#!/bin/bash

set -e # quit script on error

echo_header() {
    { echo -e "==============================================================================\n$1"; } 2>/dev/null
}

get_fdroid_apk_filename() {
    if [ -z $aapt ]; then
        python3 -c "from androguard.core.bytecodes.apk import APK; a=APK('$1'); print(a.package+'_'+a.get_androidversion_code()+'.apk')"
    else
        $aapt dump badging "$1" | sed -n "s,^package: name='\(.*\)' versionCode='\([0-9][0-9]*\)' .*,\1_\2.apk,p"
    fi
}

copy_apks_into_repo() {
    set +x
    find $APKDIR -type f -name '*.apk' -print0 | while IFS= read -r -d '' f; do
        echo $f | grep -F -v -e unaligned -e unsigned -e badsig -e badcert -e bad-unicode -e janus.apk || continue
        apk=`get_fdroid_apk_filename "$f"`
        test "$f" -nt repo/$apk && rm -f repo/$apk  # delete existing if $f is newer
        if [ ! -e repo/$apk ] && [ ! -e archive/$apk ]; then
            echo "$f --> repo/$apk"
            ln "$f" $1/repo/$apk || \
                rsync -axv "$f" $1/repo/$apk # rsync if hard link is not possible
        fi
    done
    set -x
}

# keep this as an old version to test the automatic parsing of build-tools
# verion numbers in `fdroid init`
create_fake_android_home() {
    mkdir $1/tools
    mkdir $1/platform-tools
    mkdir $1/build-tools
    mkdir $1/build-tools/19.0.2
    touch $1/build-tools/19.0.2/aapt
}

create_test_dir() {
    test -e $WORKSPACE/.testfiles || mkdir $WORKSPACE/.testfiles
    mktemp -d $WORKSPACE/.testfiles/run-tests.XXXX
}

create_test_file() {
    test -e $WORKSPACE/.testfiles || mkdir $WORKSPACE/.testfiles
    TMPDIR=$WORKSPACE/.testfiles  mktemp
}

fdroid_init_with_prebuilt_keystore() {
    if [ -z "$1" ]; then
        keystore=$WORKSPACE/tests/keystore.jks
    else
        keystore="$1"
    fi
    $fdroid init --keystore $keystore --repo-keyalias=sova
    echo 'keystorepass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py
    echo 'keypass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py
}

# the < is reverse since 0 means success in exit codes
have_git_2_3() {
    python3 -c "import sys; from distutils.version import LooseVersion as V; sys.exit(V(sys.argv[3]) < V('2.3'))" `git --version`
}

is_MD5_disabled() {
    javac $WORKSPACE/tests/IsMD5Disabled.java && java -cp $WORKSPACE/tests IsMD5Disabled
    return $?
}

#------------------------------------------------------------------------------#
# "main"

if [ "$1" = "-h" ] || [ "$1" = "--help" ]; then
    set +x
    echo "Usage: $0 '/path/to/folder/with/apks'"
    exit 1
fi

if [ -z "$ANDROID_HOME" ]; then
    if python3 -c "import androguard"; then
        echo "ANDROID_HOME is not set, using androguard"
    else
        echo "ERROR: ANDROID_HOME is not set, androguard is not available!"
        exit 1
    fi
else
    echo "Using ANDROID_HOME=$ANDROID_HOME"
fi

if [ -d tests ]; then
    cd tests
fi

if [ -z "$1" ]; then
    APKDIR=`pwd`
else
    APKDIR=$1
fi
if [ ! -d "$APKDIR" ]; then
    echo "ERROR: '$APKDIR' does not exist!"
    exit 1
fi

if [ -z $WORKSPACE ]; then
    WORKSPACE=`dirname $(pwd)`
    echo "Setting Workspace to $WORKSPACE"
fi

# allow the location of the script to be overridden
if [ -z $fdroid ]; then
    fdroid="$WORKSPACE/fdroid"
fi

# allow the location of aapt to be overridden
if [ -z $aapt ]; then
    aapt=`ls -1 $ANDROID_HOME/build-tools/*/aapt 2> /dev/null | sort | tail -1`
fi

