kamp/fdroidserver
1
0
Fork 0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-19 05:10:10 +01:00
Code Activity
c196f7dd7a
fdroidserver/fdroidserver/publish.py

233 lines
9.6 KiB
Python
Raw Normal View History

Switch all headers to python3
2016-01-04 16:33:20 +01:00
#!/usr/bin/env python3
Separated build (compile) from publish (sign)
2012-02-02 15:27:49 +01:00
#
# publish.py - part of the FDroid server tools
Handle repo config in a more sensible way
2013-10-31 16:37:39 +01:00
# Copyright (C) 2010-13, Ciaran Gultnieks, ciaran@ciarang.com
Update my own copyright notices
2014-01-28 14:07:19 +01:00
# Copyright (C) 2013-2014 Daniel Martí <mvdan@mvdan.cc>
Separated build (compile) from publish (sign)
2012-02-02 15:27:49 +01:00
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU Affero General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program. If not, see <http://www.gnu.org/licenses/>.
import sys
import os
keep .apk file ext when diffoscope'ing Binaries:
2017-07-15 22:15:30 +02:00
import re
Separated build (compile) from publish (sign)
2012-02-02 15:27:49 +01:00
import shutil
import glob
Replace md5 with hashlib.md5
2016-01-04 18:36:47 +01:00
import hashlib
replace deprecated optparse with argparse following guidelines from: https://docs.python.org/2/library/argparse.html#upgrading-optparse-code except, still using option = parse.parse_args() instead of args = ... - using the following script in folder fdroidserver: for i in *.py; do sed -i -e 's/optparse/argparse/' \ -e 's/OptionParser/ArgumentParser/' \ -e 's/OptionError/ArgumentError/' \ -e 's/add_option/add_argument/' \ -e 's/(options, args) = parser/options = parser/' \ -e 's/options, args = parser/options = parser/' \ -e 's/Usage: %prog/%(prog)s/' $i; done - use ArgumentParser argument to replace (option, args) = parser.parse() call - use parser.error(msg) instead of raise ArgumentException as suggested in https://docs.python.org/2/library/argparse.html#exiting-methods - in fdroid catch ArgumentError instead of OptionError
2015-09-04 11:37:05 +02:00
from argparse import ArgumentParser
More logging switching
2014-01-27 17:08:54 +01:00
import logging
Correct plurals
2017-09-13 17:33:57 +02:00
from gettext import ngettext
Separated build (compile) from publish (sign)
2012-02-02 15:27:49 +01:00
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
from . import _
Port all imports to python3
2016-01-04 17:37:35 +01:00
from . import common
from . import metadata
Replace sys.exit() in non-main functions by exceptions Also move all exceptions into one module
2017-05-22 21:33:52 +02:00
from .common import FDroidPopen, SdkToolsPopen
from .exception import BuildException
Separated build (compile) from publish (sign)
2012-02-02 15:27:49 +01:00
Start rewriting options and config as common.py globals
2013-11-01 12:10:57 +01:00
config = None
options = None
Handle repo config in a more sensible way
2013-10-31 16:37:39 +01:00
fix PEP8 "E302 expected 2 blank lines, found 1"
2014-05-02 05:39:33 +02:00
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
def main():
Start rewriting options and config as common.py globals
2013-11-01 12:10:57 +01:00
global config, options
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
# Parse command line...
replace deprecated optparse with argparse following guidelines from: https://docs.python.org/2/library/argparse.html#upgrading-optparse-code except, still using option = parse.parse_args() instead of args = ... - using the following script in folder fdroidserver: for i in *.py; do sed -i -e 's/optparse/argparse/' \ -e 's/OptionParser/ArgumentParser/' \ -e 's/OptionError/ArgumentError/' \ -e 's/add_option/add_argument/' \ -e 's/(options, args) = parser/options = parser/' \ -e 's/options, args = parser/options = parser/' \ -e 's/Usage: %prog/%(prog)s/' $i; done - use ArgumentParser argument to replace (option, args) = parser.parse() call - use parser.error(msg) instead of raise ArgumentException as suggested in https://docs.python.org/2/library/argparse.html#exiting-methods - in fdroid catch ArgumentError instead of OptionError
2015-09-04 11:37:05 +02:00
parser = ArgumentParser(usage="%(prog)s [options] "
"[APPID[:VERCODE] [APPID[:VERCODE] ...]]")
all: deduplicate -v/-q setup
2015-09-12 08:42:50 +02:00
common.setup_global_opts(parser)
rename 'app-id' to standard Android 'applicationId' * https://developer.android.com/studio/build/application-id.html * https://sites.google.com/a/android.com/tools/tech-docs/new-build-system/applicationid-vs-packagename This only changes the term in the human texts, not var names or CLI flags.
