From 11207c066668a155d0062f915e43a4938314bdd0 Mon Sep 17 00:00:00 2001 From: Romain Hunault Date: Wed, 8 Apr 2020 17:01:27 +0200 Subject: [PATCH 01/10] Add a community Dockerfile --- Dockerfile | 2 +- Dockerfile.community | 213 +++++++++++++++++++++++++++++++++++++++++++ build.dev.sh | 1 + 3 files changed, 215 insertions(+), 1 deletion(-) create mode 100644 Dockerfile.community diff --git a/Dockerfile b/Dockerfile index b50ef6c..433780b 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,5 +1,5 @@ FROM debian:stretch -MAINTAINER Nicola Corna +MAINTAINER Romain Hunault # Environment variables ####################### diff --git a/Dockerfile.community b/Dockerfile.community new file mode 100644 index 0000000..d509eb9 --- /dev/null +++ b/Dockerfile.community @@ -0,0 +1,213 @@ +FROM debian:buster +MAINTAINER Romain Hunault + +# Environment variables +####################### + +ENV MIRROR_DIR /srv/mirror +ENV SRC_DIR /srv/src +ENV TMP_DIR /srv/tmp +ENV CCACHE_DIR /srv/ccache +ENV ZIP_DIR /srv/zips +ENV LMANIFEST_DIR /srv/local_manifests +ENV DELTA_DIR /srv/delta +ENV KEYS_DIR /srv/keys +ENV LOGS_DIR /srv/logs +ENV USERSCRIPTS_DIR /srv/userscripts + +ENV DEBIAN_FRONTEND noninteractive +ENV USER root + +# Configurable environment variables +#################################### + +# By default we want to use CCACHE, you can disable this +# WARNING: disabling this may slow down a lot your builds! +ENV USE_CCACHE 1 + +# ccache maximum size. It should be a number followed by an optional suffix: k, +# M, G, T (decimal), Ki, Mi, Gi or Ti (binary). The default suffix is G. Use 0 +# for no limit. +ENV CCACHE_SIZE 50G + +# Environment for the /e/ branches name +# See https://github.com/LineageOS/android_vendor_cm/branches for possible options +ENV BRANCH_NAME 'v1-pie' + +# Environment for the device list (separate by comma if more than one) +# eg. DEVICE_LIST=hammerhead,bullhead,angler +ENV DEVICE_LIST '' + +# Release type string +ENV RELEASE_TYPE 'UNOFFICIAL' + +# Repo use for build +ENV REPO 'https://gitlab.e.foundation/e/os/android.git' + +# Repo use for build +ENV MIRROR 'https://github.com/LineageOS/mirror' + +# OTA URL that will be used inside CMUpdater +# Use this in combination with LineageOTA to make sure your device can auto-update itself from this buildbot +ENV OTA_URL '' + +# User identity +ENV USER_NAME 'LineageOS Buildbot' +ENV USER_MAIL 'lineageos-buildbot@docker.host' + +# Include proprietary files, downloaded automatically from github.com/TheMuppets/ +# Only some branches are supported +ENV INCLUDE_PROPRIETARY true + +# Mount an overlay filesystem over the source dir to do each build on a clean source +ENV BUILD_OVERLAY false + +# Clone the full LineageOS mirror (> 200 GB) +ENV LOCAL_MIRROR false + +# If you want to preserve old ZIPs set this to 'false' +ENV CLEAN_OUTDIR false + +# Change this cron rule to what fits best for you +# Use 'now' to start the build immediately +# For example, '0 10 * * *' means 'Every day at 10:00 UTC' +ENV CRONTAB_TIME 'now' + +# Clean artifacts output after each build +ENV CLEAN_AFTER_BUILD true + +# Provide root capabilities builtin inside the ROM (see http://lineageos.org/Update-and-Build-Prep/) +ENV WITH_SU false + +# Provide a default JACK configuration in order to avoid out-of-memory issues +ENV ANDROID_JACK_VM_ARGS "-Dfile.encoding=UTF-8 -XX:+TieredCompilation -Xmx4G" + +# Custom packages to be installed +ENV CUSTOM_PACKAGES '' + +# Sign the builds with the keys in $KEYS_DIR +ENV SIGN_BUILDS false + +# When SIGN_BUILDS = true but no keys have been provided, generate a new set with this subject +ENV KEYS_SUBJECT '/C=US/ST=California/L=Mountain View/O=Android/OU=Android/CN=Android/emailAddress=android@android.com' + +# Move the resulting zips to $ZIP_DIR/$codename instead of $ZIP_DIR/ +ENV ZIP_SUBDIR true + +# Write the verbose logs to $LOGS_DIR/$codename instead of $LOGS_DIR/ +ENV LOGS_SUBDIR true + +# Generate delta files +ENV BUILD_DELTA false + +# Delete old zips in $ZIP_DIR, keep only the N latest one (0 to disable) +ENV DELETE_OLD_ZIPS 0 + +# Delete old deltas in $DELTA_DIR, keep only the N latest one (0 to disable) +ENV DELETE_OLD_DELTAS 0 + +# Delete old logs in $LOGS_DIR, keep only the N latest one (0 to disable) +ENV DELETE_OLD_LOGS 0 + +# Create a JSON file that indexes the build zips at the end of the build process +# (for the updates in OpenDelta). The file will be created in $ZIP_DIR with the +# specified name; leave empty to skip it. +# Requires ZIP_SUBDIR. +ENV OPENDELTA_BUILDS_JSON '' + +# You can optionally specify a USERSCRIPTS_DIR volume containing these scripts: +# * begin.sh, run at the very beginning +# * before.sh, run after the syncing and patching, before starting the builds +# * pre-build.sh, run before the build of every device +# * post-build.sh, run after the build of every device +# * end.sh, run at the very end +# Each script will be run in $SRC_DIR and must be owned and writeable only by +# root + +# Create Volume entry points +############################ +VOLUME $MIRROR_DIR +VOLUME $SRC_DIR +VOLUME $TMP_DIR +VOLUME $CCACHE_DIR +VOLUME $ZIP_DIR +VOLUME $LMANIFEST_DIR +VOLUME $DELTA_DIR +VOLUME $KEYS_DIR +VOLUME $LOGS_DIR +VOLUME $USERSCRIPTS_DIR +VOLUME /root/.ssh + +# Copy required files +##################### +COPY src/ /root/ + +# Create missing directories +############################ +RUN mkdir -p $MIRROR_DIR +RUN mkdir -p $SRC_DIR +RUN mkdir -p $TMP_DIR +RUN mkdir -p $CCACHE_DIR +RUN mkdir -p $ZIP_DIR +RUN mkdir -p $LMANIFEST_DIR +RUN mkdir -p $DELTA_DIR +RUN mkdir -p $KEYS_DIR +RUN mkdir -p $LOGS_DIR +RUN mkdir -p $USERSCRIPTS_DIR + +# Install build dependencies +############################ +COPY apt_preferences /etc/apt/preferences + +RUN echo 'deb http://deb.debian.org/debian sid main' >> /etc/apt/sources.list +RUN echo 'deb http://deb.debian.org/debian experimental main' >> /etc/apt/sources.list +RUN apt-get -qq update +RUN apt-get -qqy upgrade + +RUN apt-get install -y bc bison bsdmainutils build-essential ccache cgpt cron \ + curl flex g++-multilib gcc-multilib git gnupg gperf imagemagick kmod \ + lib32ncurses5-dev libncurses5 lib32readline-dev lib32z1-dev libtinfo5 liblz4-tool \ + libncurses5-dev libsdl1.2-dev libssl-dev libwxgtk3.0-dev libxml2 \ + libxml2-utils lsof lzop maven pngcrush \ + procps python python3 rsync schedtool squashfs-tools software-properties-common wget xdelta3 xsltproc yasm \ + zip zlib1g-dev + +RUN curl https://storage.googleapis.com/git-repo-downloads/repo > /usr/local/bin/repo +RUN chmod a+x /usr/local/bin/repo +RUN ln -fs /usr/bin/python3 /usr/bin/python + +# Use adoptopenjdk.net to be able to use OpeJDK8 on debian:buster +RUN curl -q https://adoptopenjdk.jfrog.io/adoptopenjdk/api/gpg/key/public | apt-key add - +RUN add-apt-repository --yes https://adoptopenjdk.jfrog.io/adoptopenjdk/deb/ +RUN apt-get -qq update && apt-get install -y adoptopenjdk-8-hotspot +RUN update-alternatives --set java /usr/lib/jvm/adoptopenjdk-8-hotspot-amd64/bin/java + +# Download and build delta tools +################################ +RUN cd /root/ && \ + mkdir delta && \ + git clone --depth=1 https://github.com/omnirom/android_packages_apps_OpenDelta.git OpenDelta && \ + gcc -o delta/zipadjust OpenDelta/jni/zipadjust.c OpenDelta/jni/zipadjust_run.c -lz && \ + cp OpenDelta/server/minsignapk.jar OpenDelta/server/opendelta.sh delta/ && \ + chmod +x delta/opendelta.sh && \ + rm -rf OpenDelta/ && \ + sed -i -e 's|^\s*HOME=.*|HOME=/root|; \ + s|^\s*BIN_XDELTA=.*|BIN_XDELTA=xdelta3|; \ + s|^\s*FILE_MATCH=.*|FILE_MATCH=lineage-\*.zip|; \ + s|^\s*PATH_CURRENT=.*|PATH_CURRENT=$SRC_DIR/out/target/product/$DEVICE|; \ + s|^\s*PATH_LAST=.*|PATH_LAST=$SRC_DIR/delta_last/$DEVICE|; \ + s|^\s*KEY_X509=.*|KEY_X509=$KEYS_DIR/releasekey.x509.pem|; \ + s|^\s*KEY_PK8=.*|KEY_PK8=$KEYS_DIR/releasekey.pk8|; \ + s|publish|$DELTA_DIR|g' /root/delta/opendelta.sh + +# Set the work directory +######################## +WORKDIR $SRC_DIR + +# Allow redirection of stdout to docker logs +############################################ +RUN ln -sf /proc/1/fd/1 /var/log/docker.log + +# Set the entry point to init.sh +################################ +ENTRYPOINT /root/init.sh diff --git a/build.dev.sh b/build.dev.sh index 6b9a701..97041fe 100755 --- a/build.dev.sh +++ b/build.dev.sh @@ -3,6 +3,7 @@ # Docker build script # Copyright (c) 2017 Julian Xhokaxhiu # Copyright (C) 2017-2018 Nicola Corna +# Copyright (C) 2020 eCorp Romain HUNAULT # # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by -- GitLab From 03881169820169591fbe347d7cbdb8820646f628 Mon Sep 17 00:00:00 2001 From: Romain Hunault Date: Wed, 8 Apr 2020 16:33:02 +0200 Subject: [PATCH 02/10] Build prod and community docker images --- .gitlab-ci.yml | 14 +++--- build.dev.sh => build-community.sh | 74 ++++++++++++++++-------------- 2 files changed, 46 insertions(+), 42 deletions(-) rename build.dev.sh => build-community.sh (89%) mode change 100755 => 100644 diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 7366edb..989041e 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -13,22 +13,22 @@ variables: script: - "docker pull $CONTAINER_IMAGE:$IMAGE_TAG || true" - "docker login -u gitlab-ci-token -p $CI_BUILD_TOKEN registry.gitlab.e.foundation:5000" - - "docker build --cache-from $CONTAINER_IMAGE:$IMAGE_TAG -t $CONTAINER_IMAGE -t $CONTAINER_IMAGE:$IMAGE_TAG -t $CONTAINER_IMAGE:$IMAGE_TAG_RELEASE ." + - "docker build --cache-from $CONTAINER_IMAGE:$IMAGE_TAG -t $CONTAINER_IMAGE -t $CONTAINER_IMAGE:$IMAGE_TAG -t $CONTAINER_IMAGE:$IMAGE_TAG_RELEASE -f $DOCKERFILE ." - "docker push $CONTAINER_IMAGE:$IMAGE_TAG" - 'if [ "${CI_COMMIT_REF_NAME}" = master ] ; then docker push $CONTAINER_IMAGE:$IMAGE_TAG_RELEASE ; fi' build_prod: extends: .build_image - after_script: - - 'if [ "${CI_COMMIT_REF_NAME}" = master ] ; then docker push $CONTAINER_IMAGE:latest ; fi' variables: IMAGE_TAG: $CI_COMMIT_REF_NAME IMAGE_TAG_RELEASE: prod + DOCKERFILE: Dockerfile -build_debug: +build_community: extends: .build_image before_script: - - "mv build.dev.sh src/build.sh" + - "mv build-community.sh src/build.sh" variables: - IMAGE_TAG: $CI_COMMIT_REF_NAME-debug - IMAGE_TAG_RELEASE: debug + IMAGE_TAG: $CI_COMMIT_REF_NAME-community + IMAGE_TAG_RELEASE: community + DOCKERFILE: Dockerfile.community diff --git a/build.dev.sh b/build-community.sh old mode 100755 new mode 100644 similarity index 89% rename from build.dev.sh rename to build-community.sh index 97041fe..9f6836e --- a/build.dev.sh +++ b/build-community.sh @@ -18,6 +18,8 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +repo_log="$LOGS_DIR/repo-$(date +%Y%m%d).log" + # cd to working directory cd "$SRC_DIR" @@ -47,8 +49,8 @@ if [ "$LOCAL_MIRROR" = true ]; then cd "$MIRROR_DIR" if [ ! -d .repo ]; then - echo ">> [$(date)] Initializing mirror repository" - yes | repo init -u "$MIRROR" --mirror --no-clone-bundle -p linux + echo ">> [$(date)] Initializing mirror repository" | tee -a "$repo_log" + yes | repo init -u "$MIRROR" --mirror --no-clone-bundle -p linux &>> "$repo_log" fi # Copy local manifests