nightly: stop stripping APKs before signing, apksigner does it

* https://gitlab.com/fdroid/fdroidserver/-/merge_requests/1033#note_742563869
* https://github.com/wardvl/f-droid-nightly-action/issues/3

fdroidserver/nightly.py

@@ -349,7 +349,6 @@ Last updated: {date}'''.format(repo_git_base=repo_git_base,
                             'Resigning {apkfilename} with provided debug.keystore'
                         ).format(apkfilename=os.path.basename(apkfilename))
                     )
-                    common.apk_strip_v1_signatures(apkfilename, strip_manifest=True)
                     common.sign_apk(apkfilename, destapk, KEY_ALIAS)
 
         if options.verbose:

tests/common.TestCase

@@ -870,6 +870,46 @@ class CommonTest(unittest.TestCase):
         self.assertFalse(os.path.isfile(unsigned))
         self.assertTrue(fdroidserver.common.verify_apk_signature(signed))
 
+    def test_resign_apk(self):
+        """When using apksigner, it should resign signed APKs"""
+        config = fdroidserver.common.read_config(fdroidserver.common.options)
+        if 'apksigner' not in config:
+            self.skipTest('SKIPPING test_resign_apk, apksigner not installed!')
+
+        config['keyalias'] = 'sova'
+        config['keystorepass'] = 'r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI='
+        config['keypass'] = 'r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI='
+        config['keystore'] = os.path.join(self.basedir, 'keystore.jks')
+        fdroidserver.common.config = config
+        fdroidserver.signindex.config = config
+
+        testdir = tempfile.mkdtemp(
+            prefix=inspect.currentframe().f_code.co_name, dir=self.tmpdir
+        )
+        os.chdir(testdir)
+        os.mkdir('unsigned')
+        os.mkdir('repo')
+
+        for apk in (
+            'org.bitbucket.tickytacky.mirrormirror_4.apk',
+            'v2.only.sig_2.apk',
+            'SystemWebView-repack.apk',
+        ):
+            original = os.path.join(self.basedir, apk)
+            unsigned = os.path.join('unsigned', apk)
+            resign = os.path.join('repo', apk)
+            shutil.copy(original, unsigned)
+            fdroidserver.common.sign_apk(unsigned, resign, config['keyalias'])
+            self.assertTrue(
+                fdroidserver.common.verify_apk_signature(resign), apk + " verifies"
+            )
+            self.assertTrue(os.path.isfile(resign))
+            self.assertFalse(os.path.isfile(unsigned))
+            self.assertNotEqual(
+                fdroidserver.common.get_first_signer_certificate(original),
+                fdroidserver.common.get_first_signer_certificate(resign)
+            )
+
     def test_get_apk_id(self):
         config = dict()
         fdroidserver.common.fill_config_defaults(config)