Add Reproducible Builds (still needs testing)

2020-07-05 20:09:18 +02:00 · 2020-07-05 20:09:18 +02:00 · 0a387db625
commit 0a387db625
parent 08ed1d41e6
5 changed files with 109 additions and 1 deletions
--- a/19
+++ b/19
@ -0,0 +1,19 @@
+FROM gradle:5.6.4-jdk8
+
+ENV ANDROID_SDK_URL https://dl.google.com/android/repository/sdk-tools-linux-3859397.zip
+ENV ANDROID_BUILD_TOOLS_VERSION 29.0.3
+ENV ANDROID_HOME /usr/local/android-sdk-linux
+ENV ANDROID_VERSION 29
+ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/platform-tools
+
+RUN mkdir "$ANDROID_HOME" .android && \
+    cd "$ANDROID_HOME" && \
+    curl -o sdk.zip $ANDROID_SDK_URL && \
+    unzip sdk.zip && \
+    rm sdk.zip
+
+RUN yes | ${ANDROID_HOME}/tools/bin/sdkmanager --licenses
+RUN $ANDROID_HOME/tools/bin/sdkmanager --update
+RUN $ANDROID_HOME/tools/bin/sdkmanager "build-tools;${ANDROID_BUILD_TOOLS_VERSION}" \
+    "platforms;android-${ANDROID_VERSION}" \
+    "platform-tools"
--- a/REPRODUCIBLE_BUILDS.md
+++ b/REPRODUCIBLE_BUILDS.md
@ -0,0 +1,61 @@
+# Reproducible Builds
+
+Note: reproducible builds work starting version 1.1.0
+
+## Install Docker
+
+Download and install [Docker](https://www.docker.com/).
+
+## Check your Thorium app version and build timestamp
+
+1. Open the Thorium app
+2. Go to Settings
+3. Check the app version listed under About 'Version' (e.g., 1.1.0), and record its value to be used later
+4. Check the build timestamp under About 'Build Time' (e.g., 1593942384524), and record its value to be used later
+
+## Download the App open-source code
+
+1. Make sure you have `git` installed
+2. Clone the Github repository
+3. Checkout the Tag that corresponds to the version of your Thorium app (e.g., 1.1.0)
+
+```shell
+git clone https://github.com/sschueller/peertube-android ~/peertube-android
+cd ~/peertube-android
+git checkout v1.1.0
+```
+
+## Build the project using Docker
+
+1. Build a Docker Image with the required Android Tools
+2. Build the App in the Docker Container while specifying the build timestamp that was recorded earlier (e.g., 1593942384524)
+3. Copy the freshly-built APK
+
+```shell
+cd ~/peertube-android
+docker build -t thorium-builder .
+docker run --rm -v ~/dp3t-app-android-ch:/home/peertube-android -w /home/peertube-android thorium-builder gradle assembleProdRelease -PkeystorePassword=securePassword -PkeyAliasPassword=securePassword -PkeystoreFile=build.keystore -PbuildTimestamp=1593942384524
+cp app/build/outputs/apk/prod/release/app-prod-release.apk thorium-built.apk
+```
+
+## Extract the Play Store APK from your phone
+
+1. Make sure you have `adb` installed
+2. Connect your phone to your computer
+3. Extract the APK from the phone
+
+```shell
+cd ~/peertube-android
+adb pull `adb shell pm path net.schueller.peertube | cut -d':' -f2` thorium-store.apk
+```
+
+## Compare the two files
+
+1. Make sure you have `python` installed
+2. Use the `apkdiff` script to compare the APKs
+
+```shell
+cd ~/peertube-android
+python apkdiff.py thorium-built.apk thorium-store.apk
+```
+
--- a/app/build.gradle
+++ b/app/build.gradle
@ -1,5 +1,22 @@
 apply plugin: 'com.android.application'

+ext.readProperty = { paramName -> readPropertyWithDefault(paramName, null) }
+ext.readPropertyWithDefault = { paramName, defaultValue ->
+    if (project.hasProperty(paramName)) {
+        return project.getProperties().get(paramName)
+    } else {
+        Properties properties = new Properties()
+        if (project.rootProject.file('local.properties').exists()) {
+            properties.load(project.rootProject.file('local.properties').newDataInputStream())
+        }
+        if (properties.getProperty(paramName) != null) {
+            return properties.getProperty(paramName)
+        } else {
+            return defaultValue
+        }
+    }
+}
+
 android {
    compileSdkVersion 29
    defaultConfig {
@ -8,6 +25,9 @@ android {
        targetSdkVersion 29
        versionCode 1043
        versionName "1.0.43"
+        //buildTime readPropertyWithDefault('buildTimestamp', System.currentTimeMillis()) + 'L'
+        //buildConfigField "long", "BUILD_TIME", readPropertyWithDefault('buildTimestamp', System.currentTimeMillis()) + 'L'
+        //resValue "string", "BUILD_TIME", readPropertyWithDefault('buildTimestamp', System.currentTimeMillis()) + 'L'
        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
        ext {
            libVersions = [
@ -87,6 +107,7 @@ android {

    applicationVariants.all { variant ->
        variant.resValue "string", "versionName", variant.versionName
+        variant.resValue "string", "buildTime", readPropertyWithDefault('buildTimestamp', System.currentTimeMillis()) + ''
    }
 }

--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@ -357,6 +357,7 @@
    <string name="server_selection_video_totals">Videos: %s, Local Videos: %s</string>

    <string name="menu_video_options_quality_automated">Automated</string>
+    <string name="pref_title_buildtime">Build Time</string>


 </resources>
--- a/app/src/main/res/xml/root_preferences.xml
+++ b/app/src/main/res/xml/root_preferences.xml
@ -1,4 +1,5 @@
-<PreferenceScreen xmlns:app="http://schemas.android.com/apk/res-auto">
+<PreferenceScreen xmlns:app="http://schemas.android.com/apk/res-auto"
+    xmlns:android="http://schemas.android.com/apk/res/android">

    <PreferenceCategory app:title="@string/settings_activity_look_and_feel_category_title" app:iconSpaceReserved="false">

@ -83,6 +84,11 @@
            app:title="@string/pref_title_version"
            app:iconSpaceReserved="false"/>

+        <Preference
+            app:summary="@string/buildTime"
+            app:title="@string/pref_title_buildtime"
+            app:iconSpaceReserved="false"/>
+
        <Preference
            app:summary="@string/pref_description_license"
            app:title="@string/pref_title_license"