gitlab-ci: check for signatures without build entries

2026-05-22 13:49:06 +00:00 · 2021-04-15 17:26:22 +02:00 · 2021-04-15 17:26:22 +02:00 · 438681c771
commit 438681c771
parent 24e55673c3
2 changed files with 29 additions and 0 deletions
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@ -57,6 +57,7 @@ lint:
    - ./tools/check-localized-metadata.py || export EXITVALUE=1
    - ./tools/check-keyalias-collision.py || export EXITVALUE=1
    - ./tools/check-metadata-summary-whitespace.py || export EXITVALUE=1
+    - ./tools/check-for-unattached-signatures.py || export EXITVALUE=1
    - exit $EXITVALUE

 trigger-issuebot:
--- a/tools/check-for-unattached-signatures.py
+++ b/tools/check-for-unattached-signatures.py
@ -0,0 +1,28 @@
+#!/usr/bin/env python3
+#
+#
+# Apps with reproducible builds include the APK Signature files in the
+# metadata.  If there is no matching entry in Builds:, then those
+# files are useless cruft.
+
+import glob
+import os
+import yaml
+
+errors = 0
+for d in glob.glob('metadata/*/signatures/[0-9]*'):
+    appid = os.path.basename(os.path.dirname(os.path.dirname(d)))
+    with open(os.path.join('metadata', appid + '.yml')) as fp:
+        app = yaml.safe_load(fp)
+    versionCode = os.path.basename(d)
+    found = False
+    for build in app['Builds']:
+        if int(versionCode) == int(build['versionCode']):
+            found = True
+            break
+    if not found:
+        print('ERROR: found signatures files with no matching build:')
+        for f in os.listdir(d):
+            print('\t', os.path.join(d, f))
+
+exit(errors)