Commit graph

56 commits

Author SHA1 Message Date
Hans-Christoph Steiner 8dade6ece0 gitlab-ci: check if Application ID will cause keyalias collision
fdroid/fdroidserver#553
2018-08-29 22:49:51 +02:00
Hans-Christoph Steiner cddf3589f7 gitlab-ci: make sure EXIF is stripped from all included images
EXIF state can be used as an exploit vector and for malicioius code
delivery.  Neither fdroidclient nor fdroid-website use the EXIF data, so
just strip it entirely.  'exiftool' is available in most distros.
2018-03-20 20:16:53 +01:00
Marcus Hoffmann 8852fde452
CI: don't try to fetch repos of deleted apps.
--diff-filter=d excludes (because of the lowercase letter) deleted
files.
2018-03-12 13:34:23 +01:00
Hans-Christoph Steiner 253a1b144c gitlab-ci: only check commits included in the current merge request 2018-02-28 22:12:04 +01:00
Hans-Christoph Steiner 38d0e8cd39 gitlat-ci: fix detection of appids changed in this merge request
It was detecting changed description files in subfolders, i.e.:
metadata/org.fdroid.fdroid.ota/en-US/description.txt
metadata/org.fdroid.fdroid.ota/en-US/summary.txt
2018-02-23 22:37:34 +01:00
Hans-Christoph Steiner 23a62fd5fa gitlab-ci: download fdroidserver as tarball rather than git clone
This should hopefully be quicker and lower impact.
2018-02-23 22:32:55 +01:00
Hans-Christoph Steiner d6e81e47bb gitlab-ci: error if apps use insecure plain HTTP gradle repositories
It is very easy to mess up and include plain HTTP URLs for gradle
repositories, which can lead to gradle downloading code from HTTP and
immediately executing it.  The fix is almost always changing "http:" to
"https:".

https://max.computer/blog/how-to-take-over-the-computer-of-any-java-or-clojure-or-scala-developer
2018-01-26 13:41:41 +01:00
Hans-Christoph Steiner fed1acd8f6 gitlab-ci: if running on a fork, only check the files in the fork
To avoid confusing newbies, the CI should only run on the files that were
changed in the fork.  Sometimes lint/rewrite errors slip into the git repo,
and the CI for all merge requests will fail until those are fixed.  This
changes that to make the merge request CI only fail if the files in the
merge request are the ones with problems.

