1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-16 11:50:10 +01:00
Commit Graph

8450 Commits

Author SHA1 Message Date
Hans-Christoph Steiner
8c1cf724e1 init: force keystore to PKCS12 format
Java 8 supports PKCS12, Java 9+ uses PKCS12 by default, which should have
a .p12 file extension.  `fdroid init` has always just added .jks which is
the old default format.

* https://docs.oracle.com/en/java/javase/12/tools/keytool.html#GUID-5990A2E4-78E3-47B7-AE75-6D1826259549__GUID-A8B9E662-C1C2-4A0E-9307-A8464F0E95D4
* https://openjdk.java.net/jeps/229
2020-09-23 16:40:37 +02:00
Hans-Christoph Steiner
ad6985cb40 update: allow --nosign to work with only repo_pubkey set
repo_pubkey is required for `fdroid update --nosign`, but repo_keyalias is
not.  For regular signing, the opposite true.
2020-09-17 15:25:56 +02:00
Hans-Christoph Steiner
af4a2ab736 gitlab-ci: speed up test runs that do not need git history
GIT_DEPTH sets how many commits of history to clone in CI Jobs.
gitlab.com defaults to 50 with a max of 1000.  The metadata_v0 job is
the only job that needs history, and it needs more than 50.  So this
sets the default to 1, then metadata_v0 to 1000.

https://docs.gitlab.com/ee/ci/pipelines/settings.html#git-shallow-clone
2020-09-17 15:25:56 +02:00
Hans-Christoph Steiner
59018a887b gitlab-ci: ensure android-23 is present for fdroid build test
This test builds https://gitlab.com/fdroid/ci-test-app, which uses android-23
2020-09-17 15:25:56 +02:00
Michael Pöhn
69e4d48924 Merge branch 'remove-force_build_tools' into 'master'
Remove force_build_tools config option

Closes #738

See merge request fdroid/fdroidserver!797
2020-09-16 16:58:43 +00:00
Michael Pöhn
75c4be2ea9 expose public api in fdroidserver module 2020-09-16 18:26:16 +02:00
Marcus
a1c4e3f588 Merge branch 'buildtools3002' into 'master'
build-tools 30.0.2

See merge request fdroid/fdroidserver!795
2020-09-16 15:36:34 +00:00
Hans-Christoph Steiner
08f724651e remove "force_build_tools" config option, closes #738
The `force_build_tools` config option was added a long time ago to
brute force the _build-tools_ version by trying to replace the value
in `build.gradle` files. This is never something that should be used
in production, since the app's build metadata should specify this kind
of thing. And now that we're moving towards _androguard_ for
everything except fdroid build and fdroid publish, _build-tools_ will
no longer even be used in the other commands.
2020-09-16 16:30:49 +02:00
Hans-Christoph Steiner
df6cf52009 remove last vestige of latestapps.dat 2020-09-16 16:12:17 +02:00
Michael Pöhn
0938561628 Merge branch 'mirror-rsync-script' into 'master'
mirror rsync script

See merge request fdroid/fdroidserver!792
2020-09-16 14:11:38 +00:00
Hans-Christoph Steiner
8b406ace08 mirror-to-mirror.sh: update script to handle multiple primary mirrors 2020-09-16 16:06:23 +02:00
Hans-Christoph Steiner
94cd2a960c add script used to rsync repo to primary mirrors 2020-09-16 16:01:13 +02:00
Michael Pöhn
301ca0a949 refactor metadata.warn_or_exception to private func 2020-09-16 15:25:10 +02:00
Licaon_Kter
de9e0f4fc3 build-tools 30.0.2 2020-09-16 15:58:50 +03:00
Hans-Christoph Steiner
3c148941f7 Merge branch 'remove_latestapps_dat' into 'master'
remove unused latestapps.dat code

See merge request fdroid/fdroidserver!794
2020-09-15 07:48:01 +00:00
Hans-Christoph Steiner
f927cd681f Merge branch 'targetsdk_not_set_fix' into 'master'
fallback to minsdk when targetsdk isn't set

See merge request fdroid/fdroidserver!793
2020-09-15 07:38:07 +00:00
Marcus Hoffmann
36e5fec418 remove unused latestapps.dat code
latestapps.dat was being used for the old-website, it's not used anymore