2017-09-15 11:41:39 +02:00
parser.add_argument("appid", nargs='*', help=_("applicationId with optional versionCode in the form APPID[:VERCODE]"))
make metadata exceptions optional based on CLI flag In many cases, there are times where metadata errors need to be ignored, or at least not stop the command from running. For example, there will inevitably be new metadata fields added, in which case a packaged version of fdroidserver will throw errors on each one. This adds a standard -W flag to customize the response: ignore, default, or error. * by default, the errors are still errors * `fdroid readmeta -W` will just print errors * `fdroid readmeta -Wignore` will not even print errors https://gitlab.com/fdroid/fdroidserver/issues/150
2016-09-12 12:55:48 +02:00
metadata.add_metadata_arguments(parser)
replace deprecated optparse with argparse following guidelines from: https://docs.python.org/2/library/argparse.html#upgrading-optparse-code except, still using option = parse.parse_args() instead of args = ... - using the following script in folder fdroidserver: for i in *.py; do sed -i -e 's/optparse/argparse/' \ -e 's/OptionParser/ArgumentParser/' \ -e 's/OptionError/ArgumentError/' \ -e 's/add_option/add_argument/' \ -e 's/(options, args) = parser/options = parser/' \ -e 's/options, args = parser/options = parser/' \ -e 's/Usage: %prog/%(prog)s/' $i; done - use ArgumentParser argument to replace (option, args) = parser.parse() call - use parser.error(msg) instead of raise ArgumentException as suggested in https://docs.python.org/2/library/argparse.html#exiting-methods - in fdroid catch ArgumentError instead of OptionError
2015-09-04 11:37:05 +02:00
options = parser.parse_args()
make metadata exceptions optional based on CLI flag In many cases, there are times where metadata errors need to be ignored, or at least not stop the command from running. For example, there will inevitably be new metadata fields added, in which case a packaged version of fdroidserver will throw errors on each one. This adds a standard -W flag to customize the response: ignore, default, or error. * by default, the errors are still errors * `fdroid readmeta -W` will just print errors * `fdroid readmeta -Wignore` will not even print errors https://gitlab.com/fdroid/fdroidserver/issues/150
2016-09-12 12:55:48 +02:00
metadata.warnings_action = options.W
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
Start rewriting options and config as common.py globals
2013-11-01 12:10:57 +01:00
config = common.read_config(options)
use jarsigner and keytool from same JDK as is being set in JAVA7_HOME Using the same JDK throughout should prevent weird bugs where a setup might use Java8's jarsigner and Java7's keytool. This also allows the user to set java_paths and have jarsigner and keytool used from that specified JDK. This incorporates almost all of the patch that is in the Debian package that forces fdroidserver to use the default JDK on that Debian release. closes #93 https://gitlab.com/fdroid/fdroidserver/issues/93
2016-02-11 20:43:55 +01:00
if not ('jarsigner' in config and 'keytool' in config):
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
logging.critical(_('Java JDK not found! Install in standard location or set java_paths!'))
use jarsigner and keytool from same JDK as is being set in JAVA7_HOME Using the same JDK throughout should prevent weird bugs where a setup might use Java8's jarsigner and Java7's keytool. This also allows the user to set java_paths and have jarsigner and keytool used from that specified JDK. This incorporates almost all of the patch that is in the Debian package that forces fdroidserver to use the default JDK on that Debian release. closes #93 https://gitlab.com/fdroid/fdroidserver/issues/93
2016-02-11 20:43:55 +01:00
sys.exit(1)
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
log_dir = 'logs'
if not os.path.isdir(log_dir):
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
logging.info(_("Creating log directory"))
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
os.makedirs(log_dir)
tmp_dir = 'tmp'
if not os.path.isdir(tmp_dir):
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
logging.info(_("Creating temporary directory"))
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
os.makedirs(tmp_dir)
output_dir = 'repo'
if not os.path.isdir(output_dir):
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
logging.info(_("Creating output directory"))
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
os.makedirs(output_dir)
unsigned_dir = 'unsigned'
if not os.path.isdir(unsigned_dir):
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
logging.warning(_("No unsigned directory - nothing to do"))
Validate publish-related file existence before proceeding
2014-04-04 16:37:18 +02:00
sys.exit(1)
Eliminate the need for password files The passwords are now passed as private environment variables to the processes that need them.
