Require dedicated release signing for APK builds
This commit is contained in:
@@ -12,6 +12,8 @@ ANDROID_MIN_SDK ?= 28
|
||||
ANDROID_TARGET_SDK ?= 35
|
||||
SIGNKEY ?=
|
||||
SIGNPASS ?=
|
||||
RELEASE_SIGNKEY ?= $(HOME)/.config/keepassgo/android-release.keystore
|
||||
RELEASE_SIGNPASS_FILE ?= $(HOME)/.config/keepassgo/android-release.pass
|
||||
ARCH_PKG_DIR ?= packaging/archlinux/keepassgo-git
|
||||
ARCH_PKG_TMPL ?= $(ARCH_PKG_DIR)/PKGBUILD.tmpl
|
||||
ARCH_PKGBUILD ?= $(ARCH_PKG_DIR)/PKGBUILD
|
||||
@@ -26,7 +28,17 @@ ifneq ($(strip $(SIGNPASS)),)
|
||||
GOGIO_SIGN_FLAGS += -signpass $(SIGNPASS)
|
||||
endif
|
||||
|
||||
.PHONY: apk apk-local apk-container apk-container-image archlinux-pkgbuild browser-bridge browser-extension-validate
|
||||
CONTAINER_SIGNKEY_MOUNT :=
|
||||
CONTAINER_SIGN_ARGS :=
|
||||
ifneq ($(strip $(SIGNKEY)),)
|
||||
CONTAINER_SIGNKEY_MOUNT += -v "$(dir $(abspath $(SIGNKEY))):$(dir $(abspath $(SIGNKEY))):ro"
|
||||
CONTAINER_SIGN_ARGS += SIGNKEY="$(abspath $(SIGNKEY))"
|
||||
endif
|
||||
ifneq ($(strip $(SIGNPASS)),)
|
||||
CONTAINER_SIGN_ARGS += SIGNPASS="$(SIGNPASS)"
|
||||
endif
|
||||
|
||||
.PHONY: apk apk-local apk-release apk-container apk-container-image archlinux-pkgbuild browser-bridge browser-extension-validate
|
||||
apk:
|
||||
@if [ -x "$(JAVA_HOME)/bin/java" ] && "$(JAVA_HOME)/bin/java" -version 2>&1 | grep -q 'version "25'; then \
|
||||
$(MAKE) apk-local JAVA_HOME="$(JAVA_HOME)"; \
|
||||
@@ -59,6 +71,13 @@ apk-local: android/keepassgo-android.jar
|
||||
-icon internal/assets/keepassgo-icon.png \
|
||||
./cmd/keepassgo
|
||||
|
||||
apk-release:
|
||||
@test -f "$(RELEASE_SIGNKEY)" || { echo "Release signing key not found at $(RELEASE_SIGNKEY)"; exit 1; }
|
||||
@test -f "$(RELEASE_SIGNPASS_FILE)" || { echo "Release signing password file not found at $(RELEASE_SIGNPASS_FILE)"; exit 1; }
|
||||
@signpass="$$(tr -d '\r\n' < "$(RELEASE_SIGNPASS_FILE)")"; \
|
||||
test -n "$$signpass" || { echo "Release signing password file is empty"; exit 1; }; \
|
||||
$(MAKE) apk SIGNKEY="$(abspath $(RELEASE_SIGNKEY))" SIGNPASS="$$signpass"
|
||||
|
||||
apk-container: apk-container-image
|
||||
@command -v docker >/dev/null 2>&1 || { echo "docker is required for apk-container"; exit 1; }
|
||||
@test -d "$(ANDROID_SDK_ROOT)" || { echo "ANDROID_SDK_ROOT must point to an Android SDK install"; exit 1; }
|
||||
@@ -69,11 +88,12 @@ apk-container: apk-container-image
|
||||
-w "$(CURDIR)" \
|
||||
-v "$(ANDROID_SDK_ROOT):$(ANDROID_SDK_ROOT)" \
|
||||
-v "$(ANDROID_NDK_ROOT):$(ANDROID_NDK_ROOT)" \
|
||||
$(CONTAINER_SIGNKEY_MOUNT) \
|
||||
-e ANDROID_SDK_ROOT="$(ANDROID_SDK_ROOT)" \
|
||||
-e ANDROID_NDK_ROOT="$(ANDROID_NDK_ROOT)" \
|
||||
-e JAVA_HOME=/opt/java/openjdk \
|
||||
$(APK_BUILD_IMAGE) \
|
||||
make apk-local JAVA_HOME=/opt/java/openjdk
|
||||
make apk-local JAVA_HOME=/opt/java/openjdk $(CONTAINER_SIGN_ARGS)
|
||||
|
||||
apk-container-image:
|
||||
@command -v docker >/dev/null 2>&1 || { echo "docker is required for apk-container-image"; exit 1; }
|
||||
|
||||
Reference in New Issue
Block a user