Fixes the following crash in production:
```
2020-09-13 19:26:59,000 CRITICAL: Unknown exception found!
Traceback (most recent call last):
  File "/home/fbuild/fdroidserver/fdroid", line 22, in <module>
    fdroidserver.__main__.main()
  File "/home/fbuild/fdroidserver/fdroidserver/__main__.py", line 230,
in main
    raise e
  File "/home/fbuild/fdroidserver/fdroidserver/__main__.py", line 211,
in main
    mod.main()
  File "/home/fbuild/fdroidserver/fdroidserver/update.py", line 2451, in
main
    app = apps[appid]
KeyError: '45b464b398a7d9fac5a186bd3d3d8dc1e6a25f7f9cd48c7462619b1e5fba87c2'
```
2020-09-14 16:22:09 +02:00
Marcus Hoffmann
7de601a5b5 fallback to minsdk when targetsdk isn't set
Androguard already has a function always returning an int here, so let's
use that.

Also put in a guard against minsdk not being set.
2020-09-14 14:12:18 +02:00
Marcus
1f7228d538 Merge branch 'update_test_improvements' into 'master'
test improvements/fixes

See merge request fdroid/fdroidserver!791
2020-09-10 17:20:11 +00:00
Marcus Hoffmann
b2f6483671 use new find_apksigner in test_scan_apk 2020-09-10 18:59:39 +02:00
Marcus Hoffmann
7eb32feaa5 skip new signing test when we can't find apksigner
Also add some error handling to the find_apksigner() method.
2020-09-10 18:59:39 +02:00
Marcus Hoffmann
f6b7572b10 fix fedora test
minimum build tools version is determined by apksigner now.
2020-09-10 18:59:39 +02:00
Marcus Hoffmann
2367461465 tests: debian: apksigner is required for the tests to run now
We need to use a shell wrapper for apksigner though because docker and
binfmt don't play well together
2020-09-10 18:59:39 +02:00
Marcus Hoffmann
89f63b3e1c tests: use yaml.Loader on older yaml versions 2020-09-10 18:38:43 +02:00
Marcus Hoffmann
709f4c9b18 pickle -> yaml rename 2020-09-10 18:38:43 +02:00
Marcus Hoffmann
e613b65098 we need FullLoader for one test, we are dumping custom objects 2020-09-10 18:38:43 +02:00
Marcus Hoffmann
9bf0758f19 make update.Testcase tests work standalone 2020-09-10 18:38:43 +02:00
Marcus Hoffmann
4cd96d4a9f use yaml safeloader in tests
Try to use CSafeLoader when possible because its significantly faster.
Use the normal Safeloader otherwise. (This mirrors the non-test code
behaviour)
2020-09-10 14:18:36 +02:00
Hans-Christoph Steiner
06766ba48b Merge branch 'signing' into 'master'
sign using apksigner

Closes #827 and #634

See merge request fdroid/fdroidserver!736
2020-09-10 11:49:02 +00:00
Marcus Hoffmann
dfecdcc1bd set minimum apksigner version to 26.0.2 2020-09-10 13:20:01 +02:00
Marcus Hoffmann
145ba9db54 fix apksigner smartcardoptions
apksigner documents the options as --ks-provider-class and --ks-provider-arg
those seem to be accepted but fail when actually making a signature with
weird internal exceptions. The new options actually work.
From: https://geoffreymetais.github.io/code/key-signing/#scripting
2020-09-09 22:51:08 +02:00
Marcus Hoffmann
74af61f255 remove providerName from default smartcardoptions
apksigner doesn't recognize the SunPKCS11-OpenSC set via providerName
Neither jarsigner nor apksigner need this to work.
2020-09-09 22:50:58 +02:00
Marcus Hoffmann
768a91370c publish: use apksigner for signing apks with targetSDK>=30
This makes apksigner a hard requirement of the signing procedure.
We'll first try to find a globally installed version from PATH and if
that's not available fall back to using a version from build-tools.