The CI runs on the main repo should will check everything.
2018-01-26 13:41:41 +01:00
Hans-Christoph Steiner 58070a0982 update gitlab-ci base image to Debian/stretch
https://forum.f-droid.org/t/f-droid-ci-images-reorg
2017-07-03 13:07:10 +02:00
Hans-Christoph Steiner 5115d51d8c gitlab-ci: use server image from https://gitlab.com/fdroid/ci-images
This image provides everything needed to run all aspects of fdroidserver,
and is only like 100 megs bigger than the base image that this was using
before.
2017-04-04 21:56:20 +02:00
Hans-Christoph Steiner 92b09c7ef7 gitlab-ci: show diff when there are lint failures
Oftentimes, the lint failures are just simple whitespace issues.  Many
people submitting metadata do not really know much about the fdroid tools,
so they have to look up or ask what rewritemeta is.  This just shows a diff
after running rewritemeta so it should be clearer what the issue is.
2017-01-26 14:28:11 +01:00
Daniel Martí ffab5a5ad6 CI: bump image 2016-12-23 12:45:31 +01:00
Daniel Martí d35c748ee7 CI: bump image 2016-10-23 17:14:10 +01:00
Daniel Martí 271bd368b9 CI: bump docker version 2016-09-10 12:09:23 +02:00
Daniel Martí 6400ac98c3 CI: bump docker image 2016-08-21 11:00:50 +02:00
Daniel Martí f8e0dd58cf CI: bump image 2016-07-31 18:48:11 +02:00
Daniel Martí a875c40e56 CI: bump docker image 2016-07-06 11:37:26 +01:00
Daniel Martí fb2a5dfd7d CI: bump docker image
To be in sync with the other repos.
2016-06-23 11:44:33 +01:00
Daniel Martí 145a9d2ab2 CI: bump image 2016-06-20 11:18:48 +01:00
Daniel Martí 396ab81a42 CI: bump docker image 2016-06-13 19:33:59 +01:00
Daniel Martí 28d04376c0 CI: Bump docker image 2016-05-12 23:11:17 +01:00
Daniel Martí dd83c50a92 CI: bump image, re-add --depth=1 to clone 2016-04-29 19:17:23 +01:00
Daniel Martí 14da2ce04e CI: Temporarily remove --depth=1
See https://gitlab.com/gitlab-com/support-forum/issues/652.
2016-04-18 15:22:42 +01:00
Daniel Martí 9e52a153a2 CI: Bump image 2016-04-05 10:52:37 +01:00
Daniel Martí 8f8a427db7 CI: Use the new base image
Lighter, since it doesn't include all the stuff required to build and
test the client that we don't need here.
2016-03-29 13:36:43 +01:00
Daniel Martí b55f2a7628 CI: Bump docker image
Now python3 comes installed.
2016-03-17 14:17:15 +00:00
Daniel Martí 1df2d03ed3 CI: Install py3 deps until image is updated 2016-03-13 13:27:00 +00:00
Daniel Martí 255781f489 CI: No longer need to install deps 2016-02-29 22:57:21 +00:00
Daniel Martí 44824d6946 CI: Specify our docker image 2016-02-29 14:57:49 +00:00
Daniel Martí 05b7c67542 CI: Simplify script 2016-02-26 16:37:50 +00:00
Daniel Martí 485c6b4aa2 CI: explicitly install git
The base system might not have it.
2016-01-07 15:06:29 +01:00
Daniel Martí 27ec7f82f8 CI: run lint -f 2015-12-08 17:58:12 +01:00
Daniel Martí 5741599f1c CI: clone --depth=1 is enough 2015-11-14 23:49:53 +01:00
Daniel Martí eb45f97576 CI: fix path typo 2015-09-11 18:41:15 -07:00
Daniel Martí cbf2de9caa CI: check formatting via rewritemeta 2015-09-11 18:37:56 -07:00
Daniel Martí 6f26316caa Set up fdroidserver at the start of PATH 2015-09-02 11:51:14 -07:00
Daniel Martí 761f923fb7 CI: add python-yaml dependency 2015-09-01 11:45:02 -07:00
Daniel Martí 895a9a4a68 Gitlab CI: server no longer attached to magic and requests 2015-08-31 17:06:33 -07:00
Daniel Martí 26eca05d4d Gitlab CI: echo what we're doing 2015-08-27 15:50:20 -07:00
Daniel Martí 06ce8f95b7 Gitlab CI: make apt-get quiet 2015-08-27 15:40:18 -07:00
Daniel Martí 7f65876811 Join readmeta and lint into the same task/job
This way, the preparing commands are only run once. Also, if readmeta fails,
lint will fail with the same message. So having the two messages thrown in
parallel is of little use.
2015-07-30 14:08:28 -07:00
Daniel Martí f7eae17fae Also run lint as part of the CI job 2015-07-30 12:41:50 -07:00
Daniel Martí c870b7311d Set up fdroiddata with empty config.py 2015-07-30 12:36:17 -07:00
Daniel Martí 53cdcedcbc Run fdroid readmeta inside fdroiddata 2015-07-30 12:34:40 -07:00
Daniel Martí 2cd2c669fe Add deps necessary for fdroid readmeta 2015-07-30 12:33:07 -07:00
Daniel Martí 3061e4856e Remove existing fdroidserver clone
It may be outdated or wrong
2015-07-30 12:28:58 -07:00
Daniel Martí 75576e013a Give up on setup.py 2015-07-30 12:20:01 -07:00
Daniel Martí f2370fed5b https clone address requires .git 2015-07-30 11:57:48 -07:00
Daniel Martí 5cb76d0f89 Run setup inside dir, clone instead of wget 2015-07-30 11:55:39 -07:00
Daniel Martí 643e5c9d90 Apparently no sudo required 2015-07-30 11:52:26 -07:00