Lesson Thursday

After all your hard work developing Android applications, you’re probably ready to begin showing them off! This lesson will help curate the resources and instructions necessary to begin releasing your applications to the world.

Google Play Developer Accounts

As you may already know, the primary marketplace for Android applications is the Google Play store.

To publish your own applications on Google Play you must first register for a Google Play Developer account. Registering costs a one-time fee of $25. You are not required to attain a paid Google Play Developer account for this course, but it’s highly recommended to do so.

To register visit the Sign Up section in the Google Play Developer Console.

Launch Checklist

Before beginning the publishing process, thoroughly review the Android Launch Checklist. This checklist contains everything you need to know in order to prepare, package, and publish an application for distribution. Plan to follow this resource step-by-step when you’re ready to publish your first app.

Signing your Application

As you’ll see, many of the steps in the Launch Checklist focus on preparatory tasks such as reviewing policies and agreements, double-checking your application meets quality expectations, and determining content for your app’s listing (countries, price, rating, description, size, compatibility, promotional graphics, etc.) However, pay special attention to step #13 in the Launch Checklist. This step describes the process of actually packaging and uploading your application to the Play Store, which is widely considered the most challenging part.

Applications must be uploaded to Google Play as an APK (Android Package) file. This file must also be “signed” with a unique certificate. Similar to the way your ID card, passport or driver’s license identifies your person, this unique certificate identifies you as the original author/owner of an Android application. You will also be required to verify your identity with this same certificate in order to make future updates to the application.

These certificates are sometimes referred to as public-key certificates, digital certificates or identity certificates. In the context of publishing Android applications, know that these all refer to the same thing. Also, this certificate information resides in a binary file called a keystore. You will see these terms appear throughout the Android documentation.

Creating a Certificate

If this is your first time publishing an app, you likely don’t have a certificate in a special keystore file yet. You can follow the instructions detailed in the Sign Your App article (also linked in the Launch Checklist) to attain one. While this article walks through the entire process of creating and using a certificate, there are several important points we’d like to emphasize:

  • Always remove signing information from your build files! When you sign your application through Android Studio using the instructions linked above, it may add your signing information to your build.gradle files in plain text. Remove this from the build files so others may not access it. You may do so by following the instructions here to create a keystore.properties file to hold this sensitive information. Do not commit the keystore.properties file to GitHub, or you will risk publishing your sensitive signing information publically.

  • Always, always, always keep your keystore file and its corresponding password. As mentioned, this keystore is used to confirm your identity as the application’s original author. Do not lose it, or you won't have access to later update your application. If you create your certificate, sign, and publish your application on one machine and would later like to update your app from a different machine, you will need to provide the same keystore information to verify your identity.

  • If you generate a keystore at Epicodus, make sure to save it somewhere you can access later. Similar to the point above, you must always keep your keystore file and remember its corresponding password. Epicodus computers wipe their contents each night. So make sure to save any keystore files you generate at Epicodus somewhere you may access later. On a flash drive, for instance. (Remember, you don’t want to publish this information to GitHub!)

  • You may use the same keystore in different applications. Don’t worry, you won’t have to go through the process of creating a new certificate in a new keystore every time you publish an application. As long as the applications have different package names, you can continue to use the same certificate to sign multiple apps.