diff options
Diffstat (limited to 'share/qbs/modules')
| -rw-r--r-- | share/qbs/modules/Android/sdk/sdk.qbs | 61 | ||||
| -rw-r--r-- | share/qbs/modules/Android/sdk/utils.js | 64 | ||||
| -rw-r--r-- | share/qbs/modules/codesign/android.qbs | 116 | ||||
| -rw-r--r-- | share/qbs/modules/codesign/codesign.js | 72 |
4 files changed, 210 insertions, 103 deletions
diff --git a/share/qbs/modules/Android/sdk/sdk.qbs b/share/qbs/modules/Android/sdk/sdk.qbs index 0e40d059b..cae5fc2e5 100644 --- a/share/qbs/modules/Android/sdk/sdk.qbs +++ b/share/qbs/modules/Android/sdk/sdk.qbs @@ -178,20 +178,18 @@ Module { property path compiledResourcesDir: FileInfo.joinPaths(product.buildDirectory, "compiled_resources") property string packageContentsDir: FileInfo.joinPaths(product.buildDirectory, packageType) - property string debugKeyStorePath: FileInfo.joinPaths( - Environment.getEnv(qbs.hostOS.contains("windows") - ? "USERPROFILE" : "HOME"), - ".android", "debug.keystore") - property bool useApksigner: buildToolsVersion && Utilities.versionCompare( - buildToolsVersion, "24.0.3") >= 0 property stringList aidlSearchPaths Depends { name: "java"; condition: _enableRules } + Depends { name: "codesign"; condition: _enableRules } Properties { condition: _enableRules java.languageVersion: platformJavaVersion java.runtimeVersion: platformJavaVersion java.bootClassPaths: androidJarFilePath + codesign.apksignerFilePath: Android.sdk.apksignerFilePath + codesign._packageName: Android.sdk.apkBaseName + (_generateAab ? ".aab" : ".apk") + codesign.useApksigner: !_generateAab } validate: { @@ -211,6 +209,11 @@ Module { + "Android bundletool can be downloaded from " + "https://github.com/google/bundletool"); } + if (Utilities.versionCompare(buildToolsVersion, "24.0.3") < 0) { + throw ModUtils.ModuleError("Version of Android SDK build tools too old. This version " + + "is " + buildToolsVersion + " and minimum version is " + + "24.0.3. Please update the Android SDK.") + } } FileTagger { @@ -223,36 +226,6 @@ Module { fileTags: ["android.aidl"] } - FileTagger { - patterns: ["*.keystore"] - fileTags: ["android.keystore"] - } - - // Typically there is a debug keystore in ~/.android/debug.keystore which gets created - // by the native build tools the first time a build is done. However, we don't want to create it - // ourselves, because writing to a location outside the qbs build directory is both polluting - // and has the potential for race conditions. So we'll instruct the user what to do. - Group { - name: "Android debug keystore" - files: { - if (!File.exists(Android.sdk.debugKeyStorePath)) { - throw ModUtils.ModuleError("Could not find an Android debug keystore at " + - Android.sdk.debugKeyStorePath + ". " + - "If you are developing for Android on this machine for the first time and " + - "have never built an application using the native Gradle / Android Studio " + - "tooling, this is normal. You must create the debug keystore now using the " + - "following command, in order to continue:\n\n" + - SdkUtils.createDebugKeyStoreCommandString(java.keytoolFilePath, - Android.sdk.debugKeyStorePath) + - "\n\n" + - "See the following URL for more information: " + - "https://developer.android.com/studio/publish/app-signing.html#debug-mode"); - } - return [Android.sdk.debugKeyStorePath]; - } - fileTags: ["android.keystore"] - } - Parameter { property bool embedJar: true } @@ -525,11 +498,11 @@ Module { inputs: [ "android.resources", "android.assets", "android.manifest_final", "android.dex", "android.stl_deployed", - "android.nativelibrary_deployed", "android.keystore" + "android.nativelibrary_deployed" ] Artifact { - filePath: product.Android.sdk.apkBaseName + ".apk" - fileTags: "android.package" + filePath: product.Android.sdk.apkBaseName + ".apk_unsigned" + fileTags: "android.package_unsigned" } prepare: SdkUtils.prepareAaptPackage.apply(SdkUtils, arguments) } @@ -540,11 +513,11 @@ Module { inputs: [ "android.apk_resources", "android.manifest_final", "android.dex", "android.stl_deployed", - "android.nativelibrary_deployed", "android.keystore" + "android.nativelibrary_deployed" ] Artifact { - filePath: product.Android.sdk.apkBaseName + ".apk" - fileTags: "android.package" + filePath: product.Android.sdk.apkBaseName + ".apk_unsigned" + fileTags: "android.package_unsigned" } prepare: SdkUtils.prepareApkPackage.apply(SdkUtils, arguments) } @@ -558,8 +531,8 @@ Module { "android.nativelibrary_deployed" ] Artifact { - filePath: product.Android.sdk.apkBaseName + ".aab" - fileTags: "android.package" + filePath: product.Android.sdk.apkBaseName + ".aab_unsigned" + fileTags: "android.package_unsigned" } prepare: SdkUtils.prepareBundletoolPackage.apply(SdkUtils, arguments) } diff --git a/share/qbs/modules/Android/sdk/utils.js b/share/qbs/modules/Android/sdk/utils.js index 6fa200822..9511ae9de 100644 --- a/share/qbs/modules/Android/sdk/utils.js +++ b/share/qbs/modules/Android/sdk/utils.js @@ -242,7 +242,7 @@ function prepareAaptGenerate(project, product, inputs, outputs, input, output, function prepareAaptPackage(project, product, inputs, outputs, input, output, explicitlyDependsOn) { var cmds = []; - var apkOutput = outputs["android.package"][0]; + var apkOutput = outputs["android.package_unsigned"][0]; var args = commonAaptPackageArgs.apply(this, arguments); args.push("-F", apkOutput.filePath + ".unaligned"); args.push(product.Android.sdk.packageContentsDir); @@ -250,17 +250,6 @@ function prepareAaptPackage(project, product, inputs, outputs, input, output, ex cmd.description = "generating " + apkOutput.fileName; cmds.push(cmd); - if (!product.Android.sdk.useApksigner) { - args = ["-sigalg", "SHA1withRSA", "-digestalg", "SHA1", - "-keystore", inputs["android.keystore"][0].filePath, - "-storepass", "android", - apkOutput.filePath + ".unaligned", - "androiddebugkey"]; - cmd = new Command(product.java.jarsignerFilePath, args); - cmd.description = "signing " + apkOutput.fileName; - cmds.push(cmd); - } - cmd = new Command(product.Android.sdk.zipalignFilePath, ["-f", "4", apkOutput.filePath + ".unaligned", apkOutput.filePath]); cmd.silent = true; @@ -271,26 +260,14 @@ function prepareAaptPackage(project, product, inputs, outputs, input, output, ex cmd.unalignedApk = apkOutput.filePath + ".unaligned"; cmd.sourceCode = function() { File.remove(unalignedApk); }; cmds.push(cmd); - - if (product.Android.sdk.useApksigner) { - // TODO: Implement full signing support, not just using the debug keystore - args = ["sign", - "--ks", inputs["android.keystore"][0].filePath, - "--ks-pass", "pass:android", - apkOutput.filePath]; - cmd = new Command(product.Android.sdk.apksignerFilePath, args); - cmd.description = "signing " + apkOutput.fileName; - cmds.push(cmd); - } - return cmds; } function prepareApkPackage(project, product, inputs, outputs, input, output, explicitlyDependsOn) { var cmds = []; var apkInputFilePath = inputs["android.apk_resources"][0].filePath; - var apkOutput = outputs["android.package"][0]; - var apkOutputFilePathUnaligned = outputs["android.package"][0].filePath + ".unaligned"; + var apkOutput = outputs["android.package_unsigned"][0]; + var apkOutputFilePathUnaligned = apkOutput.filePath + ".unaligned"; var dexFilePath = inputs["android.dex"][0].filePath; var copyCmd = new JavaScriptCommand(); @@ -309,17 +286,6 @@ function prepareApkPackage(project, product, inputs, outputs, input, output, exp jarCmd.workingDirectory = libPath; cmds.push(jarCmd); - if (!product.Android.sdk.useApksigner) { - args = ["-sigalg", "SHA1withRSA", "-digestalg", "SHA1", - "-keystore", inputs["android.keystore"][0].filePath, - "-storepass", "android", - apkOutputFilePathUnaligned, - "androiddebugkey"]; - cmd = new Command(product.java.jarsignerFilePath, args); - cmd.description = "signing " + apkOutput.fileName; - cmds.push(cmd); - } - cmd = new Command(product.Android.sdk.zipalignFilePath, ["-f", "4", apkOutputFilePathUnaligned, apkOutput.filePath]); cmd.silent = true; @@ -330,18 +296,6 @@ function prepareApkPackage(project, product, inputs, outputs, input, output, exp cmd.unalignedApk = apkOutputFilePathUnaligned; cmd.sourceCode = function() { File.remove(unalignedApk); }; cmds.push(cmd); - - if (product.Android.sdk.useApksigner) { - // TODO: Implement full signing support, not just using the debug keystore - args = ["sign", - "--ks", inputs["android.keystore"][0].filePath, - "--ks-pass", "pass:android", - apkOutput.filePath]; - cmd = new Command(product.Android.sdk.apksignerFilePath, args); - cmd.description = "signing " + apkOutput.fileName; - cmds.push(cmd); - } - return cmds; } @@ -377,7 +331,7 @@ function prepareBundletoolPackage(project, product, inputs, outputs, input, outp jarBaseCmd.workingDirectory = baseModuleDir; cmds.push(jarBaseCmd); - var aabFilePath = outputs["android.package"][0].filePath; + var aabFilePath = outputs["android.package_unsigned"][0].filePath; var removeCmd = new JavaScriptCommand(); removeCmd.description = "removing previous aab"; removeCmd.filePath = aabFilePath; @@ -391,20 +345,12 @@ function