2 files changed, 55 insertions, 8 deletions
diff --git a/docs/html/tools/publishing/app-signing.jd b/docs/html/tools/publishing/app-signing.jd
index 04e12cc..6e64392 100644
--- a/docs/html/tools/publishing/app-signing.jd
+++ b/docs/html/tools/publishing/app-signing.jd
@@ -81,10 +81,56 @@ The debug build type is set to use this debug <code>SigningConfig</code> automat
 set of private keys. You must keep your keystore in a safe and secure place.</li>
 <li><em>Create a private key.</em> A <strong>private key</strong> represents the entity to
 be identified with the app, such as a person or a company.</li>
-<li><em>Build your project</em>. Generate an unsigned APK for your app.</li>
-<li><em>Sign your app.</em> Use your private key to generate a signed version of your APK.</li>
+<li><p>Add the signing configuration to the build file for the <code>app</code> module:</p>
+        <p><pre>
+...
+android {
+    ...
+    defaultConfig { ... }
+    signingConfigs {
+        release {
+            storeFile file("myreleasekey.keystore")
+            storePassword "password"
+            keyAlias "MyReleaseKey"
+            keyPassword "password"
+        }
+    }
+    buildTypes {
+        release {
+            ...
+            signingConfig signingConfigs.release
+        }
+    }
+}
+...
+</pre></p>
+    </li>
+<li>Invoke the <code>assembleRelease</code> build task from Android Studio.</li>
 </ol>
 
+<p>The package in <code>app/build/apk/app-release.apk</code> is now signed with your release key.</p>
+
+<p class="note"><strong>Note:</strong> Including the passwords for your release key and keystore
+inside the build file is not a good security practice. Alternatively, you can configure the build
+file to obtain these passwords from environment variables or have the build process prompt you
+for these passwords.</p>
+
+<p>To obtain these passwords from environment variables:</p>
+
+<pre>
+storePassword System.getenv("KSTOREPWD")
+keyPassword System.getenv("KEYPWD")
+</pre>
+
+<p>To have the build process prompt you for these passwords if you are invoking the build from
+the command line:</p>
+
+<pre>
+storePassword System.console().readLine("\nKeystore password: ")
+keyPassword System.console().readLine("\nKey password: ")
+</pre>
+
+
 <p>After you complete this process, you can distribute your app and publish it on Google Play.</p>
 
 <p class="warning"><strong>Warning:</strong> Keep your keystore and private key in a safe and
diff --git a/docs/html/tools/publishing/publishing_overview.jd b/docs/html/tools/publishing/publishing_overview.jd
index 3c56402..e42b2fb 100644
--- a/docs/html/tools/publishing/publishing_overview.jd
+++ b/docs/html/tools/publishing/publishing_overview.jd
@@ -73,7 +73,8 @@ tasks:</p>
   <li>Building and signing a release version of your application.
     <p>You can use the Gradle build files with the <em>release</em> build type to build and sign a
     release version of your application. See
-    <a href="{@docRoot}tools/gradle/studio-build.html">Building Your Project with Gradle</a>.</p>
+    <a href="{@docRoot}tools/building/building-studio.html">Building and Running from Android
+      Studio</a>.</p>
   </li>
   <li>Testing the release version of your application.
     <p>Before you distribute your application, you should thoroughly test the release version on at
@@ -109,7 +110,7 @@ application.</p>
 
 <p>You can release your Android applications several ways. Usually, you release applications
 through an application marketplace such as Google Play, but you can also release applications
-on your own website or by sending an application directly to a user. 
+on your own website or by sending an application directly to a user.
 
 <h3 id="publishing-marketplace">Releasing through an App Marketplace</h3>
 
@@ -183,7 +184,7 @@ button.</p>
 
 <p class="note"><strong>Note:</strong> The <strong>Install Now</strong> button
 shown in Figure 1 appears only if a user has configured their device to allow
-installation from <a href="#unknown-sources">unknown sources</a> and has opened your 
+installation from <a href="#unknown-sources">unknown sources</a> and has opened your
 email with the native Gmail application.</p>
 
 <p>Distributing applications through email is convenient if you are sending your application to
@@ -223,9 +224,9 @@ help prevent unauthorized installation and use of your application.</p>
        apps from unknown sources." style="width:240px;" />
   <p class="img-caption">
     <strong>Figure 2.</strong> Users must enable the <strong>Unknown sources</strong>
-    setting before they can install apps not downloaded from Google Play. 
+    setting before they can install apps not downloaded from Google Play.
   </p>
-</div> 
+</div>
 
 <p>Android protects users from inadvertent download and install of apps from
 locations other than Google Play (which is trusted). It blocks such installs
@@ -234,7 +235,7 @@ Settings&nbsp;<strong>&gt;</strong>&nbsp;Security, shown in Figure 2. To allow
 the installation of applications from other sources, users need to enable the
 Unknown sources setting on their devices, and they need to make this
 configuration change <em>before</em> they download your application to their
-devices.</p> 
+devices.</p>
 
 <p class="note">Note that some network providers do not allow users to install
 applications from unknown sources.</p>