From 455e76b9e76f1ed80fad92e6525cb44797dc38cd Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Sat, 30 Aug 2014 13:47:12 -0400
Subject: [PATCH 1/5] jenkins: don't scan fdroidserver/ project for APKs

This was causing a number of problems:

* it would spend lots of time sorting through the tmp folders of APKs
  created by previous runs of this script
* it would include the bad test APKs in tests/ as normal APKs
---
 jenkins-build | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/jenkins-build b/jenkins-build
index 4069d820..f67c5ed0 100755
--- a/jenkins-build
+++ b/jenkins-build
@@ -45,9 +45,9 @@ cd $WORKSPACE/fdroidserver/getsig
 
 
 #------------------------------------------------------------------------------#
-# run local tests
+# run local tests, don't scan fdroidserver/ project for APKs
 cd $WORKSPACE/tests
-./run-tests ~jenkins/
+./run-tests ~jenkins/workspace/[[:upper:]a-eg-z]\*
 
 
 #------------------------------------------------------------------------------#

From 93adee0e2b837d8e7084d6d81bbc16c8731f986a Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Thu, 18 Sep 2014 13:47:47 -0400
Subject: [PATCH 2/5] do not include timestamps in .gz files of docs

The timestamps in the .gz files are not used for anything, and they break
the reproducibility of the build.  Giving --no-name means gzip will not
save the filename and timestamp in the gz file itself.  When gunziping, the
current file name will be used, minus the .gz suffix.
---
 docs/gendocs.sh | 24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/docs/gendocs.sh b/docs/gendocs.sh
index e4bfc9fd..0adaf3c4 100755
--- a/docs/gendocs.sh
+++ b/docs/gendocs.sh
@@ -1,8 +1,10 @@
+
+
 #!/bin/sh -e
 # gendocs.sh -- generate a GNU manual in many formats.  This script is
 #   mentioned in maintain.texi.  See the help message below for usage details.
 
