From 3242d7d44353fcf231c15e720df61b45bcc654d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lison=20Fernandes?= Date: Tue, 15 Oct 2024 19:48:13 +0100 Subject: [PATCH 1/5] Add f-droid config.yml to the repo --- .github/workflows/fdroid.yml | 264 +++++++++++++++++------------------ fdroid/config.yml | 18 +++ 2 files changed, 150 insertions(+), 132 deletions(-) create mode 100644 fdroid/config.yml diff --git a/.github/workflows/fdroid.yml b/.github/workflows/fdroid.yml index 9371069..0deb347 100644 --- a/.github/workflows/fdroid.yml +++ b/.github/workflows/fdroid.yml @@ -1,132 +1,132 @@ ---- -name: Generate F-Droid repo - - -on: - workflow_dispatch: - inputs: - dry-run: - description: "Skips pushing changes when enabled. Optional. Defaults to false." - type: boolean - default: false - required: false - - schedule: - - cron: "45 2 * * *" - - -jobs: - apps: - name: "Generate repo from apps listing" - runs-on: ubuntu-22.04 - env: - COMMIT_MSG_FILE: "${{ github.workspace }}/commit_message.tmp" - - steps: - - name: Checkout repo - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 - - - name: Create basic directory structure - run: mkdir -p fdroid/repo - - - name: Restore correct mtime - run: | - sudo apt install git-restore-mtime - - git restore-mtime - - - name: Login to Azure - CI Subscription - uses: Azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 - with: - creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} - - - name: Retrieve secrets - id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@main - with: - keyvault: "bitwarden-ci" - secrets: "github-gpg-private-key, - github-gpg-private-key-passphrase, - github-pat-bitwarden-devops-bot-repo-scope" - - - name: Import GPG key - uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 - with: - gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }} - passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }} - git_user_signingkey: true - git_commit_gpgsign: true - - - name: Set up Git - run: | - git config --local user.email "106330231+bitwarden-devops-bot@users.noreply.github.com" - git config --local user.name "bitwarden-devops-bot" - - - name: Download secrets - env: - ACCOUNT_NAME: bitwardenci - CONTAINER_NAME: mobile - run: | - az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \ - --name store_fdroid-keystore.jks --file fdroid/keystore.p12 --output none - - az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \ - --name fdroid-config.yml --file fdroid/config.yml --output none - - - name: Validate secrets - run: | - if [ -f "fdroid/config.yml" ]; then - echo "config found. setting permission to 0600" - chmod 0600 fdroid/config.yml - else - echo "config not found!" - exit 1 - fi - - if [ -f "fdroid/keystore.p12" ]; then - echo "keystore found" - else - echo "keystore not found!" - exit 1 - fi - - - name: Install F-Droid server software - run: | - sudo add-apt-repository ppa:fdroid/fdroidserver - sudo apt-get update - sudo apt-get install fdroidserver - - - name: Set up Go - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 - with: - go-version: '^1.17.0' - - - name: Run metascoop - id: run-metascoop - env: - GH_ACCESS_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} - run: | - bash run_metascoop.sh ${{ env.COMMIT_MSG_FILE }} - if [ $? -eq 0 ]; then - echo "Changes detected" - echo "has_changes=true" >> $GITHUB_OUTPUT - elif [ $? -eq 2 ]; then - echo "No changes detected" - echo "has_changes=false" >> $GITHUB_OUTPUT - else - echo "Unexpected exit code: $?" - echo "has_changes=false" >> $GITHUB_OUTPUT - fi - continue-on-error: true - - - name: Update repo - env: - GH_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} - run: | - if [ "${{ inputs.dry-run }}" = "true" ]; then - echo "Dry run. Changes are not being saved." - elif [ "${{ steps.run-metascoop.outputs.has_changes }}" != "true" ]; then - echo "No changes to save." - else - bash update_repo.sh ${{ env.COMMIT_MSG_FILE }} - fi +--- +name: Generate F-Droid repo + + +on: + workflow_dispatch: + inputs: + dry-run: + description: "Skips pushing changes when enabled. Optional. Defaults to false." + type: boolean + default: false + required: false + + schedule: + - cron: "45 2 * * *" + + +jobs: + apps: + name: "Generate repo from apps listing" + runs-on: ubuntu-22.04 + env: + COMMIT_MSG_FILE: "${{ github.workspace }}/commit_message.tmp" + + steps: + - name: Checkout repo + uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0 + + - name: Create basic directory structure + run: mkdir -p fdroid/repo + + - name: Restore correct mtime + run: | + sudo apt install git-restore-mtime + + git restore-mtime + + - name: Login to Azure - CI Subscription + uses: Azure/login@6c251865b4e6290e7b78be643ea2d005bc51f69a # v2.1.1 + with: + creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} + + - name: Retrieve secrets + id: retrieve-secrets + uses: bitwarden/gh-actions/get-keyvault-secrets@main + with: + keyvault: "bitwarden-ci" + secrets: "github-gpg-private-key, + github-gpg-private-key-passphrase, + github-pat-bitwarden-devops-bot-repo-scope" + + - name: Import GPG key + uses: crazy-max/ghaction-import-gpg@01dd5d3ca463c7f10f7f4f7b4f177225ac661ee4 # v6.1.0 + with: + gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }} + passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }} + git_user_signingkey: true + git_commit_gpgsign: true + + - name: Set up Git + run: | + git config --local user.email "106330231+bitwarden-devops-bot@users.noreply.github.com" + git config --local user.name "bitwarden-devops-bot" + + - name: Download secrets + env: + ACCOUNT_NAME: bitwardenci + CONTAINER_NAME: mobile + run: | + az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \ + --name store_fdroid-keystore.jks --file fdroid/keystore.p12 --output none + + - name: Validate secrets + run: | + if [ -f "fdroid/config.yml" ]; then + echo "config found. setting permission to 0600" + chmod 0600 fdroid/config.yml + + echo "keypass: ${{ secrets.FDROID_STORE_KEYSTORE_PASSWORD }}" >> fdroid/config.yml + echo "keystorepass: ${{ secrets.FDROID_STORE_KEYSTORE_PASSWORD }}" >> fdroid/config.yml + else + echo "config not found!" + exit 1 + fi + + if [ -f "fdroid/keystore.p12" ]; then + echo "keystore found" + else + echo "keystore not found!" + exit 1 + fi + + - name: Install F-Droid server software + run: | + sudo add-apt-repository ppa:fdroid/fdroidserver + sudo apt-get update + sudo apt-get install fdroidserver + + - name: Set up Go + uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2 + with: + go-version: '^1.17.0' + + - name: Run metascoop + id: run-metascoop + env: + GH_ACCESS_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} + run: | + bash run_metascoop.sh ${{ env.COMMIT_MSG_FILE }} + if [ $? -eq 0 ]; then + echo "Changes detected" + echo "has_changes=true" >> $GITHUB_OUTPUT + elif [ $? -eq 2 ]; then + echo "No changes detected" + echo "has_changes=false" >> $GITHUB_OUTPUT + else + echo "Unexpected exit code: $?" + echo "has_changes=false" >> $GITHUB_OUTPUT + fi + continue-on-error: true + + - name: Update repo + env: + GH_TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} + run: | + if [ "${{ inputs.dry-run }}" = "true" ]; then + echo "Dry run. Changes are not being saved." + elif [ "${{ steps.run-metascoop.outputs.has_changes }}" != "true" ]; then + echo "No changes to save." + else + bash update_repo.sh ${{ env.COMMIT_MSG_FILE }} + fi diff --git a/fdroid/config.yml b/fdroid/config.yml new file mode 100644 index 0000000..dc64a32 --- /dev/null +++ b/fdroid/config.yml @@ -0,0 +1,18 @@ +--- +repo_url: https://mobileapp.bitwarden.com/fdroid/repo/ +servergitmirrors: https://raw.githubusercontent.com/bitwarden/f-droid/main/fdroid/repo +repo_name: Bitwarden F-Droid +repo_description: >- + This is a repository of Bitwarden apps to be used with F-Droid. Applications + in this repository are official binaries built by Bitwarden. + +archive_url: https://mobileapp.bitwarden.com/fdroid/archive/ +archive_name: Bitwarden F-droid Archive +archive_description: >- + This is a repository of archived Bitwarden apps that are no longer + officially supported. + +archive_older: 10 + +repo_keyalias: bitwarden-Virtual-Machine +keydname: CN=bitwarden-Virtual-Machine, OU=F-Droid \ No newline at end of file From 36ba2e9fb5914562e87e68bbb3bc6e8ab5530b16 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lison=20Fernandes?= Date: Tue, 15 Oct 2024 19:48:55 +0100 Subject: [PATCH 2/5] Update gitignore --- .gitignore | 1 - 1 file changed, 1 deletion(-) diff --git a/.gitignore b/.gitignore index 96f690c..a39f224 100644 --- a/.gitignore +++ b/.gitignore @@ -24,7 +24,6 @@ node_modules npm-debug.log # Secrets -config.yml keystore.p12 keystore.jks From cc2e148891a2ff0609b9a63beac45275065c53b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lison=20Fernandes?= Date: Tue, 15 Oct 2024 20:52:37 +0100 Subject: [PATCH 3/5] Fixed whitespace --- fdroid/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fdroid/config.yml b/fdroid/config.yml index dc64a32..7da3ba2 100644 --- a/fdroid/config.yml +++ b/fdroid/config.yml @@ -9,10 +9,10 @@ repo_description: >- archive_url: https://mobileapp.bitwarden.com/fdroid/archive/ archive_name: Bitwarden F-droid Archive archive_description: >- - This is a repository of archived Bitwarden apps that are no longer + This is a repository of archived Bitwarden apps that are no longer officially supported. archive_older: 10 repo_keyalias: bitwarden-Virtual-Machine -keydname: CN=bitwarden-Virtual-Machine, OU=F-Droid \ No newline at end of file +keydname: CN=bitwarden-Virtual-Machine, OU=F-Droid From def2e2d8aa9387a0d438fdc203140b3efffd52f2 Mon Sep 17 00:00:00 2001 From: Patrick Honkonen <1883101+SaintPatrck@users.noreply.github.com> Date: Tue, 15 Oct 2024 16:23:43 -0400 Subject: [PATCH 4/5] Apply suggestions from code review --- fdroid/config.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/fdroid/config.yml b/fdroid/config.yml index 7da3ba2..4f0ce77 100644 --- a/fdroid/config.yml +++ b/fdroid/config.yml @@ -1,12 +1,12 @@ --- -repo_url: https://mobileapp.bitwarden.com/fdroid/repo/ +repo_url: https://mobileapp.bitwarden.com/fdroid/repo servergitmirrors: https://raw.githubusercontent.com/bitwarden/f-droid/main/fdroid/repo repo_name: Bitwarden F-Droid repo_description: >- This is a repository of Bitwarden apps to be used with F-Droid. Applications in this repository are official binaries built by Bitwarden. -archive_url: https://mobileapp.bitwarden.com/fdroid/archive/ +archive_url: https://mobileapp.bitwarden.com/fdroid/archive archive_name: Bitwarden F-droid Archive archive_description: >- This is a repository of archived Bitwarden apps that are no longer From d47d282b5b7ec4bc1785c8f858a089cee2c9cd82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lison=20Fernandes?= Date: Thu, 17 Oct 2024 16:11:25 +0100 Subject: [PATCH 5/5] Update fdroid/config.yml Co-authored-by: Patrick Honkonen <1883101+SaintPatrck@users.noreply.github.com> --- fdroid/config.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/fdroid/config.yml b/fdroid/config.yml index 4f0ce77..0170d39 100644 --- a/fdroid/config.yml +++ b/fdroid/config.yml @@ -1,6 +1,7 @@ --- repo_url: https://mobileapp.bitwarden.com/fdroid/repo -servergitmirrors: https://raw.githubusercontent.com/bitwarden/f-droid/main/fdroid/repo +mirrors: + - https://raw.githubusercontent.com/bitwarden/f-droid/main/fdroid repo_name: Bitwarden F-Droid repo_description: >- This is a repository of Bitwarden apps to be used with F-Droid. Applications