > > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' | grep
> > > 'iPhone'
> > >
> > > // generic 'iPhone Developer' (no quotes) will match the right
> > > Identity with the right Provisioning // Profile plus Certificate,
> > > based on the app bundle id
> > >
> > > CODE_SIGN_IDENTITY = iPhone Developer
> > >
> > >
> > >
> > > · ‘cordova package android’ would generate a release signed
> using
> > > the packaging assets (keystore, alias and password) defined in the
> > > ant.properties files using the ANT build. This would be using
> > > gradle.propoerties once cordova changes to gradle build like the one
> > > Andrew mentions below.
> > >
> > >
> > >
> > > · ‘Cordova package windows’ would generate a signed APPX
> package.
> > > This will use the following tools in the Windows SDK:
> > >
> > > • An unsigned packaged Windows Store app, for
> example,
> > > an .APPX file created by using the app packager (MakeAppx.exe) tool
> > >
> > > • A valid code signing certificate, for example, a
> > > Personal Information Exchange (.pfx) file created with the
> > > MakeCert.exe and Pvk2Pfx.exe tools
> > >
> > > • SignTool, which is part of the Windows SDK
> > >
> > >
> > >
> > > Here is how the package command should work. The proposal is to make
> > > the ‘package’ command work on convention (similar to the Cordova build
> > > command) rather than config settings. The command would look out for
> > > packaging assets in the “platform\ [native-platform]” folder.
> > >
> > >
> > >
> > > For android, the contents of the ant.properties (keystore, password,
> > > alias and alias password) would be used for packaging. If any of these
> > > properties is missing in ant.properties [or gradle.properties for
> > > gradle build] or if the file is missing, the command would prompt the
> > > user for these value at the command prompt. If the values provided are
> > > invalid, the command would fail.
> > >
> > >
> > >
> > > For iOS, the contents of build.xcconfig specify the code-sign
> > > certificate and the provisioning profile to be used. The default
> > > build.xcconfig file is setup to handle different information by build
> > > profile based on the configuration defined in the command.
> > > Build.xcconfig can also support signing identities that tie the
> > > code-sign certificate with the provisioning profile.
> > >
> > >
> > >
> > > Tools like VS and other IDEs, which use cordova CLI, may need an
> > > explicit way to specify certs/profile for packaging for iOS (since the
> > > build needs to happen on MAC agent) instead of the assets being
> > > defined in the build.xcconfig. One way to allow this is by using
> > > optional platform specific arguments to the package command like:
> > >
> > > Cordova package iOS --development --sign “d:\cert\mycert.cer” --embed
> > > “d:\cert\devprovision.mobileprovisioning”
> > >
> > > This command will run the xcrun command to generate a signed IPA with
> > > development provisioning profile.
> > >
> > >
> > >
> > > I would love to hear your comments, insights and feedback on this
> > proposal.
> > >
> > >
> > >
> > > Subhag Oak | Senior Program Manager
> > >
> > > Visual Studio, Client Tools
> > >
> > > soak@microsoft.com
> > >
> > > 425 707 5598 office
> > >
> > >
> > >
> > > -----Original Message-----
> > > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > > Andrew Grieve
> > > Sent: Wednesday, October 8, 2014 4:40 AM
> > > To: Shazron
> > > Cc: tommy-carlos williams; dev@cordova.apache.org
> > > Subject: Re: Build signed archives using CLI
> > >
> > >
> > >
> > > For Android Gradle, what's in (and experimental) right now:
> > >
> > >
> > >
> > > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a
> > > .properties file that contains:
> > >
> > >
> > >
> > > storeFile=relative/path/to/keystore.p12
> > >
> > > storePassword=SECRET1
> > >
> > > storeType=pkcs12
> > >
> > > keyAlias=DebugSigningKey
> > >
> > > keyPassword=SECRET2
> > >
> > >
> > >
> > >
> > >
> > > Topics to discuss:
> > >
> > >
> > >
> > > 1) Combine platform info into one file, or leave separate?
> > >
> > > - Leaning towards together
> > >
> > > 2) have config.xml point to signing info?
> > >
> > > - I think no, since signing info you often want to not check in / keep
> > > secure
> > >
> > >
> > >
> > >
> > >
> > > Strawman:
> > >
> > > If a file "cordova-keys.json" exists as a sibling to www/, then use
> > > it. It should look like:
> > >
> > > {
> > >
> > > "android": {
> > >
> > > "storeFile": "relative/path.p12"
> > >
> > > ...
> > >
> > > },
> > >
> > > "ios": {
> > >
> > > },
> > >
> > > ...
> > >
> > > }
> > >
> > >
> > >
> > >
> > >
> > > Android signs debug builds as well (not sure if other platforms do
> > > this too?), so maybe also allow
> > >
> > > "android-release" as an alias for "android", and
> > >
> > > "android-debug"
> > >
> > >
> > >
> > >
> > >
> > > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > > shazron@gmail.com>> wrote:
> > >
> > >
> > >
> > > > I did open an issue for this two years ago:
> > >
> > > > https://issues.apache.org/jira/browse/CB-1369
> > >
> > > > and we did discuss this as well 2 yrs ago:
> > >
> > > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> > >
> > > >
> > >
> > > > Seems to be of great value - so let's get going on this ;) The CLI
> > > > has
> > >
> > > > (I think) matured more since then to allow this
> > >
> > > >
> > >
> > > >
> > >
> > > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> > >
> > > > <to...@devgeeks.org>>
> > >
> > > > wrote:
> > >
> > > >
> > >
> > > > > Frederico’s workflow is the same as ours. I would love to see
> > >
> > > > > something happen To improve this, the less time I spend in Xcode,
> > >
> > > > > the happier I am
> > >
> > > > ;)
> > >
> > > > >
> > >
> > > > >
> > >
> > > > >
> > >
> > > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > >
> > > > > frederico.galvao@pontoget.com.br<mailto:
> > > frederico.galvao@pontoget.com.br>) wrote:
> > >
> > > > >
> > >
> > > > > I can already get the ultimate .apk through "cordova build android
> > >
> > > > > --release", but I already have the required .properties properly
> > >
> > > > configured
> > >
> > > > > in my platform/android folder, specifying the path and name to my
> > >
> > > > > keystores. The "cordova build android --release" already gives me
> > >
> > > > > the signed and ready .apk, all I have to do is upload it to
> > > play.google.com.
> > >
> > > > >
> > >
> > > > > I have never, however, used cordova's CLI to build the final
> > >
> > > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > >
> > > > > prepare", and use xCode
> > >
> > > > from
> > >
> > > > > then on to build, package, sign, and upload.
> > >
> > > > >
> > >
> > > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
> > >
> > > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> > >
> > > > >
> > >
> > > > > > How about a "cordova package" command, that would be for
> > > > > > packaging
> > >
> > > > > > the
> > >
> > > > > app
> > >
> > > > > > for the store? Note that different platforms may have different
> > >
> > > > > > requirements for certs, signing etc. So it may make sense to
> > >
> > > > > > promote
> > >
> > > > this
> > >
> > > > > > to a different command and let each command take care of
> > > > > > packaging
> > >
> > > > > > the
> > >
> > > > > app
> > >
> > > > > > for the store. This command will also mean that developers don’t
> > >
> > > > > > have
> > >
> > > > to
> > >
> > > > > go
> > >
> > > > > > over to the native projects when they finally want to publish
> > >
> > > > > > their
> > >
> > > > apps
> > >
> > > > > to
> > >
> > > > > > the store.
> > >
> > > > > >
> > >
> > > > > > -----Original Message-----
> > >
> > > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > >
> > > > > > Sent: Monday, October 6, 2014 12:46 PM
> > >
> > > > > > To: dev
> > >
> > > > > > Subject: Re: Build signed archives using CLI
> > >
> > > > > >
> > >
> > > > > > if you do:
> > >
> > > > > > Cordova build --release,
> > >
> > > > > > The blackberry10 platform will generate a signed image...
> > >
> > > > > >
> > >
> > > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org
> <mailto:
> > > agrieve@chromium.org>> wrote:
> > >
> > > > > >
> > >
> > > > > > >AFAIK, I don't think there's any technical roadblocks. Just
> > > > > > >need
> > >
> > > > > > >a proposal for how it should look, and then a patch & docs to
> > > > > > >add
> > > it!
> > >
> > > > > > >
> > >
> > > > > > >For Android's hot-off-the-press gradle support, you can set an
> > >
> > > > > > >environment variable that points to a .properties file for
> > >
> > > > > > >signing builds. This shows one way to go about it, but I'm not
> > > > > > >in
> > >
> > > > > > >love with
> > >
> > > > the
> > >
> > > > > > .properties idea.
> > >
> > > > > > >
> > >
> > > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > >
> > > > > > ><so...@gmail.com>>
> > >
> > > > > > >wrote:
> > >
> > > > > > >
> > >
> > > > > > >> Hi community.
> > >
> > > > > > >>
> > >
> > > > > > >> Been looking at this topic and wondering why the build
> > > > > > >> command
> > >
> > > > > > >>does not create signed archives. Digging a little bit found a
> > >
> > > > > > >>lot of differences in the platforms to create these archives.
> > >
> > > > > > >>
> > >
> > > > > > >> For instance, in Android you need to 1. Export your APK in
> > >
> > > > > > >> release mode (--release flag) 2. Sign your APK (you already
> > >
> > > > > > >> need a RSA key)
> > >
> > > > > > >>
> > >
> > > > > > >> In iOS, you need to:
> > >
> > > > > > >> 1. Export your APP using --device flag (--release seems to
> > >
> > > > > > >> export
> > >
> > > > for
> > >
> > > > > > >>emulator only) 2. Either use XCode (UI-based) and sign the
> > >
> > > > > > >>archive or use xcrun (headless
> > >
> > > > > > >> process)
> > >
> > > > > > >>
> > >
> > > > > > >> Besides these differences, what is preventing Cordova from
> > >
> > > > > > >> providing a generic one-way to build these signed,
> > > ready-to-publish archives?
