Hans-Christoph Steiner
eac391c58f
Merge branch 'popen-stdin-devnull' into 'master'
...
common: use /dev/null as stdin when calling subprocess.Popen()
See merge request fdroid/fdroidserver!451
2018-02-05 14:46:08 +00:00
Hans-Christoph Steiner
05eef5a454
metadata: add new Translation app field for URL for contributions
...
This is a field requested from a bunch of translators so they can easily
find where to translate apps:
https://forum.f-droid.org/t/translation-field-for-app-entries/1403/5
2018-02-05 15:45:12 +01:00
relan
946a1461f2
common: use /dev/null as stdin when calling subprocess.Popen()
...
We always want to run all utilities non-interactively. By default
subprocess.Popen() inherits stdin descriptor from parent process, i.e.
when fdroid is run from an interactive shell, subprocesses may expect
input from it.
Reading from /dev/null immediately returns EOF, failing any user prompt
and preventing us from hang.
2018-02-05 15:34:42 +03:00
Hans-Christoph Steiner
5db86215f6
lint: check srclibs has name and @ in it
...
fdroiddata!2863
2018-01-31 13:33:36 +01:00
Hans-Christoph Steiner
4b0f9d6653
Merge branch 'master' into 'master'
...
Option --resetserver does nothing; have it used instead
See merge request fdroid/fdroidserver!449
2018-01-31 10:01:18 +00:00
csagan5
427427481e
Change --resetserver to --reset-server for consistency
2018-01-30 20:45:03 +01:00
csagan5
cf54c9514c
Option --resetserver does nothing; have it used instead
2018-01-30 14:50:35 +01:00
Hans-Christoph Steiner
adaf97a3cb
Merge branch 'build-timeout-customization' into 'master'
...
build: make per-build hard time limit customizable
See merge request fdroid/fdroidserver!446
2018-01-30 11:22:08 +01:00
Hans-Christoph Steiner
b170ef7ce8
fix metadata test: remove timeout= from comparison
2018-01-30 11:20:30 +01:00
relan
86f34ee70a
build: make per-build hard time limit customizable
...
Add "timeout=n" metadata field that overrides build timeout (in seconds).
The default is 7200, i.e. 2 hours.
2018-01-30 11:14:50 +03:00
relan
cc4b57b10b
Merge branch 'gradle-4.5' into 'master'
...
makebuildserver: add gradle 4.5
See merge request fdroid/fdroidserver!448
2018-01-30 06:12:32 +00:00
Marcus Hoffmann
bf8dd8f6c9
makebuildserver: add gradle 4.5
2018-01-29 18:03:14 +01:00
Hans-Christoph Steiner
84262cfead
Merge branch 'crash-and-standard-imports' into 'master'
...
Crash and standard imports
See merge request fdroid/fdroidserver!445
2018-01-29 09:24:48 +00:00
Hans-Christoph Steiner
68099cdf1c
Merge branch 'minor-security-ish-tweaks' into 'master'
...
security-ish tweaks
See merge request fdroid/fdroidserver!442
2018-01-29 09:23:25 +00:00
Hans-Christoph Steiner
f24cf7f71b
vmtools: use standard imports: os.remove()
...
The rest of the code uses os.remove()
2018-01-26 10:18:42 +01:00
Hans-Christoph Steiner
4463bf238d
vmtools: use standard imports: os.path.join()
...
The rest of the code uses os.path.join()
2018-01-26 10:18:42 +01:00
Hans-Christoph Steiner
099c98bc60
metadata: fix crash when there are duplicate metadata files
...
The string had the variable 'appid' while the format() call had only the
variable 'path'. This also standardizes on 'appid' like the rest of the
code.
2018-01-26 10:18:42 +01:00
Hans-Christoph Steiner
d3caf09421
use standard User-Agent in check-fdroid-apk
2018-01-26 10:18:41 +01:00
Hans-Christoph Steiner
b851d49d24
shell=True is too dangerous to allow; there are unfiltered user inputs
...
There are all sorts of unfiltered user inputs like tag and branch names in
source repos. If those names are fed into popen calls that use shell=True,
that opens up a wide range of exploits. All core operations should never
use shell=True.
2018-01-26 10:18:41 +01:00
Hans-Christoph Steiner
07cdf848d7
use '--' in source vcs calls to protect against malicious input
...
This is a quick and very incomplete addition of '--' to command line calls
to source VCSs like git and hg that could manipulated by malicious
tag/branch names or other vectors.
These were all manually tested by calling the command lines on my own
machine.
2018-01-26 10:18:41 +01:00
Hans-Christoph Steiner
32213ef040
scanner: allow running without versionCode and as API
...
This lets `fdroid scanner my.package.name` run without requiring that the
versionCode is also specified. It also allows scanner.scan_source() to be
called as a function in the public API of fdroidserver.
2018-01-26 10:18:41 +01:00
Hans-Christoph Steiner
53f603bf30
lint: check description for forbidden HTML tags: iframe, link, script, etc.
2018-01-26 10:18:41 +01:00
Hans-Christoph Steiner
f0940540ee
buildserver: include python3-git for future use
...
We should be replacing all our custom git shell commands with python3-git,
since it is a common library for doing that. It will receive a lot more
attention and maintenance than our code for doing it. For example, we
should not ever use shell=True, since that opens up a lot of security
risks.
2018-01-26 10:18:41 +01:00
Hans-Christoph Steiner
a57f17b276
wiki: include per-app link to all related activity on gitlab.com
2018-01-26 10:18:41 +01:00
Hans-Christoph Steiner
528aa9269e
Merge branch 'platform27' into 'master'
...
makebuildserver: re-add platform 27
Closes #445
See merge request fdroid/fdroidserver!444
2018-01-26 09:09:15 +00:00
Marcus Hoffmann
0e68971eef
makebuildserver: re-add platform 27
...
Closes #445
2018-01-25 16:56:56 +01:00
Marcus
9f6862ce82
Merge branch 'build_tools_27.0.3' into 'master'
...
makebuildserver: add build-tools 27.0.3
See merge request fdroid/fdroidserver!443
2018-01-25 13:12:53 +00:00
Marcus Hoffmann
98313fc066
makebuildserver: add build-tools 27.0.3
2018-01-25 11:53:27 +01:00
Hans-Christoph Steiner
a4bdd104d7
Merge branch 'remove-kivy' into 'master'
...
build: remove unused, unmaintained Kivy build method
See merge request fdroid/fdroidserver!441
2018-01-24 05:35:32 +00:00
Hans-Christoph Steiner
513c95894c
build: remove unused, unmaintained Kivy build method
...
This code has never been used and contains some insecure uses of shell=True
Building Kivy apps should be done with the buildozer=yes method. The
buildozer method should probably be moved to a provisioner once that is in
place.
2018-01-23 23:16:05 +01:00
Hans-Christoph Steiner
b0b9f2f601
Merge branch 'remove-qt' into 'master'
...
buildserver: remove Qt installer, its huge, outdated, and being replaced
See merge request fdroid/fdroidserver!440
2018-01-23 20:52:22 +00:00
Hans-Christoph Steiner
62ddab7edd
buildserver: remove Qt installer, its huge, outdated, and being replaced
...
The currently included Qt has known security issues and is outdated. This
can now be replaced by downloading and installing the Qt installer using
the sudo= build field. @relan's provisioner system will also replace this
once that's done. There are only two apps that currently use the Qt stuff:
* csd.qtproject.minesweeper
* org.openorienteering.mapper
2018-01-23 20:28:26 +01:00
Hans-Christoph Steiner
825b8e9683
Merge branch 'build_timeout' into 'master'
...
Build timeout
See merge request fdroid/fdroidserver!437
2018-01-22 20:49:01 +00:00
Marcus Hoffmann
a1a88e1c6a
main: force exit on keyboard interrupt
...
This applies the same workaround as b8ed892ad9
.
2018-01-22 16:02:49 +01:00
Marcus Hoffmann
fa43066f8d
build: add global soft timeout of 12 hours
...
Only start new builds for 12 hours. This ensures we publish new builds
often enough even on long backlogs.
This could be made configurable at a later point.
2018-01-22 16:02:49 +01:00
Marcus Hoffmann
80e121d182
build: log timeouts to the wiki
2018-01-22 16:02:49 +01:00
Marcus Hoffmann
85985074d4
build: enable watchdog timer for each build that kills in 2 hours
...
This introduces locking for the commonly used vagrant functions in
vmtools because vagrant fails when another vagrant command is
already running.
2018-01-22 16:01:20 +01:00
Marcus Hoffmann
9a4f3ac019
Revert "build: bump max_apps_per_run to 50"
...
This reverts commit 56a53055be
.
Revert "build: limit --all to 10 apps at a time"
This reverts commit afc5cc6b6a
.
2018-01-22 15:53:45 +01:00
Hans-Christoph Steiner
61bb74a369
Merge branch 'log-update-checkupdates-server-to-wiki' into 'master'
...
Log update/checkupdates/server to wiki
See merge request fdroid/fdroidserver!439
2018-01-22 13:29:45 +00:00
Hans-Christoph Steiner
22563bdf17
gitlab-ci: make metadata_v0 test work even when tags are missing
...
This uses the commit ID of the release tags, rather than the release tag
itself so that contributor forks do not need to include the tags in them
for this test to work.
The COMMIT_ID should be bumped after each release, so that the list of sed
hacks needed does not continuously grow.
2018-01-22 14:00:20 +01:00
Hans-Christoph Steiner
486ee25708
wiki: log build start/stop time, command line, RAM, and processor count
2018-01-22 14:00:16 +01:00
Hans-Christoph Steiner
ef69bbff34
wiki: log server start/stop times and command line
2018-01-22 13:49:10 +01:00
Hans-Christoph Steiner
cd3e531731
buildserver: force no auto updates of package lists or upgrades
2018-01-22 13:49:10 +01:00
Hans-Christoph Steiner
8d2092ada1
jenkins-test: include repo_pubkey in config.py for BUILD test
...
The BUILD machine does not have a keyring on it, only the public key for
the index signing key. This is a very rudementary test for that.
2018-01-22 13:49:10 +01:00
Hans-Christoph Steiner
f841ec745f
wiki: move checkupdates wiki log to separate function
2018-01-22 13:49:10 +01:00
Hans-Christoph Steiner
010f1c5029
log installed android sdk versions for update and checkupdates
2018-01-22 13:49:10 +01:00
Hans-Christoph Steiner
e163c09e26
move get_android_tools_versions functions to common
2018-01-22 13:49:10 +01:00
Hans-Christoph Steiner
4beb2d52e9
wiki: log update start/stop time and command line
2018-01-22 13:49:10 +01:00
Hans-Christoph Steiner
5b92820ff3
wiki: fix bug updating Repository Maintenance
...
site.pages doesn't seem to exist anywhere, site.Pages is used throughout.
2018-01-22 13:49:10 +01:00
Hans-Christoph Steiner
22c6acc026
wiki: log appids as checkupdates goes through them
2018-01-22 13:49:10 +01:00