-\input texinfo @c -*-texinfo-*-
-@c %**start of header
-@setfilename fdroid.info
-@documentencoding UTF-8
-@settitle F-Droid Server Manual
-@c %**end of header
-
-@copying
-This manual is for the F-Droid repository server tools.
-
-Copyright @copyright{} 2010, 2011, 2012, 2013, 2014, 2015 Ciaran Gultnieks
-
-Copyright @copyright{} 2011 Henrik Tunedal, Michael Haas, John Sullivan
-
-Copyright @copyright{} 2013 David Black
-
-Copyright @copyright{} 2013, 2014, 2015 Daniel MartÃ
-
-Copyright @copyright{} 2015, 2016 Boris Kraut
-
-@quotation
-Permission is granted to copy, distribute and/or modify this document
-under the terms of the GNU Free Documentation License, Version 1.3
-or any later version published by the Free Software Foundation;
-with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts.
-A copy of the license is included in the section entitled "GNU
-Free Documentation License".
-@end quotation
-@end copying
-
-@titlepage
-@title F-Droid Server Manual
-@author Ciaran Gultnieks and the F-Droid project
-@page
-@vskip 0pt plus 1filll
-@insertcopying
-
-@end titlepage
-
-@contents
-
-@ifnottex
-@node Top
-@top F-Droid Server
-
-@insertcopying
-@end ifnottex
-
-@menu
-* Overview::
-* System Requirements::
-* Setup::
-* Simple Binary Repository::
-* Building Applications::
-* Importing Applications::
-* Metadata::
-* Update Processing::
-* Build Server::
-* Signing::
-* Vulnerability Scanning::
-* GNU Free Documentation License::
-* Index::
-@end menu
-
-@node Overview
-@chapter Overview
-
-The F-Droid server tools provide various scripts and tools that are used
-to maintain the main F-Droid application repository. You can use these same
-tools to create your own additional or alternative repository for publishing,
-or to assist in creating, testing and submitting metadata to the main
-repository.
-
-
-@node System Requirements
-@chapter System Requirements
-
-@cindex installation
-
-The system requirements for using the tools will vary depending on your
-intended usage. At the very least, you'll need:
-
-@itemize @bullet
-@item
-GNU/Linux
-@item
-Python 3.4 or later
-@item
-The Android SDK Tools and Build-tools.
-Note that F-Droid does not assume that you have the Android SDK in your
-@code{PATH}: these directories will be specified in your repository
-configuration. Recent revisions of the SDK have @code{aapt} located in
-android-sdk/build-tools/ and it may be necessary to make a symlink to it in
-android-sdk/platform-tools/
-@end itemize
-
-If you intend to build applications from source you'll also need most, if not
-all, of the following:
-
-@itemize @bullet
-@item
-JDK (Debian package openjdk-6-jdk): openjdk-6 is recommended though openjdk-7
-should work too
-@item
-VCS clients: svn, git, git-svn, hg, bzr
-@item
-A keystore for holding release keys. (Safe, secure and well backed up!)
-@end itemize
-
-If you intend to use the 'Build Server' system, for secure and clean builds
-(highly recommended), you will also need:
-
-@itemize @bullet
-@item
-VirtualBox (debian package virtualbox)
-@item
-Ruby (debian packages ruby and rubygems)
-@item
-Vagrant (debian package vagrant - 1.4.x or higher required)
-@item
-vagrant-cachier plugin (unpackaged): `vagrant plugin install vagrant-cachier`
-@item
-Paramiko (debian package python-paramiko)
-@item
-Imaging (debian package python-imaging)
-@end itemize
-
-On the other hand, if you want to build the apps directly on your system
-without the 'Build Server' system, you may need:
-
-@itemize @bullet
-@item
-All SDK platforms requested by the apps you want to build
-(The Android SDK is made available by Google under a proprietary license but
-within that, the SDK platforms, support library and some other components are
-under the Apache license and source code is provided.
-Google APIs, used for building apps using Google Maps, are free to the extent
-that the library comes pre-installed on the device.
-Google Play Services, Google Admob and others are proprietary and shouldn't be
-included in the main F-Droid repository.)
-@item
-A version of the Android NDK
-@item
-Ant with Contrib Tasks (Debian packages ant and ant-contrib)
-@item
-Maven (Debian package maven)
-@item
-JavaCC (Debian package javacc)
-@item
-Miscellaneous packages listed in
-buildserver/cookbooks/fdroidbuild-general/recipes/default.rb
-of the F-Droid server repository
-@end itemize
-
-@node Setup
-@chapter Setup
-
-@cindex setup, installation
-
-Because the tools and data will always change rapidly, you will almost
-certainly want to work from a git clone of the tools at this stage. To
-get started:
-
-@example
-git clone https://gitlab.com/fdroid/fdroidserver.git
-@end example
-
-You now have lots of stuff in the fdroidserver directory, but the most
-important is the 'fdroid' command script which you run to perform all tasks.
-This script is always run from a repository data directory, so the
-most sensible thing to do next is to put your new fdroidserver directory
-in your @code{PATH}.
-
-@section Data
-
-To do anything, you'll need at least one repository data directory. It's
-from this directory that you run the @code{fdroid} command to perform all
-repository management tasks. You can either create a brand new one, or
-grab a copy of the data used by the main F-Droid repository:
-
-@example
-git clone https://gitlab.com/fdroid/fdroiddata.git
-@end example
-
-Regardless of the intended usage of the tools, you will always need to set
-up some basic configuration details. This is done by creating a file called
-@code{config.py} in the data directory. You should do this by copying the
-example file (@code{./examples/config.py}) from the fdroidserver project to
-your data directory and then editing according to the instructions within.
-
-Once configured in this way, all the functionality of the tools is accessed
-by running the @code{fdroid} command. Run it on its own to get a list of the
-available sub-commands.
-
-You can follow any command with @code{--help} to get a list of additional
-options available for that command.
-
-@example
-fdroid update --help
-@end example
-
-
-@node Simple Binary Repository
-@chapter Simple Binary Repository
-
-@cindex binary
-
-If you want to maintain a simple repository hosting only binary APKs obtained
-and compiled elsewhere, the process is quite simple:
-
-@enumerate
-@item
-Set up the server tools, as described in Setup.
-@item
-Make a directory for your repository. This is the directory from which you
-will do all the work with your repository. Create a config file there, called
-@code{config.py}, by copying @code{./examples/config.py} from the server
-project and editing it.
-@item
-Within that, make a directory called @code{repo} and put APK files in it.
-@item
-Run @code{fdroid update}.
-@item
-If it reports that any metadata files are missing, you can create them
-in the @code{metadata} directory and run it again.
-@item
-To ease creation of metadata files, run @code{fdroid update} with the @code{-c}
-option. It will create 'skeleton' metadata files that are missing, and you can
-then just edit them and fill in the details.
-@item
-Then, if you've changed things, run @code{fdroid update} again.
-@item
-Running @code{fdroid update} adds an Icons directory into the repo directory,
-and also creates the repository index (index.xml, and also index.jar if you've
-configured the system to use a signed index).
-@item
-Publish the resulting contents of the @code{repo} directory to your web server.
-@end enumerate
-
-Following the above process will result in a @code{repo} directory, which you
-simply need to push to any HTTP (or preferably HTTPS) server to make it
-accessible.
-
-While some information about the applications (and versions thereof) is
-retrieved directly from the APK files, most comes from the corresponding file
-in the @code{metadata} directory. The metadata file covering ALL versions of a
-particular application is named @code{package.id.txt} where package.id is the
-unique identifier for that package.
-
-See the Metadata chapter for details of what goes in the metadata file. All
-fields are relevant for binary APKs, EXCEPT for @code{Build:} entries, which
-should be omitted.