2017-04-11 21:34:49 +02:00
if not os.path.exists(config['keystore']):
logging.error("Config error - missing '{0}'".format(config['keystore']))
sys.exit(1)
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
Fix too long lines in publish
2014-05-13 00:01:53 +02:00
# It was suggested at
# https://dev.guardianproject.info/projects/bazaar/wiki/FDroid_Audit
Verify generated key alias uniqueness Refuses to sign in the event of any problem - see comments for details
2013-11-07 09:11:05 +01:00
# that a package could be crafted, such that it would use the same signing
# key as an existing app. While it may be theoretically possible for such a
# colliding package ID to be generated, it seems virtually impossible that
# the colliding ID would be something that would be a) a valid package ID,
# and b) a sane-looking ID that would make its way into the repo.
# Nonetheless, to be sure, before publishing we check that there are no
# collisions, and refuse to do any publishing if that's the case...
Adapt publish to new format, improve completion
2013-12-19 22:55:17 +01:00
allapps = metadata.read_metadata()
replace deprecated optparse with argparse following guidelines from: https://docs.python.org/2/library/argparse.html#upgrading-optparse-code except, still using option = parse.parse_args() instead of args = ... - using the following script in folder fdroidserver: for i in *.py; do sed -i -e 's/optparse/argparse/' \ -e 's/OptionParser/ArgumentParser/' \ -e 's/OptionError/ArgumentError/' \ -e 's/add_option/add_argument/' \ -e 's/(options, args) = parser/options = parser/' \ -e 's/options, args = parser/options = parser/' \ -e 's/Usage: %prog/%(prog)s/' $i; done - use ArgumentParser argument to replace (option, args) = parser.parse() call - use parser.error(msg) instead of raise ArgumentException as suggested in https://docs.python.org/2/library/argparse.html#exiting-methods - in fdroid catch ArgumentError instead of OptionError
2015-09-04 11:37:05 +02:00
vercodes = common.read_pkg_args(options.appid, True)
Verify generated key alias uniqueness Refuses to sign in the event of any problem - see comments for details
2013-11-07 09:11:05 +01:00
allaliases = []
Map apps in memory from appid to appinfo Instead of storing them in a list and doing linear searches by appinfo['id']
2014-08-16 12:46:02 +02:00
for appid in allapps:
Replace md5 with hashlib.md5
2016-01-04 18:36:47 +01:00
m = hashlib.md5()
publish: fix hashing of strings
2016-01-04 18:46:51 +01:00
m.update(appid.encode('utf-8'))
Verify generated key alias uniqueness Refuses to sign in the event of any problem - see comments for details
2013-11-07 09:11:05 +01:00
keyalias = m.hexdigest()[:8]
if keyalias in allaliases:
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
logging.error(_("There is a keyalias collision - publishing halted"))
Verify generated key alias uniqueness Refuses to sign in the event of any problem - see comments for details
2013-11-07 09:11:05 +01:00
sys.exit(1)
allaliases.append(keyalias)
Correct plurals
2017-09-13 17:33:57 +02:00
logging.info(ngettext('{0} app, {1} key aliases',
'{0} apps, {1} key aliases', len(allapps)).format(len(allapps), len(allaliases)))
Verify generated key alias uniqueness Refuses to sign in the event of any problem - see comments for details
2013-11-07 09:11:05 +01:00
`fdroid publish` now includes OTA ZIPs and related source This adds support for publishing ZIP files which were built with `fdroid build`. This is for "Over-The-Air" (OTA) update ZIP files for flashing to ROMs. The first example of this is the Privileged Extension, which must be installed by flashing an OTA ZIP on Android > 5.0. !181 https://gitlab.com/fdroid/privileged-extension/issues/9 https://gitlab.com/fdroid/privileged-extension/issues/10 https://gitlab.com/fdroid/fdroiddata/merge_requests/1804 Also, "if app.Binaries:" is the same as "if app.Binaries is not None:", but is the standard Python style.