> > >
> > > > > > >>
> > >
> > > > > > >> Perhaps I'm missing something here...? I really appreciate
> > > > > > >> your
> > >
> > > > > > >>insights on this topic
> > >
> > > > > > >>
> > >
> > > > > > >> Thanks!
> > >
> > > > > > >>
> > >
> > > > > > >> --
> > >
> > > > > > >> Victor Adrian Sosa Herrera
> > >
> > > > > > >> IBM Software Engineer
> > >
> > > > > > >> Guadalajara, Jalisco
> > >
> > > > > > >>
> > >
> > > > > >
> > >
> > > > > >
> > >
> > > > > > ----------------------------------------------------------------
> > > > > > --
> > >
> > > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > <ma...@cordova.apache.org>
> > >
> > > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> > <mailto:
> > > dev-help@cordova.apache.org>
> > >
> > > > > >
> > >
> > > > >
> > >
> > > > >
> > >
> > > > >
> > >
> > > > > --
> > >
> > > > >
> > >
> > > > > *Frederico Galvão*
> > >
> > > > >
> > >
> > > > > Diretor de Tecnologia
> > >
> > > > >
> > >
> > > > > PontoGet Inovação Web
> > >
> > > > >
> > >
> > > > >
> > >
> > > > > ( +55(62) 8131-5720
> > >
> > > > >
> > >
> > > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > > http://www.pontoget.com/>
> > >
> > > > >
> > >
> > > >
> > >
> >
> >
> >
> > --
> >
> > *Frederico Galvão*
> >
> > Diretor de Tecnologia
> >
> > PontoGet Inovação Web
> >
> >
> > ( +55(62) 8131-5720
> >
> > * www.pontoget.com.br <http://www.pontoget.com/>
> >
>
Re: Build signed archives using CLI
Posted by Jesse <pu...@gmail.com>.
I am liking all of this.
Are we ready to move this to an editable plaintext doc to collaborate on?
I agree that we should take advantage of as much 'by-convention' as we can,
meaning things like `cordova package ios` defaults to a code sign identity
of 'iPhone Developer' and signs based on app-bundle-id, ...
If it does not make sense as a convention, then I too would like to see as
much as possible done through config.xml as Fredrico points out, and agree
on picking the most consistent names possible.
I would prefer that we do not prompt, and simply fail fast, given that
tools will typically be consuming the cli. Or we should at least provide a
--noPrompt option. Anything prompt-able should be config.xml-able
@purplecabbage
risingj.com
On Thu, Oct 9, 2014 at 10:48 AM, Chuck Lantz <cl...@microsoft.com> wrote:
> One option here could be to build off of the idea of the "res" folder that
> is in the current samples for splashscreens and icons and introduce
> something like "res/native". Files placed here would be put into the
> native project folders "before_prepare" and would be further enhanced by
> the plugin and build infrastructure. This would allow you to place
> customized native assets that are unique to your project in a place that
> you can check in and would be unaffected by an upgrade.
>
> Andrew's environment variable idea could also provide an alternate means
> to specify platform specific values (what Soak mentions in the { }).
>
> -Chuck
>
> -----Original Message-----
> From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
> Sent: Thursday, October 9, 2014 10:33 AM
> Cc: dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
> I agree with pretty much everything mentioned, but as far as I know
> cordova is trying it's best to not depend on anything to be in
> /platforms/<TARGET_PLATFORM>/. Having said that, the package command should
> always expect things to be in config.xml or something like that.
>
> Also, the closer we are in naming things to what they are already known as
> in the native platform, the better.
>
> 2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
>
> > Hey Cordova community,
> >
> >
> >
> > I am Subhag Oak, senior program manager on the Visual Studio team
> > working on VS tools for Multi device hybrid apps. In line with the
> > discussion of having a generic Cordova ‘packaging’ command for all
> > platforms, here is one
> > proposal:
> >
> >
> >
> > As we all know, packaging an application for deployment requires extra
> > steps that are specific to the native platforms. A new generic
> > Cordova CLI ‘package’ command can perform these platform specific
> > actions to generate a final signed package ready for deployment:
> >
> > cordova package [platform] [--packageConfiguration] {--
> > –-sign[location]
> > -- –-embed[location] -- --signIdentity[location]}, where all the
> > parameters within { } are platform specific overrides.
> >
> >
> >
> > If no platform is specified, the command will build packages for all
> > platforms added.
> >
> >
> >
> > The values for –packageConfiguration are interpreted by the respective
> > platforms. For Android and Windows, the value can be debug or release,
> > with release being the default value. For iOS, the possible values
> > are development, adhoc or store with development being the default
> > value. The
> > -- --sign, -- -- embed and -- --signIdentity are optional iOS
> > specific signing arguments for specifying the location of code-signing
> > certificate, the provisioning profile or the code signing identity
> > (certificates along with public and private keys) respectively.
> >
> >
> >
> > e.g:
> >
> > · ‘cordova package iOS’ would generate a signed ipa with
> > development profile, using code signing identity defined in
> build.xcconfig:
> >
> > // to list all installed iOS identities, run:
> >
> > // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' | grep
> > 'iPhone'
> >
> > // generic 'iPhone Developer' (no quotes) will match the right
> > Identity with the right Provisioning // Profile plus Certificate,
> > based on the app bundle id
> >
> > CODE_SIGN_IDENTITY = iPhone Developer
> >
> >
> >
> > · ‘cordova package android’ would generate a release signed using
> > the packaging assets (keystore, alias and password) defined in the
> > ant.properties files using the ANT build. This would be using
> > gradle.propoerties once cordova changes to gradle build like the one
> > Andrew mentions below.
> >
> >
> >
> > · ‘Cordova package windows’ would generate a signed APPX package.
> > This will use the following tools in the Windows SDK:
> >
> > • An unsigned packaged Windows Store app, for example,
> > an .APPX file created by using the app packager (MakeAppx.exe) tool
> >
> > • A valid code signing certificate, for example, a
> > Personal Information Exchange (.pfx) file created with the
> > MakeCert.exe and Pvk2Pfx.exe tools
> >
> > • SignTool, which is part of the Windows SDK
> >
> >
> >
> > Here is how the package command should work. The proposal is to make
> > the ‘package’ command work on convention (similar to the Cordova build
> > command) rather than config settings. The command would look out for
> > packaging assets in the “platform\ [native-platform]” folder.
> >
> >
> >
> > For android, the contents of the ant.properties (keystore, password,
> > alias and alias password) would be used for packaging. If any of these
> > properties is missing in ant.properties [or gradle.properties for
> > gradle build] or if the file is missing, the command would prompt the
> > user for these value at the command prompt. If the values provided are
> > invalid, the command would fail.
> >
> >
> >
> > For iOS, the contents of build.xcconfig specify the code-sign
> > certificate and the provisioning profile to be used. The default
> > build.xcconfig file is setup to handle different information by build
> > profile based on the configuration defined in the command.
> > Build.xcconfig can also support signing identities that tie the
> > code-sign certificate with the provisioning profile.
> >
> >
> >
> > Tools like VS and other IDEs, which use cordova CLI, may need an
> > explicit way to specify certs/profile for packaging for iOS (since the
> > build needs to happen on MAC agent) instead of the assets being
> > defined in the build.xcconfig. One way to allow this is by using
> > optional platform specific arguments to the package command like:
> >
> > Cordova package iOS --development --sign “d:\cert\mycert.cer” --embed
> > “d:\cert\devprovision.mobileprovisioning”
> >
> > This command will run the xcrun command to generate a signed IPA with
> > development provisioning profile.
> >
> >
> >
> > I would love to hear your comments, insights and feedback on this
> proposal.
> >
> >
> >
> > Subhag Oak | Senior Program Manager
> >
> > Visual Studio, Client Tools
> >
> > soak@microsoft.com
> >
> > 425 707 5598 office
> >
> >
> >
> > -----Original Message-----
> > From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> > Andrew Grieve
> > Sent: Wednesday, October 8, 2014 4:40 AM
> > To: Shazron
> > Cc: tommy-carlos williams; dev@cordova.apache.org
> > Subject: Re: Build signed archives using CLI
> >
> >
> >
> > For Android Gradle, what's in (and experimental) right now:
> >
> >
> >
> > Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a
> > .properties file that contains:
> >
> >
> >
> > storeFile=relative/path/to/keystore.p12
> >
> > storePassword=SECRET1
> >
> > storeType=pkcs12
> >
> > keyAlias=DebugSigningKey
> >
> > keyPassword=SECRET2
> >
> >
> >
> >
> >
> > Topics to discuss:
> >
> >
> >
> > 1) Combine platform info into one file, or leave separate?
> >
> > - Leaning towards together
> >
> > 2) have config.xml point to signing info?
> >
> > - I think no, since signing info you often want to not check in / keep
> > secure
> >
> >
> >
> >
> >
> > Strawman:
> >
> > If a file "cordova-keys.json" exists as a sibling to www/, then use
> > it. It should look like:
> >
> > {
> >
> > "android": {
> >
> > "storeFile": "relative/path.p12"
> >
> > ...
> >
> > },
> >
> > "ios": {
> >
> > },
> >
> > ...