-
-
-@node Building Applications
-@chapter Building Applications
-
-Instead of (or as well as) including binary APKs from external sources in a
-repository, you can build them directly from the source code.
-
-Using this method, it is is possible to verify that the application builds
-correctly, corresponds to the source code, and contains only free software.
-Unforunately, in the Android world, it seems to be very common for an
-application supplied as a binary APK to present itself as Free Software
-when in fact some or all of the following are true:
-
-@enumerate
-@item
-The source code (either for a particular version, or even all versions!) is
-unavailable or incomplete.
-@item
-The source code is not capable of producing the actual binary supplied.
-@item
-The 'source code' contains binary files of unknown origin, or with proprietary
-licenses.
-@end enumerate
-
-For this reason, source-built applications are the preferred method for the
-main F-Droid repository, although occasionally for technical or historical
-reasons, exceptions are made to this policy.
-
-When building applications from source, it should be noted that you will be
-signing them (all APK files must be signed to be installable on Android) with
-your own key. When an application is already installed on a device, it is not
-possible to upgrade it in place to a new version signed with a different key
-without first uninstalling the original. This may present an inconvenience to
-users, as the process of uninstalling loses any data associated with the
-previous installation.
-
-The process for managing a repository for built-from-source applications is
-very similar to that described in the Simple Binary Repository chapter,
-except now you need to:
-
-@enumerate
-@item
-Include Build entries in the metadata files.
-@item
-Run @code{fdroid build} to build any applications that are not already built.
-@item
-Run @code{fdroid publish} to finalise packaging and sign any APKs that have
-been built.
-@end enumerate
-
-
-@section More about "fdroid build"
-
-When run without any parameters, @code{fdroid build} will build any and all
-versions of applications that you don't already have in the @code{repo}
-directory (or more accurately, the @code{unsigned} directory). There are various
-other things you can do. As with all the tools, the @code{--help} option is
-your friend, but a few annotated examples and discussion of the more common
-usage modes follows:
-
-To build a single version of a single application, you could run the
-following:
-
-@example
-fdroid build org.fdroid.fdroid:16
-@end example
-
-This attempts to build version code 16 (which is version 0.25) of the F-Droid
-client. Many of the tools recognise arguments as packages, allowing their
-activity to be limited to just a limited set of packages.
-
-If the build above was successful, two files will have been placed in the
-@code{unsigned} directory:
-
-@example
-org.fdroid.fdroid_16.apk
-org.fdroid.fdroid_16_src.tar.gz
-@end example
-
-The first is the (unsigned) APK. You could sign this with a debug key and push
-it direct to your device or an emulator for testing. The second is a source
-tarball containing exactly the source that was used to generate the binary.
-
-If you were intending to publish these files, you could then run:
-
-@example
-fdroid publish
-@end example
-
-The source tarball would move to the @code{repo} directory (which is the
-directory you would push to your web server). A signed and zip-aligned version
-of the APK would also appear there, and both files would be removed from the
-@code{unsigned} directory.
-
-If you're building purely for the purposes of testing, and not intending to
-push the results to a repository, at least yet, the @code{--test} option can be
-used to direct output to the @code{tmp} directory instead of @code{unsigned}.
-A similar effect could by achieved by simply deleting the output files from
-@code{unsigned} after the build, but with the risk of forgetting to do so!
-
-Along similar lines (and only in conjunction with @code{--test}, you can use
-@code{--force} to force a build of a Disabled application, where normally it
-would be completely ignored. Similarly a version that was found to contain
-ELFs or known non-free libraries can be forced to build. See also —
-@code{scanignore=} and @code{scandelete=} in the @code{Build:} section.
-
-If the build was unsuccessful, you can find out why by looking at the output
-in the logs/ directory. If that isn't illuminating, try building the app the
-regular way, step by step: android update project, ndk-build, ant debug.
-
-Note that source code repositories often contain prebuilt libraries. If the
-app is being considered for the main F-Droid repository, it is important that
-all such prebuilts are built either via the metadata or by a reputable third
-party.
-
-
-@section Running "fdroid build" in your app's source
-
-Another option for using @code{fdroid build} is to use a metadata file
-that is included in the app's source itself, rather than in a
-@code{metadata/} folder with lots of other apps. This metadata file
-should be in the root of your source repo, and be called
-@code{.fdroid.json}, @code{.fdroid.xml}, @code{.fdroid.yaml}, or
-@code{.fdroid.txt}, depending on your preferred data format: JSON,
-XML, YAML, or F-Droid's @code{.txt} format.
-
-Once you have that setup, you can build the most recent version of
-the app using the whole FDroid stack by running:
-
-@example
-fdroid build
-@end example
-
-If you want to build every single version, then specify @code{--all}.
-
-
-@section Direct Installation
-
-You can also build and install directly to a connected device or emulator
-using the @code{fdroid install} command. If you do this without passing
-packages as arguments then all the latest built and signed version available
-of each package will be installed . In most cases, this will not be what you
-want to do, so execution will stop straight away. However, you can override
-this if you're sure that's what you want, by using @code{--all}. Note that
-currently, no sanity checks are performed with this mode, so if the files in
-the signed output directory were modified, you won't be notified.
-
-
-@node Importing Applications
-@chapter Importing Applications
-
-To help with starting work on including a new application, use
-@code{fdroid import} to set up a new template project. It has two
-modes of operation, starting with a cloned git repo:
-
-@example
-git clone https://gitlab.com/fdroid/fdroidclient
-cd fdroidclient
-fdroid import
-@end example
-
-Or starting with a URL to a project page:
-
-@example
-fdroid import --url=http://address.of.project
-@end example
-
-When a URL is specified using the @code{--url=} flag, @code{fdroid
-import} will use that URL to find out information about the project,
-and if it finds a git repo, it will also clone that. For this to
-work, the URL must point to a project format that the script
-understands. Currently this is limited to one of the following:
-
-@enumerate
-@item
-GitLab - @code{https://gitlab.com/PROJECTNAME/REPONAME}
-@item
-Gitorious - @code{https://gitorious.org/PROJECTNAME/REPONAME}
-@item
-Github - @code{https://github.com/USER/PROJECT}
-@item
-Google Code - @code{http://code.google.com/p/PROJECT/}
-Supports git, svn and hg repos.
-
-Some Google Code projects have multiple repositories, identified by a
-dropdown list on the @code{source/checkout} page. To access one other than
-the default, specify its name using the @code{--repo} switch.
-@item
-Bitbucket - @code{https://bitbucket.org/USER/PROJECT/}
-@item
-Git - @code{git://REPO}
-@end enumerate
-
-Depending on the project type, more or less information may be gathered. For
-example, the license will be retrieved from a Google Code project, but not a
-GitHub one. A bare repo url, such as the git:// one, is the least preferable
-optional of all, since you will have to enter much more information manually.
-
-If the import is successful, a metadata file will be created. You will need to
-edit this further to check the information, and fill in the blanks.
-
-If it fails, you'll be told why. If it got as far as retrieving the source
-code, you can inspect it further by looking in @code{tmp/importer} where a full
-checkout will exist.
-
-A frequent cause of initial failure is that the project directory is actually
-a subdirectory in the repository. In this case, run the importer again using
-the @code{--subdir} option to tell it where. It will not attempt to determine
-this automatically, since there may be several options.
-
-
-@node Metadata
-@chapter Metadata
-
-@cindex metadata
-
-Information used by update.py to compile the public index comes from two
-sources:
-
-@enumerate
-@item
-the APK files in the repo directory, and
-@item
-the metadata files in the metadata directory.
-@end enumerate
-
-The original metadata files are simple, easy to edit text files,
-always named as the application's package ID with '.txt' appended.