to the appropriate folder in order take them into consideration @@ -61,8 +63,8 @@ if [ "$LOCAL_MIRROR" = true ]; then wget -q -O .repo/local_manifests/proprietary.xml "https://raw.githubusercontent.com/TheMuppets/manifests/mirror/default.xml" fi - echo ">> [$(date)] Syncing mirror repository" - repo sync --force-sync --no-clone-bundle + echo ">> [$(date)] Syncing mirror repository" | tee -a "$repo_log" + repo sync --force-sync --no-clone-bundle &>> "$repo_log" if [ $? != 0 ]; then sync_successful=false @@ -93,11 +95,11 @@ for branch in ${BRANCH_NAME//,/ }; do fi done - echo ">> [$(date)] (Re)initializing branch repository" + echo ">> [$(date)] (Re)initializing branch repository" | tee -a "$repo_log" if [ "$LOCAL_MIRROR" = true ]; then - yes | repo init -u "$REPO" --reference "$MIRROR_DIR" -b "$branch" + yes | repo init -u "$REPO" --reference "$MIRROR_DIR" -b "$branch" &>> "$repo_log" else - yes | repo init -u "$REPO" -b "$branch" + yes | repo init -u "$REPO" -b "$branch" &>> "$repo_log" fi # Copy local manifests to the appropriate folder in order take them into consideration @@ -123,9 +125,9 @@ for branch in ${BRANCH_NAME//,/ }; do wget -q -O .repo/local_manifests/proprietary.xml "https://raw.githubusercontent.com/TheMuppets/manifests/$themuppets_branch/muppets.xml" fi - echo ">> [$(date)] Syncing branch repository" + echo ">> [$(date)] Syncing branch repository" | tee -a "$repo_log" builddate=$(date +%Y%m%d) - repo sync -c --force-sync + repo sync -c --force-sync &>> "$repo_log" if [ $? != 0 ]; then sync_successful=false @@ -263,9 +265,9 @@ for branch in ${BRANCH_NAME//,/ }; do builddate=$currentdate if [ "$LOCAL_MIRROR" = true ]; then - echo ">> [$(date)] Syncing mirror repository" + echo ">> [$(date)] Syncing mirror repository" | tee -a "$repo_log" cd "$MIRROR_DIR" - repo sync --force-sync --no-clone-bundle + repo sync --force-sync --no-clone-bundle &>> "$repo_log" if [ $? != 0 ]; then sync_successful=false @@ -273,9 +275,9 @@ for branch in ${BRANCH_NAME//,/ }; do fi fi - echo ">> [$(date)] Syncing branch repository" + echo ">> [$(date)] Syncing branch repository" | tee -a "$repo_log" cd "$SRC_DIR/$branch_dir" - repo sync -c --force-sync + repo sync -c --force-sync &>> "$repo_log" if [ $? != 0 ]; then sync_successful=false @@ -305,9 +307,11 @@ for branch in ${BRANCH_NAME//,/ }; do logsubdir= fi + DEBUG_LOG="$LOGS_DIR/$logsubdir/eelo-$los_ver-$builddate-$RELEASE_TYPE-$codename.log" + if [ -f /root/userscripts/pre-build.sh ]; then - echo ">> [$(date)] Running pre-build.sh for $codename" - /root/userscripts/pre-build.sh $codename + echo ">> [$(date)] Running pre-build.sh for $codename" >> "$DEBUG_LOG" + /root/userscripts/pre-build.sh $codename &>> "$DEBUG_LOG" if [ $? != 0 ]; then build_device=false @@ -315,52 +319,52 @@ for branch in ${BRANCH_NAME//,/ }; do fi if [ "$build_device" = false ]; then - echo ">> [$(date)] No build for $codename" + echo ">> [$(date)] No build for $codename" >> "$DEBUG_LOG" continue fi # Start the build - echo ">> [$(date)] Starting build for $codename, $branch branch" + echo ">> [$(date)] Starting build for $codename, $branch branch" | tee -a "$DEBUG_LOG" build_successful=false echo "ANDROID_JACK_VM_ARGS=${ANDROID_JACK_VM_ARGS}" - if brunch $codename ; then + if brunch $codename &>> "$DEBUG_LOG"; then currentdate=$(date +%Y%m%d) if [ "$builddate" != "$currentdate" ]; then - find out/target/product/$codename -maxdepth 1 -name "e-*-$currentdate-*.zip*" -type f -exec sh /root/fix_build_date.sh {} $currentdate $builddate \; + find out/target/product/$codename -maxdepth 1 -name "e-*-$currentdate-*.zip*" -type f -exec sh /root/fix_build_date.sh {} $currentdate $builddate \; &>> "$DEBUG_LOG" fi if [ "$BUILD_DELTA" = true ]; then if [ -d "delta_last/$codename/" ]; then # If not the first build, create delta files - echo ">> [$(date)] Generating delta files for $codename" + echo ">> [$(date)] Generating delta files for $codename" | tee -a "$DEBUG_LOG" cd /root/delta - if ./opendelta.sh $codename; then - echo ">> [$(date)] Delta generation for $codename completed" + if ./opendelta.sh $codename &>> "$DEBUG_LOG"; then + echo ">> [$(date)] Delta generation for $codename completed" | tee -a "$DEBUG_LOG" else - echo ">> [$(date)] Delta generation for $codename failed" + echo ">> [$(date)] Delta generation for $codename failed" | tee -a "$DEBUG_LOG" fi if [ "$DELETE_OLD_DELTAS" -gt "0" ]; then - /usr/bin/python /root/clean_up.py -n $DELETE_OLD_DELTAS -V $los_ver -N 1 "$DELTA_DIR/$codename" + /usr/bin/python /root/clean_up.py -n $DELETE_OLD_DELTAS -V $los_ver -N 1 "$DELTA_DIR/$codename" &>> $DEBUG_LOG fi cd "$source_dir" else # If the first build, copy the current full zip in $source_dir/delta_last/$codename/ - echo ">> [$(date)] No previous build for $codename; using current build as base for the next delta" - mkdir -p delta_last/$codename/ - find out/target/product/$codename -maxdepth 1 -name 'e-*.zip' -type f -exec cp {} "$source_dir/delta_last/$codename/" \; + echo ">> [$(date)] No previous build for $codename; using current build as base for the next delta" | tee -a "$DEBUG_LOG" + mkdir -p delta_last/$codename/ &>> "$DEBUG_LOG" + find out/target/product/$codename -maxdepth 1 -name 'e-*.zip' -type f -exec cp {} "$source_dir/delta_last/$codename/" \; &>> "$DEBUG_LOG" fi fi # Move produced ZIP files to the main OUT directory - echo ">> [$(date)] Moving build artifacts for $codename to '$ZIP_DIR/$zipsubdir'" + echo ">> [$(date)] Moving build artifacts for $codename to '$ZIP_DIR/$zipsubdir'" | tee -a "$DEBUG_LOG" cd out/target/product/$codename for build in e-*.zip; do sha256sum "$build" > "$ZIP_DIR/$zipsubdir/$build.sha256sum" done - find . -maxdepth 1 -name 'e-*.zip*' -type f -exec mv {} "$ZIP_DIR/$zipsubdir/" \; + find . -maxdepth 1 -name 'e-*.zip*' -type f -exec mv {} "$ZIP_DIR/$zipsubdir/" \; &>> "$DEBUG_LOG" cd "$source_dir" build_successful=true else - echo ">> [$(date)] Failed build for $codename" + echo ">> [$(date)] Failed build for $codename" | tee -a "$DEBUG_LOG" fi # Remove old zips and logs @@ -379,10 +383,10 @@ for branch in ${BRANCH_NAME//,/ }; do fi fi if [ -f /root/userscripts/post-build.sh ]; then - echo ">> [$(date)] Running post-build.sh for $codename" - /root/userscripts/post-build.sh $codename $build_successful + echo ">> [$(date)] Running post-build.sh for $codename" >> "$DEBUG_LOG" + /root/userscripts/post-build.sh $codename $build_successful &>> "$DEBUG_LOG" fi - echo ">> [$(date)] Finishing build for $codename" + echo ">> [$(date)] Finishing build for $codename" | tee -a "$DEBUG_LOG" if [ "$BUILD_OVERLAY" = true ]; then # The Jack server must be stopped manually, as we want to unmount $TMP_DIR/merged @@ -400,13 +404,13 @@ for branch in ${BRANCH_NAME//,/ }; do fi if [ "$CLEAN_AFTER_BUILD" = true ]; then - echo ">> [$(date)] Cleaning source dir for device $codename" + echo ">> [$(date)] Cleaning source dir for device $codename" | tee -a "$DEBUG_LOG" if [ "$BUILD_OVERLAY" = true ]; then cd "$TMP_DIR" rm -rf ./* else cd "$source_dir" - mka clean + mka clean &>> "$DEBUG_LOG" fi fi -- GitLab From 5ae1757e6c8f6fbe1e77e579b97ef6106e0739ee Mon Sep 17 00:00:00 2001 From: Romain Hunault Date: Wed, 8 Apr 2020 16:34:01 +0200 Subject: [PATCH 03/10] Don't apply signature spoofing patch Now in codebase --- build-community.sh | 35 ------ .../android_frameworks_base-KK-LP.patch | 66 ----------- .../android_frameworks_base-M.patch | 104 ------------------ .../android_frameworks_base-N.patch | 104 ------------------ .../android_frameworks_base-O.patch | 102 ----------------- .../android_frameworks_base-P.patch | 88 --------------- .../frameworks_base_config.xml | 25 ----- 7 files changed, 524 deletions(-) delete mode 100644 src/signature_spoofing_patches/android_frameworks_base-KK-LP.patch delete mode 100644 src/signature_spoofing_patches/android_frameworks_base-M.patch delete mode 100644 src/signature_spoofing_patches/android_frameworks_base-N.patch delete mode 100644 src/signature_spoofing_patches/android_frameworks_base-O.patch delete mode 100644 src/signature_spoofing_patches/android_frameworks_base-P.patch delete mode 100644 src/signature_spoofing_patches/frameworks_base_config.xml diff --git a/build-community.sh b/build-community.sh index 9f6836e..7c044a0 100644 --- a/build-community.sh +++ b/build-community.sh @@ -165,41 +165,6 @@ for branch in ${BRANCH_NAME//,/ }; do los_ver_minor=$(sed -n -e 's/^\s*PRODUCT_VERSION_MINOR = //p' "vendor/$vendor/config/common.mk") los_ver="$los_ver_major.$los_ver_minor" - # If needed, apply the microG's signature spoofing patch - if [ "$SIGNATURE_SPOOFING" = "yes" ] || [ "$SIGNATURE_SPOOFING" = "restricted" ]; then - # Determine which patch should be applied to the current Android source tree - patch_name="" - case $android_version in - 4.4* ) patch_name="android_frameworks_base-KK-LP.patch" ;; - 5.* ) patch_name="android_frameworks_base-KK-LP.patch" ;; - 6.* ) patch_name="android_frameworks_base-M.patch" ;; - 7.* ) patch_name="android_frameworks_base-N.patch" ;; - 8.* ) patch_name="android_frameworks_base-O.patch" ;; - 9* ) patch_name="android_frameworks_base-P.patch" ;; #not sure why 9 not 9.0 but here's a fix that will work until android 90 - esac - - if ! [ -z $patch_name ]; then - cd frameworks/base - if [ "$SIGNATURE_SPOOFING" = "yes" ]; then - echo ">> [$(date)] Applying the standard signature spoofing patch ($patch_name) to frameworks/base" - echo ">> [$(date)] WARNING: the standard signature spoofing patch introduces a security threat" - patch --quiet -p1 -i "/root/signature_spoofing_patches/$patch_name" - else - echo ">> [$(date)] Applying the restricted signature spoofing patch (based on $patch_name) to frameworks/base" - sed 's/android:protectionLevel="dangerous"/android:protectionLevel="signature|privileged"/' "/root/signature_spoofing_patches/$patch_name" | patch --quiet -p1 - fi - git clean -q -f - cd ../.. - - # Override device-specific settings for the location providers - mkdir -p "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/" - cp /root/signature_spoofing_patches/frameworks_base_config.xml "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/config.xml" - else - echo ">> [$(date)] ERROR: can't find a suitable signature spoofing patch for the current Android version ($android_version)" - exit 1 - fi - fi - echo ">> [$(date)] Setting \"$RELEASE_TYPE\" as release type" sed -i "/\$(filter .