> >
> > }
> >
> >
> >
> >
> >
> > Android signs debug builds as well (not sure if other platforms do
> > this too?), so maybe also allow
> >
> > "android-release" as an alias for "android", and
> >
> > "android-debug"
> >
> >
> >
> >
> >
> > On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> > shazron@gmail.com>> wrote:
> >
> >
> >
> > > I did open an issue for this two years ago:
> >
> > > https://issues.apache.org/jira/browse/CB-1369
> >
> > > and we did discuss this as well 2 yrs ago:
> >
> > > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
> >
> > >
> >
> > > Seems to be of great value - so let's get going on this ;) The CLI
> > > has
> >
> > > (I think) matured more since then to allow this
> >
> > >
> >
> > >
> >
> > > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> >
> > > <to...@devgeeks.org>>
> >
> > > wrote:
> >
> > >
> >
> > > > Frederico’s workflow is the same as ours. I would love to see
> >
> > > > something happen To improve this, the less time I spend in Xcode,
> >
> > > > the happier I am
> >
> > > ;)
> >
> > > >
> >
> > > >
> >
> > > >
> >
> > > > On 7 October 2014 at 8:48:40, Frederico Galvão (
> >
> > > > frederico.galvao@pontoget.com.br<mailto:
> > frederico.galvao@pontoget.com.br>) wrote:
> >
> > > >
> >
> > > > I can already get the ultimate .apk through "cordova build android
> >
> > > > --release", but I already have the required .properties properly
> >
> > > configured
> >
> > > > in my platform/android folder, specifying the path and name to my
> >
> > > > keystores. The "cordova build android --release" already gives me
> >
> > > > the signed and ready .apk, all I have to do is upload it to
> > play.google.com.
> >
> > > >
> >
> > > > I have never, however, used cordova's CLI to build the final
> >
> > > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> >
> > > > prepare", and use xCode
> >
> > > from
> >
> > > > then on to build, package, sign, and upload.
> >
> > > >
> >
> > > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
> >
> > > > panarasi@microsoft.com<ma...@microsoft.com>>:
> >
> > > >
> >
> > > > > How about a "cordova package" command, that would be for
> > > > > packaging
> >
> > > > > the
> >
> > > > app
> >
> > > > > for the store? Note that different platforms may have different
> >
> > > > > requirements for certs, signing etc. So it may make sense to
> >
> > > > > promote
> >
> > > this
> >
> > > > > to a different command and let each command take care of
> > > > > packaging
> >
> > > > > the
> >
> > > > app
> >
> > > > > for the store. This command will also mean that developers don’t
> >
> > > > > have
> >
> > > to
> >
> > > > go
> >
> > > > > over to the native projects when they finally want to publish
> >
> > > > > their
> >
> > > apps
> >
> > > > to
> >
> > > > > the store.
> >
> > > > >
> >
> > > > > -----Original Message-----
> >
> > > > > From: Josh Soref [mailto:jsoref@blackberry.com]
> >
> > > > > Sent: Monday, October 6, 2014 12:46 PM
> >
> > > > > To: dev
> >
> > > > > Subject: Re: Build signed archives using CLI
> >
> > > > >
> >
> > > > > if you do:
> >
> > > > > Cordova build --release,
> >
> > > > > The blackberry10 platform will generate a signed image...
> >
> > > > >
> >
> > > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org<mailto:
> > agrieve@chromium.org>> wrote:
> >
> > > > >
> >
> > > > > >AFAIK, I don't think there's any technical roadblocks. Just
> > > > > >need
> >
> > > > > >a proposal for how it should look, and then a patch & docs to
> > > > > >add
> > it!
> >
> > > > > >
> >
> > > > > >For Android's hot-off-the-press gradle support, you can set an
> >
> > > > > >environment variable that points to a .properties file for
> >
> > > > > >signing builds. This shows one way to go about it, but I'm not
> > > > > >in
> >
> > > > > >love with
> >
> > > the
> >
> > > > > .properties idea.
> >
> > > > > >
> >
> > > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> >
> > > > > ><so...@gmail.com>>
> >
> > > > > >wrote:
> >
> > > > > >
> >
> > > > > >> Hi community.
> >
> > > > > >>
> >
> > > > > >> Been looking at this topic and wondering why the build
> > > > > >> command
> >
> > > > > >>does not create signed archives. Digging a little bit found a
> >
> > > > > >>lot of differences in the platforms to create these archives.
> >
> > > > > >>
> >
> > > > > >> For instance, in Android you need to 1. Export your APK in
> >
> > > > > >> release mode (--release flag) 2. Sign your APK (you already
> >
> > > > > >> need a RSA key)
> >
> > > > > >>
> >
> > > > > >> In iOS, you need to:
> >
> > > > > >> 1. Export your APP using --device flag (--release seems to
> >
> > > > > >> export
> >
> > > for
> >
> > > > > >>emulator only) 2. Either use XCode (UI-based) and sign the
> >
> > > > > >>archive or use xcrun (headless
> >
> > > > > >> process)
> >
> > > > > >>
> >
> > > > > >> Besides these differences, what is preventing Cordova from
> >
> > > > > >> providing a generic one-way to build these signed,
> > ready-to-publish archives?
> >
> > > > > >>
> >
> > > > > >> Perhaps I'm missing something here...? I really appreciate
> > > > > >> your
> >
> > > > > >>insights on this topic
> >
> > > > > >>
> >
> > > > > >> Thanks!
> >
> > > > > >>
> >
> > > > > >> --
> >
> > > > > >> Victor Adrian Sosa Herrera
> >
> > > > > >> IBM Software Engineer
> >
> > > > > >> Guadalajara, Jalisco
> >
> > > > > >>
> >
> > > > >
> >
> > > > >
> >
> > > > > ----------------------------------------------------------------
> > > > > --
> >
> > > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > <ma...@cordova.apache.org>
> >
> > > > > For additional commands, e-mail: dev-help@cordova.apache.org
> <mailto:
> > dev-help@cordova.apache.org>
> >
> > > > >
> >
> > > >
> >
> > > >
> >
> > > >
> >
> > > > --
> >
> > > >
> >
> > > > *Frederico Galvão*
> >
> > > >
> >
> > > > Diretor de Tecnologia
> >
> > > >
> >
> > > > PontoGet Inovação Web
> >
> > > >
> >
> > > >
> >
> > > > ( +55(62) 8131-5720
> >
> > > >
> >
> > > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> > http://www.pontoget.com/>
> >
> > > >
> >
> > >
> >
>
>
>
> --
>
> *Frederico Galvão*
>
> Diretor de Tecnologia
>
> PontoGet Inovação Web
>
>
> ( +55(62) 8131-5720
>
> * www.pontoget.com.br <http://www.pontoget.com/>
>
RE: Build signed archives using CLI
Posted by Chuck Lantz <cl...@microsoft.com>.
One option here could be to build off of the idea of the "res" folder that is in the current samples for splashscreens and icons and introduce something like "res/native". Files placed here would be put into the native project folders "before_prepare" and would be further enhanced by the plugin and build infrastructure. This would allow you to place customized native assets that are unique to your project in a place that you can check in and would be unaffected by an upgrade.
Andrew's environment variable idea could also provide an alternate means to specify platform specific values (what Soak mentions in the { }).
-Chuck
-----Original Message-----
From: Frederico Galvão [mailto:frederico.galvao@pontoget.com.br]
Sent: Thursday, October 9, 2014 10:33 AM
Cc: dev@cordova.apache.org
Subject: Re: Build signed archives using CLI
I agree with pretty much everything mentioned, but as far as I know cordova is trying it's best to not depend on anything to be in /platforms/<TARGET_PLATFORM>/. Having said that, the package command should always expect things to be in config.xml or something like that.
Also, the closer we are in naming things to what they are already known as in the native platform, the better.
2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> Hey Cordova community,
>
>
>
> I am Subhag Oak, senior program manager on the Visual Studio team
> working on VS tools for Multi device hybrid apps. In line with the
> discussion of having a generic Cordova ‘packaging’ command for all
> platforms, here is one
> proposal:
>
>
>
> As we all know, packaging an application for deployment requires extra
> steps that are specific to the native platforms. A new generic
> Cordova CLI ‘package’ command can perform these platform specific
> actions to generate a final signed package ready for deployment:
>
> cordova package [platform] [--packageConfiguration] {--
> –-sign[location]
> -- –-embed[location] -- --signIdentity[location]}, where all the
> parameters within { } are platform specific overrides.
>
>
>
> If no platform is specified, the command will build packages for all
> platforms added.
>
>
>
> The values for –packageConfiguration are interpreted by the respective
> platforms. For Android and Windows, the value can be debug or release,
> with release being the default value. For iOS, the possible values
> are development, adhoc or store with development being the default
> value. The
> -- --sign, -- -- embed and -- --signIdentity are optional iOS
> specific signing arguments for specifying the location of code-signing
> certificate, the provisioning profile or the code signing identity
> (certificates along with public and private keys) respectively.
>
>
>
> e.g:
>
> · ‘cordova package iOS’ would generate a signed ipa with
> development profile, using code signing identity defined in build.xcconfig:
>
> // to list all installed iOS identities, run:
>
> // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' | grep
> 'iPhone'
>
> // generic 'iPhone Developer' (no quotes) will match the right
> Identity with the right Provisioning // Profile plus Certificate,
> based on the app bundle id
>
> CODE_SIGN_IDENTITY = iPhone Developer
>
>
>
> · ‘cordova package android’ would generate a release signed using
> the packaging assets (keystore, alias and password) defined in the
> ant.properties files using the ANT build. This would be using
> gradle.propoerties once cordova changes to gradle build like the one
> Andrew mentions below.
>
>
>
> · ‘Cordova package windows’ would generate a signed APPX package.
> This will use the following tools in the Windows SDK:
>
> • An unsigned packaged Windows Store app, for example,
> an .APPX file created by using the app packager (MakeAppx.exe) tool
>
> • A valid code signing certificate, for example, a
> Personal Information Exchange (.pfx) file created with the
> MakeCert.exe and Pvk2Pfx.exe tools
>
> • SignTool, which is part of the Windows SDK
>
>
>
> Here is how the package command should work. The proposal is to make
> the ‘package’ command work on convention (similar to the Cordova build
> command) rather than config settings. The command would look out for
> packaging assets in the “platform\ [native-platform]” folder.
