1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-18 20:50:10 +01:00

Merge branch 'two-fixes' into 'master'

two fixes around the signing process

See merge request fdroid/fdroidserver!863
This commit is contained in:
Hans-Christoph Steiner 2021-01-28 21:45:14 +00:00
commit 5edb5d354a
6 changed files with 39 additions and 6 deletions

View File

@ -10,7 +10,7 @@ test:
script: script:
- $pip install -e .[test] - $pip install -e .[test]
# the `fdroid build` test in tests/run-tests needs android-23 # the `fdroid build` test in tests/run-tests needs android-23
- echo y | $ANDROID_HOME/tools/bin/sdkmanager "platforms;android-23" - echo y | $ANDROID_HOME/tools/bin/sdkmanager "platforms;android-23" > /dev/null
- cd tests - cd tests
- ./complete-ci-tests - ./complete-ci-tests
@ -218,8 +218,8 @@ fedora_latest:
- printf "\n79120722343a6f314e0719f863036c702b0e6b2a\n84831b9409646a918e30573bab4c9c91346d8abd" > $ANDROID_HOME/licenses/android-sdk-preview-license-old - printf "\n79120722343a6f314e0719f863036c702b0e6b2a\n84831b9409646a918e30573bab4c9c91346d8abd" > $ANDROID_HOME/licenses/android-sdk-preview-license-old
- mkdir ~/.android - mkdir ~/.android
- touch ~/.android/repositories.cfg - touch ~/.android/repositories.cfg
- echo y | $ANDROID_HOME/tools/bin/sdkmanager "platform-tools" - echo y | $ANDROID_HOME/tools/bin/sdkmanager "platform-tools" > /dev/null
- echo y | $ANDROID_HOME/tools/bin/sdkmanager "build-tools;$BUILD_TOOLS_VERSION" - echo y | $ANDROID_HOME/tools/bin/sdkmanager "build-tools;$BUILD_TOOLS_VERSION" > /dev/null
- chown -R testuser . - chown -R testuser .
- cd tests - cd tests
- su testuser --login --command - su testuser --login --command

View File

@ -41,6 +41,7 @@ milestone](https://gitlab.com/fdroid/fdroidserver/-/milestones/10)
* Smoother process for signing APKs with `apksigner` * Smoother process for signing APKs with `apksigner`
([!736](https://gitlab.com/fdroid/fdroidserver/merge_requests/736)) ([!736](https://gitlab.com/fdroid/fdroidserver/merge_requests/736))
([!821](https://gitlab.com/fdroid/fdroidserver/merge_requests/821)) ([!821](https://gitlab.com/fdroid/fdroidserver/merge_requests/821))
* `apksigner` is used by default on new repos
* All parts except _build_ and _publish_ work without the Android SDK * All parts except _build_ and _publish_ work without the Android SDK
([!821](https://gitlab.com/fdroid/fdroidserver/merge_requests/821)) ([!821](https://gitlab.com/fdroid/fdroidserver/merge_requests/821))
* Description: is now passed to clients unchanged, no HTML conversion * Description: is now passed to clients unchanged, no HTML conversion

View File

@ -57,7 +57,10 @@ def make(apps, apks, repodir, archive):
""" """
from fdroidserver.update import METADATA_VERSION from fdroidserver.update import METADATA_VERSION
if not common.options.nosign: if hasattr(common.options, 'nosign') and common.options.nosign:
if 'keystore' not in common.config and 'repo_pubkey' not in common.config:
raise FDroidException(_('"repo_pubkey" must be present in config.py when using --nosign!'))
else:
common.assert_config_keystore(common.config) common.assert_config_keystore(common.config)
# Historically the index has been sorted by App Name, so we enforce this ordering here # Historically the index has been sorted by App Name, so we enforce this ordering here

View File

@ -148,7 +148,9 @@ def main():
# enable apksigner by default so v2/v3 APK signatures validate # enable apksigner by default so v2/v3 APK signatures validate
if common.find_apksigner() is not None: if common.find_apksigner() is not None:
test_config['apksigner'] = common.find_apksigner() apksigner = common.find_apksigner()
test_config['apksigner'] = apksigner
common.write_to_config(test_config, 'apksigner', apksigner)
# the NDK is optional and there may be multiple versions of it, so it's # the NDK is optional and there may be multiple versions of it, so it's
# left for the user to configure # left for the user to configure