Future TODO: always sign with apksigner, blocked on signature transplant
support for apksigv2/v3

Closes fdroid/fdroidserver#634
Closes fdroid/fdroidserver#827
2020-09-09 18:09:28 +02:00
Marcus
b1128325b5 Merge branch 'scanner_fix_ci' into 'master'
scanner: check for `test` in path relative to build dir

See merge request fdroid/fdroidserver!790
2020-08-30 18:32:42 +00:00
Marcus Hoffmann
c90a72e14d scanner: check for test in path relative to build dir
This was degrading scanner errors to warnings whenever the path from the
current running install of fdroidserver contained test, as has been
happening in the CI image builder:

https://gitlab.com/fdroid/ci-images-server/-/blob/master/test#L6
2020-08-30 20:09:19 +02:00
Marcus
9ae8d7ae6c Merge branch 'pyasn1_modules' into 'master'
unpin pyasn1_modules

See merge request fdroid/fdroidserver!788
2020-08-28 16:07:56 +00:00
Marcus Hoffmann
637c73a882 unpin pyasn1_modules
It currently  runs fine on archlinux with pyasn1-modules 0.2.8.
And guix just reported packaging it with 0.2.2
2020-08-28 17:46:53 +02:00
Hans-Christoph Steiner
d595948616
jenkins-test: remove rewritemeta, it is well covered elsewhere
The jenkins.debian.net tests are brittle enough as it is.

[skip ci] - this doesn't run on gitlab-ci
2020-08-26 10:40:15 +02:00
Marcus Hoffmann
eb57723096 fix accidentally changed hash of gradle 6.5.1
This was changed in 394ad8f863 when
deleting 6.6 from makebuildserver but deleting one line up instead of
down.
2020-08-25 23:15:25 +02:00
Marcus Hoffmann
bc6fa986d1 fix vcs test
It doesn't need a valid sdk_path, so just set it to something.
The test was failing when ANDROID_HOME wasn't set in the env.
2020-08-25 23:09:28 +02:00
Marcus Hoffmann
394ad8f863 add gradle 6.6.1 2020-08-25 23:06:21 +02:00
Marcus
e169238c60 Merge branch 'extlib_scanignore' into 'master'
minor bugfixes

Closes #795, #796, and #759

See merge request fdroid/fdroidserver!771
2020-08-25 19:53:44 +00:00
Marcus Hoffmann
34717fe88a fix typoes 2020-08-25 21:32:54 +02:00
Marcus Hoffmann
059ebd4bc9 tests: add check that we trigger a scanner error without setting it as extlib 2020-08-25 21:32:29 +02:00
Marcus Hoffmann
d07b4123e9 scanner: docstrings for handleproblem functions 2020-08-25 21:32:29 +02:00
Marcus Hoffmann
a656be82ae update: calculate added date for an app over all apks
This was accidentally changed in !756 because the functionality was
hidden in `apply_info_from_latest_apk` which is a less than stellar name
for something that also applies infos from app->apk and in this case did
apply info from *oldest* apk->app.
So instead move that into a separate step.

Note: This restores the previous behaviour. There's discussion in #801
on further changes to make the added date also work for repos which
don't keep an archive at all.
2020-08-25 21:32:29 +02:00
Marcus Hoffmann
a301a1ba93 add test for correct added date for apps 2020-08-25 21:32:29 +02:00
Marcus Hoffmann
d5311fff09 vcs: don't fail when git remote set-head fails
There's valid use-cases for setups where set-head --auto fails. This
happens when building an app from a gitlab CI checkout where no remote
tracking branches are setup.

This isn't really a fatal error. When a remote HEAD exists we'll
continue setting it and if none exists and something requires this being
set up later on (either a build script or fdroid checkupdates) then
we'll fail later on with "origin/HEAD not being known to git".
By not failing early we allow the majority of use-cases that don't need
a remote HEAD to continue with just a warning.

The setup in which this can be reproduced is as follows:
(This is roughly what gitlab runner does when setting up a git checkout
for CI)
- mkdir test && cd test
- git init
- git remote add https://gitlab.com/Bubu/fdroidclassic.git
- git fetch --all
- git checkout db0d2a9a5d1d89101a344169013ac5d518185f31
- mkdir nested_repo && cd nested_repo
- git clone .. .
- git remote set-head origin --auto
  > error: Cannot determine remote HEAD
2020-08-25 21:32:29 +02:00
Marcus Hoffmann
fce4721695 add a vcs.TestCase 2020-08-25 21:32:29 +02:00
Marcus Hoffmann
03e723b1af fix crash when scanner wants to remove the same file more than once
A file can be flagged for multiple problems (i.e. multiple unknown maven
repos in one build.gradle file that is included in a scandelete path).

The scanner will try to delete it once for every problem detected, we
don't really care, as long as the file is gone.

fixes fdroid/fdroidserver#759
2020-08-25 21:32:29 +02:00