Last week I tweeted for help deploying updates to a mobile app on the app/play stores. Thank you, folks who RT’d!

No one came forward. I’m taking that to mean even FT mobile devs aren’t confident they know how to do it.
So I figured it out myself. Here’s what I learned.

1/
Before I start, lemme reiterate that I did this alone after asking for help.

So any Android or iOS reply guys out there who are getting ready to make a name for themselves well-actuallying me in the replies can instead read this thread.

Let’s set the scene. You have to deploy an update to an existing mobile app, but every single provisioning profile, keystore, everything you ever generated to upload it the first time is somehow missing or expired.

Your mobile app is the jeep scene from Jurassic World. Congrats.
Devs who’ve worked in mobile know why this is more annoying than deploying a brand new app.

It’s because, for very good security reasons, Apple and Google want to make sure it’s YOU pushing updates to your app, and not some poser trying to hijack your loyal constituents.

So...
...you can’t just start fresh with all new profiles and keys exactly the way you see in tutorials, because most tutorials assume you’re deploying for the first time.

This is a general problem with tutorials. They tend to assume the simplest scenario, which is rarely realistic.
Let’s assume your app is building for both iOS and Android (when I started this process mine was not, but that’s a topic for a different thread).

We begin by deploying it for iOS. You’re gonna need two things: a Distribution Provisioning Profile and a Distribution Certificate.
First, the Provisioning Profile. The PP authorizes specific devices to run your app.

For DEVELOPMENT, XCode takes care of this for your simulators, etc. For DISTRIBUTION, XCode uses this to authorize devices that get your app from the app store.

STEPS:
1. If you’re lucky, you can have XCode take care of your profiles and certificates for you by checking this box.

The app I maintain is written with a dual platform framework, kinda old, with a few kludges in it, so we can’t do this. I’ll now explain the somewhat more manual way.
1. Sign into developer.apple.com.
2. Click “Certificates, IDs & Profiles.” You’ll see a list.
3. Hit the ‘+’ to make a new one. If the app is for iPhone & iPad you want ‘App Store’ distribution. NOT ‘iOS’ or ‘Ad Hoc’ (the ’net has a lot of conflicting outdated advice here).
SO NOW

You also need a distribution certificate. This is how Apple verifies that you, the developer, are the one uploading a new build of your app for distribution.

85% of web instructions on this are outdated or incorrect. This one is correct:

blog.chapagain.com.np/generate-new-d…
OK so NOW in XCode you can select your shiny new Provisioning Profile and Distribution Certificate. See below how that will look.

From there, select Product > Archive from the top bar menus. XCode will build and sign your app, and you get a button for ‘Upload to the App Store.’
Archival/upload takes a while, but once it’s done you can hop over to appstoreconnect.apple.com, click on your app, go to the ‘TestFlight’ tab, and see your build.

Tab back to ‘App Store’ to edit your release page & switch out your old app version for your new one via a dropdown.
That’s iOS.

OK. Android.

The #1 thing that online resources seem to get very confused about is the difference between an Android app signing key and an upload key.

The app signing key does not change. Google uses it to sign your app for the Play store. It stays the same.
The UPLOAD key is, for our purposes, analogous in use case to the iOS Distribution certificate.

Android uses java keystore for this instead of (obviously) the Mac-specific keychain process that iOS uses. So, we have to do a new thing here.
ONCE UPON A TIME, you had to do this manually. As of Android studio 2020.3.1, it sort of tries to help you.

Also worth noting that Android’s distribution security dance CHANGED in Aug 2021. I recommend moving to this new app signing key/upload key configuration.

ANYWAY WHAT DO
Yes, so

1. Go in Android Studio to Build > Generate Signed Bundle/APK

2. Choose aab or apk. My rule here is ‘do aab unless for some reason you can’t.’

3. You’ll now see a form where you can enter a keystore and key. Choose the ‘Create New’ button there in the middle.
Now it gives you this thing.

1. Give your keystore a name ending in .keystore and a path for where to put it. I keep it in the app dir and .gitignore it. Remember, it’s for local upload authentication.
2. Make up a password.
3. For alias, choose a memorable name.

OK SO NOW
For the alias PASSWORD

All of the internet and your grandma and G*d will tell you to make this PW different from the keystore PW and they’re right, in theory. IN PRACTICE, for some reason (I forget if it’s a Java or an Android Studio limitation), you can’t. So make ’em the same.
So, for the bottom part of this form, fill out name and Organization. You can fill out more. I found that to be the minimum I could fill out.

Click ‘OK’
So NOW when you generate your signed APK, you’ll see Gradle hum away until the build succeeds. It should give you a link that says ‘locate my app bundle’ or ‘locate my apk’ and you can click that to see where it is.

Example: mine is in android/app/release/.
OK. Now to get your upload key registered w Google Play, you’ll send them a public key (.pem) for your private key.

I’ll tell you how to generate that public key and then how to give it to Google.
Navigate to the dir where you made the keystore 5 tweets ago and run this command*, replacing everything in [] with the string it describes (remove the []):

keytool -export -rfc -alias [alias] -file [name-you-want].pem -keystore [name-of-keystore-without-keystore-extension].jks
*In general, do not run CLI commands from strangers on the internet unless you can describe every single keyword and flag and what it does.

