use reproducible.keystore for ci android build

also upgrade our github actions since there were warnings about deprecated things here https://github.com/katzenpost/katzen/actions/runs/3611008209
katzenpost · Dec 4, 2022 · 8949a73 · 8949a73
1 parent 8ca6bd5
commit 8949a73
Show file tree

Hide file tree

Showing 2 changed files with 22 additions and 22 deletions.
diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml
@@ -10,13 +10,13 @@ jobs:
           sudo apt install --no-install-recommends -y make podman
 
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Build for linux
         run: make docker-build-linux
 
       - name: Upload binary artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: katzen
           path: ./katzen
@@ -30,13 +30,13 @@ jobs:
           sudo apt install --no-install-recommends -y make podman
 
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Build for windows
         run: make docker-build-windows
 
       - name: Upload binary artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: katzen.exe
           path: ./katzen.exe
@@ -50,12 +50,12 @@ jobs:
 
     steps:
       - name: Install Go
-        uses: actions/setup-go@v1
+        uses: actions/setup-go@v3
         with:
           go-version: ${{ matrix.go-version }}
 
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Build for MacOS (amd64)
         run: CGO_CFLAGS_ALLOW="-DPARAMS=sphincs-shake-256f" CGO_ENABLED=1 GOOS="darwin" GOARCH="amd64" go build -trimpath -ldflags=-buildid= -tags dynamic -o katzen-macos-amd64
@@ -64,13 +64,13 @@ jobs:
         run: CGO_CFLAGS_ALLOW="-DPARAMS=sphincs-shake-256f" CGO_ENABLED=1 GOOS="darwin" GOARCH="arm64" go build -trimpath -ldflags=-buildid= -tags dynamic -o katzen-macos-arm64
 
       - name: Upload binary artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: katzen-macos-amd64
           path: ./katzen-macos-amd64
 
       - name: Upload binary artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: katzen-macos-arm64
           path: ./katzen-macos-arm64
@@ -84,13 +84,13 @@ jobs:
           sudo apt install --no-install-recommends podman make
 
       - name: Checkout code
-        uses: actions/checkout@v2
+        uses: actions/checkout@v3
 
       - name: Build for android
-        run: make docker-build-android
+        run: make KEYSTORE=reproducible.keystore KEYPASS=reproducible docker-build-android
 
       - name: Upload binary artifact
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v3
         with:
           name: katzen.apk
           path: ./katzen.apk
@@ -100,27 +100,27 @@ jobs:
     needs: [build_linux, build_windows, build_macos, build_android]
     steps:
       - name: Download katzen linux
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: katzen
 
       - name: Download katzen windows
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: katzen.exe
 
       - name: Download katzen android
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: katzen.apk
 
       - name: Download katzen macos
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: katzen-macos-amd64
 
       - name: Download katzen macos
-        uses: actions/download-artifact@v2
+        uses: actions/download-artifact@v3
         with:
           name: katzen-macos-arm64
 

diff --git a/Makefile b/Makefile
@@ -1,6 +1,6 @@
-docker := $(shell if which podman|grep . >/dev/null; then echo podman; else echo docker; fi)
-
-KEYPASS?=password
+docker := $(shell if which podman|grep -q .; then echo podman; else echo docker; fi)
+KEYSTORE := sign.keystore
+KEYPASS := password
 
 docker-build-linux: docker-go-mod
 	$(docker) run --rm -v "$(shell readlink -f .)":/go/katzen/ katzen/go_mod bash -c 'cd /go/katzen/; CGO_CFLAGS_ALLOW="-DPARAMS=sphincs-shake-256f" go build -trimpath -ldflags=-buildid='
@@ -14,12 +14,12 @@ docker-android-base:
 	fi
 
 android-signing-key: docker-android-base
-	if [ ! -e sign.keystore ]; then \
-		$(docker) run --rm -v "$(shell readlink -f .)":/go/build katzen/android_sdk bash -c "keytool -genkey -keystore sign.keystore -storepass ${KEYPASS} -alias android -keyalg RSA -keysize 2048 -validity 10000 -noprompt -dname CN=android"; \
+	if [ ! -e $(KEYSTORE) ]; then \
+		$(docker) run --rm -v "$(shell readlink -f .)":/go/build katzen/android_sdk bash -c "keytool -genkey -keystore $(KEYSTORE) -storepass ${KEYPASS} -alias android -keyalg RSA -keysize 2048 -validity 10000 -noprompt -dname CN=android"; \
 	fi
 
 docker-build-android: android-signing-key
-	$(docker) run --rm -v "$(shell readlink -f .)":/go/build katzen/android_sdk bash -c "go install gioui.org/cmd/gogio && CGO_CFLAGS_ALLOW="-DPARAMS=sphincs-shake-256f" gogio -arch arm64,amd64 -x -target android -appid org.mixnetworks.katzen -version 1 -signkey sign.keystore -signpass ${KEYPASS} ."
+	$(docker) run --rm -v "$(shell readlink -f .)":/go/build katzen/android_sdk bash -c "go install gioui.org/cmd/gogio && CGO_CFLAGS_ALLOW="-DPARAMS=sphincs-shake-256f" gogio -arch arm64,amd64 -x -target android -appid org.mixnetworks.katzen -version 1 -signkey $(KEYSTORE) -signpass ${KEYPASS} ."
 
 # this builds the debian base image, ready to have the golang deps installed
 docker-debian-base: