1
0
mirror of https://gitlab.com/fdroid/fdroidserver.git synced 2024-11-14 02:50:12 +01:00
Commit Graph

189 Commits

Author SHA1 Message Date
Hans-Christoph Steiner
1c3a4479ab add common.sign_apk() for nighly as test for using in publish
Since the MD5 migration was quite a bit of work, it makes sense to start
on moving away from SHA1 as much as possible while it is easy to do. SHA256
will only work in APK signatures on android-18 (4.3) or newer.  So if an
APK has a minSdkVersion of 18 or newer, then sign with SHA256.

https://issuetracker.google.com/issues/36956587
https://android-review.googlesource.com/c/platform/libcore/+/44491
2017-12-04 22:52:41 +01:00
Hans-Christoph Steiner
5b22ff7dc6 tests: use standard dir setup so all tests start in same dir 2017-11-30 17:32:53 +01:00
Hans-Christoph Steiner
3ff4b656c6 tests: name temp test dir after test function that used it 2017-11-30 17:32:53 +01:00
Hans-Christoph Steiner
c7c40cb59f PEP8 fixes 2017-11-30 13:42:37 +01:00
tobiasKaminsky
33aee96ed9
added test case 2017-11-30 11:12:18 +01:00
Hans-Christoph Steiner
2ee32f3524 fix tests to work when only Debian Android SDK is installed
jenkins.debian.net only had `apt install android-sdk`, it does not have any
of Google's packages installed.
2017-11-08 14:05:17 +01:00
Hans-Christoph Steiner
17efa13183 tests: pre-set failfast as reminder of a handy time saver 2017-10-25 23:01:25 +02:00
Hans-Christoph Steiner
e0df6d2479 choose the most recent available version of Java
This came about testing on OSX, where there are often multiple versions of
the JDK installed.  This was choosing the oldest version.  It should
choose the most recent version.
2017-10-25 23:01:25 +02:00
Michael Pöhn
788c8f97fd better error message in publish when repo_key is not set 2017-10-17 22:10:39 +02:00
Michael Pöhn
5a524d4d0c added some developer-signing key metadata to tests 2017-09-26 14:11:09 +02:00
Michael Pöhn
7c4b8bcac4 added parse release filename function 2017-09-26 14:11:09 +02:00
Michael Pöhn
04daa7a03a test for common.get_app_id_aapt 2017-09-26 14:11:09 +02:00
Michael Pöhn
efb0bf6ee5 add common functions for dealing with apk signatures 2017-09-26 14:11:09 +02:00
Michael Pöhn
c196f7dd7a common function for fetching sha256 signing-key fingerprint 2017-09-26 14:11:09 +02:00
Hans-Christoph Steiner
eaca20675c tests: test setting up app git repo like fdroid build does
I wrote this to try to find #379 but this test didn't trigger that bug.
2017-09-25 16:35:18 +02:00
Hans-Christoph Steiner
cbf7ba0414 tests: add setUp() method to common to handle standard stuff 2017-09-25 16:35:18 +02:00
Hans-Christoph Steiner
9471bf2731 regexs for getting packageName and versionCode from filenames
This is useful for parsing APK files, which can include packageName,
versionCode, and optionally 7 char signing key ID (i.e. <sig>).
This also can set the packageName and versionCoe for non APK files, so
that it is easy to assign them to metadata files, and to allow for
upgrades by setting the versionCode in the filename.
2017-06-01 16:01:05 +02:00
Hans-Christoph Steiner
17cd07f1a7 fix pylint unused-argument 2017-05-23 22:34:16 +02:00
Michael Pöhn
8b51e40d63 avoid duplicate value assignments when updating config files 2017-04-02 12:08:01 +02:00
Torsten Grote
9f765ed6f7
Move index signing methods into signindex.py 2017-03-29 12:11:40 -03:00
Hans-Christoph Steiner
223c793201 prefer apksigner if installed, jarsigner sucks
Google has their own utility for verifying APK signatures on a desktop
machine since Java's jarsigner is bad for the task.  For example, it
acts as if an unsigned APK validates.  And to check whether an APK is
unsigned using jarsigner is difficult.

apksigner also does the v2 signatures, so it will have to be used
eventually anyway.  It is already in Debian/stretch and can be
available in jessie-backports if need be.