>
>
>
> For android, the contents of the ant.properties (keystore, password,
> alias and alias password) would be used for packaging. If any of these
> properties is missing in ant.properties [or gradle.properties for
> gradle build] or if the file is missing, the command would prompt the
> user for these value at the command prompt. If the values provided are
> invalid, the command would fail.
>
>
>
> For iOS, the contents of build.xcconfig specify the code-sign
> certificate and the provisioning profile to be used. The default
> build.xcconfig file is setup to handle different information by build
> profile based on the configuration defined in the command.
> Build.xcconfig can also support signing identities that tie the
> code-sign certificate with the provisioning profile.
>
>
>
> Tools like VS and other IDEs, which use cordova CLI, may need an
> explicit way to specify certs/profile for packaging for iOS (since the
> build needs to happen on MAC agent) instead of the assets being
> defined in the build.xcconfig. One way to allow this is by using
> optional platform specific arguments to the package command like:
>
> Cordova package iOS --development --sign “d:\cert\mycert.cer” --embed
> “d:\cert\devprovision.mobileprovisioning”
>
> This command will run the xcrun command to generate a signed IPA with
> development provisioning profile.
>
>
>
> I would love to hear your comments, insights and feedback on this proposal.
>
>
>
> Subhag Oak | Senior Program Manager
>
> Visual Studio, Client Tools
>
> soak@microsoft.com
>
> 425 707 5598 office
>
>
>
> -----Original Message-----
> From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of
> Andrew Grieve
> Sent: Wednesday, October 8, 2014 4:40 AM
> To: Shazron
> Cc: tommy-carlos williams; dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
>
>
> For Android Gradle, what's in (and experimental) right now:
>
>
>
> Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a
> .properties file that contains:
>
>
>
> storeFile=relative/path/to/keystore.p12
>
> storePassword=SECRET1
>
> storeType=pkcs12
>
> keyAlias=DebugSigningKey
>
> keyPassword=SECRET2
>
>
>
>
>
> Topics to discuss:
>
>
>
> 1) Combine platform info into one file, or leave separate?
>
> - Leaning towards together
>
> 2) have config.xml point to signing info?
>
> - I think no, since signing info you often want to not check in / keep
> secure
>
>
>
>
>
> Strawman:
>
> If a file "cordova-keys.json" exists as a sibling to www/, then use
> it. It should look like:
>
> {
>
> "android": {
>
> "storeFile": "relative/path.p12"
>
> ...
>
> },
>
> "ios": {
>
> },
>
> ...
>
> }
>
>
>
>
>
> Android signs debug builds as well (not sure if other platforms do
> this too?), so maybe also allow
>
> "android-release" as an alias for "android", and
>
> "android-debug"
>
>
>
>
>
> On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> shazron@gmail.com>> wrote:
>
>
>
> > I did open an issue for this two years ago:
>
> > https://issues.apache.org/jira/browse/CB-1369
>
> > and we did discuss this as well 2 yrs ago:
>
> > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
>
> >
>
> > Seems to be of great value - so let's get going on this ;) The CLI
> > has
>
> > (I think) matured more since then to allow this
>
> >
>
> >
>
> > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
>
> > <to...@devgeeks.org>>
>
> > wrote:
>
> >
>
> > > Frederico’s workflow is the same as ours. I would love to see
>
> > > something happen To improve this, the less time I spend in Xcode,
>
> > > the happier I am
>
> > ;)
>
> > >
>
> > >
>
> > >
>
> > > On 7 October 2014 at 8:48:40, Frederico Galvão (
>
> > > frederico.galvao@pontoget.com.br<mailto:
> frederico.galvao@pontoget.com.br>) wrote:
>
> > >
>
> > > I can already get the ultimate .apk through "cordova build android
>
> > > --release", but I already have the required .properties properly
>
> > configured
>
> > > in my platform/android folder, specifying the path and name to my
>
> > > keystores. The "cordova build android --release" already gives me
>
> > > the signed and ready .apk, all I have to do is upload it to
> play.google.com.
>
> > >
>
> > > I have never, however, used cordova's CLI to build the final
>
> > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
>
> > > prepare", and use xCode
>
> > from
>
> > > then on to build, package, sign, and upload.
>
> > >
>
> > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
>
> > > panarasi@microsoft.com<ma...@microsoft.com>>:
>
> > >
>
> > > > How about a "cordova package" command, that would be for
> > > > packaging
>
> > > > the
>
> > > app
>
> > > > for the store? Note that different platforms may have different
>
> > > > requirements for certs, signing etc. So it may make sense to
>
> > > > promote
>
> > this
>
> > > > to a different command and let each command take care of
> > > > packaging
>
> > > > the
>
> > > app
>
> > > > for the store. This command will also mean that developers don’t
>
> > > > have
>
> > to
>
> > > go
>
> > > > over to the native projects when they finally want to publish
>
> > > > their
>
> > apps
>
> > > to
>
> > > > the store.
>
> > > >
>
> > > > -----Original Message-----
>
> > > > From: Josh Soref [mailto:jsoref@blackberry.com]
>
> > > > Sent: Monday, October 6, 2014 12:46 PM
>
> > > > To: dev
>
> > > > Subject: Re: Build signed archives using CLI
>
> > > >
>
> > > > if you do:
>
> > > > Cordova build --release,
>
> > > > The blackberry10 platform will generate a signed image...
>
> > > >
>
> > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org<mailto:
> agrieve@chromium.org>> wrote:
>
> > > >
>
> > > > >AFAIK, I don't think there's any technical roadblocks. Just
> > > > >need
>
> > > > >a proposal for how it should look, and then a patch & docs to
> > > > >add
> it!
>
> > > > >
>
> > > > >For Android's hot-off-the-press gradle support, you can set an
>
> > > > >environment variable that points to a .properties file for
>
> > > > >signing builds. This shows one way to go about it, but I'm not
> > > > >in
>
> > > > >love with
>
> > the
>
> > > > .properties idea.
>
> > > > >
>
> > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
>
> > > > ><so...@gmail.com>>
>
> > > > >wrote:
>
> > > > >
>
> > > > >> Hi community.
>
> > > > >>
>
> > > > >> Been looking at this topic and wondering why the build
> > > > >> command
>
> > > > >>does not create signed archives. Digging a little bit found a
>
> > > > >>lot of differences in the platforms to create these archives.
>
> > > > >>
>
> > > > >> For instance, in Android you need to 1. Export your APK in
>
> > > > >> release mode (--release flag) 2. Sign your APK (you already
>
> > > > >> need a RSA key)
>
> > > > >>
>
> > > > >> In iOS, you need to:
>
> > > > >> 1. Export your APP using --device flag (--release seems to
>
> > > > >> export
>
> > for
>
> > > > >>emulator only) 2. Either use XCode (UI-based) and sign the
>
> > > > >>archive or use xcrun (headless
>
> > > > >> process)
>
> > > > >>
>
> > > > >> Besides these differences, what is preventing Cordova from
>
> > > > >> providing a generic one-way to build these signed,
> ready-to-publish archives?
>
> > > > >>
>
> > > > >> Perhaps I'm missing something here...? I really appreciate
> > > > >> your
>
> > > > >>insights on this topic
>
> > > > >>
>
> > > > >> Thanks!
>
> > > > >>
>
> > > > >> --
>
> > > > >> Victor Adrian Sosa Herrera
>
> > > > >> IBM Software Engineer
>
> > > > >> Guadalajara, Jalisco
>
> > > > >>
>
> > > >
>
> > > >
>
> > > > ----------------------------------------------------------------
> > > > --
>
> > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> <ma...@cordova.apache.org>
>
> > > > For additional commands, e-mail: dev-help@cordova.apache.org<mailto:
> dev-help@cordova.apache.org>
>
> > > >
>
> > >
>
> > >
>
> > >
>
> > > --
>
> > >
>
> > > *Frederico Galvão*
>
> > >
>
> > > Diretor de Tecnologia
>
> > >
>
> > > PontoGet Inovação Web
>
> > >
>
> > >
>
> > > ( +55(62) 8131-5720
>
> > >
>
> > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> http://www.pontoget.com/>
>
> > >
>
> >
>
--
*Frederico Galvão*
Diretor de Tecnologia
PontoGet Inovação Web
( +55(62) 8131-5720
* www.pontoget.com.br <http://www.pontoget.com/>
Re: Build signed archives using CLI
Posted by Frederico Galvão <fr...@pontoget.com.br>.
I agree with pretty much everything mentioned, but as far as I know cordova
is trying it's best to not depend on anything to be in
/platforms/<TARGET_PLATFORM>/. Having said that, the package command should
always expect things to be in config.xml or something like that.
Also, the closer we are in naming things to what they are already known as
in the native platform, the better.
2014-10-08 20:03 GMT-03:00 Subhag Oak <Su...@microsoft.com>:
> Hey Cordova community,
>
>
>
> I am Subhag Oak, senior program manager on the Visual Studio team working
> on VS tools for Multi device hybrid apps. In line with the discussion of
> having a generic Cordova ‘packaging’ command for all platforms, here is one
> proposal:
>
>
>
> As we all know, packaging an application for deployment requires extra
> steps that are specific to the native platforms. A new generic Cordova CLI
> ‘package’ command can perform these platform specific actions to generate a
> final signed package ready for deployment:
>
> cordova package [platform] [--packageConfiguration] {-- –-sign[location]
> -- –-embed[location] -- --signIdentity[location]}, where all the parameters
> within { } are platform specific overrides.
>
>
>
> If no platform is specified, the command will build packages for all
> platforms added.
>
>
>
> The values for –packageConfiguration are interpreted by the respective
> platforms. For Android and Windows, the value can be debug or release, with
> release being the default value. For iOS, the possible values are
> development, adhoc or store with development being the default value. The
> -- --sign, -- -- embed and -- --signIdentity are optional iOS specific
> signing arguments for specifying the location of code-signing certificate,
> the provisioning profile or the code signing identity (certificates along
> with public and private keys) respectively.