# try to use GNU sed on OSX/BSD cuz BSD sed sucks
if which gsed; then
    sed=gsed
else
    sed=sed
fi

set -x # show each command as it is executed

#------------------------------------------------------------------------------#
echo_header "run commit hooks"

cd $WORKSPACE
test -x ./hooks/pre-commit && ./hooks/pre-commit


#------------------------------------------------------------------------------#
echo_header "test python getsig replacement"

cd $WORKSPACE/tests/getsig
./make.sh

cd $WORKSPACE/tests
for testcase in $WORKSPACE/tests/*.TestCase; do
    if [ $testcase == $WORKSPACE/tests/install.TestCase ]; then
        echo "skipping install.TestCase, its too troublesome in CI builds"
        continue
    fi
    $testcase
done


#------------------------------------------------------------------------------#
echo_header "print fdroid version"

$fdroid --version


#------------------------------------------------------------------------------#
echo_header 'run process when building and signing are on separate machines'

if which zipalign || ls -1 $ANDROID_HOME/build-tools/*/zipalign; then
    REPOROOT=`create_test_dir`
    cd $REPOROOT
    cp $WORKSPACE/tests/keystore.jks $REPOROOT/
    $fdroid init --keystore keystore.jks --repo-keyalias=sova
    echo 'keystorepass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py
    echo 'keypass = "r9aquRHYoI8+dYz6jKrLntQ5/NJNASFBacJh7Jv2BlI="' >> config.py
    echo 'keydname = "CN=Birdman, OU=Cell, O=Alcatraz, L=Alcatraz, S=California, C=US"' >> config.py
    test -d archive || mkdir archive
    test -d metadata || mkdir metadata
    cp $WORKSPACE/tests/metadata/info.guardianproject.urzip.yml metadata/
    test -d repo || mkdir repo
    test -d unsigned || mkdir unsigned
    cp $WORKSPACE/tests/urzip-release-unsigned.apk unsigned/info.guardianproject.urzip_100.apk
    $fdroid publish --verbose
    $fdroid update --verbose --nosign
    $fdroid signindex --verbose
    test -e repo/index.xml
    test -e repo/index.jar
    test -e repo/index-v1.jar
    test -e tmp/apkcache.json
    ! test -z tmp/apkcache.json
    test -L urzip.apk
    grep -F '<application id=' repo/index.xml > /dev/null
fi

#------------------------------------------------------------------------------#
echo_header "test UTF-8 metadata"

REPOROOT=`create_test_dir`
cd $REPOROOT

fdroid_init_with_prebuilt_keystore
$sed -i.tmp 's,^ *repo_description.*,repo_description = """获取已安装在您的设备上的应用的,' config.py
echo "mirrors = ('https://foo.bar/fdroid', 'http://secret.onion/fdroid')" >> config.py
mkdir metadata
cp $WORKSPACE/tests/urzip.apk $WORKSPACE/tests/bad-unicode*.apk repo/
cp $WORKSPACE/tests/metadata/info.guardianproject.urzip.yml metadata/

$fdroid readmeta
$fdroid update


#------------------------------------------------------------------------------#
echo_header 'run "fdroid build" in fresh git checkout from import.TestCase'

cd $WORKSPACE/tests/tmp/importer
git remote update -p
git clean -fdx
# stick with known working commit, in case future commits break things for this code
git reset --hard fea54e1161d5eb9eb1a54e26253ef84d3ab63705
if [ -d $ANDROID_HOME/platforms/android-23 && -d $ANDROID_HOME/build-tools/23.0.3 ]; then
    $fdroid build --verbose org.fdroid.ci.test.app:300
else
    echo 'WARNING: Skipping "fdroid build" test since android-23 is missing!'
fi

#------------------------------------------------------------------------------#
echo_header 'copy git import and run "fdroid scanner" on it'