*\$(${vendor^^}_BUILDTYPE)/,+2d" "vendor/$vendor/config/common.mk" diff --git a/src/signature_spoofing_patches/android_frameworks_base-KK-LP.patch b/src/signature_spoofing_patches/android_frameworks_base-KK-LP.patch deleted file mode 100644 index 5571a58..0000000 --- a/src/signature_spoofing_patches/android_frameworks_base-KK-LP.patch +++ /dev/null @@ -1,66 +0,0 @@ -diff --git a/core/java/android/content/pm/PackageParser.java b/core/java/android/content/pm/PackageParser.java -index e6da288..66684d3 100644 ---- a/core/java/android/content/pm/PackageParser.java -+++ b/core/java/android/content/pm/PackageParser.java -@@ -447,10 +447,23 @@ public class PackageParser { - } - } - if ((flags&PackageManager.GET_SIGNATURES) != 0) { -- int N = (p.mSignatures != null) ? p.mSignatures.length : 0; -- if (N > 0) { -- pi.signatures = new Signature[N]; -- System.arraycopy(p.mSignatures, 0, pi.signatures, 0, N); -+ boolean handledFakeSignature = false; -+ try { -+ if (p.requestedPermissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") && p.mAppMetaData != null -+ && p.mAppMetaData.get("fake-signature") instanceof String) { -+ pi.signatures = new Signature[] {new Signature(p.mAppMetaData.getString("fake-signature"))}; -+ handledFakeSignature = true; -+ } -+ } catch (Throwable t) { -+ // We should never die because of any failures, this is system code! -+ Log.w("PackageParser.FAKE_PACKAGE_SIGNATURE", t); -+ } -+ if (!handledFakeSignature) { -+ int N = (p.mSignatures != null) ? p.mSignatures.length : 0; -+ if (N > 0) { -+ pi.signatures = new Signature[N]; -+ System.arraycopy(p.mSignatures, 0, pi.signatures, 0, N); -+ } - } - } - return pi; -diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml -index 558a475..4e7aa65 100644 ---- a/core/res/AndroidManifest.xml -+++ b/core/res/AndroidManifest.xml -@@ -1562,6 +1562,13 @@ - android:label="@string/permlab_getPackageSize" - android:description="@string/permdesc_getPackageSize" /> - -+ -+ -+ - -diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml -index 790e166..8e66470 100644 ---- a/core/res/res/values/strings.xml -+++ b/core/res/res/values/strings.xml -@@ -1135,6 +1135,11 @@ - Allows the app to retrieve its code, data, and cache sizes - - -+ mimic package signature -+ -+ Allows the app to use mimic another app\'s package signature. -+ -+ - directly install apps - - Allows the app to install new or updated diff --git a/src/signature_spoofing_patches/android_frameworks_base-M.patch b/src/signature_spoofing_patches/android_frameworks_base-M.patch deleted file mode 100644 index 72d68e7..0000000 --- a/src/signature_spoofing_patches/android_frameworks_base-M.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 7357f8c0c8a6bdc09555ab47dae83f28346b8470 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Beno=C3=AEt=20Mauduit?= -Date: Wed, 22 Jun 2016 15:04:56 +0200 -Subject: [PATCH 1/1] Add signature Spoofing permission -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This is needed by GmsCore (https://microg.org/) to pretend -the existence of the official Play Services to applications calling -Google APIs. - -Signed-off-by: Benoît Mauduit ---- - core/res/AndroidManifest.xml | 7 +++++++ - core/res/res/values/config.xml | 2 ++ - core/res/res/values/strings.xml | 5 +++++ - .../android/server/pm/PackageManagerService.java | 23 ++++++++++++++++++++-- - 4 files changed, 35 insertions(+), 2 deletions(-) - -diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml -index ea0e39c..a936983 100644 ---- a/core/res/AndroidManifest.xml -+++ b/core/res/AndroidManifest.xml -@@ -1654,6 +1654,13 @@ - android:description="@string/permdesc_getPackageSize" - android:protectionLevel="normal" /> - -+ -+ -+ - -diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml -index c7846cf..916d8a5 100644 ---- a/core/res/res/values/config.xml -+++ b/core/res/res/values/config.xml -@@ -1298,6 +1298,8 @@ - - - com.android.location.fused -+ -+ com.google.android.gms - - - -diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml -index 58135db..e65367a 100644 ---- a/core/res/res/values/strings.xml -+++ b/core/res/res/values/strings.xml -@@ -616,6 +616,11 @@ - - - -+ Spoof package signature -+ -+ Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Grant this permission with caution only! -+ -+ - disable or modify status bar - - Allows the app to disable the status bar or add and remove system icons. -diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java -index 0493180..35f49d7 100644 ---- a/services/core/java/com/android/server/pm/PackageManagerService.java -+++ b/services/core/java/com/android/server/pm/PackageManagerService.java -@@ -2816,8 +2816,27 @@ public class PackageManagerService extends IPackageManager.Stub { - final Set permissions = permissionsState.getPermissions(userId); - final PackageUserState state = ps.readUserState(userId); - -- return PackageParser.generatePackageInfo(p, gids, flags, -- ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId); -+ return mayFakeSignature(p, PackageParser.generatePackageInfo(p, gids, flags, -+ ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId), -+ permissions); -+ } -+ -+ private PackageInfo mayFakeSignature(PackageParser.Package p, PackageInfo pi, -+ Set permissions) { -+ try { -+ if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") -+ && p.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1 -+ && p.mAppMetaData != null) { -+ String sig = p.mAppMetaData.getString("fake-signature"); -+ if (sig != null) { -+ pi.signatures = new Signature[] {new Signature(sig)}; -+ } -+ } -+ } catch (Throwable t) { -+ // We should never die because of any failures, this is system code! -+ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t); -+ } -+ return pi; - } - - @Override --- -2.8.1 - diff --git a/src/signature_spoofing_patches/android_frameworks_base-N.patch b/src/signature_spoofing_patches/android_frameworks_base-N.patch deleted file mode 100644 index 6e6125c..0000000 --- a/src/signature_spoofing_patches/android_frameworks_base-N.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 7357f8c0c8a6bdc09555ab47dae83f28346b8470 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Beno=C3=AEt=20Mauduit?