>
>
>
> e.g:
>
> · ‘cordova package iOS’ would generate a signed ipa with
> development profile, using code signing identity defined in build.xcconfig:
>
> // to list all installed iOS identities, run:
>
> // security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' | grep
> 'iPhone'
>
> // generic 'iPhone Developer' (no quotes) will match the right Identity
> with the right Provisioning // Profile plus Certificate, based on the app
> bundle id
>
> CODE_SIGN_IDENTITY = iPhone Developer
>
>
>
> · ‘cordova package android’ would generate a release signed using
> the packaging assets (keystore, alias and password) defined in the
> ant.properties files using the ANT build. This would be using
> gradle.propoerties once cordova changes to gradle build like the one Andrew
> mentions below.
>
>
>
> · ‘Cordova package windows’ would generate a signed APPX package.
> This will use the following tools in the Windows SDK:
>
> • An unsigned packaged Windows Store app, for example,
> an .APPX file created by using the app packager (MakeAppx.exe) tool
>
> • A valid code signing certificate, for example, a
> Personal Information Exchange (.pfx) file created with the MakeCert.exe and
> Pvk2Pfx.exe tools
>
> • SignTool, which is part of the Windows SDK
>
>
>
> Here is how the package command should work. The proposal is to make the
> ‘package’ command work on convention (similar to the Cordova build command)
> rather than config settings. The command would look out for packaging
> assets in the “platform\ [native-platform]” folder.
>
>
>
> For android, the contents of the ant.properties (keystore, password, alias
> and alias password) would be used for packaging. If any of these properties
> is missing in ant.properties [or gradle.properties for gradle build] or if
> the file is missing, the command would prompt the user for these value at
> the command prompt. If the values provided are invalid, the command would
> fail.
>
>
>
> For iOS, the contents of build.xcconfig specify the code-sign certificate
> and the provisioning profile to be used. The default build.xcconfig file is
> setup to handle different information by build profile based on the
> configuration defined in the command. Build.xcconfig can also support
> signing identities that tie the code-sign certificate with the provisioning
> profile.
>
>
>
> Tools like VS and other IDEs, which use cordova CLI, may need an explicit
> way to specify certs/profile for packaging for iOS (since the build needs
> to happen on MAC agent) instead of the assets being defined in the
> build.xcconfig. One way to allow this is by using optional platform
> specific arguments to the package command like:
>
> Cordova package iOS --development --sign “d:\cert\mycert.cer” --embed
> “d:\cert\devprovision.mobileprovisioning”
>
> This command will run the xcrun command to generate a signed IPA with
> development provisioning profile.
>
>
>
> I would love to hear your comments, insights and feedback on this proposal.
>
>
>
> Subhag Oak | Senior Program Manager
>
> Visual Studio, Client Tools
>
> soak@microsoft.com
>
> 425 707 5598 office
>
>
>
> -----Original Message-----
> From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew
> Grieve
> Sent: Wednesday, October 8, 2014 4:40 AM
> To: Shazron
> Cc: tommy-carlos williams; dev@cordova.apache.org
> Subject: Re: Build signed archives using CLI
>
>
>
> For Android Gradle, what's in (and experimental) right now:
>
>
>
> Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a
> .properties file that contains:
>
>
>
> storeFile=relative/path/to/keystore.p12
>
> storePassword=SECRET1
>
> storeType=pkcs12
>
> keyAlias=DebugSigningKey
>
> keyPassword=SECRET2
>
>
>
>
>
> Topics to discuss:
>
>
>
> 1) Combine platform info into one file, or leave separate?
>
> - Leaning towards together
>
> 2) have config.xml point to signing info?
>
> - I think no, since signing info you often want to not check in / keep
> secure
>
>
>
>
>
> Strawman:
>
> If a file "cordova-keys.json" exists as a sibling to www/, then use it. It
> should look like:
>
> {
>
> "android": {
>
> "storeFile": "relative/path.p12"
>
> ...
>
> },
>
> "ios": {
>
> },
>
> ...
>
> }
>
>
>
>
>
> Android signs debug builds as well (not sure if other platforms do this
> too?), so maybe also allow
>
> "android-release" as an alias for "android", and
>
> "android-debug"
>
>
>
>
>
> On Tue, Oct 7, 2014 at 6:52 PM, Shazron <shazron@gmail.com<mailto:
> shazron@gmail.com>> wrote:
>
>
>
> > I did open an issue for this two years ago:
>
> > https://issues.apache.org/jira/browse/CB-1369
>
> > and we did discuss this as well 2 yrs ago:
>
> > http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
>
> >
>
> > Seems to be of great value - so let's get going on this ;) The CLI has
>
> > (I think) matured more since then to allow this
>
> >
>
> >
>
> > On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
>
> > <to...@devgeeks.org>>
>
> > wrote:
>
> >
>
> > > Frederico’s workflow is the same as ours. I would love to see
>
> > > something happen To improve this, the less time I spend in Xcode,
>
> > > the happier I am
>
> > ;)
>
> > >
>
> > >
>
> > >
>
> > > On 7 October 2014 at 8:48:40, Frederico Galvão (
>
> > > frederico.galvao@pontoget.com.br<mailto:
> frederico.galvao@pontoget.com.br>) wrote:
>
> > >
>
> > > I can already get the ultimate .apk through "cordova build android
>
> > > --release", but I already have the required .properties properly
>
> > configured
>
> > > in my platform/android folder, specifying the path and name to my
>
> > > keystores. The "cordova build android --release" already gives me
>
> > > the signed and ready .apk, all I have to do is upload it to
> play.google.com.
>
> > >
>
> > > I have never, however, used cordova's CLI to build the final
>
> > > artifact for iOS (IPA) for iTunes. All I do is run "cordova
>
> > > prepare", and use xCode
>
> > from
>
> > > then on to build, package, sign, and upload.
>
> > >
>
> > > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
>
> > > panarasi@microsoft.com<ma...@microsoft.com>>:
>
> > >
>
> > > > How about a "cordova package" command, that would be for packaging
>
> > > > the
>
> > > app
>
> > > > for the store? Note that different platforms may have different
>
> > > > requirements for certs, signing etc. So it may make sense to
>
> > > > promote
>
> > this
>
> > > > to a different command and let each command take care of packaging
>
> > > > the
>
> > > app
>
> > > > for the store. This command will also mean that developers don’t
>
> > > > have
>
> > to
>
> > > go
>
> > > > over to the native projects when they finally want to publish
>
> > > > their
>
> > apps
>
> > > to
>
> > > > the store.
>
> > > >
>
> > > > -----Original Message-----
>
> > > > From: Josh Soref [mailto:jsoref@blackberry.com]
>
> > > > Sent: Monday, October 6, 2014 12:46 PM
>
> > > > To: dev
>
> > > > Subject: Re: Build signed archives using CLI
>
> > > >
>
> > > > if you do:
>
> > > > Cordova build --release,
>
> > > > The blackberry10 platform will generate a signed image...
>
> > > >
>
> > > > On 10/6/14, 3:18 PM, "Andrew Grieve" <agrieve@chromium.org<mailto:
> agrieve@chromium.org>> wrote:
>
> > > >
>
> > > > >AFAIK, I don't think there's any technical roadblocks. Just need
>
> > > > >a proposal for how it should look, and then a patch & docs to add
> it!
>
> > > > >
>
> > > > >For Android's hot-off-the-press gradle support, you can set an
>
> > > > >environment variable that points to a .properties file for
>
> > > > >signing builds. This shows one way to go about it, but I'm not in
>
> > > > >love with
>
> > the
>
> > > > .properties idea.
>
> > > > >
>
> > > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
>
> > > > ><so...@gmail.com>>
>
> > > > >wrote:
>
> > > > >
>
> > > > >> Hi community.
>
> > > > >>
>
> > > > >> Been looking at this topic and wondering why the build command
>
> > > > >>does not create signed archives. Digging a little bit found a
>
> > > > >>lot of differences in the platforms to create these archives.
>
> > > > >>
>
> > > > >> For instance, in Android you need to 1. Export your APK in
>
> > > > >> release mode (--release flag) 2. Sign your APK (you already
>
> > > > >> need a RSA key)
>
> > > > >>
>
> > > > >> In iOS, you need to:
>
> > > > >> 1. Export your APP using --device flag (--release seems to
>
> > > > >> export
>
> > for
>
> > > > >>emulator only) 2. Either use XCode (UI-based) and sign the
>
> > > > >>archive or use xcrun (headless
>
> > > > >> process)
>
> > > > >>
>
> > > > >> Besides these differences, what is preventing Cordova from
>
> > > > >> providing a generic one-way to build these signed,
> ready-to-publish archives?
>
> > > > >>
>
> > > > >> Perhaps I'm missing something here...? I really appreciate your
>
> > > > >>insights on this topic
>
> > > > >>
>
> > > > >> Thanks!
>
> > > > >>
>
> > > > >> --
>
> > > > >> Victor Adrian Sosa Herrera
>
> > > > >> IBM Software Engineer
>
> > > > >> Guadalajara, Jalisco
>
> > > > >>
>
> > > >
>
> > > >
>
> > > > ------------------------------------------------------------------
>
> > > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> <ma...@cordova.apache.org>
>
> > > > For additional commands, e-mail: dev-help@cordova.apache.org<mailto:
> dev-help@cordova.apache.org>
>
> > > >
>
> > >
>
> > >
>
> > >
>
> > > --
>
> > >
>
> > > *Frederico Galvão*
>
> > >
>
> > > Diretor de Tecnologia
>
> > >
>
> > > PontoGet Inovação Web
>
> > >
>
> > >
>
> > > ( +55(62) 8131-5720
>
> > >
>
> > > * www.pontoget.com.br<http://www.pontoget.com.br> <
> http://www.pontoget.com/>
>
> > >
>
> >
>
--
*Frederico Galvão*
Diretor de Tecnologia
PontoGet Inovação Web
( +55(62) 8131-5720
* www.pontoget.com.br <http://www.pontoget.com/>
RE: Build signed archives using CLI
Posted by Subhag Oak <Su...@microsoft.com>.