REPOROOT=`create_test_dir`
cd $REPOROOT
cp $WORKSPACE/examples/fdroid-icon.png $REPOROOT/
mkdir metadata
echo "AutoName: Just A Test" > metadata/org.fdroid.ci.test.app.yml
echo "WebSite: " >> metadata/org.fdroid.ci.test.app.yml
echo "Builds:" >> metadata/org.fdroid.ci.test.app.yml
echo " - versionName: 0.3" >> metadata/org.fdroid.ci.test.app.yml
echo "   versionCode: 300" >> metadata/org.fdroid.ci.test.app.yml
echo "   commit: 0.3" >> metadata/org.fdroid.ci.test.app.yml
echo "   subdir: app" >> metadata/org.fdroid.ci.test.app.yml
echo "   gradle:" >> metadata/org.fdroid.ci.test.app.yml
echo "     - yes" >> metadata/org.fdroid.ci.test.app.yml
echo "" >> metadata/org.fdroid.ci.test.app.yml
echo "Repo: https://gitlab.com/fdroid/ci-test-app.git" >> metadata/org.fdroid.ci.test.app.yml
echo "RepoType: git" >> metadata/org.fdroid.ci.test.app.yml
mkdir build
cp -a $WORKSPACE/tests/tmp/importer build/org.fdroid.ci.test.app
ls -l build/org.fdroid.ci.test.app
$fdroid scanner org.fdroid.ci.test.app --verbose


#------------------------------------------------------------------------------#
echo_header "copy tests/repo, generate java/gpg keys, update, and gpgsign"

REPOROOT=`create_test_dir`
GNUPGHOME=$REPOROOT/gnupghome
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
cp -a $WORKSPACE/tests/metadata $WORKSPACE/tests/repo $WORKSPACE/tests/stats $REPOROOT/
cp -a $WORKSPACE/tests/gnupghome $GNUPGHOME
chmod 0700 $GNUPGHOME
echo "install_list = 'org.adaway'" >> config.py
echo "uninstall_list = ('com.android.vending', 'com.facebook.orca',)" >> config.py
echo "gpghome = '$GNUPGHOME'" >> config.py
echo "gpgkey = 'CE71F7FB'" >> config.py
echo "mirrors = ('http://foobarfoobarfoobar.onion/fdroid','https://foo.bar/fdroid',)" >> config.py
$fdroid update --verbose --pretty
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
grep -F '<application id=' repo/index.xml > /dev/null
grep -F '<install packageName=' repo/index.xml > /dev/null
grep -F '<uninstall packageName=' repo/index.xml > /dev/null
# OSX tests are run on Travis-CI, and gpg fails to launch gpg-agent there
if [ "$TRAVIS_OS_NAME" != "osx" ] && which gpg; then
    $fdroid gpgsign --verbose
    $fdroid gpgsign --verbose
    test -e repo/obb.mainpatch.current_1619.apk.asc
    test -e repo/obb.main.twoversions_1101617_src.tar.gz.asc
    ! test -e repo/obb.mainpatch.current_1619.apk.asc.asc
    ! test -e repo/obb.main.twoversions_1101617_src.tar.gz.asc.asc
    ! test -e repo/index.xml.asc
fi

v0timestamp=`$sed -n -e 's,.*timestamp="\([0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]\)".*,\1,p' repo/index.xml`
v1timestamp=`$sed -n -e 's,.*"timestamp": \([0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9][0-9]\).*,\1,p' repo/index-v1.json`
test $v0timestamp -eq $v1timestamp

# we can't easily reproduce the timestamps for things, so just hardcode them
$sed -i.tmp -e 's,timestamp="[0-9]*",timestamp="1480431575",' repo/index.xml
diff -uw $WORKSPACE/tests/repo/index.xml repo/index.xml
sed -i --expression='s,"timestamp": [0-9]*,"timestamp": 1502845383782,' repo/index-v1.json
diff -uw $WORKSPACE/tests/repo/index-v1.json repo/index-v1.json


#------------------------------------------------------------------------------#
echo_header 'test moving lots of APKs to the archive'

REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
$sed -i.tmp '/allow_disabled_algorithms/d' config.py
test -d metadata || mkdir metadata
cp $WORKSPACE/tests/metadata/*.yml metadata/
echo 'Summary: good test version of urzip' > metadata/info.guardianproject.urzip.yml
echo 'Summary: good MD5 sig, which is disabled algorithm' > metadata/org.bitbucket.tickytacky.mirrormirror.yml
$sed -i.tmp '/ArchivePolicy:/d' metadata/*.yml
test -d repo || mkdir repo
cp $WORKSPACE/tests/urzip.apk \
   $WORKSPACE/tests/org.bitbucket.tickytacky.mirrormirror_[0-9].apk \
   $WORKSPACE/tests/repo/com.politedroid_[0-9].apk \
   $WORKSPACE/tests/repo/obb.main.twoversions_110161[357].apk \
   repo/
$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py

$fdroid update --pretty --nosign
if which apksigner; then
    test `grep '<package>' archive/index.xml | wc -l` -eq 2
    test `grep '<package>' repo/index.xml | wc -l` -eq 10
else
    echo "This will fail when jarsigner allows MD5 for APK signatures"
    test `grep '<package>' archive/index.xml | wc -l` -eq 5
    test `grep '<package>' repo/index.xml | wc -l` -eq 7
fi

#------------------------------------------------------------------------------#
if ! which apksigner; then
    echo_header 'test per-app "Archive Policy"'

    REPOROOT=`create_test_dir`
    cd $REPOROOT
    fdroid_init_with_prebuilt_keystore
    test -d metadata || mkdir metadata
    cp $WORKSPACE/tests/metadata/com.politedroid.yml metadata/
    test -d repo || mkdir repo
    cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk repo/
    $sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py

    $fdroid update --pretty --nosign
    test `grep '<package>' archive/index.xml | wc -l` -eq 0
    test `grep '<package>' repo/index.xml | wc -l` -eq 4
    grep -F com.politedroid_3.apk repo/index.xml
    grep -F com.politedroid_4.apk repo/index.xml
    grep -F com.politedroid_5.apk repo/index.xml
    grep -F com.politedroid_6.apk repo/index.xml
    test -e repo/com.politedroid_3.apk
    test -e repo/com.politedroid_4.apk
    test -e repo/com.politedroid_5.apk
    test -e repo/com.politedroid_6.apk

    echo "enable one app in the repo"
    $sed -i.tmp 's,^ArchivePolicy: 4,ArchivePolicy: 1,' metadata/com.politedroid.yml
    $fdroid update --pretty --nosign
    test `grep '<package>' archive/index.xml | wc -l` -eq 3
    test `grep '<package>' repo/index.xml | wc -l` -eq 1
    grep -F com.politedroid_3.apk archive/index.xml
    grep -F com.politedroid_4.apk archive/index.xml
    grep -F com.politedroid_5.apk archive/index.xml
    grep -F com.politedroid_6.apk repo/index.xml
    test -e archive/com.politedroid_3.apk
    test -e archive/com.politedroid_4.apk
    test -e archive/com.politedroid_5.apk
    test -e repo/com.politedroid_6.apk

    echo "remove all apps from the repo"
    $sed -i.tmp 's,^ArchivePolicy: 1,ArchivePolicy: 0,' metadata/com.politedroid.yml
    $fdroid update --pretty --nosign
    test `grep '<package>' archive/index.xml | wc -l` -eq 4
    test `grep '<package>' repo/index.xml | wc -l` -eq 0
    grep -F com.politedroid_3.apk archive/index.xml
    grep -F com.politedroid_4.apk archive/index.xml
    grep -F com.politedroid_5.apk archive/index.xml
    grep -F com.politedroid_6.apk archive/index.xml
    test -e archive/com.politedroid_3.apk
    test -e archive/com.politedroid_4.apk
    test -e archive/com.politedroid_5.apk
    test -e archive/com.politedroid_6.apk
    ! test -e repo/com.politedroid_6.apk

