When I try to install an .apk built from a GitHub workflow over one that I built locally, I get the following error:
$ adb install -r /path/to/package-debug.apk
Performing Push Install
/path/to/package-debug.apk: 1 file pushed, 0 skipped. 14.1 MB/s (4047241 bytes in 0.275s)
pkg: /data/local/tmp/package-debug.apk
Failure [INSTALL_FAILED_UPDATE_INCOMPATIBLE]
I can install the GitHub built version if I uninstall the locally built package first.
I have run aapk
on both packages to make sure they were built with the same min
& target
values. My guess is that the key signatures are different, but I'm not sure. The build is configured to use the default signing config (signingConfig signingConfigs.debug
) in build.gradle
. Do different versions of the Android development tools provide different versions of the debug signing keystore? Or does each installation generate a unique keystore file? Is there a way I can get more information on why the installation fails?
I also noticed that the file sizes are different:
$ wc -c local-debug.apk
4085058 local-debug.apk
$ wc -c remote-debug.apk
4047241 remote-debug.apk
I have looked at this question, but the answers are about uninstalling first. I need to figure out how to make the remote build compatible with the local one.
I found a solution before posting this question. And as I haven't seen the answer on StackOverflow, I will post it in case it might help someone else.
It appears that the Android development tools generate unique debug keystores on systems that don't already have one. I was assuming that the keystore file was a universal one. So to solve the problem, I simply included the keystore file with the source code (I'm assuming is safe as it is meant for debugging only) & set its location in the gradle.build
file.
In this particular case, I put the keystore file in the same directory as the gradlew
script & added the following line to app/build.gradle
:
signingConfigs.debug.storeFile file("../debug.keystore")
Edit: Though now I have deleted it as the head developer felt it was unsecure. So, use this solution at your own risk & don't use debug keys for signing official releases of your software.