diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml
index c83be5af..7a32247d 100644
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -25,7 +25,7 @@ jobs:
# https://github.com/docker/login-action
- name: Log into registry ${{ env.REGISTRY }}
if: github.event_name != 'pull_request' && !startsWith(github.ref, 'refs/pull') && github.actor != 'dependabot[bot]'
- uses: docker/login-action@49ed152c8eca782a232dede0303416e8f356c37b
+ uses: docker/login-action@f4ef78c080cd8ba55a85445d5b36e214a81df20a
with:
registry: ${{ env.REGISTRY }}
username: ${{ secrets.DOCKERHUB_USERNAME }}
diff --git a/src/build.sh b/src/build.sh
index 97a8cd53..dff503f3 100755
--- a/src/build.sh
+++ b/src/build.sh
@@ -17,88 +17,13 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-set -eEuo pipefail
-
repo_log="$LOGS_DIR/repo-$(date +%Y%m%d).log"
# cd to working directory
cd "$SRC_DIR"
-if [ -f /root/userscripts/begin.sh ]; then
- echo ">> [$(date)] Running begin.sh"
- /root/userscripts/begin.sh || echo ">> [$(date)] Warning: begin.sh failed!"
-fi
-
-# If requested, clean the OUT dir in order to avoid clutter
-if [ "$CLEAN_OUTDIR" = true ]; then
- echo ">> [$(date)] Cleaning '$ZIP_DIR'"
- rm -rf "${ZIP_DIR:?}/"*
-fi
-
-# Treat DEVICE_LIST as DEVICE_LIST_
-first_branch=$(cut -d ',' -f 1 <<< "$BRANCH_NAME")
-if [ -n "$DEVICE_LIST" ]; then
- device_list_first_branch="DEVICE_LIST_${first_branch//[^[:alnum:]]/_}"
- device_list_first_branch=${device_list_first_branch^^}
- read -r "${device_list_first_branch?}" <<< "$DEVICE_LIST,${!device_list_first_branch:-}"
-fi
-
-# If needed, migrate from the old SRC_DIR structure
-if [ -d "$SRC_DIR/.repo" ]; then
- branch_dir=$(repo info -o | sed -ne 's/Manifest branch: refs\/heads\///p' | sed 's/[^[:alnum:]]/_/g')
- branch_dir=${branch_dir^^}
- echo ">> [$(date)] WARNING: old source dir detected, moving source from \"\$SRC_DIR\" to \"\$SRC_DIR/$branch_dir\""
- if [ -d "$branch_dir" ] && [ -z "$(ls -A "$branch_dir")" ]; then
- echo ">> [$(date)] ERROR: $branch_dir already exists and is not empty; aborting"
- fi
- mkdir -p "$branch_dir"
- find . -maxdepth 1 ! -name "$branch_dir" ! -path . -exec mv {} "$branch_dir" \;
-fi
-
-
-jobs_arg=()
-if [ -n "${PARALLEL_JOBS-}" ]; then
- if [[ "$PARALLEL_JOBS" =~ ^[1-9][0-9]*$ ]]; then
- jobs_arg+=( "-j$PARALLEL_JOBS" )
- else
- echo "PARALLEL_JOBS is not a positive number: $PARALLEL_JOBS"
- exit 1
- fi
-fi
-
-
-if [ "$LOCAL_MIRROR" = true ]; then
-
- cd "$MIRROR_DIR"
-
- if [ ! -d .repo ]; then
- echo ">> [$(date)] Initializing mirror repository" | tee -a "$repo_log"
- ( yes||: ) | repo init -u https://github.com/LineageOS/mirror --mirror --no-clone-bundle -p linux &>> "$repo_log"
- fi
-
- # Copy local manifests to the appropriate folder in order take them into consideration
- echo ">> [$(date)] Copying '$LMANIFEST_DIR/*.xml' to '.repo/local_manifests/'"
- mkdir -p .repo/local_manifests
- rsync -a --delete --include '*.xml' --exclude '*' "$LMANIFEST_DIR/" .repo/local_manifests/
-
- rm -f .repo/local_manifests/proprietary.xml
- if [ "$INCLUDE_PROPRIETARY" = true ]; then
- wget -q -O .repo/local_manifests/proprietary.xml "https://raw.githubusercontent.com/TheMuppets/manifests/mirror/default.xml"
- /root/build_manifest.py --remote "https://gitlab.com" --remotename "gitlab_https" \
- "https://gitlab.com/the-muppets/manifest/raw/mirror/default.xml" .repo/local_manifests/proprietary_gitlab.xml