    echo "move back one from archive to the repo"
    $sed -i.tmp 's,^ArchivePolicy: 0,ArchivePolicy: 1,' metadata/com.politedroid.yml
    $fdroid update --pretty --nosign
    test `grep '<package>' archive/index.xml | wc -l` -eq 3
    test `grep '<package>' repo/index.xml | wc -l` -eq 1
    grep -F com.politedroid_3.apk archive/index.xml
    grep -F com.politedroid_4.apk archive/index.xml
    grep -F com.politedroid_5.apk archive/index.xml
    grep -F com.politedroid_6.apk repo/index.xml
    test -e archive/com.politedroid_3.apk
    test -e archive/com.politedroid_4.apk
    test -e archive/com.politedroid_5.apk
    ! test -e archive/com.politedroid_6.apk
    test -e repo/com.politedroid_6.apk

    echo "set an earlier version as CVC and test that it's the only one not archived"
    $sed -i.tmp 's,^CurrentVersionCode: 6,CurrentVersionCode: 5,' metadata/com.politedroid.yml
    $fdroid update --pretty --nosign
    test `grep '<package>' archive/index.xml | wc -l` -eq 3
    test `grep '<package>' repo/index.xml | wc -l` -eq 1
    grep -F com.politedroid_3.apk archive/index.xml
    grep -F com.politedroid_4.apk archive/index.xml
    grep -F com.politedroid_5.apk repo/index.xml
    grep -F com.politedroid_6.apk archive/index.xml
    test -e archive/com.politedroid_3.apk
    test -e archive/com.politedroid_4.apk
    test -e repo/com.politedroid_5.apk
    ! test -e repo/com.politedroid_6.apk
    test -e archive/com.politedroid_6.apk
fi


#------------------------------------------------------------------------------#
echo_header 'test moving old APKs to and from the archive'

REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
test -d metadata || mkdir metadata
cp $WORKSPACE/tests/metadata/com.politedroid.yml metadata/
$sed -i.tmp '/ArchivePolicy:/d' metadata/com.politedroid.yml
test -d repo || mkdir repo
cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk repo/
$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py

$fdroid update --pretty --nosign
test `grep '<package>' archive/index.xml | wc -l` -eq 1
test `grep '<package>' repo/index.xml | wc -l` -eq 3
grep -F com.politedroid_3.apk archive/index.xml
grep -F com.politedroid_4.apk repo/index.xml
grep -F com.politedroid_5.apk repo/index.xml
grep -F com.politedroid_6.apk repo/index.xml
test -e archive/com.politedroid_3.apk
test -e repo/com.politedroid_4.apk
test -e repo/com.politedroid_5.apk
test -e repo/com.politedroid_6.apk

$sed -i.tmp 's,archive_older = 3,archive_older = 1,' config.py
$fdroid update --pretty --nosign
test `grep '<package>' archive/index.xml | wc -l` -eq 3
test `grep '<package>' repo/index.xml | wc -l` -eq 1
grep -F com.politedroid_3.apk archive/index.xml
grep -F com.politedroid_4.apk archive/index.xml
grep -F com.politedroid_5.apk archive/index.xml
grep -F com.politedroid_6.apk repo/index.xml
test -e archive/com.politedroid_3.apk
test -e archive/com.politedroid_4.apk
test -e archive/com.politedroid_5.apk
test -e repo/com.politedroid_6.apk

# disabling deletes from the archive
$sed -i.tmp 's/\(versionCode: 4\)/\1\n    disable: testing deletion/' metadata/com.politedroid.yml
$fdroid update --pretty --nosign
test `grep '<package>' archive/index.xml | wc -l` -eq 2
test `grep '<package>' repo/index.xml | wc -l` -eq 1
grep -F com.politedroid_3.apk archive/index.xml
! grep -F com.politedroid_4.apk archive/index.xml
grep -F com.politedroid_5.apk archive/index.xml
grep -F com.politedroid_6.apk repo/index.xml
test -e archive/com.politedroid_3.apk
! test -e archive/com.politedroid_4.apk
test -e archive/com.politedroid_5.apk
test -e repo/com.politedroid_6.apk

