Even though signing Android applications is quite simpler than signing iOS applications, it’s sometimes annoying to set it up and reliably automate it (without using Phonegap or comparable services). Recently I tried automating singing a Cordova application for Android and struggled finding a reliable documentation.

The official Cordova documentation states, that you can easily append a bunch of arguments to the build command to automatically sign your Android application:

Keystore (--keystore): Path to a binary file which can hold a set of keys.
Keystore password (--storePassword): Password to the keystore
Alias (--alias): The id specifying the private key used for singing.
Password (--password): Password for the private key specified.
Type of the keystore (--keystoreType): pkcs12, jks (Default: auto-detect based on file extension)

The catch is, you need to append these arguments as platformopts (POPTS):

cordova build [PROD] [TARGET] [EXP] [PLATS] [BUILDCONFIG] [-- POPTS]

  PROD:   --debug|--release
  TARGET: --device|--emulator|--target=FOO
  EXP:    --experimental [EXPERIMENTALFLAGS]
  PLATS:  PLATFORM [...]
  BUILDCONFIG: --buildConfig=CONFIGFILE
  POPTS:  platformopts

Therefore the command to build a signed Cordova android application becomes:

cordova build --release android -- --keystore=my.keystore --storePassword=K3ySt0reP4ssw0rd --alias=foobar --password=K3yP4ssw0rd

---

Alternatively, you could specify them in a build configuration file (build.json) using (–buildConfig) argument.

{
     "android": {
         "release": {
             "keystore": "my.keystore",
             "storePassword": "K3ySt0reP4ssw0rd",
             "alias": "foobar",
             "password" : "K3yP4ssw0rd",
             "keystoreType": ""
         }
     }
 }

and respectively

cordova build --release android --buildConfig=buildConfig.json

I tested all those commands with Cordova 5.4.0