= -Date: Wed, 22 Jun 2016 15:04:56 +0200 -Subject: [PATCH 1/1] Add signature Spoofing permission -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -This is needed by GmsCore (https://microg.org/) to pretend -the existence of the official Play Services to applications calling -Google APIs. - -Signed-off-by: Benoît Mauduit ---- - core/res/AndroidManifest.xml | 7 +++++++ - core/res/res/values/config.xml | 2 ++ - core/res/res/values/strings.xml | 5 +++++ - .../android/server/pm/PackageManagerService.java | 23 ++++++++++++++++++++-- - 4 files changed, 35 insertions(+), 2 deletions(-) - -diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml -index ea0e39c..a936983 100644 ---- a/core/res/AndroidManifest.xml -+++ b/core/res/AndroidManifest.xml -@@ -1654,6 +1654,13 @@ - android:description="@string/permdesc_getPackageSize" - android:protectionLevel="normal" /> - -+ -+ -+ - -diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml -index c7846cf..916d8a5 100644 ---- a/core/res/res/values/config.xml -+++ b/core/res/res/values/config.xml -@@ -1298,6 +1298,8 @@ - - - com.android.location.fused -+ -+ com.google.android.gms - - - -diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml -index 58135db..e65367a 100644 ---- a/core/res/res/values/strings.xml -+++ b/core/res/res/values/strings.xml -@@ -616,6 +616,11 @@ - - - -+ Spoof package signature -+ -+ Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Grant this permission with caution only! -+ -+ - disable or modify status bar - - Allows the app to disable the status bar or add and remove system icons. -diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java -index 0493180..35f49d7 100644 ---- a/services/core/java/com/android/server/pm/PackageManagerService.java -+++ b/services/core/java/com/android/server/pm/PackageManagerService.java -@@ -3067,8 +3067,27 @@ public class PackageManagerService extends IPackageManager.Stub { - ? Collections.emptySet() : permissionsState.getPermissions(userId); - final PackageUserState state = ps.readUserState(userId); - -- return PackageParser.generatePackageInfo(p, gids, flags, -- ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId); -+ return mayFakeSignature(p, PackageParser.generatePackageInfo(p, gids, flags, -+ ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId), -+ permissions); -+ } -+ -+ private PackageInfo mayFakeSignature(PackageParser.Package p, PackageInfo pi, -+ Set permissions) { -+ try { -+ if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") -+ && p.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1 -+ && p.mAppMetaData != null) { -+ String sig = p.mAppMetaData.getString("fake-signature"); -+ if (sig != null) { -+ pi.signatures = new Signature[] {new Signature(sig)}; -+ } -+ } -+ } catch (Throwable t) { -+ // We should never die because of any failures, this is system code! -+ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t); -+ } -+ return pi; - } - - @Override --- -2.8.1 - diff --git a/src/signature_spoofing_patches/android_frameworks_base-O.patch b/src/signature_spoofing_patches/android_frameworks_base-O.patch deleted file mode 100644 index cc1d338..0000000 --- a/src/signature_spoofing_patches/android_frameworks_base-O.patch +++ /dev/null @@ -1,102 +0,0 @@ -commit 4e9d677b35b9656c22c922c9abca4107ab95c9b4 -Author: Bernhard Rosenkränzer -Date: Tue Aug 29 00:34:27 2017 +0200 - - Add permission to allow an APK to fake a signature. - - This is needed by GmsCore (https://microg.org/) to pretend - the existence of the official Play Services to applications calling - Google APIs. - - Forward-ported from https://github.com/microg/android_packages_apps_GmsCore/blob/master/patches/android_frameworks_base-N.patch - - Change-Id: I603fd09200432f7e1bf997072188cdfa6da1594f - Signed-off-by: Bernhard Rosenkränzer - -diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml -index 794d4f8b78b..b3189077256 100644 ---- a/core/res/AndroidManifest.xml -+++ b/core/res/AndroidManifest.xml -@@ -2075,6 +2075,13 @@ - android:description="@string/permdesc_getPackageSize" - android:protectionLevel="normal" /> - -+ -+ -+ - -diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml -index 3613acf44aa..d1636c862c5 100644 ---- a/core/res/res/values/config.xml -+++ b/core/res/res/values/config.xml -@@ -1385,6 +1385,8 @@ - - - com.android.location.fused -+ -+ com.google.android.gms - - - -diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml -index 3eebe7eb68d..7405386cd49 100644 ---- a/core/res/res/values/strings.xml -+++ b/core/res/res/values/strings.xml -@@ -764,6 +764,10 @@ - - - -+ -+ Spoof package signature -+ -+ Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Legitimate uses include an emulator pretending to be what it emulates. Grant this permission with caution only! - - disable or modify status bar - -diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java -index f36b762c5e9..048a057d39c 100644 ---- a/services/core/java/com/android/server/pm/PackageManagerService.java -+++ b/services/core/java/com/android/server/pm/PackageManagerService.java -@@ -3571,8 +3571,9 @@ public class PackageManagerService extends IPackageManager.Stub - flags |= MATCH_ANY_USER; - } - -- PackageInfo packageInfo = PackageParser.generatePackageInfo(p, gids, flags, -- ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId); -+ PackageInfo packageInfo = mayFakeSignature(p, PackageParser.generatePackageInfo(p, gids, flags, -+ ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId), -+ permissions); - - if (packageInfo == null) { - return null; -@@ -3584,6 +3585,24 @@ public class PackageManagerService extends IPackageManager.Stub - return packageInfo; - } - -+ private PackageInfo mayFakeSignature(PackageParser.Package p, PackageInfo pi, -+ Set permissions) { -+ try { -+ if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") -+ && p.