From 6bd750a60b0e8aea2ad6549948c08cebfd15aac6 Mon Sep 17 00:00:00 2001 From: Sylvia van Os Date: Sat, 10 Dec 2022 14:07:22 +0100 Subject: [PATCH] Add script to build reproducibly --- build.sh | 51 ++++++++++++++++++++++++++++++++++++++++++++++++++ docs/README.md | 11 +++++------ 2 files changed, 56 insertions(+), 6 deletions(-) create mode 100755 build.sh diff --git a/build.sh b/build.sh new file mode 100755 index 000000000..02405e2ee --- /dev/null +++ b/build.sh @@ -0,0 +1,51 @@ +#!/bin/bash +set -euo pipefail +IFS=$'\n\t' + +### build.sh +### Builds Catima the same way F-Droid does for reproducible builds + +if [ -z "${ANDROID_SDK_ROOT:-}" ]; then + echo "ANDROID_SDK_ROOT is not set, setting to $HOME/Android/Sdk"; + ANDROID_SDK_ROOT=$HOME/Android/Sdk +fi + +if [ -z "${JAVA_HOME:-}" ]; then + echo "JAVA_HOME is not set, setting to Java 11 (like F-Droid)" + if [ -f "/etc/debian_version" ]; then + echo "Debian-based distro, Java 11 is /usr/lib/jvm/java-11-openjdk-amd64" + JAVA_HOME=/usr/lib/jvm/java-11-openjdk-amd64 + else + echo "Not Debian-based, assuming Fedora and setting Java 11 as /usr/lib/jvm/java-11-openjdk" + JAVA_HOME=/usr/lib/jvm/java-11-openjdk + fi +fi + +echo "Starting build" +./gradlew clean assembleRelease + +echo "Build finished (unsigned)" +echo "Your build is at app/build/outputs/apk/release/app-release-unsigned.apk" + +if [ -z "${KEYSTORE:-}" ]; then + echo "KEYSTORE not set, skipping signing..." +else + if [ -z "${KEYSTORE_ALIAS:-}" ]; then + echo "KEYSTORE_ALIAS is not set, setting to catima" + KEYSTORE_ALIAS=catima + fi + + apksigner_version="$(ls -1 "$HOME/Android/Sdk/build-tools/" | tail -n 1)" + cp app/build/outputs/apk/release/app-release-unsigned.apk app/build/outputs/apk/release/app-release.apk + "$HOME/Android/Sdk/build-tools/$apksigner_version/apksigner" sign -v --ks "$KEYSTORE" --ks-key-alias "$KEYSTORE_ALIAS" app/build/outputs/apk/release/app-release.apk + + echo "Build finished (signed)" + echo "Your build is at app/build/outputs/apk/release/app-release.apk" +fi + +pushd app/build/outputs/apk/release/ +sha256sum -- *.apk > SHA256SUMS +popd + +echo "SHA256SUMS generated" +echo "Your SHA256SUMS is at app/build/outputs/apk/release/SHA256SUMS" diff --git a/docs/README.md b/docs/README.md index 4bce5494a..6babf994f 100644 --- a/docs/README.md +++ b/docs/README.md @@ -58,17 +58,16 @@ For FidMe you need to select the barcode type for each entry afterwards. # Building -Use the Gradle wrapper scripts provided in the top level directory of the project. -To compile the app and run all unit tests: +Building can either be done through Android Studio (not reproducible!) or the build.sh script in this repository (reproducibly with Java 11, same way F-Droid builds it). This script can also sign the build. -Linux|GNU, Unix-like, macOS: +Build without signing: ``` -./gradlew build +./build.sh ``` -Windows: +Build with signing: ``` -./gradlew.bat build +KEYSTORE=/path/to/keystore $KEYSTORE_ALIAS=catima ./build.sh ``` # Translating