mirror of
https://github.com/Divested-Mobile/DivestOS-Build.git
synced 2024-10-01 01:35:54 -04:00
Container: Scripted builds
I had a hard time following the [Build Guide](https://divestos.org/pages/build) and IMO a script does a much better job of removing the ambiguity and is more likely to be updated if it fails. Per https://github.com/Divested-Mobile/DivestOS-Website/issues/40 I think this script, as documentation, makes it much more clear what it means to "color in the lines" and suggests an efficient way of doing so. I'd like to update the Build Guide too, but I wanted to get your feedback on some of this first. The main thing I'm not thrilled with is that the workspace needs to be patched and reset twice (if I understand correctly). I got this notion from your guidance on a Reddit post a couple months back which I can't find now that Reddit seems to have taken down your content. Unfortunately I don't recall the details but the basic issue is that generating the signing keys was giving an error and the solution was to patch the workspace. But one of the workspace patching "phases" is to copy the keys to the kernel and this fails if the keys don't exist yet. So it's not clear how to get around doing this step twice. A couple notes on future work: - How to do incremental updates? There's no story on this yet and I haven't looked into it. - I found a wealth of information on building android in docker in this repository: https://github.com/lineageos4microg/docker-lineage-cicd. It might be worth considering trying to integrate DivestOS into that project or building on top of their image.
This commit is contained in:
ryneeverett
SkewedZeppelin
parent
8216403729
commit
3999fe1e1f
@ -28,6 +28,8 @@ RUN mkdir -p /home/$username/android \
|
||||
&& mkdir -p /home/$username/.ccache \
|
||||
&& chown $userid:$groupid /home/$username/.gitconfig /home/$username/android /home/$username/.ccache
|
||||
|
||||
COPY phase-*.sh /home/$username/
|
||||
|
||||
ENV HOME=/home/$username
|
||||
ENV USER=$username
|
||||
ENV USE_CCACHE=1
|
||||
|
||||
61
Container/README.md
Normal file
61
Container/README.md
Normal file
@ -0,0 +1,61 @@
|
||||
1. Build image
|
||||
|
||||
```sh
|
||||
./build-image-{podman,docker}.sh
|
||||
```
|
||||
|
||||
2. Run container
|
||||
|
||||
required arguments:
|
||||
- $1 - path where android build will end up
|
||||
|
||||
```sh
|
||||
mkdir android
|
||||
./run-image-{podman,docker}.sh "$(pwd)/Builds"
|
||||
```
|
||||
|
||||
3. Proceed with build
|
||||
|
||||
Either proceed manually (https://divestos.org/pages/build#init) or use the scripts:
|
||||
|
||||
a. Setup divestos-build
|
||||
|
||||
```sh
|
||||
# $1: version
|
||||
./phase-1.sh "20.0" |& tee phase-1.log
|
||||
```
|
||||
|
||||
b. Choose your options (optional)
|
||||
|
||||
```sh
|
||||
nano DivestOS/Scripts/init.sh
|
||||
```
|
||||
|
||||
c. Update description (optional)
|
||||
|
||||
```sh
|
||||
nano DivestOS/Scripts/Generate_Signing_Keys.sh
|
||||
```
|
||||
|
||||
d. Add vendor blobs
|
||||
|
||||
```sh
|
||||
githuborg="" # <-- put the correct github organization here
|
||||
sed -i "/github/s/\[COLOUR IN THE LINES\]/$githuborg/g" DivestOS/Build/LineageOS-20.0/.repo/local_manifests/local_manifest.xml
|
||||
gitlaborg="" # <-- put the correct gitlab organization here
|
||||
sed -i "/gitlab/s/\[COLOUR IN THE LINES\]/$gitlaborg/g" DivestOS/Build/LineageOS-20.0/.repo/local_manifests/local_manifest.xml
|
||||
```
|
||||
|
||||
e. Download and Build
|
||||
|
||||
```sh
|
||||
# $1: version
|
||||
# $2: device
|
||||
./phase-2.sh "20.0" "sailfish" |& tee phase-2.log
|
||||
```
|
||||
|
||||
Note: To read logs with rendered color codes, you can use `less -r phase-2.log`.
|
||||
|
||||
4. Proceed with Installation
|
||||
|
||||
The flashable builds are now located in the build directory path you assigned above and you're ready for [installation](https://divestos.org/pages/bootloader).
