mirrors/fdroidserver
1
0
Fork 0
mirror of https://github.com/f-droid/fdroidserver.git synced 2025-11-04 22:40:29 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions

Merge branch 'verify--clean-up-verified' into 'master'

Browse source 
verify: --clean-up-verified to rm all files except the JSON report

See merge request fdroid/fdroidserver!1574
This commit is contained in:
Hans-Christoph Steiner 2024-12-11 11:48:39 +00:00
commit d826178892
3 changed files with 33 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
fdroidserver/build.py
View file

@ -306,7 +306,7 @@ def build_server(app, build, vcs, build_dir, output_dir, log_dir, force):
else:
ftp.chdir(posixpath.join(homedir, 'unsigned'))
apkfile = common.get_release_filename(app, build)
tarball = common.getsrcname(app, build)
tarball = common.get_src_tarball_name(app.id, build.versionCode)
try:
ftp.get(apkfile, os.path.join(output_dir, apkfile))
if not options.notarball:
@ -619,7 +619,7 @@ def build_local(app, build, vcs, build_dir, output_dir, log_dir, srclib_dir, ext
if not options.notarball:
# Build the source tarball right before we build the release...
logging.info("Creating source tarball...")
tarname = common.getsrcname(app, build)
tarname = common.get_src_tarball_name(app.id, build.versionCode)
tarball = tarfile.open(os.path.join(tmp_dir, tarname), "w:gz")
def tarexc(t):

13
fdroidserver/common.py
View file

@ -1130,8 +1130,8 @@ def get_toolsversion_logname(app, build):
return "%s_%s_toolsversion.log" % (app.id, build.versionCode)
def getsrcname(app, build):
return "%s_%s_src.tar.gz" % (app.id, build.versionCode)
def get_src_tarball_name(appid, versionCode):
return f"{appid}_{versionCode}_src.tar.gz"
def get_build_dir(app):
@ -3649,7 +3649,9 @@ def sign_apk(unsigned_path, signed_path, keyalias):
os.remove(unsigned_path)
def verify_apks(signed_apk, unsigned_apk, tmp_dir, v1_only=None):
def verify_apks(
signed_apk, unsigned_apk, tmp_dir, v1_only=None, clean_up_verified=False
):
"""Verify that two apks are the same.
One of the inputs is signed, the other is unsigned. The signature metadata
@ -3669,6 +3671,8 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir, v1_only=None):
v1_only
True for v1-only signatures, False for v1 and v2 signatures,
or None for autodetection
clean_up_verified
Remove any files created here if the verification succeeded.
Returns
-------
@ -3705,6 +3709,9 @@ def verify_apks(signed_apk, unsigned_apk, tmp_dir, v1_only=None):
if result is not None:
error += '\nComparing reference APK to APK with copied signature...\n' + result
return error
if clean_up_verified and os.path.exists(tmp_apk):
logging.info(f"...cleaned up {tmp_apk} after successful verification")
os.remove(tmp_apk)
logging.info('...successfully verified')
return None

22
fdroidserver/verify.py
View file

@ -157,6 +157,12 @@ def main():
nargs='*',
help=_("application ID with optional versionCode in the form APPID[:VERCODE]"),
)
parser.add_argument(
"--clean-up-verified",
action="store_true",
default=False,
help=_("Remove source tarball and any APKs if successfully verified."),
)
parser.add_argument(
"--reuse-remote-apk",
action="store_true",
@ -224,12 +230,26 @@ def main():
) from e
unsigned_apk = os.path.join(unsigned_dir, apkfilename)
compare_result = common.verify_apks(remote_apk, unsigned_apk, tmp_dir)
compare_result = common.verify_apks(
remote_apk,
unsigned_apk,
tmp_dir,
clean_up_verified=options.clean_up_verified,
)
if options.output_json:
write_json_report(url, remote_apk, unsigned_apk, compare_result)
if compare_result:
raise FDroidException(compare_result)
if options.clean_up_verified:
src_tarball = os.path.join(
unsigned_dir, common.get_src_tarball_name(appid, vercode)
)
for f in (remote_apk, unsigned_apk, src_tarball):
if os.path.exists(f):
logging.info(f"...cleaned up {f} after successful verification")
os.remove(f)
logging.info("...successfully verified")
verified += 1