- fi
-
- echo ">> [$(date)] Syncing mirror repository" | tee -a "$repo_log"
- repo sync "${jobs_arg[@]}" --force-sync --no-clone-bundle &>> "$repo_log"
-fi
-
for branch in ${BRANCH_NAME//,/ }; do
- branch_dir=${branch//[^[:alnum:]]/_}
- branch_dir=${branch_dir^^}
- device_list_cur_branch="DEVICE_LIST_$branch_dir"
- devices=${!device_list_cur_branch}
-
- if [ -n "$branch" ] && [ -n "$devices" ]; then
+ if [ -n "$branch" ]; then
vendor=lineage
apps_permissioncontroller_patch=""
modules_permission_patch=""
@@ -150,11 +75,7 @@ for branch in ${BRANCH_NAME//,/ }; do
android_version_major=$(cut -d '.' -f 1 <<< $android_version)
- mkdir -p "$SRC_DIR/$branch_dir"
- cd "$SRC_DIR/$branch_dir"
-
echo ">> [$(date)] Branch: $branch"
- echo ">> [$(date)] Devices: $devices"
# Remove previous changes of vendor/cm, vendor/lineage and frameworks/base (if they exist)
# TODO: maybe reset everything using https://source.android.com/setup/develop/repo#forall
@@ -167,29 +88,6 @@ for branch in ${BRANCH_NAME//,/ }; do
fi
done
- echo ">> [$(date)] (Re)initializing branch repository" | tee -a "$repo_log"
- if [ "$LOCAL_MIRROR" = true ]; then
- ( yes||: ) | repo init -u https://github.com/LineageOS/android.git --reference "$MIRROR_DIR" -b "$branch" &>> "$repo_log"
- else
- ( yes||: ) | repo init -u https://github.com/LineageOS/android.git -b "$branch" &>> "$repo_log"
- fi
-
- # Copy local manifests to the appropriate folder in order take them into consideration
- echo ">> [$(date)] Copying '$LMANIFEST_DIR/*.xml' to '.repo/local_manifests/'"
- mkdir -p .repo/local_manifests
- rsync -a --delete --include '*.xml' --exclude '*' "$LMANIFEST_DIR/" .repo/local_manifests/
-
- rm -f .repo/local_manifests/proprietary.xml
- if [ "$INCLUDE_PROPRIETARY" = true ]; then
- wget -q -O .repo/local_manifests/proprietary.xml "https://raw.githubusercontent.com/TheMuppets/manifests/$themuppets_branch/muppets.xml"
- /root/build_manifest.py --remote "https://gitlab.com" --remotename "gitlab_https" \
- "https://gitlab.com/the-muppets/manifest/raw/$themuppets_branch/muppets.xml" .repo/local_manifests/proprietary_gitlab.xml
- fi
-
- echo ">> [$(date)] Syncing branch repository" | tee -a "$repo_log"
- builddate=$(date +%Y%m%d)
- repo sync "${jobs_arg[@]}" -c --force-sync &>> "$repo_log"
-
if [ ! -d "vendor/$vendor" ]; then
echo ">> [$(date)] Missing \"vendor/$vendor\", aborting"
exit 1
@@ -214,10 +112,10 @@ for branch in ${BRANCH_NAME//,/ }; do
if [ "$SIGNATURE_SPOOFING" = "yes" ]; then
echo ">> [$(date)] Applying the standard signature spoofing patch ($frameworks_base_patch) to frameworks/base"
echo ">> [$(date)] WARNING: the standard signature spoofing patch introduces a security threat"
- patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$frameworks_base_patch"
+ patch --quiet --force -p1 -i "$MICROG_DIR/signature_spoofing_patches/$frameworks_base_patch"
else
echo ">> [$(date)] Applying the restricted signature spoofing patch (based on $frameworks_base_patch) to frameworks/base"
- sed 's/android:protectionLevel="dangerous"/android:protectionLevel="signature|privileged"/' "/root/signature_spoofing_patches/$frameworks_base_patch" | patch --quiet --force -p1
+ sed 's/android:protectionLevel="dangerous"/android:protectionLevel="signature|privileged"/' "$MICROG_DIR/signature_spoofing_patches/$frameworks_base_patch" | patch --quiet --force -p1
fi
git clean -q -f
cd ../..
