Skip to content

add additional error checks on encryption of the toxsave file #2813

add additional error checks on encryption of the toxsave file

add additional error checks on encryption of the toxsave file #2813

Workflow file for this run

name: Android CI
on:
push:
paths-ignore:
- 'README.md'
- '.github/workflows/tests.yml'
pull_request:
paths-ignore:
- 'README.md'
- '.github/workflows/tests.yml'
workflow_dispatch:
inputs:
version:
description: dummy
default: dummy
jobs:
update-nightly-tag:
name: Update nightly release tag
runs-on: ubuntu-latest
if: github.event_name == 'push' && github.ref == 'refs/heads/zoff99/dev003'
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- name: Move nightly tag to head for nightly release
run: git tag -f nightly && git push origin nightly -f
build:
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- uses: actions/checkout@v4
- uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '11'
- name: show github event data
run: |
echo ${{github.event}} || echo "NO ERR"
echo ${{github.event_path}} || echo "NO ERR"
echo ${{github.event_name}} || echo "NO ERR"
echo ${{github.ref}} || echo "NO ERR"
echo ${{github.workspace}} || echo "NO ERR"
echo ${{github.workflow}} || echo "NO ERR"
- name: Install system packages
run: |
sudo apt-get update && \
sudo DEBIAN_FRONTEND=noninteractive \
apt-get install -y --no-install-recommends \
zipalign \
apksigner
- name: Install NDK
run: |
echo "y" | sudo /usr/local/lib/android/sdk/cmdline-tools/latest/bin/sdkmanager --install "ndk;21.0.6113669" --sdk_root=${ANDROID_SDK_ROOT}
echo "y" | sudo /usr/local/lib/android/sdk/cmdline-tools/latest/bin/sdkmanager --install "ndk;20.1.5948944" --sdk_root=${ANDROID_SDK_ROOT}
- name: Change to debug ID
run: |
datestr=$(date '+%Y%m%d%H%M%S')
cat android-refimpl-app/app/build.gradle | grep applicationId
sed -i -e 's#applicationId "com.zoffcc.applications.trifa"#applicationId "com.zoffcc.applications.trifa_debug_'"$datestr"'"#' android-refimpl-app/app/build.gradle
cat android-refimpl-app/app/build.gradle | grep applicationId
grep -rli std_fileprovider|grep -e '.java' -e '.xml'|xargs -L1 sed -i -e 's#com.zoffcc.applications.trifa.std_fileprovider#com.zoffcc.applications.trifa.std_fileprovider_debug_'"$datestr"'#'
grep -rli "com.zoffcc.applications.trifa.ext2_provider"|grep -e '.java' -e '.xml'|xargs -L1 sed -i -e 's#com.zoffcc.applications.trifa.ext2_provider#com.zoffcc.applications.trifa.ext2_provider_debug_'"$datestr"'#'
grep -rli "com.zoffcc.applications.trifa.ext1_fileprovider"|grep -e '.java' -e '.xml'| xargs -L1 sed -i -e 's#com.zoffcc.applications.trifa.ext1_fileprovider#com.zoffcc.applications.trifa.ext1_fileprovider_debug_'"$datestr"'#'
sed -i -e 's#android:label="TRIfA"#android:label="DEBUG TRIfA '"$datestr"'"#' android-refimpl-app/app/src/main/AndroidManifest.xml
cat android-refimpl-app/app/src/main/AndroidManifest.xml|grep 'android:label='
- name: turn on more debug logging
run: |
sed -i -e 's#final static boolean NDK_STDOUT_LOGGING =.*#final static boolean NDK_STDOUT_LOGGING = true;#' android-refimpl-app/app/src/main/java/com/zoffcc/applications/trifa/MainActivity.java
sed -i -e 's#final static boolean CTOXCORE_NATIVE_LOGGING =.*#final static boolean CTOXCORE_NATIVE_LOGGING = true;#' android-refimpl-app/app/src/main/java/com/zoffcc/applications/trifa/MainActivity.java
- name: download the latest JNI debug lib
run: |
# HINT: ingore any errors and build with release artefact if debug version not here for some reason
wget 'https://github.com/zoff99/ToxAndroidRefImpl/releases/download/nightly/libjni-c-toxcore.so___arm64_debug' -O __libjni-c-toxcore.so || echo "NO ERR"
