ProjectsBlogs
Contact

How to update Circle CI config to send Build Artifacts to Azure

Jan 16, 2023 - 5 min read

View on Medium
Top Story
Introduction

The next step after creating and signing a new app flavour was to ensure that the CI/CD pipeline functioned as intended. The initial problem I faced is outlined in this article. I had to make two flavours of the same app:

  • A store version, where the APK produced had to be pushed to the internal test tracks in the Google Play Store
  • A hub flavour, where the APK needed to be pushed to an Azure account.

This article covers how I updated the CircleCI configuration to ensure the APK from the hub flavour was uploaded to a folder in Azure.

An Introduction to CircleCI

CircleCI is a continuous integration & delivery platform that helps development teams release code rapidly and automate the build, test, and deployment process. After repositories on GitHub or Bitbucket are authorized and added as a project to CircleCI, jobs can begin to run.

CircleCI finds and runs the .circleci/config.yml file, which orchestrates your build, tests, security scans, approval steps, and deployment.

Ensuring the CI/CD passes

The CI/CD pipeline builds the flavours of the app from the latest tag on the main branch. However, several changes needed to be made to the configuration due to the new flavour of the app.

One of the first steps was to create new environment variables for the project within CircleCI.

Environment Variables

In CircleCI, I created two new environment variables:

  • ORG_GRADLE_HUB_PASSWORD: Contains the password for the keystore used to sign the hub version of the app.
  • Hub_Encryption_Key: This variable contains the key for the encrypted keystore. This allows the keystore to be decrypted within the pipeline.

For the hub flavour of the app, I created a new workflow in the circleci/config.yml file called build-hub. All of the workflows use the same job. Its called android-build. It’s an identical build for all the other app flavours. However, new logic had to be included. It was important to determine if the apk was from the hub flavour of the app as it required different functionality. To do this I inserted an “If” statement. This meant the keystore would be decrypted using the new environment variables I created above. All the other steps in the android-build job installs the related dependencies and Docker images. Below is a snippet from the android-build job where the new logic has been added.

run:
  name: Create release keystore.properties by overwriting the debug one that is stored in the repo
  command: |
    if [[ $parameters.flavor == "hub" ]]; then
      printf "ORG_GRADLE_PROJECT_KEY_ALIAS=hubkey
      ORG_GRADLE_PROJECT_KEY_PASSWORD=$HUB_GRADLE_PROJECT_KEYSTORE_PASS
      ORG_GRADLE_PROJECT_KEYSTORE_FILE=release-hg-keystore
      ORG_GRADLE_PROJECT_STORE_PASSWORD=$HUB_GRADLE_PROJECT_STORE_PASSWORD" > keystore.properties
    else
      printf "ORG_GRADLE_PROJECT_KEY_ALIAS=upload_key
      ORG_GRADLE_PROJECT_KEY_PASSWORD=$HUB_GRADLE_PROJECT_KEYSTORE_PASS
      ORG_GRADLE_PROJECT_KEYSTORE_FILE=release-bg-keystore
      ORG_GRADLE_PROJECT_STORE_PASSWORD=$HUB_GRADLE_PROJECT_STORE_PASSWORD" > keystore.properties
    fi
CircleCI Config Updates

In the .circleci/config.yml file, I created a new workflow called build-hub for the hub flavour of the app. The workflow used the android-build job, which is shared among all the flavours.

However, I added logic to ensure that if the APK was from the hub flavour, the keystore would be decrypted using the new environment variables.

jobs:
  android-build:
    steps:
      - run:
          name: Decrypt keystore for hub flavour
          command: |
            if [[ $CIRCLE_BRANCH == "hub" ]]; then
              gpg --quiet --batch --yes --decrypt --passphrase="$Hub_Encryption_Key" --output keystore.jks keystore.jks.gpg
            fi
New Job for Uploading APK to Azure

In addition to the build-hub workflow, I created a new job called upload-apk-to-azure. This job does the following:

  • Logs into Azure via the Azure CLI using az login
  • Sets the active subscription name using az account set --subscription
  • Copies the APK from the build outputs for the hub flavour
  • Moves the APK into a folder called app-apks, making it available for download via the hub.
jobs:
  upload-apk-to-azure:
    steps:
      - run:
          name: Upload APK to Azure
          command: |
            az login --service-principal -u "$AZURE_CLIENT_ID" -p "$AZURE_CLIENT_SECRET" --tenant "$AZURE_TENANT_ID"
            az account set --subscription "$AZURE_SUBSCRIPTION_ID"
            az storage copy -s ./build/outputs/apk/hub.apk -d "$AZURE_STORAGE_CONTAINER/app-apks/hub.apk"
Conclusion

After completing all these steps, I successfully created the new build-hub workflow. This workflow sends the latest version of the hub APK to Azure, allowing it to be downloaded by a physical hub via a QR code. This solution demonstrates how CI/CD can be effectively implemented in CircleCI, and how to update configurations to send build artifacts to Azure.

Read next

How to sign a new flavour of your Android app

It was crucial to make sure the app was signed correctly after creating a new Android flavour. Since the Google Play Store would n...

How to create a new Android Flavour of your app

After doing some research, I came to the conclusion that adding another flavour of the app was necessary in order to solve the pro...

© 2025 christopherlogan.com,All rights reserved.