In this case you can trust me, but I'd also say that even if you couldn't, right? So I recommend Googling that before running it.
Once you have that, fill out this form. Attach the .pem. You can find your developer account ID on the homepage when logged into the play console.

They’ll email you when it’s registered. Turnaround is ~2 days. During holidays, possibly a bit longer.

support.google.com/googleplay/and…
Go to play.google.com/apps/publish and log in.
Click on your app in the list.

Under “Releases Overview” on the left, click whichever release you want to do (we start w “Closed Testing). You can create a new track or push an update to an existing one with “Manage Track” on the right
Now you fill out the form and there’s essentially a box for uploading a file, and that’s where you put your apk/aab. So, locate the file in your file manager and drag it onto that box.

The authentication check SHOULD match, and you should be able to create your release!
Congratulations, your Jurassic Park Jeep is cavorting over hill and dale on the internet.
Did you like this thread? Come contribute! It's a React Native app for the largest people-powered scientific research platform in the world, The Zooniverse.

I promise, you don't have to do the stuff in this thread. I'll handle deployment and we'll find you a nice ticket 🙂

• • •

Missing some Tweet in this thread? You can try to force a refresh
 

Keep Current with Chelsea Troy 🏳️‍🌈

Chelsea Troy 🏳️‍🌈 Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!

PDF

Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @HeyChelseaTroy

Jan 30
Okay you know what I'm coming back to Calendly.

I don't want to talk about Calendly. I want to talk about the way people treated each other in that discussion.

This is gonna start out kinda draggy, and then I promise we'll get to some...skills that could use some work.
1. I already said this but I'm saying it again. This is not a thread about Calendly. Do not get in here and start yelling at me, each other, or God about Calendly.

Because there is basically one appropriate perspective on Calendly and it is "This is a tool with a use case."
The conversation was not "Folks have different experiences with the use case. Why? What can we learn from that?"

The conversation was somehow very quickly a lot of adults I know who have built their whole, like, brand on having empathy, being absolute shitheads to each other.
Read 22 tweets
Jan 23
So, the cringe Psaki quote.

It's not that I think it needs more dunking.

In fact, I think it exemplifies something I've been thinking about lately on a smaller scale than "Press Secretary."

And frankly, that thing? Is worth considering for all of us.

1/
So, there are two reasons folks are mad here. I wanna acknowledge the first one even though this thread is really about the second one, so let me do that.

1. The quote talks about legislation that will be life-and-death for some with 'my sports team lost' level of urgency.
Why is that a big deal? It's not an unusual error of perspective for someone like Psaki to make because that's about the stakes for a well-off (wh*te, and I'd also add het) person.

BUT, this administration won on the promise to this country that they WOULDN'T make this error.
Read 32 tweets
Jan 21
I grew up through this in the '90s & 2000s. I went with my mom to the Y to elliptical for an hr/day. ~Half my dinners in high school were Lean Cuisine.

But I'm not here to talk about that (the article does it better than I could).

I want to talk about...
getpocket.com/explore/item/t…
...how WEIRD it is when trauma and nostalgia mix.

See, I didn't have the greatest school experience. For a number of reasons outside the control of my well-meaning parents, I went to seven schools between K5 and 12th grade. This meant that in addition to all the...
NORMAL struggles of making friends as a kid, ADDITIONALLY every 2 years or so my hard work on that got wiped, I showed up a stranger at another school, and I started all over.

This was one of maybe 3 things that contributed to me waiting till I was almost 25 to come out, btw
Read 14 tweets
Jan 20
I realize this take is white hot (I anonymized the OP to minimize my blast zone), but if this is you, the vast majority of the time, you probably shouldn't have gone CEO.

Lemme explain why (and it's possible the OP is NOT one of the people I'm talking about).
When you're an eng-gone-CEO who feels this way, a lot of things have happened to you.

1. You probably got rewarded for being good at coding by being promoted out of it. Then you were in a job you were LESS good at. This doesn't feel great.
2. Turns out CEO isn't the same as monarch or president-for-a-day at most companies. It's a lot of delegating decisions you'd like to make yourself, and when you fail to do the delegating step it tends to blow up in your face.

Both these things suck and as a result...
Read 10 tweets
Jan 19
What if I propose to my gym friend to come to #whenwewereyoungfestival with me like it's prom

Do we think that would be fun
FWIW I know this person well and I'm reasonably confident she'd say yes

Also FWIW, this would not be a romantic proposal—she's hetero afask and also extremely spoken for
So, one issue with "When we were young festival" is that it's going to take WAY more candy to spell out than "Prom"

crap
Read 5 tweets
Dec 31, 2021
Guess what, nobody asked me, so now we're going to talk about this DoorDash Dogfooding outrage.

You're gonna get all my hottest takes because I've got a sidecar in my hand and no deadlines tonight. Strap in.
So my FIRST hot take is that, in the 6 days I spent on blind, I saw some of the most insufferable, elitist drivel I have ever seen techies say behind closed doors, and that bar is not low

LOLOL at this Blind rant where the person signs off "TC: 400" like it's fucken "Esq"
Lotta devs are convinced that their total comp means something about their intelligence, skill, value, or impact

When really it's mostly execs' success convincing VCs that they'll make money someday

Leading w your TC is the "peeling out in a muscle car" of engineering

ANYWAY
Read 24 tweets

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!

Ethereum

0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy

Bitcoin

3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

:(