Hey Cordova community,
I am Subhag Oak, senior program manager on the Visual Studio team working on VS tools for Multi device hybrid apps. In line with the discussion of having a generic Cordova ‘packaging’ command for all platforms, here is one proposal:
As we all know, packaging an application for deployment requires extra steps that are specific to the native platforms. A new generic Cordova CLI ‘package’ command can perform these platform specific actions to generate a final signed package ready for deployment:
cordova package [platform] [--packageConfiguration] {-- –-sign[location] -- –-embed[location] -- --signIdentity[location]}, where all the parameters within { } are platform specific overrides.
If no platform is specified, the command will build packages for all platforms added.
The values for –packageConfiguration are interpreted by the respective platforms. For Android and Windows, the value can be debug or release, with release being the default value. For iOS, the possible values are development, adhoc or store with development being the default value. The -- --sign, -- -- embed and -- --signIdentity are optional iOS specific signing arguments for specifying the location of code-signing certificate, the provisioning profile or the code signing identity (certificates along with public and private keys) respectively.
e.g:
· ‘cordova package iOS’ would generate a signed ipa with development profile, using code signing identity defined in build.xcconfig:
// to list all installed iOS identities, run:
// security find-identity | sed -n 's/.*\("[^"]*"\).*/\1/p' | grep 'iPhone'
// generic 'iPhone Developer' (no quotes) will match the right Identity with the right Provisioning // Profile plus Certificate, based on the app bundle id
CODE_SIGN_IDENTITY = iPhone Developer
· ‘cordova package android’ would generate a release signed using the packaging assets (keystore, alias and password) defined in the ant.properties files using the ANT build. This would be using gradle.propoerties once cordova changes to gradle build like the one Andrew mentions below.
· ‘Cordova package windows’ would generate a signed APPX package. This will use the following tools in the Windows SDK:
• An unsigned packaged Windows Store app, for example, an .APPX file created by using the app packager (MakeAppx.exe) tool
• A valid code signing certificate, for example, a Personal Information Exchange (.pfx) file created with the MakeCert.exe and Pvk2Pfx.exe tools
• SignTool, which is part of the Windows SDK
Here is how the package command should work. The proposal is to make the ‘package’ command work on convention (similar to the Cordova build command) rather than config settings. The command would look out for packaging assets in the “platform\ [native-platform]” folder.
For android, the contents of the ant.properties (keystore, password, alias and alias password) would be used for packaging. If any of these properties is missing in ant.properties [or gradle.properties for gradle build] or if the file is missing, the command would prompt the user for these value at the command prompt. If the values provided are invalid, the command would fail.
For iOS, the contents of build.xcconfig specify the code-sign certificate and the provisioning profile to be used. The default build.xcconfig file is setup to handle different information by build profile based on the configuration defined in the command. Build.xcconfig can also support signing identities that tie the code-sign certificate with the provisioning profile.
Tools like VS and other IDEs, which use cordova CLI, may need an explicit way to specify certs/profile for packaging for iOS (since the build needs to happen on MAC agent) instead of the assets being defined in the build.xcconfig. One way to allow this is by using optional platform specific arguments to the package command like:
Cordova package iOS --development --sign “d:\cert\mycert.cer” --embed “d:\cert\devprovision.mobileprovisioning”
This command will run the xcrun command to generate a signed IPA with development provisioning profile.
I would love to hear your comments, insights and feedback on this proposal.
Subhag Oak | Senior Program Manager
Visual Studio, Client Tools
soak@microsoft.com
425 707 5598 office
-----Original Message-----
From: agrieve@google.com [mailto:agrieve@google.com] On Behalf Of Andrew Grieve
Sent: Wednesday, October 8, 2014 4:40 AM
To: Shazron
Cc: tommy-carlos williams; dev@cordova.apache.org
Subject: Re: Build signed archives using CLI
For Android Gradle, what's in (and experimental) right now:
Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a .properties file that contains:
storeFile=relative/path/to/keystore.p12
storePassword=SECRET1
storeType=pkcs12
keyAlias=DebugSigningKey
keyPassword=SECRET2
Topics to discuss:
1) Combine platform info into one file, or leave separate?
- Leaning towards together
2) have config.xml point to signing info?
- I think no, since signing info you often want to not check in / keep secure
Strawman:
If a file "cordova-keys.json" exists as a sibling to www/, then use it. It should look like:
{
"android": {
"storeFile": "relative/path.p12"
...
},
"ios": {
},
...
}
Android signs debug builds as well (not sure if other platforms do this too?), so maybe also allow
"android-release" as an alias for "android", and
"android-debug"
On Tue, Oct 7, 2014 at 6:52 PM, Shazron <sh...@gmail.com>> wrote:
> I did open an issue for this two years ago:
> https://issues.apache.org/jira/browse/CB-1369
> and we did discuss this as well 2 yrs ago:
> http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
>
> Seems to be of great value - so let's get going on this ;) The CLI has
> (I think) matured more since then to allow this
>
>
> On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams
> <to...@devgeeks.org>>
> wrote:
>
> > Frederico’s workflow is the same as ours. I would love to see
> > something happen To improve this, the less time I spend in Xcode,
> > the happier I am
> ;)
> >
> >
> >
> > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > frederico.galvao@pontoget.com.br<ma...@pontoget.com.br>) wrote:
> >
> > I can already get the ultimate .apk through "cordova build android
> > --release", but I already have the required .properties properly
> configured
> > in my platform/android folder, specifying the path and name to my
> > keystores. The "cordova build android --release" already gives me
> > the signed and ready .apk, all I have to do is upload it to play.google.com.
> >
> > I have never, however, used cordova's CLI to build the final
> > artifact for iOS (IPA) for iTunes. All I do is run "cordova
> > prepare", and use xCode
> from
> > then on to build, package, sign, and upload.
> >
> > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
> > panarasi@microsoft.com<ma...@microsoft.com>>:
> >
> > > How about a "cordova package" command, that would be for packaging
> > > the
> > app
> > > for the store? Note that different platforms may have different
> > > requirements for certs, signing etc. So it may make sense to
> > > promote
> this
> > > to a different command and let each command take care of packaging
> > > the
> > app
> > > for the store. This command will also mean that developers don’t
> > > have
> to
> > go
> > > over to the native projects when they finally want to publish
> > > their
> apps
> > to
> > > the store.
> > >
> > > -----Original Message-----
> > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > Sent: Monday, October 6, 2014 12:46 PM
> > > To: dev
> > > Subject: Re: Build signed archives using CLI
> > >
> > > if you do:
> > > Cordova build --release,
> > > The blackberry10 platform will generate a signed image...
> > >
> > > On 10/6/14, 3:18 PM, "Andrew Grieve" <ag...@chromium.org>> wrote:
> > >
> > > >AFAIK, I don't think there's any technical roadblocks. Just need
> > > >a proposal for how it should look, and then a patch & docs to add it!
> > > >
> > > >For Android's hot-off-the-press gradle support, you can set an
> > > >environment variable that points to a .properties file for
> > > >signing builds. This shows one way to go about it, but I'm not in
> > > >love with
> the
> > > .properties idea.
> > > >
> > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa
> > > ><so...@gmail.com>>
> > > >wrote:
> > > >
> > > >> Hi community.
> > > >>
> > > >> Been looking at this topic and wondering why the build command
> > > >>does not create signed archives. Digging a little bit found a
> > > >>lot of differences in the platforms to create these archives.
> > > >>
> > > >> For instance, in Android you need to 1. Export your APK in
> > > >> release mode (--release flag) 2. Sign your APK (you already
> > > >> need a RSA key)
> > > >>
> > > >> In iOS, you need to:
> > > >> 1. Export your APP using --device flag (--release seems to
> > > >> export
> for
> > > >>emulator only) 2. Either use XCode (UI-based) and sign the
> > > >>archive or use xcrun (headless
> > > >> process)
> > > >>
> > > >> Besides these differences, what is preventing Cordova from
> > > >> providing a generic one-way to build these signed, ready-to-publish archives?
> > > >>
> > > >> Perhaps I'm missing something here...? I really appreciate your
> > > >>insights on this topic
> > > >>
> > > >> Thanks!
> > > >>
> > > >> --
> > > >> Victor Adrian Sosa Herrera
> > > >> IBM Software Engineer
> > > >> Guadalajara, Jalisco
> > > >>
> > >
> > >
> > > ------------------------------------------------------------------
> > > --- To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org<ma...@cordova.apache.org>
> > > For additional commands, e-mail: dev-help@cordova.apache.org<ma...@cordova.apache.org>
> > >
> >
> >
> >
> > --
> >
> > *Frederico Galvão*
> >
> > Diretor de Tecnologia
> >
> > PontoGet Inovação Web
> >
> >
> > ( +55(62) 8131-5720
> >
> > * www.pontoget.com.br<http://www.pontoget.com.br> <http://www.pontoget.com/>
> >
>
Re: Build signed archives using CLI
Posted by Andrew Grieve <ag...@chromium.org>.
For Android Gradle, what's in (and experimental) right now:
Environment variable "RELEASE_SIGNING_PROPERTIES_FILE" points to a
.properties file that contains:
storeFile=relative/path/to/keystore.p12
storePassword=SECRET1
storeType=pkcs12
keyAlias=DebugSigningKey
keyPassword=SECRET2
Topics to discuss:
1) Combine platform info into one file, or leave separate?
- Leaning towards together
2) have config.xml point to signing info?