cp -v __libjni-c-toxcore.so ./android-refimpl-app/app/nativelibs/arm64-v8a/libjni-c-toxcore.so || echo "NO ERR"
chmod a+r ./android-refimpl-app/app/nativelibs/arm64-v8a/libjni-c-toxcore.so || echo "NO ERR"
- name: show changes
run: |
git diff || echo "NO ERR"
- name: show witness checksums updates
if: ${{ github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' }}
run: cd android-refimpl-app ; ./gradlew -q calculateChecksums 2>/dev/null
- name: update witness checksums for pull requests
if: ${{ github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' }}
run: cd android-refimpl-app ; ./gradlew -q calculateChecksums 2>/dev/null| grep -v 'Checking the license for' > app/witness.gradle 2>/dev/null
- name: show witness checksums updates for pull requests
if: ${{ github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' }}
run: cd android-refimpl-app ; git diff app/witness.gradle
- name: Build with Gradle
run: cd android-refimpl-app ; ./gradlew assemble ; find . -name '*.apk'
- name: generate debug key
run: keytool -genkey -v -keystore debug.keystore -storepass android -alias androiddebugkey -keypass android -keyalg RSA -keysize 2048 -validity 10000 -dname CN=appauth
- name: align and sign apk
run: |
zipalign -p 4 /home/runner/work/ToxAndroidRefImpl/ToxAndroidRefImpl/android-refimpl-app/app/build/outputs/apk/debug/app-debug.apk /home/runner/work/ToxAndroidRefImpl/ToxAndroidRefImpl/android-refimpl-app/app/build/outputs/apk/debug/app-debug-aligned.apk
apksigner sign --ks debug.keystore --ks-pass "pass:android" --ks-key-alias androiddebugkey --out /home/runner/work/ToxAndroidRefImpl/ToxAndroidRefImpl/android-refimpl-app/app/build/outputs/apk/debug/app-debug.apk --verbose /home/runner/work/ToxAndroidRefImpl/ToxAndroidRefImpl/android-refimpl-app/app/build/outputs/apk/debug/app-debug-aligned.apk
- name: upload apk
uses: actions/upload-artifact@v4
with:
name: trifa
path: /home/runner/work/ToxAndroidRefImpl/ToxAndroidRefImpl/android-refimpl-app/app/build/outputs/apk/debug/app-debug.apk
- name: Rename artifact for nightly upload
if: github.event_name == 'push' && github.ref == 'refs/heads/zoff99/dev003'
run: |
pwd
cp -av /home/runner/work/ToxAndroidRefImpl/ToxAndroidRefImpl/android-refimpl-app/app/build/outputs/apk/debug/app-debug.apk TRIfA-nightly.apk
- name: Upload to nightly release
uses: ncipollo/release-action@v1
if: github.event_name == 'push' && github.ref == 'refs/heads/zoff99/dev003'
with:
allowUpdates: true
tag: nightly
omitBodyDuringUpdate: true
omitNameDuringUpdate: true
prerelease: true
replacesArtifacts: true
token: ${{ secrets.GITHUB_TOKEN }}
artifacts: "TRIfA-nightly.apk"
- name: update witness checksums for pull requests (part 2)
if: ${{ github.event_name == 'pull_request' || github.event_name == 'workflow_dispatch' }}
run: |
git checkout .
rm -f debug.keystore
echo "========= git diff before witness update "========= "
git diff
echo "========= git diff before witness update "========= "
cd android-refimpl-app/
./gradlew -q calculateChecksums
./gradlew -q calculateChecksums 2>/dev/null| grep -v 'Checking the license for' > app/witness.gradle 2>/dev/null
echo "========= git diff AFTER witness update "========= "
cd ../
git status
git diff
echo "========= git diff AFTER witness update "========= "
- name: Create Pull Request
if: ${{ github.event_name == 'workflow_dispatch' }}
uses: peter-evans/create-pull-request@v7
with:
commit-message: update witness checksums
branch: 'create-pull-request/witness_checksums'
delete-branch: true
title: update witness checksums
gradle-wrapper-validation:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: gradle/wrapper-validation-action@v3