View File

@ -9,6 +9,7 @@ import optparse
import sys import sys
import tempfile import tempfile
import unittest import unittest
import yaml
localmodule = os.path.realpath( localmodule = os.path.realpath(
@ -30,6 +31,7 @@ class InitTest(unittest.TestCase):
if not os.path.exists(self.tmpdir): if not os.path.exists(self.tmpdir):
os.makedirs(self.tmpdir) os.makedirs(self.tmpdir)
os.chdir(self.basedir) os.chdir(self.basedir)
fdroidserver.common.config = None
fdroidserver.init.config = None fdroidserver.init.config = None
def test_disable_in_config(self): def test_disable_in_config(self):
@ -38,6 +40,7 @@ class InitTest(unittest.TestCase):
with open('config.yml', 'w') as fp: with open('config.yml', 'w') as fp:
fp.write('keystore: NONE\n') fp.write('keystore: NONE\n')
fp.write('keypass: mysupersecrets\n') fp.write('keypass: mysupersecrets\n')
os.chmod('config.yml', 0o600)
config = fdroidserver.common.read_config(fdroidserver.common.options) config = fdroidserver.common.read_config(fdroidserver.common.options)
self.assertEqual('NONE', config['keystore']) self.assertEqual('NONE', config['keystore'])
self.assertEqual('mysupersecrets', config['keypass']) self.assertEqual('mysupersecrets', config['keypass'])
@ -48,6 +51,25 @@ class InitTest(unittest.TestCase):
config = fdroidserver.common.read_config(fdroidserver.common.options) config = fdroidserver.common.read_config(fdroidserver.common.options)
self.assertIsNone(config.get('keypass')) self.assertIsNone(config.get('keypass'))
def test_main_in_empty_dir(self):
testdir = tempfile.mkdtemp(prefix=inspect.currentframe().f_code.co_name, dir=self.tmpdir)
os.chdir(testdir)
bindir = os.path.join(os.getcwd(), 'bin')
os.mkdir(bindir)
apksigner = os.path.join(bindir, 'apksigner')
open(apksigner, 'w').close()
os.chmod(apksigner, 0o755)
os.environ['PATH'] = bindir
sys.argv = ['fdroid init']
fdroidserver.init.main()
with open('config.yml') as fp:
config = yaml.safe_load(fp)
self.assertTrue(os.path.exists(config['keystore']))
self.assertTrue(os.path.exists(config['apksigner']))
self.assertEqual(apksigner, config['apksigner'])
if __name__ == "__main__": if __name__ == "__main__":
os.chdir(os.path.dirname(__file__)) os.chdir(os.path.dirname(__file__))

View File

@ -75,6 +75,10 @@ is_MD5_disabled() {
return $? return $?
} }
use_apksigner() {
test -x "`sed -En 's,^ *apksigner: +,,p' config.yml`"
}
#------------------------------------------------------------------------------# #------------------------------------------------------------------------------#
# "main" # "main"
@ -312,7 +316,7 @@ cp $WORKSPACE/tests/urzip.apk \
printf '\narchive_older: 3\n' >> config.yml printf '\narchive_older: 3\n' >> config.yml
$fdroid update --pretty --nosign $fdroid update --pretty --nosign
if which apksigner; then if use_apksigner; then
test `grep '<package>' archive/index.xml | wc -l` -eq 2 test `grep '<package>' archive/index.xml | wc -l` -eq 2
test `grep '<package>' repo/index.xml | wc -l` -eq 10 test `grep '<package>' repo/index.xml | wc -l` -eq 10
else else
@ -529,6 +533,7 @@ test -e repo/org.bitbucket.tickytacky.mirrormirror_3.apk
test -e repo/org.bitbucket.tickytacky.mirrormirror_4.apk test -e repo/org.bitbucket.tickytacky.mirrormirror_4.apk
test -e archive/urzip-badsig.apk test -e archive/urzip-badsig.apk
sed -i.tmp '/apksigner:/d' config.yml
if ! which apksigner; then if ! which apksigner; then
$sed -i.tmp '/allow_disabled_algorithms/d' config.yml $sed -i.tmp '/allow_disabled_algorithms/d' config.yml
$fdroid update --pretty --nosign $fdroid update --pretty --nosign