From 1a83ff37ffcd970007eb5c921a0e8c8fbf837570 Mon Sep 17 00:00:00 2001 From: "Alexander \"PapaTutuWawa" Date: Tue, 25 Jul 2023 22:09:13 +0200 Subject: [PATCH] feat(all): Prepare for a correctly signed APK Fixes #304. --- android/app/build.gradle | 13 ++++--- flake.lock | 73 ++++++++++++++++++++++++++++++++++++++-- flake.nix | 34 ++++++++++++++++++- 3 files changed, 110 insertions(+), 10 deletions(-) diff --git a/android/app/build.gradle b/android/app/build.gradle index a3f3bc66..b6405c68 100644 --- a/android/app/build.gradle +++ b/android/app/build.gradle @@ -45,10 +45,10 @@ android { defaultConfig { applicationId "org.moxxy.moxxyv2" - // TODO: Remove once https://github.com/fluttercommunity/flutter_launcher_icons/pull/313 is merged - minSdkVersion 23 - targetSdkVersion 31 - //minSdkVersion flutter.minSdkVersion + // TODO: Remove once https://github.com/fluttercommunity/flutter_launcher_icons/pull/313 is merged + minSdkVersion 23 + targetSdkVersion 31 + //minSdkVersion flutter.minSdkVersion //targetSdkVersion flutter.targetSdkVersion versionCode flutterVersionCode.toInteger() versionName flutterVersionName @@ -56,9 +56,8 @@ android { buildTypes { release { - // TODO: Add your own signing config for the release build. - // Signing with the debug keys for now, so `flutter run --release` works. - signingConfig signingConfigs.debug + // Externally signed using a security key + signingConfig null } } } diff --git a/flake.lock b/flake.lock index 2becad2a..d91a81f7 100644 --- a/flake.lock +++ b/flake.lock @@ -20,6 +20,25 @@ "type": "github" } }, + "bab": { + "inputs": { + "flake-utils": "flake-utils_2", + "nixpkgs": "nixpkgs_2" + }, + "locked": { + "lastModified": 1690216663, + "narHash": "sha256-M02sPgYFsowi6a4sbVdDHZyaFXGMmjD/wSZ/N76OrJw=", + "ref": "refs/heads/master", + "rev": "b49dd023600bb8484d6d31239bebe6cd518ea581", + "revCount": 3, + "type": "git", + "url": "https://codeberg.org/PapaTutuWawa/bits-and-bytes.git" + }, + "original": { + "type": "git", + "url": "https://codeberg.org/PapaTutuWawa/bits-and-bytes.git" + } + }, "devshell": { "inputs": { "nixpkgs": [ @@ -61,6 +80,24 @@ } }, "flake-utils_2": { + "inputs": { + "systems": "systems_3" + }, + "locked": { + "lastModified": 1689068808, + "narHash": "sha256-6ixXo3wt24N/melDWjq70UuHQLxGV8jZvooRanIHXw0=", + "owner": "numtide", + "repo": "flake-utils", + "rev": "919d646de7be200f3bf08cb76ae1f09402b6f9b4", + "type": "github" + }, + "original": { + "owner": "numtide", + "repo": "flake-utils", + "type": "github" + } + }, + "flake-utils_3": { "locked": { "lastModified": 1667395993, "narHash": "sha256-nuEHfE/LcWyuSWnS8t12N1wc105Qtau+/OdUAjtQ0rA=", @@ -92,6 +129,22 @@ } }, "nixpkgs_2": { + "locked": { + "lastModified": 1689935543, + "narHash": "sha256-6GQ9ib4dA/r1leC5VUpsBo0BmDvNxLjKrX1iyL+h8mc=", + "owner": "NixOS", + "repo": "nixpkgs", + "rev": "e43e2448161c0a2c4928abec4e16eae1516571bc", + "type": "github" + }, + "original": { + "owner": "NixOS", + "ref": "nixpkgs-unstable", + "repo": "nixpkgs", + "type": "github" + } + }, + "nixpkgs_3": { "locked": { "lastModified": 1689752456, "narHash": "sha256-VOChdECcEI8ixz8QY+YC4JaNEFwQd1V8bA0G4B28Ki0=", @@ -110,8 +163,9 @@ "root": { "inputs": { "android-nixpkgs": "android-nixpkgs", - "flake-utils": "flake-utils_2", - "nixpkgs": "nixpkgs_2" + "bab": "bab", + "flake-utils": "flake-utils_3", + "nixpkgs": "nixpkgs_3" } }, "systems": { @@ -143,6 +197,21 @@ "repo": "default", "type": "github" } + }, + "systems_3": { + "locked": { + "lastModified": 1681028828, + "narHash": "sha256-Vy1rq5AaRuLzOxct8nz4T6wlgyUR7zLU309k9mBC768=", + "owner": "nix-systems", + "repo": "default", + "rev": "da67096a3b9bf56a91d16901293e51ba5b49a27e", + "type": "github" + }, + "original": { + "owner": "nix-systems", + "repo": "default", + "type": "github" + } } }, "root": "root", diff --git a/flake.nix b/flake.nix index d22cf177..8b287397 100644 --- a/flake.nix +++ b/flake.nix @@ -4,9 +4,10 @@ nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable"; flake-utils.url = "github:numtide/flake-utils"; android-nixpkgs.url = "github:tadfisher/android-nixpkgs"; + bab.url = "git+https://codeberg.org/PapaTutuWawa/bits-and-bytes.git"; }; - outputs = { self, nixpkgs, flake-utils, android-nixpkgs }: flake-utils.lib.eachDefaultSystem (system: let + outputs = { self, nixpkgs, flake-utils, android-nixpkgs, bab }: flake-utils.lib.eachDefaultSystem (system: let pkgs = import nixpkgs { inherit system; config = { @@ -42,6 +43,8 @@ buildInputs = old.buildInputs ++ [ pkgs.python27 ]; })) ]); + lib = pkgs.lib; + babPkgs = bab.packages."${system}"; pinnedJDK = pkgs.jdk17; pythonEnv = pkgs.python3.withPackages (ps: with ps; [ @@ -73,5 +76,34 @@ # an used parameter. GRADLE_OPTS = "-Dorg.gradle.project.android.aapt2FromMavenOverride=${sdk}/share/android-sdk/build-tools/34.0.0/aapt2"; }; + + apps = let + providerArg = pkgs.writeText "provider-arg.cfg" '' + name = OpenSC-PKCS11 + description = SunPKCS11 via OpenSC + library = ${pkgs.opensc}/lib/opensc-pkcs11.so + slotListIndex = 0 + ''; + mkBuildScript = skipBuild: pkgs.writeShellScript "build-anitrack.sh" '' + ${babPkgs.flutter-build}/bin/flutter-build \ + --name Moxxy \ + --not-signed \ + --zipalign ${sdk}/share/android-sdk/build-tools/34.0.0/zipalign \ + --apksigner ${sdk}/share/android-sdk/build-tools/34.0.0/apksigner \ + --provider-config ${providerArg} ${lib.optional skipBuild "--skip-build"} + ''; + in { + # Skip the build and just sign + onlySign = { + type = "app"; + program = "${mkBuildScript true}"; + }; + + # Build everything and sign + build = { + type = "app"; + program = "${mkBuildScript false}"; + }; + }; }); }