prepareBundletoolPackage(project, product, inputs, outputs, input, outp args.push("--modules=" + baseFilePath); args.push("--output=" + aabFilePath); var cmd = new Command(product.java.interpreterFilePath, args); - cmd.description = "generating " + outputs["android.package"][0].fileName; + cmd.description = "generating " + aabFilePath.fileName; cmds.push(cmd); return cmds; } -function createDebugKeyStoreCommandString(keytoolFilePath, keystoreFilePath) { - var args = ["-genkey", "-keystore", keystoreFilePath, "-alias", "androiddebugkey", - "-storepass", "android", "-keypass", "android", "-keyalg", "RSA", - "-keysize", "2048", "-validity", "10000", "-dname", - "CN=Android Debug,O=Android,C=US"]; - return Process.shellQuote(keytoolFilePath, args); -} - function stlDeploymentData(product, inputs, type) { var data = { uniqueInputs: [], outputFilePaths: []}; diff --git a/share/qbs/modules/codesign/android.qbs b/share/qbs/modules/codesign/android.qbs new file mode 100644 index 000000000..be96d42de --- /dev/null +++ b/share/qbs/modules/codesign/android.qbs @@ -0,0 +1,116 @@ +/**************************************************************************** +** +** Copyright (C) 2021 Raphaƫl Cotty <raphael.cotty@gmail.com> +** Contact: http://www.qt.io/licensing +** +** This file is part of the Qbs. +** +** Commercial License Usage +** Licensees holding valid commercial Qt licenses may use this file in +** accordance with the commercial license agreement provided with the +** Software or, alternatively, in accordance with the terms contained in +** a written agreement between you and The Qt Company. For licensing terms and +** conditions see http://www.qt.io/terms-conditions. For further information +** use the contact form at http://www.qt.io/contact-us. +** +** GNU Lesser General Public License Usage +** Alternatively, this file may be used under the terms of the GNU Lesser +** General Public License version 2.1 or version 3 as published by the Free +** Software Foundation and appearing in the file LICENSE.LGPLv21 and +** LICENSE.LGPLv3 included in the packaging of this file. Please review the +** following information to ensure the GNU Lesser General Public License +** requirements will be met: https://www.gnu.org/licenses/lgpl.html and +** http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html. +** +** In addition, as a special exception, The Qt Company gives you certain additional +** rights. These rights are described in The Qt Company LGPL Exception +** version 1.1, included in the file LGPL_EXCEPTION.txt in this package. +** +****************************************************************************/ + +import qbs +import qbs.Environment +import qbs.File +import qbs.FileInfo +import qbs.ModUtils +import qbs.Probes +import "codesign.js" as CodeSign + +CodeSignModule { + condition: qbs.targetOS.contains("android") + priority: 1 + enableCodeSigning: true + + property bool useApksigner: true + property path apksignerFilePath + + Probes.JdkProbe { + id: jdk + environmentPaths: (jdkPath ? [jdkPath] : []).concat(base) + } + property string jdkPath: jdk.path + property string jarsignerFilePath: FileInfo.joinPaths(jdkPath, "bin", jarsignerName) + property string jarsignerName: "jarsigner" + property string keytoolFilePath: FileInfo.joinPaths(jdkPath, "bin", keytoolName) + property string keytoolName: "keytool" + + property string debugKeystorePath: FileInfo.joinPaths( + Environment.getEnv(qbs.hostOS.contains("windows") + ? "USERPROFILE" : "HOME"), + ".android", "debug.keystore") + readonly property string debugKeystorePassword: "android" + readonly property string debugPassword: "android" + readonly property string debugKeyAlias: "androiddebugkey" + + property string keystorePath: debugKeystorePath + property string keystorePassword: debugKeystorePassword + property string keyPassword: debugPassword + property string keyAlias: debugKeyAlias + + // Private property set by the Android.sdk module + property string _packageName + + Rule { + condition: useApksigner + inputs: ["android.package_unsigned"] + Artifact { + filePath: product.codesign._packageName + fileTags: "android.package" + } + prepare: CodeSign.signApkPackage.apply(this, arguments) + } + + Rule { + condition: !useApksigner + inputs: ["android.package_unsigned"] + Artifact { + filePath: product.codesign._packageName + fileTags: "android.package" + } + prepare: CodeSign.signAabPackage.apply(this, arguments) + } + + validate: { + // Typically there is a debug keystore in ~/.android/debug.keystore