@@ -225,7 +123,7 @@ for branch in ${BRANCH_NAME//,/ }; do
if [ -n "$apps_permissioncontroller_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then
cd packages/apps/PermissionController
echo ">> [$(date)] Applying the apps/PermissionController patch ($apps_permissioncontroller_patch) to packages/apps/PermissionController"
- patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$apps_permissioncontroller_patch"
+ patch --quiet --force -p1 -i "$MICROG_DIR/signature_spoofing_patches/$apps_permissioncontroller_patch"
git clean -q -f
cd ../../..
fi
@@ -233,19 +131,16 @@ for branch in ${BRANCH_NAME//,/ }; do
if [ -n "$modules_permission_patch" ] && [ "$SIGNATURE_SPOOFING" = "yes" ]; then
cd packages/modules/Permission
echo ">> [$(date)] Applying the modules/Permission patch ($modules_permission_patch) to packages/modules/Permission"
- patch --quiet --force -p1 -i "/root/signature_spoofing_patches/$modules_permission_patch"
+ patch --quiet --force -p1 -i "$MICROG_DIR/signature_spoofing_patches/$modules_permission_patch"
git clean -q -f
cd ../../..
fi
# Override device-specific settings for the location providers
mkdir -p "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/"
- cp /root/signature_spoofing_patches/frameworks_base_config.xml "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/config.xml"
+ cp $MICROG_DIR/signature_spoofing_patches/frameworks_base_config.xml "vendor/$vendor/overlay/microg/frameworks/base/core/res/res/values/config.xml"
fi
- echo ">> [$(date)] Setting \"$RELEASE_TYPE\" as release type"
- sed -i "/\$(filter .*\$(${vendor^^}_BUILDTYPE)/,/endif/d" "$makefile_containing_version"
-
# Set a custom updater URI if a OTA URL is provided
echo ">> [$(date)] Adding OTA URL overlay (for custom URL $OTA_URL)"
if [ -n "$OTA_URL" ]; then
@@ -254,10 +149,10 @@ for branch in ${BRANCH_NAME//,/ }; do
if grep -q updater_server_url packages/apps/Updater/res/values/strings.xml; then
# "New" updater configuration: full URL (with placeholders {device}, {type} and {incr})
- sed "s|{name}|updater_server_url|g; s|{url}|$OTA_URL/v1/{device}/{type}/{incr}|g" /root/packages_updater_strings.xml > "$updater_url_overlay_dir/strings.xml"
+ sed "s|{name}|updater_server_url|g; s|{url}|$OTA_URL/v1/{device}/{type}/{incr}|g" $MICROG_DIR/packages_updater_strings.xml > "$updater_url_overlay_dir/strings.xml"
elif grep -q conf_update_server_url_def packages/apps/Updater/res/values/strings.xml; then
# "Old" updater configuration: just the URL
- sed "s|{name}|conf_update_server_url_def|g; s|{url}|$OTA_URL|g" /root/packages_updater_strings.xml > "$updater_url_overlay_dir/strings.xml"
+ sed "s|{name}|conf_update_server_url_def|g; s|{url}|$OTA_URL|g" $MICROG_DIR/packages_updater_strings.xml > "$updater_url_overlay_dir/strings.xml"
else
echo ">> [$(date)] ERROR: no known Updater URL property found"
exit 1
@@ -282,149 +177,5 @@ for branch in ${BRANCH_NAME//,/ }; do
sed -i "1s;^;PRODUCT_DEFAULT_DEV_CERTIFICATE := user-keys/releasekey\nPRODUCT_OTA_PUBLIC_KEYS := user-keys/releasekey\n\n;" "vendor/$vendor/config/common.mk"
fi
fi
-
- # Prepare the environment
- echo ">> [$(date)] Preparing build environment"
- set +eu
- # shellcheck source=/dev/null
- source build/envsetup.sh > /dev/null
- set -eu
-
- if [ -f /root/userscripts/before.sh ]; then
- echo ">> [$(date)] Running before.sh"
- /root/userscripts/before.sh || echo ">> [$(date)] Warning: before.sh failed!"
