1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-09-11 15:13:27 +02:00
Commit Graph

7714 Commits

Author SHA1 Message Date
Michael Pöhn
4ce2f291e3 remove --exodus cli option from scanner.py 2022-11-15 09:20:26 +00:00
Michael Pöhn
24d88705fa 🔍 add scanner_signature_sources config option
This adds the option to configure which set of signatures `fdroid
scanner` should use, by configuring it in `config.yml`. It allows
fetching signatures in our custom json format. It also adds 3 additional
sources: 'suss', 'exodus', 'etip'
2022-11-15 09:20:26 +00:00
Jochen Sprickerhof
46d077292c Merge branch 'reduce_status_json' into 'master'
status.json: drop logs of failed builds

See merge request fdroid/fdroidserver!1254
2022-11-15 08:25:05 +00:00
Jochen Sprickerhof
e0fa38bab3 status.json: drop logs of failed builds
Those are uploaded separately.
2022-11-15 08:12:51 +00:00
Jochen Sprickerhof
1562975bad Merge branch 'vm-cpu-memory-status' into 'master'
build: read VM CPUs/RAM from builder/Vagrantfile

See merge request fdroid/fdroidserver!1262
2022-11-15 08:11:45 +00:00
Hans-Christoph Steiner
bd51b2e99f build: read VM CPUs/RAM from builder/Vagrantfile
makebuildserver.config.py is no more, builder/Vagrantfile is now where the
CPU and memory is configured for the buildserver VM.  In fact, that was
always the actual place, the makebuildserver.config.py thing was just
confused.

This should have been part of !1222
2022-11-15 08:57:41 +01:00
Hans-Christoph Steiner
5ea8c7da45 Merge branch 'fix_new_jdk' into 'master'
Skip jarsigner test due to weak signatures

See merge request fdroid/fdroidserver!1239
2022-11-15 07:19:19 +00:00
Jochen Sprickerhof
0549535bab
signindex: fix buster workaround
Don't try to remove arg if the old args where used.
2022-11-14 17:59:56 +01:00
Jochen Sprickerhof
1bb963d768
jarsigner: allow weak signatures
openjdk-11 11.0.17 in Debian unstable fails to verify weak signatures:

jarsigner -verbose -strict -verify tests/signindex/guardianproject.jar

         131 Fri Dec 02 20:10:00 CET 2016 META-INF/MANIFEST.MF
         252 Fri Dec 02 20:10:04 CET 2016 META-INF/1.SF
        2299 Fri Dec 02 20:10:04 CET 2016 META-INF/1.RSA
           0 Fri Dec 02 20:09:58 CET 2016 META-INF/
 m  ?  48743 Fri Dec 02 20:09:58 CET 2016 index.xml

  s = signature was verified
  m = entry is listed in manifest
  k = at least one certificate was found in keystore
  ? = unsigned entry

- Signed by "EMAILADDRESS=root@guardianproject.info, CN=guardianproject.info, O=Guardian Project, OU=FDroid Repo, L=New York, ST=New York, C=US"
    Digest algorithm: SHA1 (disabled)
    Signature algorithm: SHA1withRSA (disabled), 4096-bit key

WARNING: The jar will be treated as unsigned, because it is signed with a weak algorithm that is now disabled by the security property:

  jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, DSA keySize < 1024, SHA1 denyAfter 2019-01-01, include jdk.disabled.namedCurves
2022-11-14 17:59:56 +01:00
Jochen Sprickerhof
d4b6e95c4e
init: use provided keyalias 2022-11-14 17:58:37 +01:00
Jochen Sprickerhof
24630dfe68
Drop old getsig.java test
getsig.java was replaced by a Python implementation in 6e2d0a9e (2014)
and the test was only there to compare the results for the transition.

Dropping this as it no longer works starting with 11.0.17+8.
2022-11-14 17:58:37 +01:00
Jochen Sprickerhof
beed746740
Replace custom code by verify_jar_signature() 2022-11-14 17:58:35 +01:00
Hans-Christoph Steiner
623c5b6613 Merge branch 'server_locale' into 'master'
Fix locale on buildserver to C.UTF-8

See merge request fdroid/fdroidserver!1259
2022-11-14 15:40:39 +00:00
Jochen Sprickerhof
5b7c186e4a
Fix locale on buildserver to C.UTF-8
Regression of 817a156ea.
2022-11-14 16:06:31 +01:00
Jochen Sprickerhof
5f891314a2 Merge branch 'apksigcopier-1.1.0' into 'master'
update apksigcopier to upstream v1.1.0 (which adds support for gradle-signed APKs)