# disabling deletes from the repo, and promotes one from the archive
$sed -i.tmp 's/\(versionCode: 6\)/\1\n    disable: testing deletion/' metadata/com.politedroid.yml
$fdroid update --pretty --nosign
test `grep '<package>' archive/index.xml | wc -l` -eq 1
test `grep '<package>' repo/index.xml | wc -l` -eq 1
grep -F com.politedroid_3.apk archive/index.xml
grep -F com.politedroid_5.apk repo/index.xml
! grep -F com.politedroid_6.apk repo/index.xml
test -e archive/com.politedroid_3.apk
test -e repo/com.politedroid_5.apk
! test -e repo/com.politedroid_6.apk


#------------------------------------------------------------------------------#
echo_header 'test that verify can succeed and fail'

REPOROOT=`create_test_dir`
cd $REPOROOT
test -d tmp || mkdir tmp
test -d unsigned || mkdir unsigned
cp $WORKSPACE/tests/repo/com.politedroid_6.apk tmp/
cp $WORKSPACE/tests/repo/com.politedroid_6.apk unsigned/
$fdroid verify --reuse-remote-apk --verbose com.politedroid
# force a fail
cp $WORKSPACE/tests/repo/com.politedroid_5.apk unsigned/com.politedroid_6.apk
! $fdroid verify --reuse-remote-apk --verbose com.politedroid


#------------------------------------------------------------------------------#
echo_header 'test allowing disabled signatures in repo and archive'

REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
echo 'allow_disabled_algorithms = True' >> config.py
$sed -i.tmp 's,archive_older = [0-9],archive_older = 3,' config.py
test -d metadata || mkdir metadata
cp $WORKSPACE/tests/metadata/com.politedroid.yml metadata/
echo 'Summary: good test version of urzip' > metadata/info.guardianproject.urzip.yml
echo 'Summary: good MD5 sig, disabled algorithm' > metadata/org.bitbucket.tickytacky.mirrormirror.yml
$sed -i.tmp '/ArchivePolicy:/d' metadata/*.yml
test -d repo || mkdir repo
cp $WORKSPACE/tests/repo/com.politedroid_[0-9].apk \
   $WORKSPACE/tests/org.bitbucket.tickytacky.mirrormirror_[0-9].apk \
   $WORKSPACE/tests/urzip-badsig.apk \
   repo/

$fdroid update --pretty --nosign
test `grep '<package>' archive/index.xml | wc -l` -eq 2
test `grep '<package>' repo/index.xml | wc -l` -eq 6
grep -F com.politedroid_3.apk archive/index.xml
grep -F com.politedroid_4.apk repo/index.xml
grep -F com.politedroid_5.apk repo/index.xml
grep -F com.politedroid_6.apk repo/index.xml
grep -F org.bitbucket.tickytacky.mirrormirror_1.apk archive/index.xml
grep -F org.bitbucket.tickytacky.mirrormirror_2.apk repo/index.xml
grep -F org.bitbucket.tickytacky.mirrormirror_3.apk repo/index.xml
grep -F org.bitbucket.tickytacky.mirrormirror_4.apk repo/index.xml
! grep -F urzip-badsig.apk repo/index.xml
! grep -F urzip-badsig.apk archive/index.xml
test -e archive/com.politedroid_3.apk
test -e repo/com.politedroid_4.apk
test -e repo/com.politedroid_5.apk
test -e repo/com.politedroid_6.apk
test -e archive/org.bitbucket.tickytacky.mirrormirror_1.apk
test -e repo/org.bitbucket.tickytacky.mirrormirror_2.apk
test -e repo/org.bitbucket.tickytacky.mirrormirror_3.apk
test -e repo/org.bitbucket.tickytacky.mirrormirror_4.apk
test -e archive/urzip-badsig.apk

