Expo EAS Submit, where to store service account key

Question

I am looking into using EAS (expo Application Services) to submit a build to the Google Play Store. As per the docs, a serviceAccountKeyPath is required:

https://docs.expo.dev/submit/eas-json/#serviceaccountkeypath

I have successfully submitted a build by running eas submit -p android and entering the path to the JSON service account key when prompted.

As this is sensitive information, I don't want it to be added to my git repo. Should I just add it to my .gitignore, or is there a better way e.g. store it within my expo account somehow?

Answer 1

You can avoid needing to set serviceAccountKeyPath, even with your first call to eas submit, by uploading your credentials in the Expo UI.

From your project dashboard in the Expo UI:

1. Choose "Credentials" from the navigation on the left.
2. Under the Android tab, choose your Application ID (usually set in your app.config.js file)
3. Choose "Add a Google Service Account Key".
4. Upload the Google Service Account Key JSON file. If you haven't created one yet, follow their instructions.

Now the Google Service Account Key will be stored in Expo and you don't need to figure out how to store it in your repository, CI system, etc.