-scriptversion=2013-02-03.15
+scriptversion=2014-10-09.23
 
 # Copyright 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013
 # Free Software Foundation, Inc.
@@ -273,7 +275,7 @@ mkdir -p "$outdir/"
 cmd="$SETLANG $MAKEINFO -o $PACKAGE.info $commonarg $infoarg \"$srcfile\""
 echo "Generating info... ($cmd)"
 eval "$cmd"
-tar czf "$outdir/$PACKAGE.info.tar.gz" $PACKAGE.info*
+tar --create $PACKAGE.info* | gzip --no-name -f -9 --to-stdout > "$outdir/$PACKAGE.info.tar.gz"
 ls -l "$outdir/$PACKAGE.info.tar.gz"
 info_tgz_size=`calcsize "$outdir/$PACKAGE.info.tar.gz"`
 # do not mv the info files, there's no point in having them available
@@ -283,7 +285,7 @@ cmd="$SETLANG $TEXI2DVI $dirargs \"$srcfile\""
 printf "\nGenerating dvi... ($cmd)\n"
 eval "$cmd"
 # compress/finish dvi:
-gzip -f -9 $PACKAGE.dvi
+gzip --no-name -f -9 $PACKAGE.dvi
 dvi_gz_size=`calcsize $PACKAGE.dvi.gz`
 mv $PACKAGE.dvi.gz "$outdir/"
 ls -l "$outdir/$PACKAGE.dvi.gz"
@@ -301,7 +303,7 @@ if $generate_ascii; then
   printf "\nGenerating ascii... ($cmd)\n"
   eval "$cmd"
   ascii_size=`calcsize $PACKAGE.txt`
-  gzip -f -9 -c $PACKAGE.txt >"$outdir/$PACKAGE.txt.gz"
+  gzip --no-name -f -9 -c $PACKAGE.txt >"$outdir/$PACKAGE.txt.gz"
   ascii_gz_size=`calcsize "$outdir/$PACKAGE.txt.gz"`
   mv $PACKAGE.txt "$outdir/"
   ls -l "$outdir/$PACKAGE.txt" "$outdir/$PACKAGE.txt.gz"
@@ -317,7 +319,7 @@ html_split()
   (
     cd ${split_html_dir} || exit 1
     ln -sf ${PACKAGE}.html index.html
-    tar -czf "$abs_outdir/${PACKAGE}.html_$1.tar.gz" -- *.html
+    tar --create -- *.html | gzip --no-name -f -9 --to-stdout > "$abs_outdir/${PACKAGE}.html_$1.tar.gz"
   )
   eval html_$1_tgz_size=`calcsize "$outdir/${PACKAGE}.html_$1.tar.gz"`
   rm -f "$outdir"/html_$1/*.html
@@ -333,7 +335,7 @@ if test -z "$use_texi2html"; then
   rm -rf $PACKAGE.html  # in case a directory is left over
   eval "$cmd"
   html_mono_size=`calcsize $PACKAGE.html`
-  gzip -f -9 -c $PACKAGE.html >"$outdir/$PACKAGE.html.gz"
+  gzip --no-name -f -9 -c $PACKAGE.html >"$outdir/$PACKAGE.html.gz"
   html_mono_gz_size=`calcsize "$outdir/$PACKAGE.html.gz"`
   copy_images "$outdir/" $PACKAGE.html
   mv $PACKAGE.html "$outdir/"
@@ -347,7 +349,7 @@ if test -z "$use_texi2html"; then
   copy_images $split_html_dir/ $split_html_dir/*.html
   (
     cd $split_html_dir || exit 1
-    tar -czf "$abs_outdir/$PACKAGE.html_$split.tar.gz" -- *
+    tar --create -- * | gzip --no-name -f -9 --to-stdout > "$abs_outdir/$PACKAGE.html_$split.tar.gz"
   )
   eval \
     html_${split}_tgz_size=`calcsize "$outdir/$PACKAGE.html_$split.tar.gz"`
@@ -363,7 +365,7 @@ else # use texi2html:
   rm -rf $PACKAGE.html  # in case a directory is left over
   eval "$cmd"
   html_mono_size=`calcsize $PACKAGE.html`
-  gzip -f -9 -c $PACKAGE.html >"$outdir/$PACKAGE.html.gz"
+  gzip --no-name -f -9 -c $PACKAGE.html >"$outdir/$PACKAGE.html.gz"
   html_mono_gz_size=`calcsize "$outdir/$PACKAGE.html.gz"`
   mv $PACKAGE.html "$outdir/"
 
@@ -377,7 +379,7 @@ d=`dirname $srcfile`
 (
   cd "$d"
   srcfiles=`ls -d *.texinfo *.texi *.txi *.eps $source_extra 2>/dev/null` || true
-  tar czfh "$abs_outdir/$PACKAGE.texi.tar.gz" $srcfiles
+  tar --create --dereference $srcfiles | gzip --no-name -f -9 --to-stdout > "$abs_outdir/$PACKAGE.texi.tar.gz"
   ls -l "$abs_outdir/$PACKAGE.texi.tar.gz"
 )
 texi_tgz_size=`calcsize "$outdir/$PACKAGE.texi.tar.gz"`
@@ -388,7 +390,7 @@ if test -n "$docbook"; then
   printf "\nGenerating docbook XML... ($cmd)\n"
   eval "$cmd"
   docbook_xml_size=`calcsize $PACKAGE-db.xml`
-  gzip -f -9 -c $PACKAGE-db.xml >"$outdir/$PACKAGE-db.xml.gz"
+  gzip --no-name -f -9 -c $PACKAGE-db.xml >"$outdir/$PACKAGE-db.xml.gz"
   docbook_xml_gz_size=`calcsize "$outdir/$PACKAGE-db.xml.gz"`
   mv $PACKAGE-db.xml "$outdir/"
 
