From f1007e73e1803a0553a0258eb9728b8455ff1c14 Mon Sep 17 00:00:00 2001
From: linsui <2873532-linsui@users.noreply.gitlab.com>
Date: Wed, 30 Oct 2024 22:59:45 +0800
Subject: [PATCH] CI: scan upstream apk

---
 .gitlab-ci.yml | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 3bbaae53bd..1cd34e92d7 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -380,13 +380,16 @@ fdroid build:
           $fdroid fetchsrclibs $build --verbose;
           rm $home_vagrant/fdroiddata $home_vagrant/.gitconfig;
           $fdroid build --verbose --test --refresh-scanner --scan-binary --on-server --no-tarball $build;
+          apt-get install sudo;
+          for apk in tmp/binaries/$appid_*.apk; do
+            $fdroid scanner --verbose --exit-code $apk;
+          done;
           popd;
           rm -rf $home_vagrant/build || true;
           rm -rf $ANDROID_HOME/ndk || true;
           apt-get install -y openjdk-17-jdk-headless;
           update-alternatives --set java /usr/lib/jvm/java-17-openjdk-amd64/bin/java;
           ./tools/build-contains-signatures.py $build || continue;
-          apt-get install sudo;
           $fdroid publish --verbose --error-on-failed $build;
       done