- fi
-
- for codename in ${devices//,/ }; do
- if [ -n "$codename" ]; then
-
- if [ "$BUILD_OVERLAY" = true ]; then
- lowerdir=$SRC_DIR/$branch_dir
- upperdir=$TMP_DIR/device
- workdir=$TMP_DIR/workdir
- merged=$TMP_DIR/merged
- mkdir -p "$upperdir" "$workdir" "$merged"
- mount -t overlay overlay -o lowerdir="$lowerdir",upperdir="$upperdir",workdir="$workdir" "$merged"
- source_dir="$TMP_DIR/merged"
- else
- source_dir="$SRC_DIR/$branch_dir"
- fi
- cd "$source_dir"
-
- if [ "$ZIP_SUBDIR" = true ]; then
- zipsubdir=$codename
- mkdir -p "$ZIP_DIR/$zipsubdir"
- else
- zipsubdir=
- fi
- if [ "$LOGS_SUBDIR" = true ]; then
- logsubdir=$codename
- mkdir -p "$LOGS_DIR/$logsubdir"
- else
- logsubdir=
- fi
-
- DEBUG_LOG="$LOGS_DIR/$logsubdir/lineage-$los_ver-$builddate-$RELEASE_TYPE-$codename.log"
-
- set +eu
- breakfast "$codename" "$BUILD_TYPE" &>> "$DEBUG_LOG"
- breakfast_returncode=$?
- set -eu
- if [ $breakfast_returncode -ne 0 ]; then
- echo ">> [$(date)] breakfast failed for $codename, $branch branch" | tee -a "$DEBUG_LOG"
- continue
- fi
-
- if [ -f /root/userscripts/pre-build.sh ]; then
- echo ">> [$(date)] Running pre-build.sh for $codename" >> "$DEBUG_LOG"
- /root/userscripts/pre-build.sh "$codename" &>> "$DEBUG_LOG" || echo ">> [$(date)] Warning: pre-build.sh failed!"
- fi
-
- # Start the build
- echo ">> [$(date)] Starting build for $codename, $branch branch" | tee -a "$DEBUG_LOG"
- build_successful=false
- if (set +eu ; mka "${jobs_arg[@]}" bacon) &>> "$DEBUG_LOG"; then
-
- # Move produced ZIP files to the main OUT directory
- echo ">> [$(date)] Moving build artifacts for $codename to '$ZIP_DIR/$zipsubdir'" | tee -a "$DEBUG_LOG"
- cd out/target/product/"$codename"
- for build in lineage-*.zip; do
- sha256sum "$build" > "$ZIP_DIR/$zipsubdir/$build.sha256sum"
- md5sum "$build" > "$ZIP_DIR/$zipsubdir/$build.md5sum"
- cp -v system/build.prop "$ZIP_DIR/$zipsubdir/$build.prop" &>> "$DEBUG_LOG"
- mv "$build" "$ZIP_DIR/$zipsubdir/" &>> "$DEBUG_LOG"
- done
- recovery_name="lineage-$los_ver-$builddate-$RELEASE_TYPE-$codename-recovery.img"
- for image in recovery boot; do
- if [ -f "$image.img" ]; then
- cp "$image.img" "$ZIP_DIR/$zipsubdir/$recovery_name"
- break
- fi
- done &>> "$DEBUG_LOG"
- cd "$source_dir"
- build_successful=true
- else
- echo ">> [$(date)] Failed build for $codename" | tee -a "$DEBUG_LOG"
- fi
-
- # Remove old zips and logs
- if [ "$DELETE_OLD_ZIPS" -gt "0" ]; then
- if [ "$ZIP_SUBDIR" = true ]; then
- /usr/bin/python /root/clean_up.py -n "$DELETE_OLD_ZIPS" -V "$los_ver" -N 1 "$ZIP_DIR/$zipsubdir"
- else
- /usr/bin/python /root/clean_up.py -n "$DELETE_OLD_ZIPS" -V "$los_ver" -N 1 -c "$codename" "$ZIP_DIR"
- fi
- fi
- if [ "$DELETE_OLD_LOGS" -gt "0" ]; then
- if [ "$LOGS_SUBDIR" = true ]; then
- /usr/bin/python /root/clean_up.py -n "$DELETE_OLD_LOGS" -V "$los_ver" -N 1 "$LOGS_DIR/$logsubdir"
- else
- /usr/bin/python /root/clean_up.py -n "$DELETE_OLD_LOGS" -V "$los_ver" -N 1 -c "$codename" "$LOGS_DIR"
- fi
- fi
- if [ -f /root/userscripts/post-build.sh ]; then
- echo ">> [$(date)] Running post-build.sh for $codename" >> "$DEBUG_LOG"
- /root/userscripts/post-build.sh "$codename" $build_successful &>> "$DEBUG_LOG" || echo ">> [$(date)] Warning: post-build.sh failed!"
