Merge branch '148-no-verify-logs-on-split-build-publish-infrastructure' into 'master'

compare apk with Binaries from metadata right after building Closes #148 See merge request !247
2024-08-15 19:00:11 +02:00 · 2017-04-24 18:50:58 +00:00 · 2017-04-24 18:50:58 +00:00 · 591bfc4474
commit 591bfc4474
parent 1c25c516aa fc4e40255d
5 changed files with 44 additions and 8 deletions
--- a/buildserver/config.buildserver.py
+++ b/buildserver/config.buildserver.py
@ -9,5 +9,5 @@ ndk_paths = {
 }
 qt_sdk_path = "/home/vagrant/qt-sdk/5.7.0/5.7"
 java_paths = {
-    '8': "/usr/lib/jvm/java-8-openjdk-i386",
+    '8': "/usr/lib/jvm/java-8-openjdk-amd64",
 }
--- a/fdroidserver/build.py
+++ b/fdroidserver/build.py
@ -28,6 +28,7 @@ import traceback
 import time
 import json
 import requests
+import tempfile
 from configparser import ConfigParser
 from argparse import ArgumentParser
 import logging
@ -1211,15 +1212,50 @@ def main():
                        url = url.replace('%v', build.versionName)
                        url = url.replace('%c', str(build.versionCode))
                        logging.info("...retrieving " + url)
-                        of = "{0}_{1}.apk.binary".format(app.id, build.versionCode)
+                        of = common.get_release_filename(app, build) + '.binary'
                        of = os.path.join(output_dir, of)
                        try:
                            net.download_file(url, local_filename=of)
                        except requests.exceptions.HTTPError as e:
                            raise FDroidException('downloading Binaries from %s failed' % url) from e

+                        # Now we check weather the build can be verified to
+                        # match the supplied binary or not. Should the
+                        # comparison fail, we mark this build as a failure
+                        # and remove everything from the unsigend folder.
+                        with tempfile.TemporaryDirectory() as tmpdir:
+                            unsigned_apk = \
+                                common.get_release_filename(app, build)
+                            unsigned_apk = \
+                                os.path.join(output_dir, unsigned_apk)
+                            compare_result = \
+                                common.verify_apks(of, unsigned_apk, tmpdir)
+                            if compare_result:
+                                logging.debug('removing %s', unsigned_apk)
+                                os.remove(unsigned_apk)
+                                logging.debug('removing %s', of)
+                                os.remove(of)
+                                compare_result = compare_result.split('\n')
+                                line_count = len(compare_result)
+                                compare_result = compare_result[:299]
+                                if line_count > len(compare_result):
+                                    line_difference = \
+                                        line_count - len(compare_result)
+                                    compare_result.append('%d more lines ...' %
+                                                          line_difference)
+                                compare_result = '\n'.join(compare_result)
+                                raise FDroidException('compared built binary '
+                                                      'to supplied reference '
+                                                      'binary but failed',
+                                                      compare_result)
+                            else:
+                                logging.info('compared built binary to '
+                                             'supplied reference binary '
+                                             'successfully')
+
                    build_succeeded.append(app)
                    wikilog = "Build succeeded"
+
            except VCSException as vcse:
                reason = str(vcse).split('\n', 1)[0] if options.verbose else str(vcse)
                logging.error("VCS error while building app %s: %s" % (
--- a/fdroidserver/common.py
+++ b/fdroidserver/common.py
@ -2020,7 +2020,8 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir):

    if not verified:
        logging.info("...NOT verified - {0}".format(tmp_apk))
-        return compare_apks(signed_apk, tmp_apk, tmp_dir, os.path.dirname(unsigned_apk))
+        return compare_apks(signed_apk, tmp_apk, tmp_dir,
+                            os.path.dirname(unsigned_apk))

    logging.info("...successfully verified")
    return None
@ -2101,9 +2102,8 @@ def compare_apks(apk1, apk2, tmp_dir, log_dir=None):
    p = FDroidPopen(['diff', '-r', apk1dir, apk2dir], output=False)
    lines = p.output.splitlines()
    if len(lines) != 1 or 'META-INF' not in lines[0]:
-        meld = find_command('meld')
-        if meld is not None:
-            p = FDroidPopen(['meld', apk1dir, apk2dir], output=False)
+        if set_command_in_config('meld'):
+            p = FDroidPopen([config['meld'], apk1dir, apk2dir], output=False)
        return("Unexpected diff output - " + p.output)

    # since everything verifies, delete the comparison to keep cruft down
--- a/fdroidserver/dscanner.py
+++ b/fdroidserver/dscanner.py
@ -467,7 +467,7 @@ def main():
        for build in app.builds:
            apks = []
            for f in os.listdir(options.repo_path):
-                n = "%v_%v.apk".format(app_id, build.versionCode)
+                n = common.get_release_filename(app, build)
                if f == n:
                    apks.append(f)
            for apk in sorted(apks):
--- a/fdroidserver/update.py
+++ b/fdroidserver/update.py
@ -319,7 +319,7 @@ def delete_disabled_builds(apps, apkcache, repodirs):
        for build in app['builds']:
            if not build.disable:
                continue
-            apkfilename = appid + '_' + str(build.versionCode) + '.apk'
+            apkfilename = common.get_release_filename(app, build)
            iconfilename = "%s.%s.png" % (
                appid,
                build.versionCode)