- I think no, since signing info you often want to not check in / keep
secure
Strawman:
If a file "cordova-keys.json" exists as a sibling to www/, then use it. It
should look like:
{
"android": {
"storeFile": "relative/path.p12"
...
},
"ios": {
},
...
}
Android signs debug builds as well (not sure if other platforms do this
too?), so maybe also allow
"android-release" as an alias for "android", and
"android-debug"
On Tue, Oct 7, 2014 at 6:52 PM, Shazron <sh...@gmail.com> wrote:
> I did open an issue for this two years ago:
> https://issues.apache.org/jira/browse/CB-1369
> and we did discuss this as well 2 yrs ago:
> http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
>
> Seems to be of great value - so let's get going on this ;)
> The CLI has (I think) matured more since then to allow this
>
>
> On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams <to...@devgeeks.org>
> wrote:
>
> > Frederico’s workflow is the same as ours. I would love to see something
> > happen To improve this, the less time I spend in Xcode, the happier I am
> ;)
> >
> >
> >
> > On 7 October 2014 at 8:48:40, Frederico Galvão (
> > frederico.galvao@pontoget.com.br) wrote:
> >
> > I can already get the ultimate .apk through "cordova build android
> > --release", but I already have the required .properties properly
> configured
> > in my platform/android folder, specifying the path and name to my
> > keystores. The "cordova build android --release" already gives me the
> > signed and ready .apk, all I have to do is upload it to play.google.com.
> >
> > I have never, however, used cordova's CLI to build the final artifact for
> > iOS (IPA) for iTunes. All I do is run "cordova prepare", and use xCode
> from
> > then on to build, package, sign, and upload.
> >
> > 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
> > panarasi@microsoft.com>:
> >
> > > How about a "cordova package" command, that would be for packaging the
> > app
> > > for the store? Note that different platforms may have different
> > > requirements for certs, signing etc. So it may make sense to promote
> this
> > > to a different command and let each command take care of packaging the
> > app
> > > for the store. This command will also mean that developers don’t have
> to
> > go
> > > over to the native projects when they finally want to publish their
> apps
> > to
> > > the store.
> > >
> > > -----Original Message-----
> > > From: Josh Soref [mailto:jsoref@blackberry.com]
> > > Sent: Monday, October 6, 2014 12:46 PM
> > > To: dev
> > > Subject: Re: Build signed archives using CLI
> > >
> > > if you do:
> > > Cordova build --release,
> > > The blackberry10 platform will generate a signed image...
> > >
> > > On 10/6/14, 3:18 PM, "Andrew Grieve" <ag...@chromium.org> wrote:
> > >
> > > >AFAIK, I don't think there's any technical roadblocks. Just need a
> > > >proposal for how it should look, and then a patch & docs to add it!
> > > >
> > > >For Android's hot-off-the-press gradle support, you can set an
> > > >environment variable that points to a .properties file for signing
> > > >builds. This shows one way to go about it, but I'm not in love with
> the
> > > .properties idea.
> > > >
> > > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa <so...@gmail.com>
> > > >wrote:
> > > >
> > > >> Hi community.
> > > >>
> > > >> Been looking at this topic and wondering why the build command does
> > > >>not create signed archives. Digging a little bit found a lot of
> > > >>differences in the platforms to create these archives.
> > > >>
> > > >> For instance, in Android you need to
> > > >> 1. Export your APK in release mode (--release flag) 2. Sign your APK
> > > >> (you already need a RSA key)
> > > >>
> > > >> In iOS, you need to:
> > > >> 1. Export your APP using --device flag (--release seems to export
> for
> > > >>emulator only) 2. Either use XCode (UI-based) and sign the archive or
> > > >>use xcrun (headless
> > > >> process)
> > > >>
> > > >> Besides these differences, what is preventing Cordova from providing
> > > >> a generic one-way to build these signed, ready-to-publish archives?
> > > >>
> > > >> Perhaps I'm missing something here...? I really appreciate your
> > > >>insights on this topic
> > > >>
> > > >> Thanks!
> > > >>
> > > >> --
> > > >> Victor Adrian Sosa Herrera
> > > >> IBM Software Engineer
> > > >> Guadalajara, Jalisco
> > > >>
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > > For additional commands, e-mail: dev-help@cordova.apache.org
> > >
> >
> >
> >
> > --
> >
> > *Frederico Galvão*
> >
> > Diretor de Tecnologia
> >
> > PontoGet Inovação Web
> >
> >
> > ( +55(62) 8131-5720
> >
> > * www.pontoget.com.br <http://www.pontoget.com/>
> >
>
Re: Build signed archives using CLI
Posted by Shazron <sh...@gmail.com>.
I did open an issue for this two years ago:
https://issues.apache.org/jira/browse/CB-1369
and we did discuss this as well 2 yrs ago:
http://apache.markmail.org/thread/xxlmjjzgnctvsqnm
Seems to be of great value - so let's get going on this ;)
The CLI has (I think) matured more since then to allow this
On Tue, Oct 7, 2014 at 3:44 PM, tommy-carlos williams <to...@devgeeks.org>
wrote:
> Frederico’s workflow is the same as ours. I would love to see something
> happen To improve this, the less time I spend in Xcode, the happier I am ;)
>
>
>
> On 7 October 2014 at 8:48:40, Frederico Galvão (
> frederico.galvao@pontoget.com.br) wrote:
>
> I can already get the ultimate .apk through "cordova build android
> --release", but I already have the required .properties properly configured
> in my platform/android folder, specifying the path and name to my
> keystores. The "cordova build android --release" already gives me the
> signed and ready .apk, all I have to do is upload it to play.google.com.
>
> I have never, however, used cordova's CLI to build the final artifact for
> iOS (IPA) for iTunes. All I do is run "cordova prepare", and use xCode from
> then on to build, package, sign, and upload.
>
> 2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
> panarasi@microsoft.com>:
>
> > How about a "cordova package" command, that would be for packaging the
> app
> > for the store? Note that different platforms may have different
> > requirements for certs, signing etc. So it may make sense to promote this
> > to a different command and let each command take care of packaging the
> app
> > for the store. This command will also mean that developers don’t have to
> go
> > over to the native projects when they finally want to publish their apps
> to
> > the store.
> >
> > -----Original Message-----
> > From: Josh Soref [mailto:jsoref@blackberry.com]
> > Sent: Monday, October 6, 2014 12:46 PM
> > To: dev
> > Subject: Re: Build signed archives using CLI
> >
> > if you do:
> > Cordova build --release,
> > The blackberry10 platform will generate a signed image...
> >
> > On 10/6/14, 3:18 PM, "Andrew Grieve" <ag...@chromium.org> wrote:
> >
> > >AFAIK, I don't think there's any technical roadblocks. Just need a
> > >proposal for how it should look, and then a patch & docs to add it!
> > >
> > >For Android's hot-off-the-press gradle support, you can set an
> > >environment variable that points to a .properties file for signing
> > >builds. This shows one way to go about it, but I'm not in love with the
> > .properties idea.
> > >
> > >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa <so...@gmail.com>
> > >wrote:
> > >
> > >> Hi community.
> > >>
> > >> Been looking at this topic and wondering why the build command does
> > >>not create signed archives. Digging a little bit found a lot of
> > >>differences in the platforms to create these archives.
> > >>
> > >> For instance, in Android you need to
> > >> 1. Export your APK in release mode (--release flag) 2. Sign your APK
> > >> (you already need a RSA key)
> > >>
> > >> In iOS, you need to:
> > >> 1. Export your APP using --device flag (--release seems to export for
> > >>emulator only) 2. Either use XCode (UI-based) and sign the archive or
> > >>use xcrun (headless
> > >> process)
> > >>
> > >> Besides these differences, what is preventing Cordova from providing
> > >> a generic one-way to build these signed, ready-to-publish archives?
> > >>
> > >> Perhaps I'm missing something here...? I really appreciate your
> > >>insights on this topic
> > >>
> > >> Thanks!
> > >>
> > >> --
> > >> Victor Adrian Sosa Herrera
> > >> IBM Software Engineer
> > >> Guadalajara, Jalisco
> > >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> > For additional commands, e-mail: dev-help@cordova.apache.org
> >
>
>
>
> --
>
> *Frederico Galvão*
>
> Diretor de Tecnologia
>
> PontoGet Inovação Web
>
>
> ( +55(62) 8131-5720
>
> * www.pontoget.com.br <http://www.pontoget.com/>
>
Re: Build signed archives using CLI
Posted by tommy-carlos williams <to...@devgeeks.org>.
Frederico’s workflow is the same as ours. I would love to see something happen To improve this, the less time I spend in Xcode, the happier I am ;)
On 7 October 2014 at 8:48:40, Frederico Galvão (frederico.galvao@pontoget.com.br) wrote:
I can already get the ultimate .apk through "cordova build android
--release", but I already have the required .properties properly configured
in my platform/android folder, specifying the path and name to my
keystores. The "cordova build android --release" already gives me the
signed and ready .apk, all I have to do is upload it to play.google.com.
I have never, however, used cordova's CLI to build the final artifact for
iOS (IPA) for iTunes. All I do is run "cordova prepare", and use xCode from
then on to build, package, sign, and upload.
2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
panarasi@microsoft.com>:
> How about a "cordova package" command, that would be for packaging the app
> for the store? Note that different platforms may have different
> requirements for certs, signing etc. So it may make sense to promote this
> to a different command and let each command take care of packaging the app
> for the store. This command will also mean that developers don’t have to go
> over to the native projects when they finally want to publish their apps to
> the store.
>
> -----Original Message-----
> From: Josh Soref [mailto:jsoref@blackberry.com]
> Sent: Monday, October 6, 2014 12:46 PM
> To: dev
> Subject: Re: Build signed archives using CLI
>
> if you do:
> Cordova build --release,
> The blackberry10 platform will generate a signed image...
