[Replicant] Draft patch for "F-Droid signed Repwifi" issue

[Denis 'GNUtoo' Carikli]

On Tue, 28 Aug 2018 18:53:00 +0000
Joonas Kylmälä <joonas.kylmala at iki.fi> wrote:

> Hi,
> 
> I tried to draft patches for the RepWifi ticket over here:
> https://redmine.replicant.us/issues/1887. Please see them as
> attachments.
Thanks a lot for working on that. I've some comments below on the patch.

> gpg --armor --verify
> $BASEDIR/prebuilt/common/apps/fil.libre.repwifiapp_9.apk.asc
> $BASEDIR/prebuilt/common/apps/fil.libre.repwifiapp_9.apk
This will need to be made automatic, else users will have a build
failure if they don't have the public key used to sign the apk in their
keyring. If making it automatic is too much time consuming, we could
also add some instructions to fetch that key as part of the wiki pages
on how to build Replicant.

> -  <project path="packages/apps/RepWifi"
>     name="replicant/packages_apps_repwifi.git" remote="replicant" />
If it's doesn't take that much time, you could also keep the RepWiFi
repository and let Replicant build it. When the apk is built, the build
system would either swap Replicant's signature with F-droid's
signature, or if there is no signature, add F-droid's signature to the
package. Since f-droid is working on reproducible builds[1], this might
work. If it doesn't work or if you don't have the time to test that,
removing the RepWiFi source and using the official apk as you did in
this patch also work.

References:
-----------
[1]https://f-droid.org/docs/Reproducible_Builds/?title=Deterministic,_Reproducible_Builds

Denis.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.osuosl.org/pipermail/replicant/attachments/20180903/a5c43458/attachment.asc>