2016-12-07 11:48:05 +01:00
# Process any APKs or ZIPs that are waiting to be signed...
for apkfile in sorted(glob.glob(os.path.join(unsigned_dir, '*.apk'))
+ glob.glob(os.path.join(unsigned_dir, '*.zip'))):
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
`fdroid publish` now includes OTA ZIPs and related source This adds support for publishing ZIP files which were built with `fdroid build`. This is for "Over-The-Air" (OTA) update ZIP files for flashing to ROMs. The first example of this is the Privileged Extension, which must be installed by flashing an OTA ZIP on Android > 5.0. !181 https://gitlab.com/fdroid/privileged-extension/issues/9 https://gitlab.com/fdroid/privileged-extension/issues/10 https://gitlab.com/fdroid/fdroiddata/merge_requests/1804 Also, "if app.Binaries:" is the same as "if app.Binaries is not None:", but is the standard Python style.
2016-12-07 11:48:05 +01:00
appid, vercode = common.publishednameinfo(apkfile)
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
apkfilename = os.path.basename(apkfile)
Adapt publish to new format, improve completion
2013-12-19 22:55:17 +01:00
if vercodes and appid not in vercodes:
continue
if appid in vercodes and vercodes[appid]:
if vercode not in vercodes[appid]:
continue
fix string formats that are ambiguous for translators
2017-09-15 23:20:29 +02:00
logging.info(_("Processing {apkfilename}").format(apkfilename=apkfile))
Adapt publish to new format, improve completion
2013-12-19 22:55:17 +01:00
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
# There ought to be valid metadata for this app, otherwise why are we
# trying to publish it?
Fix all pep8 warnings
2014-10-24 22:23:58 +02:00
if appid not in allapps:
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
logging.error("Unexpected {0} found in unsigned directory"
Fix all pep8 warnings
2014-10-24 22:23:58 +02:00
.format(apkfilename))
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
sys.exit(1)
app = allapps[appid]
`fdroid publish` now includes OTA ZIPs and related source This adds support for publishing ZIP files which were built with `fdroid build`. This is for "Over-The-Air" (OTA) update ZIP files for flashing to ROMs. The first example of this is the Privileged Extension, which must be installed by flashing an OTA ZIP on Android > 5.0. !181 https://gitlab.com/fdroid/privileged-extension/issues/9 https://gitlab.com/fdroid/privileged-extension/issues/10 https://gitlab.com/fdroid/fdroiddata/merge_requests/1804 Also, "if app.Binaries:" is the same as "if app.Binaries is not None:", but is the standard Python style.
2016-12-07 11:48:05 +01:00
if app.Binaries:
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
# It's an app where we build from source, and verify the apk
# contents against a developer's binary, and then publish their
# version if everything checks out.
Use pre-retrieved Binary when publishing This allows this system to work when the machine that runs 'fdroid publish' is offline.
2015-01-31 16:36:57 +01:00
# The binary should already have been retrieved during the build
# process.
keep .apk file ext when diffoscope'ing Binaries:
2017-07-15 22:15:30 +02:00
srcapk = re.sub(r'.apk$', '.binary.apk', apkfile)
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
# Compare our unsigned one with the downloaded one...
Use jarsigner-based verification in publish
2015-01-31 16:59:00 +01:00
compare_result = common.verify_apks(srcapk, apkfile, tmp_dir)
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
if compare_result:
fix typo in error message
2015-01-07 19:57:15 +01:00
logging.error("...verification failed - publish skipped : "
Fix all pep8 warnings
2014-10-24 22:23:58 +02:00
+ compare_result)
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
continue
Use pre-retrieved Binary when publishing This allows this system to work when the machine that runs 'fdroid publish' is offline.