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1 -+ && p.mAppMetaData != null) { -+ String sig = p.mAppMetaData.getString("fake-signature"); -+ if (sig != null) { -+ pi.signatures = new Signature[] {new Signature(sig)}; -+ } -+ } -+ } catch (Throwable t) { -+ // We should never die because of any failures, this is system code! -+ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t); -+ } -+ return pi; -+ } -+ - @Override - public void checkPackageStartable(String packageName, int userId) { - final int callingUid = Binder.getCallingUid(); diff --git a/src/signature_spoofing_patches/android_frameworks_base-P.patch b/src/signature_spoofing_patches/android_frameworks_base-P.patch deleted file mode 100644 index ad0fdf2..0000000 --- a/src/signature_spoofing_patches/android_frameworks_base-P.patch +++ /dev/null @@ -1,88 +0,0 @@ -diff --git a/core/res/AndroidManifest.xml b/core/res/AndroidManifest.xml -index 66c497e9977..c1b2e703109 100644 ---- a/core/res/AndroidManifest.xml -+++ b/core/res/AndroidManifest.xml -@@ -2341,6 +2341,13 @@ - android:description="@string/permdesc_getPackageSize" - android:protectionLevel="normal" /> - -+ -+ -+ - -diff --git a/core/res/res/values/config.xml b/core/res/res/values/config.xml -index 0b5dd7e70e8..bbdba64f2ba 100644 ---- a/core/res/res/values/config.xml -+++ b/core/res/res/values/config.xml -@@ -1650,6 +1650,8 @@ - - - com.android.location.fused -+ -+ com.google.android.gms - - - -diff --git a/core/res/res/values/strings.xml b/core/res/res/values/strings.xml -index 3c5159c89bf..7583f1c567f 100644 ---- a/core/res/res/values/strings.xml -+++ b/core/res/res/values/strings.xml -@@ -786,6 +786,11 @@ - - - -+ Spoof package signature -+ -+ Allows the app to pretend to be a different app. Malicious applications might be able to use this to access private application data. Legitimate uses include an emulator pretending to be what it emulates. Grant this permission with caution only! -+ -+ - disable or modify status bar - - Allows the app to disable the status bar or add and remove system icons. -diff --git a/services/core/java/com/android/server/pm/PackageManagerService.java b/services/core/java/com/android/server/pm/PackageManagerService.java -index 9ed2b9c1854..4c5ce24cfa7 100644 ---- a/services/core/java/com/android/server/pm/PackageManagerService.java -+++ b/services/core/java/com/android/server/pm/PackageManagerService.java -@@ -3937,8 +3937,9 @@ public class PackageManagerService extends IPackageManager.Stub - final Set permissions = ArrayUtils.isEmpty(p.requestedPermissions) - ? Collections.emptySet() : permissionsState.getPermissions(userId); - -- PackageInfo packageInfo = PackageParser.generatePackageInfo(p, gids, flags, -- ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId); -+ PackageInfo packageInfo = mayFakeSignature(p, PackageParser.generatePackageInfo(p, gids, flags, -+ ps.firstInstallTime, ps.lastUpdateTime, permissions, state, userId), -+ permissions); - - if (packageInfo == null) { - return null; -@@ -3974,6 +3975,24 @@ public class PackageManagerService extends IPackageManager.Stub - } - } - -+ private PackageInfo mayFakeSignature(PackageParser.Package p, PackageInfo pi, -+ Set permissions) { -+ try { -+ if (permissions.contains("android.permission.FAKE_PACKAGE_SIGNATURE") -+ && p.applicationInfo.targetSdkVersion > Build.VERSION_CODES.LOLLIPOP_MR1 -+ && p.mAppMetaData != null) { -+ String sig = p.mAppMetaData.getString("fake-signature"); -+ if (sig != null) { -+ pi.signatures = new Signature[] {new Signature(sig)}; -+ } -+ } -+ } catch (Throwable t) { -+ // We should never die because of any failures, this is system code! -+ Log.w("PackageManagerService.FAKE_PACKAGE_SIGNATURE", t); -+ } -+ return pi; -+ } -+ - @Override - public void checkPackageStartable(String packageName, int userId) { - final int callingUid = Binder.getCallingUid(); diff --git a/src/signature_spoofing_patches/frameworks_base_config.xml b/src/signature_spoofing_patches/frameworks_base_config.xml deleted file mode 100644 index 5925277..0000000 --- a/src/signature_spoofing_patches/frameworks_base_config.xml +++ /dev/null @@ -1,25 +0,0 @@ - - - - - - - true - true - - -- GitLab From 6b49a7668fbbdc888e66343caa5902f854a8d936 Mon Sep 17 00:00:00 2001 From: Romain Hunault Date: Wed, 8 Apr 2020 16:36:26 +0200 Subject: [PATCH 04/10] Don't add CUSTOM_PACKAGES Now defined in the code base (see https://gitlab.e.foundation/e/os/android_vendor_lineage/-/blob/v1-pie/config/common.mk#L224) --- build-community.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/build-community.sh b/build-community.sh index 7c044a0..29d8f82 100644 --- a/build-community.sh +++ b/build-community.sh @@ -186,12 +186,6 @@ for branch in ${BRANCH_NAME//,/ }; do fi fi - # Add custom packages to be installed - if ! [ -z "$CUSTOM_PACKAGES" ]; then - echo ">> [$(date)] Adding custom packages ($CUSTOM_PACKAGES)" - sed -i "1s;^;PRODUCT_PACKAGES += $CUSTOM_PACKAGES\n\n;" "vendor/$vendor/config/common.mk" - fi - if [ "$SIGN_BUILDS" = true ]; then echo ">> [$(date)] Adding keys path ($KEYS_DIR)" # Soong (Android 9+) complains if the signing keys are outside the build path -- GitLab From 3271277d2e2951be050520b2a748c723aac2d4c3 Mon Sep 17 00:00:00 2001 From: Romain Hunault Date: Wed, 8 Apr 2020 16:53:32 +0200 Subject: [PATCH 05/10] Remove overlay Now apply in codebase (see https://gitlab.e.foundation/e/os/android_vendor_lineage/-/blob/v1-pie/config/common.mk#L288) --- build-community.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/build-community.sh b/build-community.sh index 29d8f82..0bd198c 100644 --- a/build-community.sh +++ b/build-community.sh @@ -157,10 +157,6 @@ for branch in ${BRANCH_NAME//,/ }; do exit 1 fi - # Set up our overlay - mkdir -p "vendor/$vendor/overlay/microg/" - sed -i "1s;^;PRODUCT_PACKAGE_OVERLAYS := vendor/$vendor/overlay/microg\n;" "vendor/$vendor/config/common.mk" - los_ver_major=$(sed -n -e 's/^\s*PRODUCT_VERSION_MAJOR = //p' "vendor/$vendor/config/common.mk") los_ver_minor=$(sed -n -e 's/^\s*PRODUCT_VERSION_MINOR = //p' "vendor/$vendor/config/common.mk") los_ver="$los_ver_major.$los_ver_minor" @@ -286,6 +282,8 @@ for branch in ${BRANCH_NAME//,/ }; do echo ">> [$(date)] Starting build for $codename, $branch branch" | tee -a "$DEBUG_LOG" build_successful=false echo "ANDROID_JACK_VM_ARGS=${ANDROID_JACK_VM_ARGS}" + echo "Switch to Python2" + ln -fs /usr/bin/python2 /usr/bin/python if brunch $codename &>> "$DEBUG_LOG"; then currentdate=$(date +%Y%m%d) if [ "$builddate" != "$currentdate" ]; then @@ -373,9 +371,10 @@ for branch in ${BRANCH_NAME//,/ }; do fi fi + echo "Switch back to Python3" + ln -fs /usr/bin/python3 /usr/bin/python fi done - fi done -- GitLab From e3f15a70155f49d2652f09c5f57f50dc00ad04e3 Mon Sep 17 00:00:00 2001 From: thilo Date: Sat, 11 Apr 2020 19:02:49 +0000 Subject: [PATCH 06/10] Update .gitlab-ci.yml --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 5a55411..4605ca0 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -21,14 +21,14 @@ build_image: - 'if [ "${CI_COMMIT_REF_NAME}" = master ] ; then docker push $CONTAINER_IMAGE:$IMAGE_TAG_RELEASE ; fi' build_prod: - extends: .build_image + extends: build_image variables: IMAGE_TAG: $CI_COMMIT_REF_NAME IMAGE_TAG_RELEASE: prod DOCKERFILE: Dockerfile build_community: - extends: .build_image + extends: build_image before_script: - "mv build-community.sh src/build.sh" variables: -- GitLab From 9519ea12935e7165bbc997ae747533fe27eee4bc Mon Sep 17 00:00:00 2001 From: thilo Date: Fri, 17 Apr 2020 10:30:50 +0000 Subject: [PATCH 07/10] Update .gitlab-ci.yml -> made build_image a template again --- .gitlab-ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 4605ca0..540b63d 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -5,7 +5,7 @@ variables: DOCKER_DRIVER: overlay2 CONTAINER_IMAGE: registry.gitlab.e.foundation:5000/$CI_PROJECT_PATH -build_image: +.build_image: stage: build image: docker:git services: @@ -28,7 +28,7 @@ build_prod: DOCKERFILE: Dockerfile build_community: - extends: build_image + extends: .build_image before_script: - "mv build-community.sh src/build.sh" variables: -- GitLab From 9d34e195a97c2c73a403eb9bf36112ac63e30f4f Mon Sep 17 00:00:00 2001 From: thilo Date: Fri, 17 Apr 2020 10:31:15 +0000 Subject: [PATCH 08/10] Update .gitlab-ci.yml --- .gitlab-ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml index 540b63d..2df3114 100644 --- a/.gitlab-ci.yml +++ b/.gitlab-ci.yml @@ -21,7 +21,7 @@ variables: - 'if [ "${CI_COMMIT_REF_NAME}" = master ] ; then docker push $CONTAINER_IMAGE:$IMAGE_TAG_RELEASE ; fi' build_prod: - extends: build_image + extends: .build_image variables: IMAGE_TAG: $CI_COMMIT_REF_NAME IMAGE_TAG_RELEASE: prod -- GitLab From 8c94152f6199f0eaa50471f02edb2fe27820d8c9 Mon Sep 17 00:00:00 2001 From: Romain Hunault Date: Mon, 20 Apr 2020 10:52:46 +0200 Subject: [PATCH 09/10] Use our fork of OpenDelta --- Dockerfile | 2 +- Dockerfile.community | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 1cc54cd..8885c6e 100644 --- a/Dockerfile +++ b/Dockerfile @@ -167,7 +167,7 @@ RUN update-alternatives --set java /usr/lib/jvm/adoptopenjdk-8-hotspot-amd64/bin ################################ RUN cd /root/ && \ mkdir delta && \ - git clone --depth=1 https://github.com/omnirom/android_packages_apps_OpenDelta.git OpenDelta && \ + git clone --depth=1 https://gitlab.e.foundation/e/os/android_packages_apps_OpenDelta.git OpenDelta && \ gcc -o delta/zipadjust OpenDelta/jni/zipadjust.c OpenDelta/jni/zipadjust_run.c -lz && \ cp OpenDelta/server/minsignapk.jar OpenDelta/server/opendelta.sh delta/ && \ chmod +x delta/opendelta.sh && \ diff --git a/Dockerfile.community b/Dockerfile.community index d509eb9..db51ef4 100644 --- a/Dockerfile.community +++ b/Dockerfile.community @@ -186,7 +186,7 @@ RUN update-alternatives --set java /usr/lib/jvm/adoptopenjdk-8-hotspot-amd64/bin ################################ RUN cd /root/ && \ mkdir delta && \ - git clone --depth=1 https://github.com/omnirom/android_packages_apps_OpenDelta.git OpenDelta && \ + git clone --depth=1 https://gitlab.e.foundation/e/os/android_packages_apps_OpenDelta.git OpenDelta && \ gcc -o delta/zipadjust OpenDelta/jni/zipadjust.c OpenDelta/jni/zipadjust_run.c -lz && \ cp OpenDelta/server/minsignapk.jar OpenDelta/server/opendelta.sh delta/ && \ chmod +x delta/opendelta.sh && \ -- GitLab From 7adfcfbe8ba175c4beaa1955105d433066960d17 Mon Sep 17 00:00:00 2001 From: Romain Hunault Date: Mon, 20 Apr 2020 10:58:29 +0200 Subject: [PATCH 10/10] Fix the merge issue with master --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index 8885c6e..22f8c63 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM debian:stretch +FROM debian:buster MAINTAINER Romain Hunault # Environment variables -- GitLab