From 013363000c6d08d0e336d38292a8cee65c04afae Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Tue, 1 Jul 2025 16:16:52 +0200 Subject: [PATCH 1/3] feat(docker): update tools and OS with latest versions --- Dockerfile | 22 +++++++++++++--------- fdroid-update.sh | 4 ++-- 2 files changed, 15 insertions(+), 11 deletions(-) diff --git a/Dockerfile b/Dockerfile index ffcc6a5..a04b34f 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,19 +1,23 @@ -FROM reg.cadoles.com/proxy_cache/library/alpine:3.19 as build +FROM reg.cadoles.com/proxy_cache/library/alpine:3.22 as build -ARG FDROIDSERVER_VERSION=2.2 +ARG FDROIDSERVER_VERSION=2.4.2 +ARG ANDROGUARD_VERSION=4.1.3 +ARG FRIDA_TOOLS_VERSION=14.3.1 ARG CRYPTOGRAPHY_DONT_BUILD_RUST=1 +ENV PIPX_HOME=/fdroid/ +ENV PIPX_BIN_DIR=/fdroid/bin + RUN apk add --no-cache \ python3 py3-pip build-base freetype-dev libffi-dev \ libpng-dev py3-setuptools python3-dev libxml2-dev \ - libxslt-dev openssl-dev jpeg-dev py3-qt5 + libxslt-dev openssl-dev jpeg-dev py3-qt5 go nodejs npm git pipx -RUN python3 -m venv --system-site-packages /fdroid +RUN python3 -m venv --system-site-packages /fdroid \ + && source /fdroid/bin/activate +RUN pipx install androguard==${ANDROGUARD_VERSION} frida-tools==${FRIDA_TOOLS_VERSION} fdroidserver==${FDROIDSERVER_VERSION} -RUN . /fdroid/bin/activate \ - && pip3 install --no-cache-dir androguard==3.3.5 frida-tools==10.8.0 fdroidserver==${FDROIDSERVER_VERSION} - -FROM reg.cadoles.com/proxy_cache/library/alpine:3.19 as runtime +FROM reg.cadoles.com/proxy_cache/library/alpine:3.22 as runtime ARG TIMEZONE=Europe/Paris @@ -73,4 +77,4 @@ RUN mkdir -p /var/www/fdroid RUN addgroup -S fdroid && adduser -D -h /fdroid -s /bin/bash -G fdroid fdroid RUN chown -R fdroid: /fdroid /var/www/fdroid -CMD /usr/local/bin/docker-entrypoint.sh \ No newline at end of file +CMD /usr/local/bin/docker-entrypoint.sh diff --git a/fdroid-update.sh b/fdroid-update.sh index 2543891..85db243 100644 --- a/fdroid-update.sh +++ b/fdroid-update.sh @@ -7,7 +7,7 @@ DIR=$2 FILE=$3 if [ -z "$FILE" ] || [[ "$FILE" == *.apk ]] || [[ "$FILE" == *.yml ]]; then - . /fdroid/bin/activate && fdroid update --clean -c --rename-apks --use-date-from-apk --delete-unknown - . /fdroid/bin/activate && fdroid deploy + /fdroid/bin/fdroid update --clean -c --rename-apks --use-date-from-apk --delete-unknown + /fdroid/bin/fdroid deploy fi -- 2.17.1 From 3c86622b50464eb601714890cd4841baca886c53 Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Tue, 1 Jul 2025 16:35:17 +0200 Subject: [PATCH 2/3] feat(actions): adding gitea action for image build and publish --- .gitea/workflows/build.yaml | 52 +++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) create mode 100644 .gitea/workflows/build.yaml diff --git a/.gitea/workflows/build.yaml b/.gitea/workflows/build.yaml new file mode 100644 index 0000000..e82cf51 --- /dev/null +++ b/.gitea/workflows/build.yaml @@ -0,0 +1,52 @@ +name: Build and Push Image +on: + push: + tags: + - '*' +env: + REGISTRY: reg.cadoles.com + +jobs: + build: + name: Build and push image + runs-on: ubuntu-latest + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Login to Docker Registry + uses: docker/login-action@v3 + with: + registry: ${{ env.REGISTRY }} + username: ${{ secrets.REGISTRY_USERNAME }} + password: ${{ secrets.REGISTRY_TOKEN }} + + - name: Set up Docker Buildx + uses: docker/setup-buildx-action@v3 + + - name: Docker meta base + id: metabase + uses: docker/metadata-action@v5 + with: + images: | + reg.cadoles.com/cadoles/fdroid-repo + flavor: | + latest=auto + tags: | + type=schedule + type=ref,event=branch + type=ref,event=pr + type=ref,event=tag + type=semver,pattern={{version}} + type=semver,pattern={{major}}.{{minor}} + type=semver,pattern={{major}} + type=sha,prefix=,suffix= + + - name: Build and push + uses: docker/build-push-action@v6 + with: + context: . + push: ${{ github.event_name != 'pull_request' }} + tags: ${{ steps.metabase.outputs.tags }} + labels: ${{ steps.metabase.outputs.labels }} -- 2.17.1 From 40902f87291e88c42b69ceda94b85a62f1f1f8c5 Mon Sep 17 00:00:00 2001 From: Philippe Caseiro Date: Wed, 2 Jul 2025 09:33:58 +0200 Subject: [PATCH 3/3] feat(docker): updating android build-tools to version 36 --- Dockerfile | 6 ++++-- Makefile | 2 ++ 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index a04b34f..e8af5ca 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,6 +21,8 @@ FROM reg.cadoles.com/proxy_cache/library/alpine:3.22 as runtime ARG TIMEZONE=Europe/Paris +RUN apk update && apk upgrade + RUN apk add --no-cache \ python3 openjdk8 java-common \ bash supervisor openssh inotify-tools gettext \ @@ -36,8 +38,8 @@ RUN mkdir -p /opt/android \ ENV ANDROID_HOME="/opt/android" ENV PATH="$PATH:$ANDROID_HOME/tools/bin" -RUN yes | sdkmanager "build-tools;34.0.0" -ENV PATH="$PATH:$ANDROID_HOME/build-tools/34.0.0" +RUN yes | sdkmanager "build-tools;36.0.0" +ENV PATH="$PATH:$ANDROID_HOME/build-tools/36.0.0" COPY --from=build /fdroid /fdroid diff --git a/Makefile b/Makefile index d6c25ea..99913ca 100644 --- a/Makefile +++ b/Makefile @@ -27,6 +27,8 @@ run: -e "FDROID_KEYSTORE_DNAME=CN=cadoles.com, OU=ID, O=Cadoles, L=Dijon, S=France, C=FR" \ fdroid-repository:latest \ $(DOCKER_CMD) +scan: + trivy image --format table fdroid-repository:latest release: docker image tag fdroid-repository:latest reg.cadoles.com/cadoles/fdroid-repository:latest -- 2.17.1