-Additionally, you can use JSON, XML, or YAML for app metadata, using
-the same fields as the original '.txt' format.
-
-Note that although the metadata files are designed to be easily read
-and writable by humans, they are also processed and written by various
-scripts. The original '.txt' format can be automatically cleaned up
-when necessary. The structure and comments will be preserved
-correctly, although the order of fields will be standardised. (In the
-event that the original file was in a different order, comments are
-considered as being attached to the field following them). In fact,
-you can standardise all the '.txt' metadata in a single command,
-without changing the functional content, by running:
-
-@example
-fdroid rewritemeta
-@end example
-
-Or just run it on a specific app:
-
-@example
-fdroid rewritemeta org.adaway
-@end example
-
-The following sections describe the fields recognised within the file.
-
-@menu
-* Categories::
-* Author Name::
-* Author Email::
-* License::
-* Auto Name::
-* Name::
-* Provides::
-* Web Site::
-* Source Code::
-* Issue Tracker::
-* Changelog::
-* Donate::
-* FlattrID::
-* Bitcoin::
-* Litecoin::
-* Summary::
-* Description::
-* Maintainer Notes::
-* Repo Type::
-* Repo::
-* Binaries::
-* Build::
-* AntiFeatures::
-* Disabled::
-* Requires Root::
-* Archive Policy::
-* Update Check Mode::
-* Update Check Ignore::
-* Vercode Operation::
-* Update Check Name::
-* Update Check Data::
-* Auto Update Mode::
-* Current Version::
-* Current Version Code::
-* No Source Since::
-@end menu
-
-@node Categories
-@section Categories
-
-Any number of categories for the application to be placed in. There is no
-fixed list of categories - both the client and the web site will automatically
-show any categories that exist in any applications. However, if your metadata
-is intended for the main F-Droid repository, you should use one of the
-existing categories (look at the site/client), or discuss the proposal to add
-a new one.
-
-Categories must be separated by a single comma character, ','. For backwards
-compatibility, F-Droid will use the first category given as <category> element
-for older clients to at least see one category.
-
-This is converted to (@code{<categories>}) in the public index file.
-
-@node Author Name
-@section Author Name
-
-@cindex Author Name
-
-The name of the author, either full, abbreviated or pseudonym. If
-present, it should represent the name(s) as published by upstream,
-e.g. in their copyright or authors file. This can be omitted (or left
-blank).
-
-This is converted to (@code{<author>}) in the public index file.
-
-@node Author Email
-@section Author Email
-
-@cindex Author Email
-
-The e-mail address of the author(s). This can be omitted (or left
-blank).
-
-This is converted to (@code{<email>}) in the public index file.
-
-@node License
-@section License
-
-@cindex license
-
-The overall license for the application, or in certain cases, for the
-source code only. Values should correspond to short identifiers of the
-@uref{https://spdx.org/licenses/, SPDX} license list. In some cases an
-older, non-standard naming scheme is still used.
-
-This is converted to (@code{<license>}) in the public index file.
-
-@node Auto Name
-@section Auto Name
-
-@cindex Auto Name
-
-The name of the application as can best be retrieved from the source code.
-This is done so that the commitupdates script can put a familiar name in the
-description of commits created when a new update of the application is
-found. The Auto Name entry is generated automatically when @code{fdroid
-checkupdates} is run.
-
-@node Name
-@section Name
-
-@cindex Name
-
-The name of the application. Normally, this field should not be present since
-the application's correct name is retrieved from the APK file. However, in a
-situation where an APK contains a bad or missing application name, it can be
-overridden using this. Note that this only overrides the name in the list of
-apps presented in the client; it doesn't changed the name or application label
-in the source code.
-
-@node Provides
-@section Provides
-
-@cindex Provides
-
-Comma-separated list of application IDs that this app provides. In other
-words, if the user has any of these apps installed, F-Droid will show this app
-as installed instead. It will also appear if the user clicks on urls linking
-to the other app IDs. Useful when an app switches package name, or when you
-want an app to act as multiple apps.
-
-@node Web Site
-@section Web Site
-
-@cindex Web Site
-
-The URL for the application's web site. If there is no relevant web site, this
-can be omitted (or left blank).
-
-This is converted to (@code{<web>}) in the public index file.
-
-@node Source Code
-@section Source Code
-
-@cindex Source Code
-
-The URL to view or obtain the application's source code. This should be
-something human-friendly. Machine-readable source-code is covered in the
-'Repo' field.
-
-This is converted to (@code{<source>}) in the public index file.
-
-@node Issue Tracker
-@section Issue Tracker
-
-@cindex Issue Tracker
-
-The URL for the application's issue tracker. Optional, since not all
-applications have one.
-
-This is converted to (@code{<tracker>}) in the public index file.
-
-@node Changelog
-@section Changelog
-
-@cindex Changelog
-
-The URL for the application's changelog. Optional, since not all
-applications have one.
-
-This is converted to (@code{<changelog>}) in the public index file.
-
-@node Donate
-@section Donate
-
-@cindex Donate
-
-The URL to donate to the project. This should be the project's donate page
-if it has one.
-
-It is possible to use a direct PayPal link here, if that is all that is
-available. However, bear in mind that the developer may not be aware of
-that direct link, and if they later changed to a different PayPal account,
-or the PayPal link format changed, things could go wrong. It is always
-best to use a link that the developer explicitly makes public, rather than
-something that is auto-generated 'button code'.
-
-This is converted to (@code{<donate>}) in the public index file.
-
-@node FlattrID
-@section FlattrID
-
-@cindex FlattrID
-
-The project's Flattr (http://flattr.com) ID, if it has one. This should be
-a numeric ID, such that (for example) https://flattr.com/thing/xxxx leads
-directly to the page to donate to the project.
-
-This is converted to (@code{<flattr>}) in the public index file.
-
-@node Bitcoin
-@section Bitcoin
-
-@cindex Bitcoin
-
-A bitcoin address for donating to the project.
-
-This is converted to (@code{<bitcoin>}) in the public index file.
-
-@node Litecoin
-@section Litecoin
-
-@cindex Litecoin
-
-A litecoin address for donating to the project.
-
-@node Summary
-@section Summary
-
-@cindex Summary
-
-A brief summary of what the application is. Since the summary is only allowed
-one line on the list of the F-Droid client, keeping it to within 80 characters
-will ensure it fits most screens.
-
-@node Description
-@section Description
-
-@cindex Description
-
-A full description of the application, relevant to the latest version.
-This can span multiple lines (which should be kept to a maximum of 80
-characters), and is terminated by a line containing a single '.'.
-
-Basic MediaWiki-style formatting can be used. Leaving a blank line starts a
-new paragraph. Surrounding text with @code{''} make it italic, and with
-@code{'''} makes it bold.
-
-You can link to another app in the repo by using @code{[[app.id]]}. The link
-will be made appropriately whether in the Android client, the web repo
-browser or the wiki. The link text will be the apps name.
-
-Links to web addresses can be done using @code{[http://example.com Text]}.
-
-Bulletted lists are done by simply starting each item with a @code{*} on
-a new line, and numbered lists are the same but using @code{#}. There is
-currently no support for nesting lists - you can have one level only.
-
-It can be helpful to note information pertaining to updating from an
-earlier version; whether the app contains any prebuilts built by the
-upstream developers or whether non-free elements were removed; whether the
-app is in rapid development or whether the latest version lags behind the
-current version; whether the app supports multiple architectures or whether
-there is a maximum SDK specified (such info not being recorded in the index).
-
-This is converted to (@code{<desc>}) in the public index file.
-
-@node Maintainer Notes
-@section Maintainer Notes
-
-@cindex Maintainer Notes
-
-This is a multi-line field using the same rules and syntax as the description.