|
||||
44
Container/phase-1.sh
Executable file
44
Container/phase-1.sh
Executable file
@ -0,0 +1,44 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
version="$1" # (e.g. "20.0")
|
||||
|
||||
if [ "$1" = "" ]; then
|
||||
echo "Missing arguments"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Correctness
|
||||
set -exo pipefail
|
||||
umask 0022
|
||||
|
||||
# Clone
|
||||
git clone https://codeberg.org/divested-mobile/divestos-build.git DivestOS
|
||||
cd DivestOS
|
||||
|
||||
# Submodules
|
||||
sed -i 's|git@gitlab.com:|https://gitlab.com/|' .git/config .gitmodules
|
||||
git submodule update --init --recursive
|
||||
|
||||
# Basic directories
|
||||
mkdir -p "Build/LineageOS-$version/.repo/local_manifests" Builds Signing_Keys .Signing_Keys
|
||||
|
||||
# Encrypted key storage
|
||||
# TODO There is probably an alternative to gocryptfs which doesn't require a security
|
||||
# trade-off between giving the container more privileges and encrypting the keys.
|
||||
if modprobe fuse; then
|
||||
gocryptfs -init .Signing_Keys
|
||||
gocryptfs .Signing_Keys/ Signing_Keys/
|
||||
else
|
||||
echo "WARNING: gocryptfs failed. Signing keys will not be encrypted!"
|
||||
fi
|
||||
|
||||
# Update paths
|
||||
# https://backreference.org/2009/12/09/using-shell-variables-in-sed/index.html
|
||||
safe_pattern=$(printf '%s\n' "$(pwd)" | sed 's/[[\.*^$/]/\\&/g')
|
||||
sed -i "s/\(^export DOS_WORKSPACE_ROOT=\).*/\1\"$safe_pattern\"/" Scripts/init.sh
|
||||
safe_pattern=$(printf '%s\n' "$(pwd)/Builds" | sed 's/[[\.*^$/]/\\&/g')
|
||||
sed -i "s/\(^export DOS_BUILDS=\).*/\1\"$safe_pattern\"/" Scripts/init.sh
|
||||
|
||||
# Add the initial manifest
|
||||
cd "Build/LineageOS-$version/"
|
||||
cat "../../Manifests/Manifest_LAOS-$version.xml" > .repo/local_manifests/local_manifest.xml
|
||||
57
Container/phase-2.sh
Executable file
57
Container/phase-2.sh
Executable file
@ -0,0 +1,57 @@
|
||||
#!/usr/bin/env bash
|
||||
|
||||
set -exo pipefail
|
||||
|
||||
version="$1" # (e.g. "20.0")
|
||||
device="$2" # (e.g. "sailfish")
|
||||
|
||||
if [ "$2" = "" ]; then
|
||||
echo "Missing arguments"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
cd "DivestOS/Build/LineageOS-$version"
|
||||
|
||||
# Download
|
||||
repo init -u https://github.com/LineageOS/android.git -b "lineage-$version" --git-lfs
|
||||
repo forall --ignore-missing -vc "git reset --hard"
|
||||
repo sync --fail-fast
|
||||
|
||||
# Prepare workspace
|
||||
if [ "$(echo "$version < 20.0" | bc -l)" = 1 ]; then
|
||||
virtualenv venv --python=python2
|
||||
fi
|
||||
source ../../Scripts/init.sh
|
||||
|
||||
# Patch Workspace so keys can be generated.
|
||||
resetWorkspace
|
||||
rm -rf packages/apps/Fennec_DOS-Shim/ vendor/divested/ vendor/fdroid_prebuilt/ packages/apps/SupportDivestOS/
|
||||
rm -rf out
|
||||
patchWorkspace
|
||||
|
||||
# Generate signing keys
|
||||
if [ "$(echo "$version > 20.0" | bc -l)" = 1 ]; then
|
||||
awk -i inplace '!/enforce-product-packages-exist-internal/' vendor/lineage/config/common.mk
|
||||
fi
|
||||
source build/envsetup.sh
|
||||
breakfast "lineage_$device-user"
|
||||
make -j20 generate_verity_key
|
||||
sh "$DOS_WORKSPACE_ROOT/Scripts/Generate_Signing_Keys.sh" "$device"
|
||||
mv -nv "$DOS_SIGNING_KEYS/NEW/"* "$DOS_SIGNING_KEYS/"
|
||||
|
||||
# Patch Workspace
|
||||
resetWorkspace
|
||||
rm -rf packages/apps/Fennec_DOS-Shim/ vendor/divested/ vendor/fdroid_prebuilt/ packages/apps/SupportDivestOS/
|
||||
rm -rf out
|
||||
successpattern="\[SCRIPT COMPLETE\]"
|
||||
successes=$(patchWorkspace |& tee /dev/stderr | grep -c "$successpattern")
|
||||
|
||||
# Verify the changes applied
|
||||
expected=$(grep -c "$successpattern" "$DOS_WORKSPACE_ROOT/Logs/patchWorkspace-LineageOS-$version.log")
|
||||
if [ "$successes" != "$expected" ]; then
|
||||
echo "Expected $expected '[SCRIPT COMPLETE]' lines but only found $successes."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
# Build
|
||||
buildDevice "$device"
|
||||
Loading…
Reference in New Issue
Block a user