Idea: Android Keystore Generation / Upload

Creating the ability for users to generate or upload their Android Keystore file would simplify the code signing process and make it easier to build Android apps on GitLab CI.

Part 1 - Upload / Generate

The first part of this feature would be to create a mechanism for users to either upload an existing keystore, or generate a new one to be stored in GitLab.

Upload Option

The upload option would require inputs for the keystore password and the alias password, as well as the ability to upload a binary file in a .keystore or .jks format.

Generate Option

We could also generate a keystore right on GitLab with just a few inputs keystore password, alias name, alias password, and keystore name (example: https://flutter.dev/docs/deployment/android#create-an-upload-keystore)

For both options, we would want to a way to validate the keystore was readable. The ruby OpenSSL::PKCS12 should be able to handle these interactions. https://ruby-doc.org/stdlib-2.4.0/libdoc/openssl/rdoc/OpenSSL/PKCS12.html

Part 2 - Add Keystore to CI builds

This could be done in a few ways, but in this part we would figure out a way to load the keystore data and passwords into the build so that all the information is available to Gradle. In this example a few environment variables are set for the release configuration https://gitlab.com/gitlab-org/incubation-engineering/devops-for-mobile-apps/gitlab_unfiltered/-/blob/master/android/app/build.gradle#L59-66

One interesting idea would be to create a Fastlane action for this. Something like fastlane gitlab load_keystore

The value of this for a user is it would eliminate a lot of the complexity present today when trying to sign and build an android app (example here: https://gitlab.com/gitlab-org/incubation-engineering/devops-for-mobile-apps/readme/-/issues/31#android-app-signing).

Note: A security evaluation of an approach like this would be necessary as well.