I have an application enrolled in Google App Signing, so the signature of the delivered APK will be different from the signature of the uploaded APK. I currently have the production APK installed on my android device and I'd like to run the app from Android Studio without losing the data, so I need to use the same SHA-1 to update the application.
If I run the application from Android Studio, with the release build type, the APK is automatically signed with the keystore that I used for the upload on Google Play Console. The SHA-1 is different from the one auto generated by Google App Signing, so Android Studio asks to uninstall the existing application:
Installation did not succeed. The application could not be installed: INSTALL_FAILED_UPDATE_INCOMPATIBLE The device already has an application with the same package but a different signature.
This is allowed for the applications that are not enrolled in Google App Signing, because the keystore SHA-1 is always the same. Is there a solution to this?
I tried to download the Upload certificate from Google Play console and add the certificate to my current keystore file, but it didn't work:
keytool -importcert -file upload_cert.der -keystore keystore.jks
There is no way to get an APK signed with your release key other than by uploading an APK to the Play Console if you opted for Google to generate the signing key.
However, there are good other testing processes you can set up which should hopefully help you. Make sure to differentiate your iterative local tests from your release QA (i.e. shortly before the release):
In the former case (iterative local builds), you should always test with a debug key, and you can also test the upgrade flow from one version signed with the test key to another version signed with the test key.
In the latter case, shortly before you release, you should upload an APK to the Play Console to a closed track to test exactly what will be served by the Play Console, and you can do a final check of the upgrade flow on a released app.
(Note that the internal testing track will not help you test the upgrade flow from a release-signed APK since the APK signed by Play in this case is a debug key and not your release key, so make sure you use a closed track instead).
Hope that helps.