gpg-sign all valid files in the repo, including source tarballs

Browse source

This makes sure there is a GPG signature on any file that is included in
the repo, including APKs, OBB, source tarballs, media files, OTA update
ZIPs, etc.  Having a GPG signature is more important on non-APK files since
they mostly do not have any signature mechanism of their own.

This also adds basic tests of adding non-APK/OBB files to a repo with
`fdroid update`.

closes #232

...

This commit is contained in:

Hans-Christoph Steiner 2016-11-03 10:26:38 +01:00

parent 84e09cd2a2

commit 56d51fcd6b

11 changed files with 35 additions and 11 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download patch file Download diff file Expand all files Collapse all files

BIN

tests/gnupghome/pubring.gpg Normal file

View file

Binary file not shown.

BIN

tests/gnupghome/random_seed Normal file

View file

Binary file not shown.

BIN

tests/gnupghome/secring.gpg Normal file

View file

Binary file not shown.

BIN

tests/gnupghome/trustdb.gpg Normal file

View file

Binary file not shown.