- fi
- echo ">> [$(date)] Finishing build for $codename" | tee -a "$DEBUG_LOG"
-
- if [ "$BUILD_OVERLAY" = true ]; then
- # The Jack server must be stopped manually, as we want to unmount $TMP_DIR/merged
- cd "$TMP_DIR"
- if [ -f "$TMP_DIR/merged/prebuilts/sdk/tools/jack-admin" ]; then
- "$TMP_DIR/merged/prebuilts/sdk/tools/jack-admin kill-server" &> /dev/null || true
- fi
- lsof | grep "$TMP_DIR/merged" | awk '{ print $2 }' | sort -u | xargs -r kill &> /dev/null || true
-
- while lsof | grep -q "$TMP_DIR"/merged; do
- sleep 1
- done
-
- umount "$TMP_DIR/merged"
- fi
-
- if [ "$CLEAN_AFTER_BUILD" = true ]; then
- echo ">> [$(date)] Cleaning source dir for device $codename" | tee -a "$DEBUG_LOG"
- if [ "$BUILD_OVERLAY" = true ]; then
- cd "$TMP_DIR"
- rm -rf ./* || true
- else
- cd "$source_dir"
- (set +eu ; mka "${jobs_arg[@]}" clean) &>> "$DEBUG_LOG"
- fi
- fi
-
- fi
- done
-
fi
done
-
-if [ "$DELETE_OLD_LOGS" -gt "0" ]; then
- find "$LOGS_DIR" -maxdepth 1 -name 'repo-*.log' | sort | head -n -"$DELETE_OLD_LOGS" | xargs -r rm || true
-fi
-
-if [ -f /root/userscripts/end.sh ]; then
- echo ">> [$(date)] Running end.sh"
- /root/userscripts/end.sh || echo ">> [$(date)] Warning: end.sh failed!"