Closes #1051

See merge request fdroid/fdroidserver!1249
2022-11-09 21:42:50 +00:00
FC Stegerman
ae23175a6b f-droid modifications: rm do_compare(), main(), ... 2022-11-09 21:42:24 +00:00
FC Stegerman
038697cba5 copy apksigcopier v1.1.0 2022-11-09 21:42:24 +00:00
Jochen Sprickerhof
c30340947a Merge branch 'delete-triple-redundant-img' into 'master'
makebuildserver: delete unused libvirt image after process is complete

See merge request fdroid/fdroidserver!1253
2022-11-09 21:42:07 +00:00
Hans-Christoph Steiner
e395cd4f79
makebuildserver: delete unused libvirt image after process is complete
This process creates three copies of the buildserver image, all of which
are large.  So deleting the unused one is quite helpful:

```
-rw-r--r-- 1 fdroid       fdroid       20G  8. Nov 15:22 /home/fdroid/.vagrant.d/boxes/buildserver/0/libvirt/box.img
-rw------- 1 root         root         19G  8. Nov 14:07 /var/lib/libvirt/images/buildserver_default.img
-rwxr--r-- 1 libvirt-qemu libvirt-qemu 20G  8. Nov 16:08 /var/lib/libvirt/images/buildserver_vagrant_box_image_0_box.img
```
2022-11-09 18:40:26 +01:00
Jochen Sprickerhof
17e30a306c Merge branch 'reduce_status_json' into 'master'
Drop successfulBuilds from build.json

See merge request fdroid/fdroidserver!1211
2022-11-07 07:44:52 +00:00
Jochen Sprickerhof
b73c4b9214 Drop successfulBuilds from build.json
This should reduce the file size from 34MB to 1MB and it is not used by
the monitor.
2022-11-07 07:30:45 +00:00
Jochen Sprickerhof
6d505af6e4 Merge branch 'update_check_data_ints' into 'master'
lint: UpdateCheckData regex must match integers

See merge request fdroid/fdroidserver!1252
2022-11-06 17:14:35 +00:00
Jochen Sprickerhof
dedce2f236
lint: AUM with UCM: HTTP must have a pattern
Closes: #1029
2022-11-05 21:15:00 +01:00
Jochen Sprickerhof
551fca21b3
lint: UpdateCheckData regex must match integers 2022-11-05 21:15:00 +01:00
Jochen Sprickerhof
e76aac414f Merge branch 'checkupdates_block_jdk11' into 'master'
Drop JDK 11 on checkupdates

See merge request fdroid/fdroidserver!1248
2022-11-04 15:39:19 +00:00
Jochen Sprickerhof
b8ea90f252 Drop JDK 11 on checkupdates 2022-11-04 15:38:41 +00:00
Hans-Christoph Steiner
6c845be6b9 Merge branch 'fix-Windows' into 'master'
gitlab-ci: fix Windows job by installing Python 3.10, which has wheels

See merge request fdroid/fdroidserver!1251
2022-11-04 12:34:43 +00:00
Hans-Christoph Steiner
034735a81d
gitlab-ci: fix Windows job by installing Python 3.10, which has wheels
It seems that 3.11 whl packages are not yet always available.  We have other
jobs for testing new Python versions.
2022-11-04 13:34:14 +01:00
Hans-Christoph Steiner
166c28a7e7 Merge branch 'finalize-Vagrantfile.yaml' into 'master'
makebuildserver: stop trying to write to Vagrantfile.yaml

See merge request fdroid/fdroidserver!1250
2022-11-04 10:47:30 +00:00
Hans-Christoph Steiner
6ec7e05c76
makebuildserver: stop trying to write to Vagrantfile.yaml
If Vagrantfile.yaml exists, makebuildserver should no longer try to write
to it.  It is now manully managed now that makebuildserver.config.py no
longer exists.  Also, now that the buildserver is smaller, the workflow is
to always destroy and recreate it rather than ever try to reprovision it.
2022-11-04 11:33:55 +01:00
Hans-Christoph Steiner
b709ce8255 Merge branch 'man_db' into 'master'
Disable man-db auto-update (as done by sbuild)

