Gradle-play-publisher: Verification of play store credentials fails builds when publishing is not intended

Created on 22 Nov 2018  路  1Comment  路  Source: Triple-T/gradle-play-publisher

java.lang.IllegalStateException: PKCS12 credentials must also specify a Service Account email during project configuration

In my use case we only provide signing and uploading credentials on the CI server. That means that the configuration recieves a non existing file for the serviceAccountCredentials configuration for every other build. Since the sanity check is performed on project configuration the plugin cancels every gradle task even if no publishing is intended (e.g. assemble). This was not the case with the previous version.

The culprit is here: https://github.com/Triple-T/gradle-play-publisher/blob/2fd7ef40e29ebcd0c7dd44ce4fd0c9aed6d77e12/plugin/src/main/kotlin/com/github/triplet/gradle/play/PlayPublisherPlugin.kt#L99

The plugin automatically assumes that the credentials provided are PKCS12 if they are not recognized to be JSON.

To Reproduce

Try building a project with following configuration for the play publisher plugin:

play {
    serviceAccountCredentials = file(getRootDir().path)
    track 'internal'
}

Versions

  • Gradle Play Publisher: 2.0.0-rc2
  • Gradle Wrapper (if applicable): 4.10.1
  • Android Gradle Plugin (if applicable): 3.4.0-alpha02

Expected behavior

A.) Recognize error case correctly

The error message is misleading since the problem here is that no credentials are provided at all.

B.) Verify integrity at a later stage

Correct configuration of the plugin is only relevant if an actual publish task is being executed. At this early stage it blocks any task execution and not just the publishing. This would be consistent with other plugins e.g. the android plugin is concerned with missing signing credentials only when an actual signing task is performed.
Another option is to convert these checks into warnings.

Additional context

Is there already a way to disable theses checks that I am not aware of?

Most helpful comment

As you noticed in the source code, as long as the file name ends in json, we'll assume the credentials are correct whether or not they actually exist. For now, you can use this hack.

As for changing this, we plan to allow not specifying credentials in v2.1. See #461 for more details.

>All comments

As you noticed in the source code, as long as the file name ends in json, we'll assume the credentials are correct whether or not they actually exist. For now, you can use this hack.

As for changing this, we plan to allow not specifying credentials in v2.1. See #461 for more details.

Was this page helpful?
0 / 5 - 0 ratings

Related issues

ivoberger picture ivoberger  路  4Comments

mhgk picture mhgk  路  3Comments

blazsolar picture blazsolar  路  3Comments

chrisjenx picture chrisjenx  路  5Comments

kristiyanP picture kristiyanP  路  4Comments