Establish an Android application signing process

Document it, automate it, set it up on CI - whatever is reasonable and lets us build signed applications. If it matters, this work can ignore Google Play and we can sort that out next (but if it's just the same thing ... great).