Android gradle - how to access a keystore remotely

Question

i have a script to get a properties file remotely. inside the props file is the password and alias for my private key for android. the props file also contains the path to the private key which is also remote. Here is the script i have so far:

keystore.properties file looks like this;

storePassword="pass"
keyPassword="pass"
keyAlias="na"
storeFile="file:////Users/myuserName/Documents/StudioProjects/private-key-vault/mykeystore"

and here is the gradle script to actually do the signing:

def propertiesFileLocation = 'file:///Users/myuserName/Documents/StudioProjects/private-key-vault/props/keystore.properties'
            def propFileURL = new URL(propertiesFileLocation);
            def propsFile = new File(propFileURL.toURI());

            def configName = 'config'

            if (propsFile.exists() && android.signingConfigs.hasProperty(configName)) {
                def props = new Properties()

                props.load(new FileInputStream(propsFile))

                println 'The props are:'+ props

                android.signingConfigs[configName].storeFile = file(props['storeFile'])
                android.signingConfigs[configName].storePassword = props['storePassword']
                android.signingConfigs[configName].keyAlias = props['keyAlias']
                android.signingConfigs[configName].keyPassword = props['keyPassword']
            }
        }
    }

Notice i am printing out the properties and i notice that the keystore path is not absolute. Gradle is assuming that the keystore is located in the root project directory and i cant seem to change it. here is the output:

The props are:

[storeFile:"file:////Users/myuserName/Documents/StudioProjects/private-key-vault/mykeystore", keyAlias:"na", keyPassword:"pass", storePassword:"pass"]

which is fine until i run the build and see the path is now not absolute:

when i run ./gradlew assembleFreeRelease i get the following error of course:

    :app:validateSigningFreeRelease FAILED

FAILURE: Build failed with an exception.

    * What went wrong:
    Execution failed for task ':app:validateSigningFreeRelease'.
    > Keystore file /Users/myuserName/Documents/StudioProjects/myapp/app/"file:/Users/myuserName/Documents/StudioProjects/private-key-vault/mykeystore" not found for signing config 'config'.

notice how the root project path is being appended to the keystore path ? so it cant find it. How can i fix this.

A bit about what i am trying to do: i want to store the keystore and keystore properties remotely in a secure area and have gradle retrieve them at build time only when on VPN.

Answer 1

Your close you just need to avoid the URI instead pass the absolute path directly to the File constructor, then use Gradle's File sugar method withInputStream to load the Properties

def properties = new Properties()
new File('/Users/myuserName/Documents/StudioProjects/private-key-vault/props', 'keystore.properties').withInputStream {
    properties.load(it)
    // ... do work with stored properties
}

Answer 2

Old question, but I had the same problem as OP and this thread lead me down the right path, so I figured I could post what worked for me.

My keystore file is located on a file server on my local network and I tried what OP tried. What worked for me was to just delete a couple of dashes and the apostrophes on the storeFile path. In my keystore.properties file I put

storePassword="pass"
keyPassword="pass"
keyAlias="alias"
storeFile=file://absolute/path/to/app.keystore