Open Giszmo opened 2 years ago
I also want this feature because I'd like to fork the open source code and work on the project.
@pointbiz here almost complete build instructions (as there is build failure) to compile latest version in git 2.0.2 which is the latest commit: https://github.com/rsksmart/rwallet/commit/04c2694cb757a78cf9a7533ca6f7364252823553 this version isn't released in google-play or via github release yet, opened issue about it at: #728
Run podman build --pull --rm -t rwallet2_build_apk_deb -f ContainerFileDeb
ContainerFileDeb file content:
FROM debian:sid-slim
RUN set -ex; \
mkdir -p /usr/share/man/man1/; \
apt-get update; \
DEBIAN_FRONTEND=noninteractive apt-get install --yes -o APT::Install-Suggests=false --no-install-recommends \
npm \
git \
binutils \
openjdk-11-jdk ; \
rm -rf /var/lib/apt/lists/*; \
useradd -ms /bin/bash appuser;
USER appuser
ENV NODE_ENV="development" \
ANDROID_SDK_ROOT="/home/appuser/app/sdk/" \
ANDROID_HOME="/home/appuser/app/sdk/"
RUN set -ex; \
mkdir -p "/home/appuser/app/sdk/licenses" "/home/appuser/app/"; \
printf "\n24333f8a63b6825ea9c5514f83c2829b004d1fee" > "/home/appuser/app/sdk/licenses/android-sdk-license"; \
cd /home/appuser/app/; \
git clone https://github.com/rsksmart/rwallet/;
WORKDIR /home/appuser/app/rwallet/
RUN set -ex; \
git checkout 04c2694cb757a78cf9a7533ca6f7364252823553; \
cd ./android; \
keytool -genkey -alias rwallet_alias -keystore /home/appuser/app/rwallet/android/app/rwallet.pfx -storetype PKCS12 -keyalg RSA -keysize 4096 -storepass rwallet_alias -keypass rwallet_alias -validity 10000 -dname CN=IL;
# json taken from https://github.com/blockchain/My-Wallet-V3-Android/blob/75ebe718cb99c6d302efb90447f1719973deb93f/scripts/quick_start.sh#L7-L46 just changed package_name to com.rsk.rwallet.v2
# Values in .env file are from APK: assets/index.android.bundle file.
RUN set -ex; \
echo 'PARSE_SERVER_URL=https://rwallet.app/v1\n\
RWALLET_API_KEY=0718353e-a003-4692-bbd0-fb4d4b122a1d\n\
RWALLET_ENV=' > /home/appuser/app/rwallet/.env; \
echo '\n\
MYAPP_UPLOAD_STORE_FILE=rwallet.pfx\n\
MYAPP_UPLOAD_KEY_ALIAS=rwallet_alias\n\
MYAPP_UPLOAD_STORE_PASSWORD=rwallet_alias\n\
MYAPP_UPLOAD_KEY_PASSWORD=rwallet_alias\n\
' >> /home/appuser/app/rwallet/android/gradle.properties; \
echo "{\
\"project_info\": {\
\"project_number\": \"623252783566\",\
\"firebase_url\": \"https://blockchaintest-ecd1c.firebaseio.com\",\
\"project_id\": \"blockchaintest-ecd1c\",\
\"storage_bucket\": \"blockchaintest-ecd1c.appspot.com\"\
},\
\"client\": [\
{\
\"client_info\": {\
\"mobilesdk_app_id\": \"1:623252783566:android:02baff6e6c46ed96232b9f\",\
\"android_client_info\": {\
\"package_name\": \"com.rsk.rwallet.v2\"\
}\
},\
\"oauth_client\": [\
{\
\"client_id\": \"623252783566-o6j47jlpan97fnibnr0vosvc4lh71sm1.apps.googleusercontent.com\",\
\"client_type\": 3\
}\
],\
\"api_key\": [\
{\
\"current_key\": \"INSERT KEY HERE\"\
}\
],\
\"services\": {\
\"appinvite_service\": {\
\"other_platform_oauth_client\": [\
{\
\"client_id\": \"623252783566-o6j47jlpan97fnibnr0vosvc4lh71sm1.apps.googleusercontent.com\",\
\"client_type\": 3\
}\
]\
}\
}\
}\
],\
\"configuration_version\": \"1\"\
}" > /home/appuser/app/rwallet/android/app/google-services.json;
Run:
podman run --rm --name rwallet2_build_apk_deb -ti rwallet2_build_apk_deb
in container run commands:
npm install --no-audit --no-fund;
cd /home/appuser/app/rwallet/android/;
sed -i 's/android:minSdkVersion="16" //g' /home/appuser/app/rwallet/node_modules/react-native-i18n/android/src/main/AndroidManifest.xml;
sed -i '/buildToolsVersion/a lintOptions {\ncheckReleaseBuilds false\nabortOnError false\n}' /home/appuser/app/rwallet/android/app/build.gradle;
./gradlew assembleRelease;
There error in:
Execution failed for task ':react-native-camera:extractGeneralReleaseAnnotations'.
Caused by: java.lang.NullPointerException
Is your feature request related to a problem? Please describe.
Not all users can configure and compile their own app. Most default to installing what is on Google Play, making this a lucrative target for thieves. If the release manager is compromised, not even team members can sound the alarm before all wallets get emptied.
Describe the solution you'd like
Please implement internal routines to reproduce release candidates and check what actually gets released using reproducible builds.
Please allow the public to also do these checks.
Additional context/Screenshots
I track Bitcoin wallets and their reproducibility and currently failed to reproduce RWallet due to missing
.env
file and a way of producing unsigned builds.