-It's used to record notes for F-Droid maintainers to assist in maintaining and
-updating the application in the repository.
-
-This information is also published to the wiki.
-
-@node Repo Type
-@section Repo Type
-
-@cindex Repo Type
-
-The type of repository - for automatic building from source. If this is not
-specified, automatic building is disabled for this application. Possible
-values are:
-
-@itemize @bullet
-@item
-@samp{git}
-@item
-@samp{svn}
-@item
-@samp{git-svn}
-@item
-@samp{hg}
-@item
-@samp{bzr}
-@item
-@samp{srclib}
-@end itemize
-
-@node Repo
-@section Repo
-
-@cindex Repo
-
-The repository location. Usually a git: or svn: URL, for example.
-
-The git-svn option connects to an SVN repository, and you specify the URL in
-exactly the same way, but git is used as a back-end. This is preferable for
-performance reasons, and also because a local copy of the entire history is
-available in case the upstream repository disappears. (It happens!). In
-order to use Tags as update check mode for this VCS type, the URL must have
-the tags= special argument set. Likewise, if you intend to use the
-RepoManifest/branch scheme, you would want to specify branches= as well.
-Finally, trunk= can also be added. All these special arguments will be passed
-to "git svn" in order, and their values must be relative paths to the svn repo
-root dir.
-Here's an example of a complex git-svn Repo URL:
-http://svn.code.sf.net/p/project/code/svn;trunk=trunk;tags=tags;branches=branches
-
-If the Repo Type is @code{srclib}, then you must specify the name of the
-according srclib .txt file. For example if @code{scrlibs/FooBar.txt} exist
-and you want to use this srclib, then you have to set Repo to
-@code{FooBar}.
-
-@node Binaries
-@section Binaries
-
-@cindex Binaries
-
-The location of binaries used in verification process.
-
-If specified, F-Droid will verify the output apk file of a build against the
-one specified. You can use %v and %c to point to the version name and version
-code of the current build. To verify the F-Droid client itself you could use:
-@code{Binaries:https://f-droid.org/repo/org.fdroid.fdroid_%c.apk}
-
-F-Droid will use upstream binaries if the verification succeeded.
-
-@node Build
-@section Build
-
-@cindex Build
-
-Any number of these fields can be present, each specifying a version to
-automatically build from source. The value is a comma-separated list.
-For example:
-
-@samp{Build:1.2,12}
-
-The above specifies to build version 1.2, which has a version code of 12.
-The @code{commit=} parameter specifies the tag, commit or revision number from
-which to build it in the source repository. It is the only mandatory flag,
-which in this case could for example be @code{commit=v1.2}.
-
-In addition to the three, always required, parameters described above,
-further parameters can be added (in name=value format) to apply further
-configuration to the build. These are (roughly in order of application):
-
-@table @code
-
-@item disable=<message>
-Disables this build, giving a reason why. (For backwards compatibility, this
-can also be achieved by starting the commit ID with '!')
-
-The purpose of this feature is to allow non-buildable releases (e.g. the source
-is not published) to be flagged, so the scripts don't generate repeated
-messages about them. (And also to record the information for review later).
-If an apk has already been built, disabling causes it to be deleted once
-@code{fdroid update} is run; this is the procedure if ever a version has to
-be replaced.
-
-@item subdir=<path>
-Specifies to build from a subdirectory of the checked out source code.
-Normally this directory is changed to before building,
-
-@item submodules=yes
-Use if the project (git only) has submodules - causes @code{git submodule
-update --init --recursive} to be executed after the source is cloned.
-Submodules are reset and cleaned like the main app repository itself before
-each build.
-
-@item init=xxxx
-As for 'prebuild', but runs on the source code BEFORE any other processing
-takes place.
-
-You can use $$SDK$$, $$NDK$$, $$MVN3$$ and $$QT$$ to substitute the paths
-to the android SDK and NDK directories, maven 3 executable, and Qt SDK
-directory respectively. The following per-build variables are available
-likewise: $$VERSION$$, $$VERCODE$$ and $$COMMIT$$.
-
-@item oldsdkloc=yes
-The sdk location in the repo is in an old format, or the build.xml is
-expecting such. The 'new' format is sdk.dir while the VERY OLD format
-is sdk-location. Typically, if you get a message along the lines of:
-"com.android.ant.SetupTask cannot be found" when trying to build, then
-try enabling this option.
-
-@item target=<target>
-Specifies a particular SDK target for compilation, overriding the value
-defined in the code by upstream. This has different effects depending on what
-build system used — this flag currently affects Ant, Maven and Gradle projects
-only. Note that this does not change the target SDK in the
-AndroidManifest.xml, which determines the level of features that can be
-included in the build.
-
-In the case of an Ant project, it modifies project.properties of the app and
-possibly sub-projects. This is likely to cause the whole build.xml to be
-rewritten, which is fine if it's a 'standard' android file or doesn't already
-exist, but not a good idea if it's heavily customised.
-
-@item update=<auto/dirs>
-By default, 'android update' is used in Ant builds to generate or update the
-project and all its referenced projects. Specifying update=no bypasses that.
-Note that this is useless in builds that don't use Ant.
-
-Default value is '@code{auto}', which recursively uses the paths in
-project.properties to find all the subprojects to update.
-
-Otherwise, the value can be a comma-separated list of directories in which to
-run 'android update' relative to the application directory.
-
-@item encoding=xxxx
-Adds a java.encoding property to local.properties with the given
-value. Generally the value will be 'utf-8'. This is picked up by the
-SDK's ant rules, and forces the Java compiler to interpret source
-files with this encoding. If you receive warnings during the compile
-about character encodings, you probably need this.
-
-@item forceversion=yes
-If specified, the package version in AndroidManifest.xml is replaced
-with the version name for the build as specified in the metadata.
-
-This is useful for cases when upstream repo failed to update it for
-specific tag; to build an arbitrary revision; to make it apparent that
-the version differs significantly from upstream; or to make it apparent
-which architecture or platform the apk is designed to run on.
-
-@item forcevercode=yes
-If specified, the package version code in the AndroidManifest.xml is
-replaced with the version code for the build. See also forceversion.
-
-@item rm=<path1>[,<path2>,...]
-Specifies the relative paths of files or directories to delete before
-the build is done. The paths are relative to the base of the build
-directory - i.e. the root of the directory structure checked out from
-the source respository - not necessarily the directory that contains
-AndroidManifest.xml.
-
-Multiple files/directories can be specified by separating them with ','.
-Directories will be recursively deleted.
-
-@item extlibs=<lib1>[,<lib2>,...]
-Comma-separated list of external libraries (jar files) from the
-@code{build/extlib} library, which will be placed in the @code{libs} directory
-of the project.
-
-@item srclibs=[n:]a@@r,[n:]b@@r1,...
-Comma-separated list of source libraries or Android projects. Each item is of
-the form name@@rev where name is the predefined source library name and rev is
-the revision or tag to use in the respective source control.
-
-For Ant projects, you can optionally append a number with a colon at the
-beginning of a srclib item to automatically place it in project.properties as
-a library under the specified number. For example, if you specify
-@code{1:somelib@@1.0}, F-Droid will automatically do the equivalent of the
-legacy practice @code{prebuild=echo "android.library.reference.1=$$somelib$$"
->> project.properties}.
-
-Each srclib has a metadata file under srclibs/ in the repository directory,
-and the source code is stored in build/srclib/.
-Repo Type: and Repo: are specified in the same way as for apps; Subdir: can be
-a comma separated list, for when directories are renamed by upstream; Update
-Project: updates the projects in the working directory and one level down;
-Prepare: can be used for any kind of preparation: in particular if you need to
-update the project with a particular target. You can then also use $$name$$ in
-the init/prebuild/build command to substitute the relative path to the library
-directory, but it could need tweaking if you've changed into another directory.
-
-Currently srclibs are necessary when upstream uses jar files or pulls
-dependencies from non-trusted repositories. While there is no guarantee that
-those binaries are free and correspondent to the source code, F-Droid allows
-the following known repositories until a source-built alternative is available:
-
-@itemize @bullet
-
-@item
-@samp{mavenCentral} - the original repo, hardcoded in Maven and Gradle.
-
-@item
-@samp{jCenter} - hardcoded in Gradle, this repo by Bintray tries to provide
-easier handling. It should sync with mavenCentral from time to time.
-
-@item
-@samp{OSS Sonatype} - maintained by the people behind mavenCentral, this
-repository focuses on hosting services for open source project binaries.
-
-@item
-@samp{JitPack.io} - builds directly from Github repositories. However,
-they do not provide any option to reproduce or verify the resulting
-binaries. Builds pre-release versions in some cases.
-
-@item
-@samp{Clojars} - Clojure libraries repo.
-
-@item
-@samp{CommonsWare} - repo holding a collection of open-source libs.
-
-@end itemize
-
-@item patch=x
-Apply patch(es). 'x' names one (or more - comma-seperated) files within a
-directory below the metadata, with the same name as the metadata file but
-without the extension. Each of these patches is applied to the code in turn.
-
-@item prebuild=xxxx
-Specifies a shell command (or commands - chain with &&) to run before the
-build takes place. Backslash can be used as an escape character to insert
-literal commas, or as the last character on a line to join that line with the
-next. It has no special meaning in other contexts; in particular, literal
-backslashes should not be escaped.
-
-The command runs using bash.
-
-Note that nothing should be built during this prebuild phase - scanning of the
-code and building of the source tarball, for example, take place after this.
-For custom actions that actually build things or produce binaries, use 'build'
-instead.
-
-You can use $$name$$ to substitute the path to a referenced srclib - see
-the @code{srclib} directory for details of this.
-
-You can use $$SDK$$, $$NDK$$ and $$MVN3$$ to substitute the paths to the
-android SDK and NDK directories, and Maven 3 executable respectively e.g.
-for when you need to run @code{android update project} explicitly. The
-following per-build variables are available likewise: $$VERSION$$, $$VERCODE$$
-and $$COMMIT$$.
-
-@item scanignore=<path1>[,<path2>,...]
-Enables one or more files/paths to be excluded from the scan process.
-This should only be used where there is a very good reason, and
-probably accompanied by a comment explaining why it is necessary.
-
-When scanning the source tree for problems, matching files whose relative
-paths start with any of the paths given here are ignored.
-
-@item scandelete=<path1>[,<path2>,...]
-When running the scan process, any files that trigger errors - like binaries -
-will be removed. It acts just like scanignore=, but instead of ignoring the
-files, it removes them.
-
-Useful when a source code repository includes binaries or other unwanted files
-which are not needed for the build. Instead of removing them manually via rm=,
-using scandelete= is easier.
-
-@item build=xxxx
-As for 'prebuild', but runs during the actual build phase (but before the
-main Ant/Maven build). Use this only for actions that do actual building.
-Any prepartion of the source code should be done using 'init' or 'prebuild'.
-
-Any building that takes place before build= will be ignored, as either Ant,
-mvn or gradle will be executed to clean the build environment right before
-build= (or the final build) is run.
-
-You can use $$SDK$$, $$NDK$$ and $$MVN3$$ to substitute the paths to the
-android SDK and NDK directories, and maven 3 executable respectively. The
-following per-build variables are available likewise: $$VERSION$$,
-$$VERCODE$$ and $$COMMIT$$.
-
-@item buildjni=[yes|no|<dir list>]
-Enables building of native code via the ndk-build script before doing
-the main Ant build. The value may be a list of directories relative
-to the main application directory in which to run ndk-build, or 'yes'
-which corresponds to '.' . Using explicit list may be useful to build
-multi-component projects.
-
-The build and scan processes will complain (refuse to build) if this
-parameter is not defined, but there is a @code{jni} directory present.
-If the native code is being built by other means like a Gradle task, you
-can specify @code{no} here to avoid that. However, if the native code is
-actually not required or used, remove the directory instead (using
-@code{rm=jni} for example). Using @code{buildjni=no} when the jni code
-isn't used nor built will result in an error saying that native
-libraries were expected in the resulting package.
-
-@item ndk=<version>
-Version of the NDK to use in this build. Defaults to the latest NDK release
-that included legacy toolchains, so as to not break builds that require
-toolchains no longer included in current versions of the NDK.
-
-The buildserver supports r9b with its legacy toolchains, r10e, r11c, r12b,
-and the latest release as of writing this document, r13b. You may add
-support for more versions by adding them to 'ndk_paths' in your config file.
-
-@item gradle=<flavour1>[,<flavour2>,...]
-Build with Gradle instead of Ant, specifying what flavours to use. Flavours
-are case sensitive since the path to the output apk is as well.
-
-If only one flavour is given and it is 'yes', no flavour will be used.
-Note that for projects with flavours, you must specify at least one
-valid flavour since 'yes' will build all of them separately.
-
-@item maven=yes[@@<dir>]
-Build with Maven instead of Ant. An extra @@<dir> tells F-Droid to run Maven
-inside that relative subdirectory. Sometimes it is needed to use @@.. so that
-builds happen correctly.
-
-@item preassemble=<task1>[,<task2>,...]
-List of Gradle tasks to be run before the assemble task in a Gradle project
-build.
-
-@item gradleprops=<prop1>[,<prop2>,...]
-List of Gradle properties to pass via the command line to Gradle. A property
-can be of the form @code{foo} or of the form @code{key=value}.
-
-For example: @code{gradleprops=enableFoo,someSetting=bar} will result in
-@code{gradle -PenableFoo -PsomeSetting=bar}.
-
-@item antcommands=<target1>[,<target2>,...]
-Specify an alternate set of Ant commands (target) instead of the default
-'release'. It can't be given any flags, such as the path to a build.xml.
-
-@item output=glob/to/output.apk
-Specify a glob path where the resulting unsigned release apk from the
-build should be. This can be used in combination with build methods like
-@code{gradle=yes} or @code{maven=yes}, but if no build method is
-specified, the build is manual. You should run your build commands, such
-as @code{make}, in @code{build=}.
-
-@item novcheck=yes
-Don't check that the version name and code in the resulting apk are
-correct by looking at the build output - assume the metadata is
-correct. This takes away a useful level of sanity checking, and should
-only be used if the values can't be extracted.
-
-@end table
-
-Another example, using extra parameters:
-
-@samp{Build Version:1.09.03,10903,45,subdir=Timeriffic,oldsdkloc=yes}
-
-@node AntiFeatures
-@section AntiFeatures
-
-@cindex AntiFeatures
-
-This is optional - if present, it contains a comma-separated list of any of
-the following values, describing an anti-feature the application has.
-It is a good idea to mention the reasons for the anti-feature(s) in the
-description:
-
-@itemize @bullet
-
-@item
-@samp{Ads} - the application contains advertising.
-
-@item
-@samp{Tracking} - the application tracks and reports your activity to
-somewhere without your consent. It's commonly used for when developers
-obtain crash logs without the user's consent, or when an app is useless
-without some kind of authentication.
-
-@item
-@samp{NonFreeNet} - the application relies on computational services that
-are impossible to replace or that the replacement cannot be connected to
-without major changes to the app.
-
-@item
-@samp{NonFreeAdd} - the application promotes non-free add-ons, such that the
-app is effectively an advert for other non-free software and such software is
-not clearly labelled as such.
-
-@item
-@samp{NonFreeDep} - the application depends on a non-free application (e.g.
-Google Maps) - i.e. it requires it to be installed on the device, but does not
-include it.
-
-@item
-@samp{UpstreamNonFree} - the application is or depends on non-free software.
-This does not mean that non-free software is included with the app: Most
-likely, it has been patched in some way to remove the non-free code. However,
-functionality may be missing.
-
-@item
-@samp{NonFreeAssets} - the application contains and makes use of non-free
-assets. The most common case is apps using artwork - images, sounds, music,
-etc - under a non-commercial license.
-
-@end itemize
-
-@node Disabled
-@section Disabled
-
-@cindex Disabled
-
-If this field is present, the application does not get put into the public
-index. This allows metadata to be retained while an application is temporarily
-disabled from being published. The value should be a description of why the
-application is disabled. No apks or source code archives are deleted: to purge
-an apk see the Build Version section or delete manually for developer builds.
-The field is therefore used when an app has outlived it's usefulness, because
-the source tarball is retained.
-
-@node Requires Root
-@section Requires Root
-
-@cindex Requires Root
-
-Set this optional field to "Yes" if the application requires root
-privileges to be usable. This lets the client filter it out if the
-user so desires. Whether root is required or not, it is good to give
-a paragraph in the description to the conditions on which root may be
-asked for and the reason for it.
-
-@node Archive Policy
-@section Archive Policy
-
-@cindex Archive Policy
-
-This determines the policy for moving old versions of an app to the archive
-repo, if one is configured. The configuration sets a default maximum number
-of versions kept in the main repo, after which older ones are moved to the
-archive. This app-specific policy setting can override that.
-
-Currently the only supported format is "n versions", where n is the number
-of versions to keep. Defaults to "3 versions".
-
-@node Update Check Mode
-@section Update Check Mode
-
-@cindex Update Check Mode
-
-This determines the method using for determining when new releases are
-available - in other words, the updating of the Current Version and Current
-Version Code fields in the metadata by the @code{fdroid checkupdates} process.
-
-Valid modes are:
-
-@itemize
-@item
-@code{None} - No checking is done because there's no appropriate automated way
-of doing so. Updates should be checked for manually. Use this, for example,
-when deploying unstable or patched versions; when builds are done in a directory
-different to where the AndroidManifest.xml is; if the developers use the
-Gradle build system and store version info in a separate file; if the
-developers make a new branch for each release and don't make tags; or if you've
-changed the package name or version code logic.
-@item
-@code{Static} - No checking is done - either development has ceased or new versions
-are not desired. This method is also used when there is no other checking method
-available and the upstream developer keeps us posted on new versions.
-@item
-@code{RepoManifest} - At the most recent commit, the AndroidManifest.xml file
-is looked for in the directory where it was found in the the most recent build.
-The appropriateness of this method depends on the development process used by
-the application's developers. You should not specify this method unless you're
-sure it's appropriate. For example, some developers bump the version when
-commencing development instead of when publishing.
-It will return an error if the AndroidManifest.xml has moved to a different
-directory or if the package name has changed.
-The current version that it gives may not be accurate, since not all
-versions are fit to be published. Therefore, before building, it is often
-necessary to check if the current version has been published somewhere by the
-upstream developers, either by checking for apks that they distribute or for
-tags in the source code repository.
-
-It currently works for every repository type to different extents, except
-the srclib repo type. For git, git-svn and hg repo types, you may use
-"RepoManifest/yourbranch" as UCM so that "yourbranch" would be the branch used
-in place of the default one. The default values are "master" for git,
-"default" for hg and none for git-svn (it stays in the same branch).
-On the other hand, branch support hasn't been implemented yet in bzr and svn,
-but RepoManifest may still be used without it.
-@item
-@code{RepoTrunk} - For svn and git-svn repositories, especially those who
-don't have a bundled AndroidManifest.xml file, the Tags and RepoManifest
-checks will not work, since there is no version information to obtain. But,
-for those apps who automate their build process with the commit ref that HEAD
-points to, RepoTrunk will set the Current Version and Current Version Code to
-that number.
-@item
-@code{Tags} - The AndroidManifest.xml file in all tagged revisions in the
-source repository is checked, looking for the highest version code. The
-appropriateness of this method depends on the development process used by the
-application's developers. You should not specify this method unless you're sure
-it's appropriate. It shouldn't be used if the developers like to tag unstable
-versions or are known to forget to tag releases. Like RepoManifest, it will not
-return the correct value if the directory containing the AndroidManifest.xml has
-moved. Despite these caveats, it is the often the favourite update check mode.
-
-It currently only works for git, hg, bzr and git-svn repositories. In the case
-of the latter, the repo URL must contain the path to the trunk and tags or
-else no tags will be found.
-
-Optionally append a regex pattern at the end - separated with a space - to
-only check the tags matching said pattern. Useful when apps tag non-release
-versions such as X.X-alpha, so you can filter them out with something like
-@code{.*[0-9]$} which requires tag names to end with a digit.
-@item
-@code{HTTP} - HTTP requests are used to determine the current version code and
-version name. This is controlled by the @code{Update Check Data} field, which
-is of the form @code{urlcode|excode|urlver|exver}.
-
-Firstly, if @code{urlcode} is non-empty, the document from that URL is
-retrieved, and matched against the regular expression @code{excode}, with the
-first group becoming the version code.
-
-Secondly, if @code{urlver} is non-empty, the document from that URL is
-retrieved, and matched against the regular expression @code{exver}, with the
-first group becoming the version name. The @code{urlver} field can be set to
-simply '.' which says to use the same document returned for the version code
-again, rather than retrieving a different one.
-@end itemize
-
-@node Vercode Operation
-@section Vercode Operation
-
-@cindex Vercode Operation
-
-Operation to be applied to the vercode obtained by the defined @code{Update
-Check Mode}. @code{%c} will be replaced by the actual vercode, and the whole
-string will be passed to python's @code{eval} function.
-
-Especially useful with apps that we want to compile for different ABIs, but
-whose vercodes don't always have trailing zeros. For example, with
-@code{Vercode Operation} set at something like @code{%c*10 + 4}, we will be
-able to track updates and build up to four different versions of every
-upstream version.
-
-@node Update Check Ignore
-@section Update Check Ignore
-
-@cindex Update Check Ignore
-
-When checking for updates (via @code{Update Check Mode}) this can be used to
-specify a regex which, if matched against the version name, causes that version
-to be ignored. For example, 'beta' could be specified to ignore version names
-that include that text.
-
-@node Update Check Name
-@section Update Check Name
-
-@cindex Update Check Name
-
-When checking for updates (via @code{Update Check Mode}) this can be used to
-specify the package name to search for. Useful when apps have a static package
-name but change it programmatically in some app flavors, by e.g. appending
-".open" or ".free" at the end of the package name.
-
-You can also use @code{Ignore} to ignore package name searching. This should
-only be used in some specific cases, for example if the app's build.gradle
-file does not contain the package name.
-
-@node Update Check Data
-@section Update Check Data
-
-@cindex Update Check Data
-
-Used in conjunction with @code{Update Check Mode} for certain modes.
-
-@node Auto Update Mode
-@section Auto Update Mode
-
-@cindex Auto Update Mode
-
-This determines the method using for auto-generating new builds when new
-releases are available - in other words, adding a new Build Version line to the
-metadata.
-This happens in conjunction with the 'Update Check Mode' functionality - i.e.
-when an update is detected by that, it is also processed by this.
-
-Valid modes are:
-
-@itemize
-@item
-@code{None} - No auto-updating is done
-@item
-@code{Version} - Identifies the target commit (i.e. tag) for the new build based
-on the given version specification, which is simply text in which %v and %c are
-replaced with the required version name and version code respectively.
-
-For example, if an app always has a tag "2.7.2" corresponding to version 2.7.2,
-you would simply specify "Version %v". If an app always has a tag "ver_1234"
-for a version with version code 1234, you would specify "Version ver_%c".
-
-Additionally, a suffix can be added to the version name at this stage, to
-differentiate F-Droid's build from the original. Continuing the first example
-above, you would specify that as "Version +-fdroid %v" - "-fdroid" is the suffix.
-@end itemize
-
-
-@node Current Version
-@section Current Version
-
-@cindex Current Version
-
-The name of the version that is current. There may be newer versions of the
-application than this (e.g. unstable versions), and there will almost certainly
-be older ones. This should be the one that is recommended for general use.
-In the event that there is no source code for the current version, or that
-non-free libraries are being used, this would ideally be the latest
-version that is still free, though it may still be expedient to
-retain the automatic update check — see No Source Since.
-
-This field is normally automatically updated - see Update Check Mode.
-
-This is converted to (@code{<marketversion>}) in the public index file.
-
-@node Current Version Code
-@section Current Version Code
-
-@cindex Current Version Code
-
-The version code corresponding to the Current Version field. Both these fields
-must be correct and matching although it's the current version code that's
-used by Android to determine version order and by F-Droid client to determine
-which version should be recommended.
-
-This field is normally automatically updated - see Update Check Mode.
-
-If not set or set to @code{0}, clients will recommend the highest version they
-can, as if the @code{Current Version Code} was infinite.
-
-This is converted to (@code{<marketvercode>}) in the public index file.
-
-@node No Source Since
-@section No Source Since
-
-@cindex No Source Since
-
-In case we are missing the source code for the Current Version reported by
-Upstream, or that non-free elements have been introduced, this defines the
-first version that began to miss source code.
-Apps that are missing source code for just one or a few versions, but provide
-source code for newer ones are not to be considered here - this field is
-intended to illustrate which apps do not currently distribute source code, and
-since when have they been doing so.
-
-@node Update Processing
-@chapter Update Processing
-
-@section Detecting
-
-There are various mechanisms in place for automatically detecting that updates
-are available for applications, with the @code{Update Check Mode} field in the
-metadata determining which method is used for a particular application.
-
-Running the @code{fdroid checkupdates} command will apply this method to each
-application in the repository and update the @code{Current Version} and
-@code{Current Version Code} fields in the metadata accordingly.
-
-As usual, the @code{-p} option can be used with this, to restrict processing
-to a particular application.
-
-Note that this only updates the metadata such that we know what the current
-published/recommended version is. It doesn't make that version available in
-the repository - for that, see the next section.
-
-@section Adding
-
-Adding updates (i.e. new versions of applications already included in the
-repository) happens in two ways. The simple case is applications where the
-APK files are binaries, retrieved from a developer's published build. In this
-case, all that's required is to place the new binary in the @code{Repo}
-directory, and the next run of @code{fdroid update} will pick it up.
-
-For applications built from source, it is necessary to add a new
-@code{Build Version} line to the metadata file. At the very least, the version
-name, version code and commit will be different. It is also possible that the
-additional build flags will change between versions.
-
-For processing multiple updates in the metadata at once, it can be useful to
-run @code{fdroid update --interactive}. This will check all the applications
-in the repository, and where updates are required you will be prompted to
-[E]dit the metadata, [I]gnore the update, or [Q]uit altogether.
-
-@node Build Server
-@chapter Build Server
-
-The Build Server system isolates the builds for each package within a clean,
-isolated and secure throwaway virtual machine environment.
-
-@section Overview
-
-Building applications in this manner on a large scale, especially with the
-involvement of automated and/or unattended processes, could be considered
-a dangerous pastime from a security perspective. This is even more the case
-when the products of the build are also distributed widely and in a
-semi-automated ("you have updates available") fashion.
-
-Assume that an upstream source repository is compromised. A small selection
-of things that an attacker could do in such a situation:
-
-@enumerate
-@item
-Use custom Ant build steps to execute virtually anything as the user doing
-the build.
-@item
-Access the keystore.
-@item
-Modify the built apk files or source tarballs for other applications in the
-repository.
-@item
-Modify the metadata (which includes build scripts, which again, also includes
-the ability to execute anything) for other applications in the repository.
-@end enumerate
-
-Through complete isolation, the repurcussions are at least limited to the
-application in question. Not only is the build environment fresh for each
-build, and thrown away afterwards, but it is also isolated from the signing
-environment.
-
-Aside from security issues, there are some applications which have strange
-requirements such as custom versions of the NDK. It would be impractical (or
-at least extremely messy) to start modifying and restoring the SDK on a
-multi-purpose system, but within the confines of a throwaway single-use
-virtual machine, anything is possible.
-
-All this is in addition to the obvious advantage of having a standardised
-and completely reproducible environment in which builds are made. Additionally,
-it allows for specialised custom build environments for particular
-applications.
-
-@section Setting up a build server
-
-In addition to the basic setup previously described, you will also need
-a Vagrant-compatible Debian Testing base box called 'jessie64'.
-
-You can use a different version or distro for the base box, so long as you
-don't expect any help making it work. One thing to be aware of is that
-working copies of source trees are moved from the host to the guest, so
-for example, having subversion v1.6 on the host and v1.7 on the guest
-would fail.
-
-@subsection Creating the Debian base box
-
-The output of this step is a minimal Debian VM that has support for remote
-login and provisioning.
-
-Unless you're very trusting, you should create one of these for yourself
-from verified standard Debian installation media. However, by popular
-demand, the @code{makebuildserver} script will automatically download a
-prebuilt image unless instructed otherwise. If you choose to use the
-prebuilt image, you may safely skip the rest of this section.
-
-Documentation for creating a base box can be found at
-@url{https://www.vagrantup.com/docs/boxes/base.html}.
-
-In addition to carefully following the steps described there, you should
-consider the following:
-
-@enumerate
-@item
-It is advisable to disable udev network device persistence, otherwise any
-movement of the VM between machines, or reconfiguration, will result in
-broken networking.
-
-For a Debian/Ubuntu default install, just
-@code{touch /etc/udev/rules.d/75-persistent-net-generator.rules} to turn
-off rule generation, and at the same time, get rid of any rules it's
-already created in @code{/etc/udev/rules.d/70-persistent-net.rules}.
-@item
-Unless you want the VM to become totally inaccessible following a failed
-boot, you need to set @code{GRUB_RECORDFAIL_TIMEOUT} to a value other than
--1 in @code{/etc/grub/default} and then run @code{update-grub}.
-@end enumerate
-
-@subsection Creating the F-Droid base box
-
-The next step in the process is to create @code{makebs.config.py},
-using @code{./examples/makebs.config.py} as a reference - look at the settings and
-documentation there to decide if any need changing to suit your environment.
-There is a path for retrieving the base box if it doesn't exist, and an apt
-proxy definition, both of which may need customising for your environment.
-You can then go to the @code{fdroidserver} directory and run this:
-
-@example
-./makebuildserver
-@end example
-
-This will take a long time, and use a lot of bandwidth - most of it spent
-installing the necessary parts of the Android SDK for all the various
-platforms. Luckily you only need to do it occasionally. Once you have a
-working build server image, if the recipes change (e.g. when packages need
-to be added) you can just run that script again and the existing one will
-be updated in place.