@@ -399,7 +401,7 @@ if test -n "$docbook"; then
   eval "$cmd"
   (
     cd ${split_html_db_dir} || exit 1
-    tar -czf "$abs_outdir/${PACKAGE}.html_node_db.tar.gz" -- *.html
+    tar --create -- *.html | gzip --no-name -f -9 --to-stdout > "$abs_outdir/${PACKAGE}.html_node_db.tar.gz"
   )
   html_node_db_tgz_size=`calcsize "$outdir/${PACKAGE}.html_node_db.tar.gz"`
   rm -f "$outdir"/html_node_db/*.html

From e8a5d2b354c6a43ac7e57b17d61dc33c7892d5b6 Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Thu, 18 Sep 2014 13:56:11 -0400
Subject: [PATCH 3/5] check the syntax of included shell scripts in the
 pre-commit hook

---
 hooks/pre-commit | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/hooks/pre-commit b/hooks/pre-commit
index f46dac4f..e7198e91 100755
--- a/hooks/pre-commit
+++ b/hooks/pre-commit
@@ -32,3 +32,27 @@ fi
 # If there are python errors or warnings, print them and fail.
 [ -n $PYFLAKES ] && $PYFLAKES $FILES
 [ -n $PEP8 ] && $PEP8 --ignore=E123,E501 $FILES
+
+
+#------------------------------------------------------------------------------#
+# check the syntax of included shell scripts
+
+basedir=`cd $(dirname $0)/.. && pwd`
+echo basedir: $basedir
+
+if [ $(basename $basedir) = ".git" ]; then
+    basedir=$(dirname $basedir)
+fi
+
+exitstatus=0
+# use bash to check that the syntax is correct
+for f in $basedir/fd-commit $basedir/jenkins-build $basedir/docs/*.sh $basedir/hooks/pre-commit; do
+    if bash -n $f; then
+        : # success! do nothing
+    else
+        echo "FAILED!"
+        exitstatus=1
+    fi
+done
+
+exit $exitstatus

From d2b5b86ed5b77088586743882c6d55760a95f004 Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Thu, 9 Oct 2014 21:22:50 -0400
Subject: [PATCH 4/5] fix rsync's chmod on local copy

rsync's --chmod works a bit oddly, it only affects the source files. To
make it set the destintation with the perms set in --chmod, the --perms
flag must also be included.
---
 fdroidserver/server.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/fdroidserver/server.py b/fdroidserver/server.py
index 473529db..21454b80 100644
--- a/fdroidserver/server.py
+++ b/fdroidserver/server.py
@@ -143,7 +143,7 @@ def update_serverwebroot(serverwebroot, repo_section):
 
 
 def _local_sync(fromdir, todir):
-    rsyncargs = ['rsync', '--recursive', '--links', '--times',
+    rsyncargs = ['rsync', '--recursive', '--links', '--times', '--perms',
                  '--one-file-system', '--delete', '--chmod=Da+rx,Fa-x,a+r,u+w']
     # use stricter rsync checking on all files since people using offline mode
     # are already prioritizing security above ease and speed

From e8e94e1020212ccc3fa23ebd9b8eb1e25b332af3 Mon Sep 17 00:00:00 2001
From: Hans-Christoph Steiner <hans@eds.org>
Date: Tue, 14 Oct 2014 17:12:47 -0400
Subject: [PATCH 5/5] add debug message to mark when syncing to Amazon S3
 starts

---
 fdroidserver/server.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/fdroidserver/server.py b/fdroidserver/server.py
index 21454b80..e0217836 100644
--- a/fdroidserver/server.py
+++ b/fdroidserver/server.py
@@ -40,6 +40,9 @@ def update_awsbucket(repo_section):
     Requires AWS credentials set in config.py: awsaccesskeyid, awssecretkey
     '''
 
+    logging.debug('Syncing "' + repo_section + '" to Amazon S3 bucket "'
+                  + config['awsbucket'] + '"')
+
     import libcloud.security
     libcloud.security.VERIFY_SSL_CERT = True
     from libcloud.storage.types import Provider, ContainerDoesNotExistError