which gets created + // by the native build tools the first time a build is done. However, we don't want to + // create it ourselves, because writing to a location outside the qbs build directory is + // both polluting and has the potential for race conditions. So we'll instruct the user what + // to do. + if (keystorePath === debugKeystorePath && !File.exists(debugKeystorePath)) { + throw ModUtils.ModuleError("Could not find an Android debug keystore at " + + codesign.debugKeystorePath + ". " + + "If you are developing for Android on this machine for the first time and " + + "have never built an application using the native Gradle / Android Studio " + + "tooling, this is normal. You must create the debug keystore now using the " + + "following command, in order to continue:\n\n" + + CodeSign.createDebugKeyStoreCommandString(codesign.keytoolFilePath, + codesign.debugKeystorePath, + codesign.debugKeystorePassword, + codesign.debugPassword, + codesign.debugKeyAlias) + + "\n\n" + + "See the following URL for more information: " + + "https://developer.android.com/studio/publish/app-signing.html#debug-mode"); + } + } +} diff --git a/share/qbs/modules/codesign/codesign.js b/share/qbs/modules/codesign/codesign.js index 1d039e7ca..bf7e95224 100644 --- a/share/qbs/modules/codesign/codesign.js +++ b/share/qbs/modules/codesign/codesign.js @@ -32,6 +32,7 @@ var File = require("qbs.File"); var FileInfo = require("qbs.FileInfo"); var PathTools = require("qbs.PathTools"); +var Process = require("qbs.Process"); var PropertyList = require("qbs.PropertyList"); var Utilities = require("qbs.Utilities"); @@ -277,3 +278,74 @@ function prepareSign(project, product, inputs, outputs, input, output) { return cmds; } + +function signApkPackage(project, product, inputs, outputs, input, output, explicitlyDependsOn) { + var apkInput = inputs["android.package_unsigned"][0]; + var apkOutput = outputs["android.package"][0]; + var cmd; + if (product.codesign.enableCodeSigning) { + var args = ["sign", + "--ks", product.codesign.keystorePath, + "--ks-pass", "pass:" + product.codesign.keystorePassword, + "--ks-key-alias", product.codesign.keyAlias, + "--key-pass", "pass:" + product.codesign.keyPassword, + "--out", apkOutput.filePath, + apkInput.filePath]; + cmd = new Command(product.codesign.apksignerFilePath, args); + cmd.description = "signing " + apkOutput.fileName; + } else { + cmd = new JavaScriptCommand(); + cmd.description = "copying without signing " + apkOutput.fileName; + cmd.source = apkInput.filePath; + cmd.target = apkOutput.filePath; + cmd.silent = true; + cmd.sourceCode = function() { + // If enableCodeSigning is changed to false without any change to unsigned package then + // the copy won't happen because of timestamps. So the target file needs file needs to + // be removed to avoid it. + File.remove(target); + File.copy(source, target); + } + } + return cmd; +} + +function signAabPackage(project, product, inputs, outputs, input, output, explicitlyDependsOn) { + var aabInput = inputs["android.package_unsigned"][0]; + var aabOutput = outputs["android.package"][0]; + var cmd; + if (product.codesign.enableCodeSigning) { + args = ["-sigalg", "SHA1withRSA", "-digestalg", "SHA1", + "-keystore", product.codesign.keystorePath, + "-storepass", product.codesign.keystorePassword, + "-keypass", product.codesign.keyPassword, + "-signedjar", aabOutput.filePath, + aabInput.filePath, + product.codesign.keyAlias]; + cmd = new Command(product.codesign.jarsignerFilePath, args); + cmd.description = "signing " + aabOutput.fileName; + } else { + cmd = new JavaScriptCommand(); + cmd.description = "copying without signing " + aabOutput.fileName; + cmd.source = aabInput.filePath; + cmd.target = aabOutput.filePath; + cmd.silent = true; + cmd.sourceCode = function() { + // If enableCodeSigning is changed to false without any change to unsigned package then + // the copy won't happen because of timestamps. So the target file needs file needs to + // be removed to avoid it. + File.remove(target); + File.copy(source, target); + } + } + return cmd; +} + +function createDebugKeyStoreCommandString(keytoolFilePath, keystoreFilePath, keystorePassword, + keyPassword, keyAlias) { + var args = ["-genkey", "-keystore", keystoreFilePath, "-alias", keyAlias, + "-storepass", keystorePassword, "-keypass", keyPassword, "-keyalg", "RSA", + "-keysize", "2048", "-validity", "10000", "-dname", + "CN=Android Debug,O=Android,C=US"]; + return Process.shellQuote(keytoolFilePath, args); +} |