From 0a387db6256166bb270ef2e1e883051db196cf07 Mon Sep 17 00:00:00 2001 From: Stefan Schueller Date: Sun, 5 Jul 2020 20:09:18 +0200 Subject: [PATCH] Add Reproducible Builds (still needs testing) --- Dockerfile | 19 +++++++ REPRODUCIBLE_BUILDS.md | 61 +++++++++++++++++++++++ app/build.gradle | 21 ++++++++ app/src/main/res/values/strings.xml | 1 + app/src/main/res/xml/root_preferences.xml | 8 ++- 5 files changed, 109 insertions(+), 1 deletion(-) create mode 100644 Dockerfile create mode 100644 REPRODUCIBLE_BUILDS.md diff --git a/Dockerfile b/Dockerfile new file mode 100644 index 0000000..04ef9f4 --- /dev/null +++ b/Dockerfile @@ -0,0 +1,19 @@ +FROM gradle:5.6.4-jdk8 + +ENV ANDROID_SDK_URL https://dl.google.com/android/repository/sdk-tools-linux-3859397.zip +ENV ANDROID_BUILD_TOOLS_VERSION 29.0.3 +ENV ANDROID_HOME /usr/local/android-sdk-linux +ENV ANDROID_VERSION 29 +ENV PATH ${PATH}:${ANDROID_HOME}/tools:${ANDROID_HOME}/platform-tools + +RUN mkdir "$ANDROID_HOME" .android && \ + cd "$ANDROID_HOME" && \ + curl -o sdk.zip $ANDROID_SDK_URL && \ + unzip sdk.zip && \ + rm sdk.zip + +RUN yes | ${ANDROID_HOME}/tools/bin/sdkmanager --licenses +RUN $ANDROID_HOME/tools/bin/sdkmanager --update +RUN $ANDROID_HOME/tools/bin/sdkmanager "build-tools;${ANDROID_BUILD_TOOLS_VERSION}" \ + "platforms;android-${ANDROID_VERSION}" \ + "platform-tools" \ No newline at end of file diff --git a/REPRODUCIBLE_BUILDS.md b/REPRODUCIBLE_BUILDS.md new file mode 100644 index 0000000..dc3fd03 --- /dev/null +++ b/REPRODUCIBLE_BUILDS.md @@ -0,0 +1,61 @@ +# Reproducible Builds + +Note: reproducible builds work starting version 1.1.0 + +## Install Docker + +Download and install [Docker](https://www.docker.com/). + +## Check your Thorium app version and build timestamp + +1. Open the Thorium app +2. Go to Settings +3. Check the app version listed under About 'Version' (e.g., 1.1.0), and record its value to be used later +4. Check the build timestamp under About 'Build Time' (e.g., 1593942384524), and record its value to be used later + +## Download the App open-source code + +1. Make sure you have `git` installed +2. Clone the Github repository +3. Checkout the Tag that corresponds to the version of your Thorium app (e.g., 1.1.0) + +```shell +git clone https://github.com/sschueller/peertube-android ~/peertube-android +cd ~/peertube-android +git checkout v1.1.0 +``` + +## Build the project using Docker + +1. Build a Docker Image with the required Android Tools +2. Build the App in the Docker Container while specifying the build timestamp that was recorded earlier (e.g., 1593942384524) +3. Copy the freshly-built APK + +```shell +cd ~/peertube-android +docker build -t thorium-builder . +docker run --rm -v ~/dp3t-app-android-ch:/home/peertube-android -w /home/peertube-android thorium-builder gradle assembleProdRelease -PkeystorePassword=securePassword -PkeyAliasPassword=securePassword -PkeystoreFile=build.keystore -PbuildTimestamp=1593942384524 +cp app/build/outputs/apk/prod/release/app-prod-release.apk thorium-built.apk +``` + +## Extract the Play Store APK from your phone + +1. Make sure you have `adb` installed +2. Connect your phone to your computer +3. Extract the APK from the phone + +```shell +cd ~/peertube-android +adb pull `adb shell pm path net.schueller.peertube | cut -d':' -f2` thorium-store.apk +``` + +## Compare the two files + +1. Make sure you have `python` installed +2. Use the `apkdiff` script to compare the APKs + +```shell +cd ~/peertube-android +python apkdiff.py thorium-built.apk thorium-store.apk +``` + diff --git a/app/build.gradle b/app/build.gradle index 0751f3e..a043fd7 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -1,5 +1,22 @@ apply plugin: 'com.android.application' +ext.readProperty = { paramName -> readPropertyWithDefault(paramName, null) } +ext.readPropertyWithDefault = { paramName, defaultValue -> + if (project.hasProperty(paramName)) { + return project.getProperties().get(paramName) + } else { + Properties properties = new Properties() + if (project.rootProject.file('local.properties').exists()) { + properties.load(project.rootProject.file('local.properties').newDataInputStream()) + } + if (properties.getProperty(paramName) != null) { + return properties.getProperty(paramName) + } else { + return defaultValue + } + } +} + android { compileSdkVersion 29 defaultConfig { @@ -8,6 +25,9 @@ android { targetSdkVersion 29 versionCode 1043 versionName "1.0.43" + //buildTime readPropertyWithDefault('buildTimestamp', System.currentTimeMillis()) + 'L' + //buildConfigField "long", "BUILD_TIME", readPropertyWithDefault('buildTimestamp', System.currentTimeMillis()) + 'L' + //resValue "string", "BUILD_TIME", readPropertyWithDefault('buildTimestamp', System.currentTimeMillis()) + 'L' testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner" ext { libVersions = [ @@ -87,6 +107,7 @@ android { applicationVariants.all { variant -> variant.resValue "string", "versionName", variant.versionName + variant.resValue "string", "buildTime", readPropertyWithDefault('buildTimestamp', System.currentTimeMillis()) + '' } } diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml index 32a586e..bc8e6df 100644 --- a/app/src/main/res/values/strings.xml +++ b/app/src/main/res/values/strings.xml @@ -357,6 +357,7 @@ Videos: %s, Local Videos: %s Automated + Build Time \ No newline at end of file diff --git a/app/src/main/res/xml/root_preferences.xml b/app/src/main/res/xml/root_preferences.xml index 131d9f1..bff8b4c 100644 --- a/app/src/main/res/xml/root_preferences.xml +++ b/app/src/main/res/xml/root_preferences.xml @@ -1,4 +1,5 @@ - + @@ -83,6 +84,11 @@ app:title="@string/pref_title_version" app:iconSpaceReserved="false"/> + +