Signing Android apk without putting keystore info in build.gradle

androidproject.properties

STORE_FILE=/your/path/to/android.keystore  
STORE_PASSWORD=yourstorepassword  
KEY_ALIAS=yourkeyalias  
KEY_PASSWORD=yourkeypassword  

build.gradle

signingConfigs {  
     release  
   }  
   buildTypes {  
     debug {  
       debuggable true  
     }  
     release {  
       minifyEnabled true  
       proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'  
       signingConfig signingConfigs.release  
     }  
   }
  
  if (project.hasProperty("AndroidProject.signing")
       && new File(project.property("AndroidProject.signing").toString()).exists()) {

     def Properties props = new Properties()
     def propFile = new File(project.property("AndroidProject.signing").toString())
     if(propFile.canRead()) {
        props.load(new FileInputStream(propFile))

        if (props!=null && props.containsKey('STORE_FILE') && props.containsKey('STORE_PASSWORD') &&
                props.containsKey('KEY_ALIAS') && props.containsKey('KEY_PASSWORD')) {
                android.signingConfigs.release.storeFile = file(props['STORE_FILE'])
                android.signingConfigs.release.storePassword = props['STORE_PASSWORD']
                android.signingConfigs.release.keyAlias = props['KEY_ALIAS']
                android.signingConfigs.release.keyPassword = props['KEY_PASSWORD']
        } else {
           println 'androidproject.properties found but some entries are missing'
           android.buildTypes.release.signingConfig = null
        }
     } else {
        println 'androidproject.properties file not found'
	      android.buildTypes.release.signingConfig = null
     }
       
  }

gradle.properties

AndroidProject.signing=/your/path/androidproject.properties