See merge request fdroid/fdroidserver!1232
2022-11-03 17:21:35 +00:00
Jochen Sprickerhof
a2050a72fa Disable man-db auto-update (as done by sbuild) 2022-11-03 17:21:16 +00:00
Hans-Christoph Steiner
422ce78656 Merge branch 'agp' into 'master'
* agp:
  8.0 Android Gradle Plugin is already listed
  update AGP/Gradle map

fdroid/fdroidserver!1236
2022-11-03 17:34:33 +01:00
Hans-Christoph Steiner
9509707df6
8.0 Android Gradle Plugin is already listed 2022-11-03 17:34:07 +01:00
linsui
29079a4423 update AGP/Gradle map 2022-11-03 16:30:30 +00:00
Michael Pöhn
f8395ffe71 Merge branch 'move-makebuildserver.config.py-to-Vagrantfile.yaml' into 'master'
buildserver: turn ./makebuildserver into a pure helper script, allow standalone vagrant operation

See merge request fdroid/fdroidserver!1222
2022-11-03 13:01:18 +00:00
Hans-Christoph Steiner
2bf706ebe6
buildserver: clean up dirs from purged packages 2022-11-03 13:27:20 +01:00
Hans-Christoph Steiner
d6008cdb2a
convert examples/makebuildserver.config.py to Vagrantfile.yaml
Also, tests/androguard_test.py was removed long ago
2022-11-03 13:27:18 +01:00
Hans-Christoph Steiner
abf535aabe
buildserver: move config to buildserver/Vagrantfile.yaml 2022-11-03 13:27:16 +01:00
Hans-Christoph Steiner
e2fcd633fc
buildserver: hard code basebox name and version
This is not user-configurable, so it should not be setup to be.  This
process is only tested on the one basebox, and devs can just edit
Vagrantfile directly to test other base boxes.

# Conflicts:
#	makebuildserver
2022-11-03 13:27:15 +01:00
Hans-Christoph Steiner
abdd02f33a
makebuildserver: move copy_caches_from_host to command line flag 2022-11-03 13:27:13 +01:00
Hans-Christoph Steiner
21ea1c1c89
makebuildserver: purge apt_package_cache feature
This is unmaintained, lightly used, a tangled mess, and can be replaced by
things like the vagrant-cachier plugin or #418
2022-11-03 13:27:11 +01:00
Michael Pöhn
52849deea0 Merge branch 'set_e' into 'master'
Run shell scripts with -e (Closes: #1035)

Closes #1035

See merge request fdroid/fdroidserver!1185
2022-11-03 12:26:06 +00:00
Jochen Sprickerhof
557fe87d44 Run shell scripts with -e (Closes: #1035)
Make sudo, init prebuild, build and Prepare fields lists and only
concatenate them with '; ' before execution. This allows arbitrary
commands inside the fileds (even && and ';') as we don't need to split
the commands again for rewritemeta.
2022-11-03 12:25:31 +00:00
Michael Pöhn
49d8ba3b9b Merge branch 'fix-buildserver' into 'master'
buildserver: clean up secondary libvirt box image after rebuild

See merge request fdroid/fdroidserver!1247
2022-11-03 12:17:08 +00:00
Hans-Christoph Steiner
6c5ffdc428
buildserver: clean up secondary libvirt box image after rebuild
Boxes are stored in two places when using vagrant-libvirt:

 1. `vagrant box add` -> ~/.vagrant.d/boxes/buildserver/0/libvirt/
 2. `vagrant up` -> /var/lib/libvirt/images/buildserver_vagrant_box_image_0_box.img

If the second box is not cleaned up, then `fdroid build` will continue
to use the one from the second location, thereby ignoring the updated
one at the first location.  This keeps the second one around until the
new box is ready in case `fdroid build` is using it while this script
is running.
2022-11-03 12:58:58 +01:00
Jochen Sprickerhof
938b324e4d Merge branch 'btlog-index-v2' into 'master'
binary transparency log improvements

See merge request fdroid/fdroidserver!1245
2022-11-02 19:24:38 +00:00
Hans-Christoph Steiner
890513fcba index: standardized AntiFeature variable names
This is the only occurance of "anti_features".
2022-11-01 09:54:06 +01:00
Hans-Christoph Steiner
886712026d index: Anti-Features should always be a sorted set
There are diffs in the index caused by unstable order:
* 184cdd9c65 (572d84bb16becb794e10614840972554f333c66e_169259_169353)
* 184cdd9c65 (24c372740761176e67461dbc9136a799b15cfdbf_204154_204185)
2022-11-01 09:53:09 +01:00
Hans-Christoph Steiner
cd0c049b03 btlog: include index-v2 files 2022-11-01 08:47:48 +01:00