1

Is it possible to specify some information, such as API keys, in a file, and then somehow inject this information into the AndroidManifest file (maybe during the build process)?

For my particular use case, the documentation for react-native-maps requires adding a Google Maps API key to the AndroidManifest file. However, I'd like to keep sensitive information out of the AndroidManifest file (instead, inside a file that will eventually be gitignored for example).

On a side note, from this question, it seems that all information inside the AndroidManifest is available to all packages on the same device. Is this still true?

Community
  • 1
  • 1
peco
  • 1,411
  • 3
  • 17
  • 38

1 Answers1

2

If the information is only needed in the manifest, you can define manifest placeholders in your build.gradle file and reference them using ${} macro syntax in the manifest.

If the information might be needed elsewhere, consider using string resources created via resConfig in your build.gradle file.

The build.gradle file can pull the actual values from gradle.properties, a custom properties file, via some API call to a server, or whatever else you want, given sufficient Gradle/Groovy/Java coding. Typically, I have gradle.properties listed in .gitignore, and so I put this sort of thing in there, though I am not certain if that approach is common practice.

it seems that all information inside the AndroidManifest is available to all packages on the same device. Is this still true?

"All" is a strong term, but I would say that the vast majority of information in the manifest is visible through PackageManager. Sometimes, it's not directly accessible (e.g., I don't recall a way to get the <intent-filter> list for a component), but it's still there if you find the right way to get at it.

CommonsWare
  • 986,068
  • 189
  • 2,389
  • 2,491