2015-01-31 16:36:57 +01:00
# Success! So move the downloaded file to the repo, and remove
# our built version.
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
shutil.move(srcapk, os.path.join(output_dir, apkfilename))
Use pre-retrieved Binary when publishing This allows this system to work when the machine that runs 'fdroid publish' is offline.
2015-01-31 16:36:57 +01:00
os.remove(apkfile)
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
`fdroid publish` now includes OTA ZIPs and related source This adds support for publishing ZIP files which were built with `fdroid build`. This is for "Over-The-Air" (OTA) update ZIP files for flashing to ROMs. The first example of this is the Privileged Extension, which must be installed by flashing an OTA ZIP on Android > 5.0. !181 https://gitlab.com/fdroid/privileged-extension/issues/9 https://gitlab.com/fdroid/privileged-extension/issues/10 https://gitlab.com/fdroid/fdroiddata/merge_requests/1804 Also, "if app.Binaries:" is the same as "if app.Binaries is not None:", but is the standard Python style.
2016-12-07 11:48:05 +01:00
elif apkfile.endswith('.zip'):
# OTA ZIPs built by fdroid do not need to be signed by jarsigner,
# just to be moved into place in the repo
shutil.move(apkfile, os.path.join(output_dir, apkfilename))
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
else:
# It's a 'normal' app, i.e. we sign and publish it...
# Figure out the key alias name we'll use. Only the first 8
# characters are significant, so we'll use the first 8 from
# the MD5 of the app's ID and hope there are no collisions.
# If a collision does occur later, we're going to have to
# come up with a new alogrithm, AND rename all existing keys
# in the keystore!
if appid in config['keyaliases']:
# For this particular app, the key alias is overridden...
keyalias = config['keyaliases'][appid]
if keyalias.startswith('@'):
Replace md5 with hashlib.md5
2016-01-04 18:36:47 +01:00
m = hashlib.md5()
publish: fix hashing of strings
2016-01-04 18:46:51 +01:00
m.update(keyalias[1:].encode('utf-8'))
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
keyalias = m.hexdigest()[:8]
else:
Replace md5 with hashlib.md5
2016-01-04 18:36:47 +01:00
m = hashlib.md5()
publish: fix hashing of strings
2016-01-04 18:46:51 +01:00
m.update(appid.encode('utf-8'))
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
keyalias = m.hexdigest()[:8]
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
logging.info("Key alias: " + keyalias)
# See if we already have a key for this application, and
# if not generate one...
Eliminate the need for password files The passwords are now passed as private environment variables to the processes that need them.
2017-04-11 21:34:49 +02:00
env_vars = {
'FDROID_KEY_STORE_PASS': config['keystorepass'],
'FDROID_KEY_PASS': config['keypass'],
}
use jarsigner and keytool from same JDK as is being set in JAVA7_HOME Using the same JDK throughout should prevent weird bugs where a setup might use Java8's jarsigner and Java7's keytool. This also allows the user to set java_paths and have jarsigner and keytool used from that specified JDK. This incorporates almost all of the patch that is in the Debian package that forces fdroidserver to use the default JDK on that Debian release. closes #93 https://gitlab.com/fdroid/fdroidserver/issues/93
2016-02-11 20:43:55 +01:00
p = FDroidPopen([config['keytool'], '-list',
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
'-alias', keyalias, '-keystore', config['keystore'],
Eliminate the need for password files The passwords are now passed as private environment variables to the processes that need them.
2017-04-11 21:34:49 +02:00
'-storepass:env', 'FDROID_KEY_STORE_PASS'], envs=env_vars)
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
if p.returncode != 0:
logging.info("Key does not exist - generating...")
use jarsigner and keytool from same JDK as is being set in JAVA7_HOME Using the same JDK throughout should prevent weird bugs where a setup might use Java8's jarsigner and Java7's keytool. This also allows the user to set java_paths and have jarsigner and keytool used from that specified JDK. This incorporates almost all of the patch that is in the Debian package that forces fdroidserver to use the default JDK on that Debian release. closes #93 https://gitlab.com/fdroid/fdroidserver/issues/93
2016-02-11 20:43:55 +01:00
p = FDroidPopen([config['keytool'], '-genkey',
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
'-keystore', config['keystore'],
'-alias', keyalias,
'-keyalg', 'RSA', '-keysize', '2048',
'-validity', '10000',
Eliminate the need for password files The passwords are now passed as private environment variables to the processes that need them.