-
-The main sdk/ndk downloads will automatically be cached to speed things
-up the next time, but there's no easy way of doing this for the longer
-sections which use the SDK's @code{android} tool to install platforms,
-add-ons and tools. However, instead of allowing automatic caching, you
-can supply a pre-populated cache directory which includes not only these
-downloads, but also .tar.gz files for all the relevant additions. If the
-provisioning scripts detect these, they will be used in preference to
-running the android tools. For example, if you have
-@code{buildserver/addons/cache/platforms/android-19.tar.gz} that will be
-used when installing the android-19 platform, instead of re-downloading it
-using @code{android update sdk --no-ui -t android-19}. It is possible to
-create the cache files of this additions from a local installation of the
-SDK including these:
-
-@example
-cd /path/to/android-sdk/platforms
-tar czf android-19.tar.gz android-19
-mv android-19.tar.gz /path/to/buildserver/addons/cache/platforms/
-@end example
-
-If you have already built a buildserver it is also possible to get this
-files directly from the buildserver:
-
-@example
-vagrant ssh -- -C 'tar -C ~/android-sdk/platforms czf android-19.tar.gz android-19'
-vagrant ssh -- -C 'cat ~/android-sdk/platforms/android-19.tar.gz' > /path/to/fdroidserver/buildserver/cache/platforms/android19.tar.gz
-@end example
-
-Once it's complete you'll have a new base box called 'buildserver' which is
-what's used for the actual builds. You can then build packages as normal,
-but with the addition of the @code{--server} flag to @code{fdroid build} to
-instruct it to do all the hard work within the virtual machine.
-
-The first time a build is done, a new virtual machine is created using the
-'buildserver' box as a base. A snapshot of this clean machine state is saved
-for use in future builds, to improve performance. You can force discarding
-of this snapshot and rebuilding from scratch using the @code{--resetserver}
-switch with @code{fdroid build}.
-
-@node Signing
-@chapter Signing
-
-There are two kinds of signing involved in running a repository - the signing
-of the APK files generated from source builds, and the signing of the repo
-index itself. The latter is optional, but very strongly recommended.
-
-@section Repo Index Signing
-
-When setting up the repository, one of the first steps should be to generate
-a signing key for the repository index. This will also create a keystore, which
-is a file that can be used to hold this and all other keys used. Consider the
-location, security and backup status of this file carefully, then create it as
-follows:
-
-@code{keytool -genkey -v -keystore my.keystore -alias repokey -keyalg RSA -keysize 2048 -validity 10000}
-
-In the above, replace 'my.keystore' with the name of the keystore file to be
-created, and 'repokey' with a name to identify the repo index key by.
-
-You'll be asked for a password for the keystore, AND a password for the key.
-They shouldn't be the same. In between, you'll be asked for some identifying
-details which will go in the certificate.
-
-The two passwords entered go into @code{config.py}, as @code{keystorepass} and
-@code{keypass} respectively. The path to the keystore file, and the alias you
-chose for the key also go into that file, as @code{keystore} and
-@code{repo_keyalias} respectively.
-
-@section Package Signing
-
-With the repo index signing configured, all that remains to be done for package
-signing to work is to set the @code{keydname} field in @code{config.py} to
-contain the same identifying details you entered before.
-
-A new key will be generated using these details, for each application that is
-built. (If a specific key is required for a particular application, this system
-can be overridden using the @code{keyaliases} config settings.
-
-@node Vulnerability Scanning
-@chapter Vulnerability Scanning (dscanner)
-
-F-Droid now includes a means of running automated vulnerability scanning
-using @uref{https://github.com/mwrlabs/drozer, Drozer}. This is achieved
-by starting a docker container, with the Android SDK and Emulator
-prepared already, installing drozer into the emulator and scripting the
-knobs to scan any fully built and signed APKs.
-
-Note: if your application is not intended to run within an Android
-emulator, please do not continue with these instructions. At this time,
-the @code{dscanner} feature is fully dependent upon your application
-running properly in an emulated environment.
-
-@section Quick Start
-
-@enumerate
-@item Ensure that your application is a signed release build
-@item @code{fdroid dscanner --init-only} from within the repo
-@item Go for a coffee, this takes a long time and requires approximately
-6 GB of disk space. Once this is complete, you'll be left with a docker
-container running and ready to go.
-@item @code{fdroid dscanner --latest app.pkg.name} from within the repo
-to run drozer on the latest build of @code{app.pkg.name}
-@item If all went well, there should be an ``app.pkg.name_CODE.apk.dscanner''
-file in the repo (next to the original APK file)
-@item When you're all done scanning packages, you can cleanup the docker
-container with: @code{fdroid dscanner --clean-only}
-@end enumerate
-
-You can also run the drozer scan as an optional part of the overall
-@code{fdroid build} operation. This option will trigger a drozer scan of
-all signed APKs found in the repo. See @code{fdroid build --help} for
-more information.
-
-@section Command Line Help
-
-@example
-usage: fdroid dscanner [options] [APPID[:VERCODE] [APPID[:VERCODE] ...]]
-
-positional arguments:
- app_id app-id with optional versioncode in the form
- APPID[:VERCODE]
-
-optional arguments:
- -h, --help show this help message and exit
- -v, --verbose Spew out even more information than normal
- -q, --quiet Restrict output to warnings and errors
- -l, --latest Scan only the latest version of each package
- --clean-after Clean after all scans have finished.
- --clean-before Clean before the scans start and rebuild the
- container.
- --clean-only Clean up all containers and then exit.
- --init-only Prepare drozer to run a scan
- --repo-path REPO_PATH
- Override repo path for built APK files.
-@end example
-
-@section From Scratch
-
-Because the docker image used to do the Android Emulator and all of that
-takes a considerable amount of time to prepare, one has been uploaded to
-dockerhub.com for general use. However, the astute researcher will be
-weary of any black boxes and want to build their own black box. This
-section elaborates how to build the docker image yourself.
-
-From within the F-Droid Server source code directory, @code{cd
-./docker/} in order to begin.
-
-Within this directory are the custom scripting used within the docker
-image creation. For conveience, there is a simple Makefile that
-wraps the process of creating images into convenient pieces.
-
-@subsection @code{make help}
-
-@example
-usage: make help|build|clean|kill|info
-
- help this help screen
- build create docker image
- clean remove images and containers
- kill stop running containers
- info details of running container
-@end example
-
-@subsection @code{make clean}
-
-Stops any running containers (@code{make kill}) and then forcully
-removes them from docker. After that, all images associated are also
-explicitly removed.
-
-Note: this will destroy docker images!
-
-@subsection @code{make build}
-
-Builds the actual docker container, tagged
-``dscanner/fdroidserver:latest'' from the local directory. Obviously
-this is operating with the @code{Dockerfile} to build and tie everything
-together nicely.
-
-@subsection @code{make kill}
-
-@code{docker kill} the container tagged ``dscanner''.
-
-@subsection @code{make info}
-
-Prints some useful information about the currently running dscanner
-container (if it is even running). The output of this command is
-confusing and raw but useful none-the-less. See example output below:
-
-@example
-CONTAINER ID IMAGE COMMAND
-CREATED STATUS PORTS
-NAMES
-b90a60afe477 dscanner/fdroidserver "/home/drozer/entrypo" 20
-minutes ago Up 20 minutes 0.0.0.0:32779->22/tcp,
-0.0.0.0:32778->5037/tcp, 0.0.0.0:32777->5554/tcp,
-0.0.0.0:32776->5555/tcp, 0.0.0.0:32775->5900/tcp,
-0.0.0.0:32774->5901/tcp dscanner
-Use:
- adb kill-server
- adb connect 172.17.0.2:32776
-@end example
-
-Typical usage is for finding the ``adb connect'' line or the ``ssh''
-port (32779 from the @code{0.0.0.0:32779->22/tcp} note).
-
-@node GNU Free Documentation License
-@appendix GNU Free Documentation License
-
-@include fdl.texi
-
-@node Index
-@unnumbered Index
-
-@printindex cp
-
-@bye
~ianmdlvl / fdroidserver.git / commitdiff