bug: npx cap build not able to build with signing-type apksigner while having keystore with multiple keys / endless loop with single key

[tiga05]

Bug Report

Capacitor Version

npx cap doctor
   Capacitor Doctor   

Latest Dependencies:

  @capacitor/cli: 5.5.1
  @capacitor/core: 5.5.1
  @capacitor/android: 5.5.1
  @capacitor/ios: 5.5.1

Installed Dependencies:

  @capacitor/ios: not installed
  @capacitor/cli: 5.5.1
  @capacitor/android: 5.5.1
  @capacitor/core: 5.5.1

[success] Android looking great! 👌

Platform(s)

Android

Current Behavior

I would like to create an apk (not aab!) bundle compatible with Android 11+ (using the undocumented command --signing-type apksigner) running the npx cap build command, f.e. like this:
npx cap build android --keystorepath keystore.jks --keystorepass keystorepass --keystorealias keystorealias --keystorealiaspass keystorealiaspass --signing-type apksigner --androidreleasetype APK

This gives me the error:

√ Running Gradle build in 7.36s
× Signing Release - failed!
[error] Failed to load signer "signer #1": C:\build\myApp\AppKeystore.jks contains multiple key entries.
--ks-key-alias option must be used to specify which entry to use.

--> Yes, thats right. My signing key contains multiple entries.
--> The error which is thrown here comes from the apksigner directly and not from the cap-cli, I guess

After adding the requested command:
npx cap build android --keystorepath keystore.jks --keystorepass keystorepass --keystorealias keystorealias --keystorealiaspass keystorealiaspass --signing-type apksigner --androidreleasetype APK --ks-key-alias keystorealias
... I get this error:

error: unknown option '--ks-key-alias'

Understandable, because the cap cli does not know what to do with the command because this command is for the apksigner

btw: Creating an AAB file works!

I thought I could workaround this issue with using a single key file. But just gives me an endless loop. Please look at my example below.

Expected Behavior

1. Clarify in the documentation on how to use the --signing-type apksigner properly (again: see my issue in the doc project)
2. Support using multiple entries in the signing key when using --signing-type apksigner
3. Fix endless loop when creating signed APK using a single key in combination with --signing-type apksigner

Code Reproduction

https://github.com/tiga05/capBug

I have created a minmal working example and checked in two dummy keystores in the main folder.
SingleKey.jks and MultiKey.jks
Password for this keystores is both: keyStorePW
key0 with password: key0PW ( in both keystores)
key1 with password: key1PW ( only in multikey keystore)

• Checkout the project
• npm install
• run build command for singlekey:
• npx cap build android --keystorepath ../SingleKey.jks --keystorepass keyStorePW --keystorealias key0 --keystorealiaspass key0PW --signing-type apksigner --androidreleasetype APK
  result: RUNS ENDLESS
• run code command for multikey:
• npx cap build android --keystorepath ../MultiKey.jks --keystorepass keyStorePW --keystorealias key0 --keystorealiaspass key0PW --signing-type apksigner --androidreleasetype APK
• result: ERROR: × Signing Release - failed! [error] Failed to load signer "signer # 1":......

Creating signed AAB release, works!:
npx cap build android --keystorepath ../MultiKey.jks --keystorepass keyStorePW --keystorealias key0 --keystorealiaspass key0PW --androidreleasetype AAB

Creating signed APK release, WITHOUT --signing-type apksigner works!:
npx cap build android --keystorepath ../MultiKey.jks --keystorepass keyStorePW --keystorealias key0 --keystorealiaspass key0PW --androidreleasetype APK

[yoadv]

Same problem here.
A slight difference : I've set the apksigner in capacitor.config
android: { buildOptions: { signingType: 'apksigner' } }
Same result as @tiga05 :
the command npx cap build android --keystorepath ../mykeystore.keystore --keystorepass mykeyStorePW --keystorealias mykey --keystorealiaspass mykeyPW --androidreleasetype APK runs endless (Gradle build is ok, but "Signing release" step runs endless)

[bentleyo]

I'm running into the same issue. It looks like apksigner accepts --ks-key-alias and --key-pass parameters. Is there any argument for not passing those?

[jcesarmobile]

fixed in #7073

[ionitron-bot]

Thanks for the issue! This issue is being locked to prevent comments that are not relevant to the original issue. If this is still an issue with the latest version of Capacitor, please create a new issue and ensure the template is fully filled out.