-fi
diff --git a/src/build_manifest.py b/src/build_manifest.py
index 7d38c79d..bb762fe1 100755
--- a/src/build_manifest.py
+++ b/src/build_manifest.py
@@ -53,7 +53,7 @@
if args.remote:
attributes["remote"] = args.remotename
-
+
if "revision" in child.attrib:
attributes["revision"] = child.attrib["revision"]
diff --git a/src/init.sh b/src/init.sh
index fb6e014b..143f2d31 100755
--- a/src/init.sh
+++ b/src/init.sh
@@ -17,29 +17,28 @@
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-set -eEuo pipefail
+export SIGN_BUILDS=false
+export SRC_DIR=/opt/lineageOS
+export MICROG_DIR=/extra/microG/src
+export BRANCH_NAME=lineage-19.1
+export DEVICE_LIST=FP3
+export SIGNATURE_SPOOFING=restricted
+export CUSTOM_PACKAGES='GmsCore GsfProxy FakeStore MozillaNlpBackend NominatimNlpBackend com.google.android.maps.jar FDroid FDroidPrivilegedExtension'
-# Copy the user scripts
-mkdir -p /root/userscripts
-cp -r "$USERSCRIPTS_DIR"/. /root/userscripts
-find /root/userscripts ! -type d ! -user root -exec echo ">> [$(date)] {} is not owned by root, removing" \; -exec rm {} \;
-find /root/userscripts ! -type d -perm /g=w,o=w -exec echo ">> [$(date)] {} is writable by non-root users, removing" \; -exec rm {} \;
+export RELEASE_TYPE=userdebug
+export ZIP_DIR=/tmp/microG/out
+export LOGS_DIR=/tmp/microG/logs
+export INCLUDE_PROPRIETARY=true
-# Initialize CCache if it will be used
-if [ "$USE_CCACHE" = 1 ]; then
- ccache -M "$CCACHE_SIZE" 2>&1
-fi
-
-# Initialize Git user information
-git config --global user.name "$USER_NAME"
-git config --global user.email "$USER_MAIL"
+mkdir -p $ZIP_DIR
+mkdir -p $LOGS_DIR
if [ "$SIGN_BUILDS" = true ]; then
if [ -z "$(ls -A "$KEYS_DIR")" ]; then
echo ">> [$(date)] SIGN_BUILDS = true but empty \$KEYS_DIR, generating new keys"
for c in releasekey platform shared media networkstack sdk_sandbox bluetooth; do
echo ">> [$(date)] Generating $c..."
- /root/make_key "$KEYS_DIR/$c" "$KEYS_SUBJECT" <<< '' &> /dev/null
+ $MICROG_DIR/make_key "$KEYS_DIR/$c" "$KEYS_SUBJECT" <<< '' &> /dev/null
done
else
for c in releasekey platform shared media networkstack; do
@@ -67,17 +66,4 @@ if [ "$SIGN_BUILDS" = true ]; then
done
fi
-if [ "$CRONTAB_TIME" = "now" ]; then
- /root/build.sh
-else
- # Initialize the cronjob
- cronFile=/tmp/buildcron
- printf "SHELL=/bin/bash\n" > $cronFile
- printenv -0 | sed -e 's/=\x0/=""\n/g' | sed -e 's/\x0/\n/g' | sed -e "s/_=/PRINTENV=/g" >> $cronFile
- printf '\n%s /usr/bin/flock -n /var/lock/build.lock /root/build.sh >> /var/log/docker.log 2>&1\n' "$CRONTAB_TIME" >> $cronFile
- crontab $cronFile
- rm $cronFile
-
- # Run crond in foreground
- cron -f 2>&1
-fi
+$MICROG_DIR/build.sh
diff --git a/src/signature_spoofing_patches/packages_apps_PermissionController-R.patch b/src/signature_spoofing_patches/packages_apps_PermissionController-R.patch
deleted file mode 100644
index afd7ed56..00000000
--- a/src/signature_spoofing_patches/packages_apps_PermissionController-R.patch
+++ /dev/null
@@ -1,19 +0,0 @@
---- a/src/com/android/permissioncontroller/permission/utils/Utils.java
-+++ b/src/com/android/permissioncontroller/permission/utils/Utils.java
-@@ -23,6 +23,7 @@
- import static android.Manifest.permission_group.CALL_LOG;
- import static android.Manifest.permission_group.CAMERA;
- import static android.Manifest.permission_group.CONTACTS;
-+import static android.Manifest.permission_group.FAKE_PACKAGE;
- import static android.Manifest.permission_group.LOCATION;
- import static android.Manifest.permission_group.MICROPHONE;
- import static android.Manifest.permission_group.PHONE;
-@@ -209,6 +210,8 @@
-
- PLATFORM_PERMISSIONS.put(Manifest.permission.BODY_SENSORS, SENSORS);
-
-+ PLATFORM_PERMISSIONS.put(Manifest.permission.FAKE_PACKAGE_SIGNATURE, FAKE_PACKAGE);
-+
- PLATFORM_PERMISSION_GROUPS = new ArrayMap<>();
- int numPlatformPermissions = PLATFORM_PERMISSIONS.size();
- for (int i = 0; i < numPlatformPermissions; i++) {