https://android.googlesource.com/platform/tools/apksig
https://packages.debian.org/apksigner
2017-03-22 10:51:12 +01:00
Hans-Christoph Steiner
998b6245e9 verify: ensure only a single signature is in compared APK
The ZIP format allows multiple entries with the exact same filename, and on
top of that, it does not allow deleting or updating entries.  To make the
`fdroid verify` procedure failsafe, it needs to create a new temporary APK
that is made up on the contents of the "unsigned APK" and the signature
from the "signed APK".  Since it would be possible to give a signed APK as
in the unsigned one's position, `fdroid verify` was not able to update the
signature since it was just adding the new signature to the end of the ZIP
file.  When reading a ZIP, the first entry is used.
2017-03-22 10:51:12 +01:00
Hans-Christoph Steiner
fa657ce720 move update.signjar() to common so it can also be used in signindex 2017-03-17 13:55:40 +01:00
Hans-Christoph Steiner
e0f39a7e7b rename Build fields: version -> versionName, vercode -> versionCode
Since the YAML/JSON/etc. field names are now exactly the same as the field
names used in the internal dict in the Build class, this is a global rename

This keeps with the standard names used in Android:
https://developer.android.com/guide/topics/manifest/manifest-element.html
2017-02-24 11:01:01 +01:00
Daniel Martí
82b1d7ad14 all: make newer pycodestyle happy
Apparently the "two empty lines" rule is now stricter.
2016-11-15 20:55:06 +00:00
Hans-Christoph Steiner
84e09cd2a2 allow arbitrary build products, not only APKs
This makes it so that the final build product can be specified in output=
and it'll work no matter if its an APK or not.  This was developed around
the case of building the OTA update.zip for the Privileged Extension. It
should work for any build process in theory but it has not yet been tested.

https://gitlab.com/fdroid/privileged-extension/issues/9
2016-11-07 14:53:01 +01:00
Hans-Christoph Steiner
3768d7a4d6 refactor env handling for FDroidPopen to support .fdroid.* metadata
The start up sequence of processes that are based on the .fdroid.* metadata
is a bit different, so this ensures that the environment variables get
properly initialized in all cases.

This also creates a single function where the environment is set.  Before
it was being set in multiple places across multiple files.
2016-03-23 17:16:27 +01:00
Daniel Martí
24ad0418e3 tests: switch to python3 2016-03-11 13:27:00 +00:00
Daniel Martí
ee9a296b64 Make pre-commit hook pass after python3 switch 2016-03-10 16:43:37 +00:00
Dmitriy Bogdanov
5d54b761af Add FDroidPopen usage test 2016-02-18 00:45:06 +04:00
Daniel Martí
bf8518ee8f Rework build into a class
This simplifies usage, goes from

    build['flag']
to
    build.flag

Also makes static analyzers able to detect invalid attributes as the set
is now limited in the class definition.

As a bonus, setting of the default field values is now done in the
constructor, not separately and manually.

While at it, unify "build", "thisbuild", "info", "thisinfo", etc into
just "build".
2015-12-02 20:03:11 +01:00
Daniel Martí
ab614ab442 Rework app into a class
This simplifies usage, goes from

	app['Foo']
to
	app.Foo

Also makes static analyzers able to detect invalid attributes as the set
is now limited in the class definition.

As a bonus, setting of the default field values is now done in the
constructor, not separately and manually.
2015-11-28 17:11:05 +01:00
Daniel Martí
00bd75aa8c tests: close files 2015-10-08 13:20:35 +02:00
Hans-Christoph Steiner
9e5dd19fc8 add test files to pre-commit hook and fix pep8 errors 2015-09-01 11:39:50 +02:00
Hans-Christoph Steiner
d53a5af715 build: improve regsub pattern for setting buildToolsVersion
This addresses the discussion in !64
https://gitlab.com/fdroid/fdroidserver/merge_requests/64

Sometimes, buildToolsVersion is a kind of gradle macro call, and other
times it is a variable assignment.  This regsub pattern now handles both of
those cases.
2015-08-19 17:55:17 +02:00
Hans-Christoph Steiner
64a9c93ce7 test new common.regsub_file() method that replaces sed calls 2015-08-01 00:38:41 +02:00
Ciaran Gultnieks
384f97e998 Ensure package names are valid 2015-01-26 18:30:01 +00:00
Hans-Christoph Steiner
9244256461 find cmds from SDK build-tools in a more flexible way, on the fly
This is a more flexible approach than testing for the complete SDK and
build-tools up front.  This will only test for the commands that are
actually being run, so that if you only have `aapt` installed, you can do
`fdroid update` without errors, but other commands will still give
appropriate errors.

This also makes the build_tools item in config.py optional, it is only
needed if you want to force a specific version of the build-tools.
2014-12-14 13:25:20 +01:00
Hans-Christoph Steiner
298a88a498 added test case for common.isApkDebuggable()
Just getting into the habit of adding tests to everything that I change...
Also, it should be useful to have an unsigned APK in the test collection,
since `fdroid update` should handle it gracefully and give a warning of
some kind.
2014-12-14 13:25:20 +01:00