>
> On 10/6/14, 3:18 PM, "Andrew Grieve" <ag...@chromium.org> wrote:
>
> >AFAIK, I don't think there's any technical roadblocks. Just need a
> >proposal for how it should look, and then a patch & docs to add it!
> >
> >For Android's hot-off-the-press gradle support, you can set an
> >environment variable that points to a .properties file for signing
> >builds. This shows one way to go about it, but I'm not in love with the
> .properties idea.
> >
> >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa <so...@gmail.com>
> >wrote:
> >
> >> Hi community.
> >>
> >> Been looking at this topic and wondering why the build command does
> >>not create signed archives. Digging a little bit found a lot of
> >>differences in the platforms to create these archives.
> >>
> >> For instance, in Android you need to
> >> 1. Export your APK in release mode (--release flag) 2. Sign your APK
> >> (you already need a RSA key)
> >>
> >> In iOS, you need to:
> >> 1. Export your APP using --device flag (--release seems to export for
> >>emulator only) 2. Either use XCode (UI-based) and sign the archive or
> >>use xcrun (headless
> >> process)
> >>
> >> Besides these differences, what is preventing Cordova from providing
> >> a generic one-way to build these signed, ready-to-publish archives?
> >>
> >> Perhaps I'm missing something here...? I really appreciate your
> >>insights on this topic
> >>
> >> Thanks!
> >>
> >> --
> >> Victor Adrian Sosa Herrera
> >> IBM Software Engineer
> >> Guadalajara, Jalisco
> >>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> For additional commands, e-mail: dev-help@cordova.apache.org
>
--
*Frederico Galvão*
Diretor de Tecnologia
PontoGet Inovação Web
( +55(62) 8131-5720
* www.pontoget.com.br <http://www.pontoget.com/>
Re: Build signed archives using CLI
Posted by Frederico Galvão <fr...@pontoget.com.br>.
I can already get the ultimate .apk through "cordova build android
--release", but I already have the required .properties properly configured
in my platform/android folder, specifying the path and name to my
keystores. The "cordova build android --release" already gives me the
signed and ready .apk, all I have to do is upload it to play.google.com.
I have never, however, used cordova's CLI to build the final artifact for
iOS (IPA) for iTunes. All I do is run "cordova prepare", and use xCode from
then on to build, package, sign, and upload.
2014-10-06 16:52 GMT-03:00 Parashuram Narasimhan (MS OPEN TECH) <
panarasi@microsoft.com>:
> How about a "cordova package" command, that would be for packaging the app
> for the store? Note that different platforms may have different
> requirements for certs, signing etc. So it may make sense to promote this
> to a different command and let each command take care of packaging the app
> for the store. This command will also mean that developers don’t have to go
> over to the native projects when they finally want to publish their apps to
> the store.
>
> -----Original Message-----
> From: Josh Soref [mailto:jsoref@blackberry.com]
> Sent: Monday, October 6, 2014 12:46 PM
> To: dev
> Subject: Re: Build signed archives using CLI
>
> if you do:
> Cordova build --release,
> The blackberry10 platform will generate a signed image...
>
> On 10/6/14, 3:18 PM, "Andrew Grieve" <ag...@chromium.org> wrote:
>
> >AFAIK, I don't think there's any technical roadblocks. Just need a
> >proposal for how it should look, and then a patch & docs to add it!
> >
> >For Android's hot-off-the-press gradle support, you can set an
> >environment variable that points to a .properties file for signing
> >builds. This shows one way to go about it, but I'm not in love with the
> .properties idea.
> >
> >On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa <so...@gmail.com>
> >wrote:
> >
> >> Hi community.
> >>
> >> Been looking at this topic and wondering why the build command does
> >>not create signed archives. Digging a little bit found a lot of
> >>differences in the platforms to create these archives.
> >>
> >> For instance, in Android you need to
> >> 1. Export your APK in release mode (--release flag) 2. Sign your APK
> >> (you already need a RSA key)
> >>
> >> In iOS, you need to:
> >> 1. Export your APP using --device flag (--release seems to export for
> >>emulator only) 2. Either use XCode (UI-based) and sign the archive or
> >>use xcrun (headless
> >> process)
> >>
> >> Besides these differences, what is preventing Cordova from providing
> >> a generic one-way to build these signed, ready-to-publish archives?
> >>
> >> Perhaps I'm missing something here...? I really appreciate your
> >>insights on this topic
> >>
> >> Thanks!
> >>
> >> --
> >> Victor Adrian Sosa Herrera
> >> IBM Software Engineer
> >> Guadalajara, Jalisco
> >>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
> For additional commands, e-mail: dev-help@cordova.apache.org
>
--
*Frederico Galvão*
Diretor de Tecnologia
PontoGet Inovação Web
( +55(62) 8131-5720
* www.pontoget.com.br <http://www.pontoget.com/>
RE: Build signed archives using CLI
Posted by "Parashuram Narasimhan (MS OPEN TECH)" <pa...@microsoft.com>.
How about a "cordova package" command, that would be for packaging the app for the store? Note that different platforms may have different requirements for certs, signing etc. So it may make sense to promote this to a different command and let each command take care of packaging the app for the store. This command will also mean that developers don’t have to go over to the native projects when they finally want to publish their apps to the store.
-----Original Message-----
From: Josh Soref [mailto:jsoref@blackberry.com]
Sent: Monday, October 6, 2014 12:46 PM
To: dev
Subject: Re: Build signed archives using CLI
if you do:
Cordova build --release,
The blackberry10 platform will generate a signed image...
On 10/6/14, 3:18 PM, "Andrew Grieve" <ag...@chromium.org> wrote:
>AFAIK, I don't think there's any technical roadblocks. Just need a
>proposal for how it should look, and then a patch & docs to add it!
>
>For Android's hot-off-the-press gradle support, you can set an
>environment variable that points to a .properties file for signing
>builds. This shows one way to go about it, but I'm not in love with the .properties idea.
>
>On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa <so...@gmail.com>
>wrote:
>
>> Hi community.
>>
>> Been looking at this topic and wondering why the build command does
>>not create signed archives. Digging a little bit found a lot of
>>differences in the platforms to create these archives.
>>
>> For instance, in Android you need to
>> 1. Export your APK in release mode (--release flag) 2. Sign your APK
>> (you already need a RSA key)
>>
>> In iOS, you need to:
>> 1. Export your APP using --device flag (--release seems to export for
>>emulator only) 2. Either use XCode (UI-based) and sign the archive or
>>use xcrun (headless
>> process)
>>
>> Besides these differences, what is preventing Cordova from providing
>> a generic one-way to build these signed, ready-to-publish archives?
>>
>> Perhaps I'm missing something here...? I really appreciate your
>>insights on this topic
>>
>> Thanks!
>>
>> --
>> Victor Adrian Sosa Herrera
>> IBM Software Engineer
>> Guadalajara, Jalisco
>>
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@cordova.apache.org
For additional commands, e-mail: dev-help@cordova.apache.org
Re: Build signed archives using CLI
Posted by Josh Soref <js...@blackberry.com>.
if you do:
Cordova build --release,
The blackberry10 platform will generate a signed image...
On 10/6/14, 3:18 PM, "Andrew Grieve" <ag...@chromium.org> wrote:
>AFAIK, I don't think there's any technical roadblocks. Just need a
>proposal
>for how it should look, and then a patch & docs to add it!
>
>For Android's hot-off-the-press gradle support, you can set an environment
>variable that points to a .properties file for signing builds. This shows
>one way to go about it, but I'm not in love with the .properties idea.
>
>On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa <so...@gmail.com>
>wrote:
>
>> Hi community.
>>
>> Been looking at this topic and wondering why the build command does not
>> create signed archives. Digging a little bit found a lot of
>>differences in
>> the platforms to create these archives.
>>
>> For instance, in Android you need to
>> 1. Export your APK in release mode (--release flag)
>> 2. Sign your APK (you already need a RSA key)
>>
>> In iOS, you need to:
>> 1. Export your APP using --device flag (--release seems to export for
>> emulator only)
>> 2. Either use XCode (UI-based) and sign the archive or use xcrun
>>(headless
>> process)
>>
>> Besides these differences, what is preventing Cordova from providing a
>> generic one-way to build these signed, ready-to-publish archives?
>>
>> Perhaps I'm missing something here...? I really appreciate your
>>insights
>> on this topic
>>
>> Thanks!
>>
>> --
>> Victor Adrian Sosa Herrera
>> IBM Software Engineer
>> Guadalajara, Jalisco
>>
Re: Build signed archives using CLI
Posted by Andrew Grieve <ag...@chromium.org>.
AFAIK, I don't think there's any technical roadblocks. Just need a proposal
for how it should look, and then a patch & docs to add it!
For Android's hot-off-the-press gradle support, you can set an environment
variable that points to a .properties file for signing builds. This shows
one way to go about it, but I'm not in love with the .properties idea.
On Mon, Oct 6, 2014 at 2:48 PM, Victor Sosa <so...@gmail.com> wrote:
> Hi community.
>
> Been looking at this topic and wondering why the build command does not
> create signed archives. Digging a little bit found a lot of differences in
> the platforms to create these archives.
>
> For instance, in Android you need to
> 1. Export your APK in release mode (--release flag)
> 2. Sign your APK (you already need a RSA key)
>
> In iOS, you need to:
> 1. Export your APP using --device flag (--release seems to export for
> emulator only)
> 2. Either use XCode (UI-based) and sign the archive or use xcrun (headless
> process)
>
> Besides these differences, what is preventing Cordova from providing a
> generic one-way to build these signed, ready-to-publish archives?
>
> Perhaps I'm missing something here...? I really appreciate your insights
> on this topic
>
> Thanks!
>
> --
> Victor Adrian Sosa Herrera
> IBM Software Engineer
> Guadalajara, Jalisco
>