2017-04-11 21:34:49 +02:00
'-storepass:env', 'FDROID_KEY_STORE_PASS',
'-keypass:env', 'FDROID_KEY_PASS',
'-dname', config['keydname']], envs=env_vars)
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
if p.returncode != 0:
raise BuildException("Failed to generate key")
proper error message when publishing with the same app in repo and unsigned
2017-05-30 14:53:54 +02:00
signed_apk_path = os.path.join(output_dir, apkfilename)
if os.path.exists(signed_apk_path):
raise BuildException("Refusing to sign '{0}' file exists in both "
"{1} and {2} folder.".format(apkfilename,
unsigned_dir,
output_dir))
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
# Sign the application...
use jarsigner and keytool from same JDK as is being set in JAVA7_HOME Using the same JDK throughout should prevent weird bugs where a setup might use Java8's jarsigner and Java7's keytool. This also allows the user to set java_paths and have jarsigner and keytool used from that specified JDK. This incorporates almost all of the patch that is in the Debian package that forces fdroidserver to use the default JDK on that Debian release. closes #93 https://gitlab.com/fdroid/fdroidserver/issues/93
2016-02-11 20:43:55 +01:00
p = FDroidPopen([config['jarsigner'], '-keystore', config['keystore'],
Eliminate the need for password files The passwords are now passed as private environment variables to the processes that need them.
2017-04-11 21:34:49 +02:00
'-storepass:env', 'FDROID_KEY_STORE_PASS',
'-keypass:env', 'FDROID_KEY_PASS', '-sigalg',
Replace MD5withRSA with SHA1withRSA. Fixes #26. Looks to me like we were using SHA1withRSA all along. Tested that everything still works with a test repo. As Hans reports, SHA1withRSA has been the default on Android tools for a long time and it's supported on all Android versions.
2015-09-25 03:50:51 +02:00
'SHA1withRSA', '-digestalg', 'SHA1',
Eliminate the need for password files The passwords are now passed as private environment variables to the processes that need them.
2017-04-11 21:34:49 +02:00
apkfile, keyalias], envs=env_vars)
Separated build (compile) from publish (sign)
2012-02-02 15:27:49 +01:00
if p.returncode != 0:
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
raise BuildException(_("Failed to sign application"))
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
# Zipalign it...
run all SDK tools commands using SdkToolsPopen
2014-12-09 15:15:36 +01:00
p = SdkToolsPopen(['zipalign', '-v', '4', apkfile,
os.path.join(output_dir, apkfilename)])
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
if p.returncode != 0:
implement gettext localization This allows all the text to be localized via Weblate. This is a quick overview of all the strings, but there are certainly some that were left out. closes #342
2017-09-13 18:03:57 +02:00
raise BuildException(_("Failed to align application"))
Support for publishing signed binaries from elsewhere Done after verifying that they match ones built using a recipe. Everything in the metadata should be the same as normal, with the addition of the Binaries: directive to specify where (with pattern substitution) to get the binaries from. Publishing only takes place if there is a proper match. (Which seems very unlikely to be the case unless the exact same toolchain is used, so I would imagine that unless the person building and signing the incoming binaries uses fdroidserver to build them, probably the exact same buildserver id, they will not match. But at least we have the functionality to support that.)
2014-10-24 22:04:15 +02:00
os.remove(apkfile)
Adapt publish to new format, improve completion
2013-12-19 22:55:17 +01:00
# Move the source tarball into the output directory...
tarfilename = apkfilename[:-4] + '_src.tar.gz'
Don't crash if an apk got built without source (e.g. with --no-tarball)
2014-02-17 16:51:42 +01:00
tarfile = os.path.join(unsigned_dir, tarfilename)
if os.path.exists(tarfile):
shutil.move(tarfile, os.path.join(output_dir, tarfilename))
Adapt publish to new format, improve completion
2013-12-19 22:55:17 +01:00
More logging switching
2014-01-27 17:08:54 +01:00
logging.info('Published ' + apkfilename)
All callable scripts now implement main()
2012-02-26 15:18:58 +01:00
if __name__ == "__main__":
main()
Copy Permalink