if ! which apksigner; then
    $sed -i.tmp '/allow_disabled_algorithms/d' config.py
    $fdroid update --pretty --nosign
    test `grep '<package>' archive/index.xml | wc -l` -eq 5
    test `grep '<package>' repo/index.xml | wc -l` -eq 3
    grep -F org.bitbucket.tickytacky.mirrormirror_1.apk archive/index.xml
    grep -F org.bitbucket.tickytacky.mirrormirror_2.apk archive/index.xml
    grep -F org.bitbucket.tickytacky.mirrormirror_3.apk archive/index.xml
    grep -F org.bitbucket.tickytacky.mirrormirror_4.apk archive/index.xml
    grep -F com.politedroid_3.apk archive/index.xml
    grep -F com.politedroid_4.apk repo/index.xml
    grep -F com.politedroid_5.apk repo/index.xml
    grep -F com.politedroid_6.apk repo/index.xml
    ! grep -F urzip-badsig.apk repo/index.xml
    ! grep -F urzip-badsig.apk archive/index.xml
    test -e archive/org.bitbucket.tickytacky.mirrormirror_1.apk
    test -e archive/org.bitbucket.tickytacky.mirrormirror_2.apk
    test -e archive/org.bitbucket.tickytacky.mirrormirror_3.apk
    test -e archive/org.bitbucket.tickytacky.mirrormirror_4.apk
    test -e archive/com.politedroid_3.apk
    test -e archive/urzip-badsig.apk
    test -e repo/com.politedroid_4.apk
    test -e repo/com.politedroid_5.apk
    test -e repo/com.politedroid_6.apk
fi

# test unarchiving when disabled_algorithms are allowed again
echo 'allow_disabled_algorithms = True' >> config.py
$fdroid update --pretty --nosign
test `grep '<package>' archive/index.xml | wc -l` -eq 2
test `grep '<package>' repo/index.xml | wc -l` -eq 6
grep -F com.politedroid_3.apk archive/index.xml
grep -F com.politedroid_4.apk repo/index.xml
grep -F com.politedroid_5.apk repo/index.xml
grep -F com.politedroid_6.apk repo/index.xml
grep -F org.bitbucket.tickytacky.mirrormirror_1.apk archive/index.xml
grep -F org.bitbucket.tickytacky.mirrormirror_2.apk repo/index.xml
grep -F org.bitbucket.tickytacky.mirrormirror_3.apk repo/index.xml
grep -F org.bitbucket.tickytacky.mirrormirror_4.apk repo/index.xml
! grep -F urzip-badsig.apk repo/index.xml
! grep -F urzip-badsig.apk archive/index.xml
test -e archive/com.politedroid_3.apk
test -e repo/com.politedroid_4.apk
test -e repo/com.politedroid_5.apk
test -e repo/com.politedroid_6.apk
test -e archive/org.bitbucket.tickytacky.mirrormirror_1.apk
test -e repo/org.bitbucket.tickytacky.mirrormirror_2.apk
test -e repo/org.bitbucket.tickytacky.mirrormirror_3.apk
test -e repo/org.bitbucket.tickytacky.mirrormirror_4.apk
test -e archive/urzip-badsig.apk

#------------------------------------------------------------------------------#
echo_header 'rename apks with `fdroid update --rename-apks`, --nosign for speed'

REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
echo 'keydname = "CN=Birdman, OU=Cell, O=Alcatraz, L=Alcatraz, S=California, C=US"' >> config.py
test -d metadata || mkdir metadata
cp $WORKSPACE/tests/metadata/info.guardianproject.urzip.yml metadata/
test -d repo || mkdir repo
cp $WORKSPACE/tests/urzip.apk "repo/asdfiuhk urzip-πÇÇπÇÇ现代汉语通用字-български-عربي1234 ö.apk"
$fdroid update --rename-apks --pretty --nosign
test -e repo/info.guardianproject.urzip_100.apk
grep -F 'info.guardianproject.urzip_100.apk' repo/index-v1.json repo/index.xml
cp $WORKSPACE/tests/urzip-release.apk repo/
$fdroid update --rename-apks --pretty --nosign
test -e repo/info.guardianproject.urzip_100.apk
test -e repo/info.guardianproject.urzip_100_b4964fd.apk
grep -F 'info.guardianproject.urzip_100.apk' repo/index-v1.json repo/index.xml
grep -F 'info.guardianproject.urzip_100_b4964fd.apk' repo/index-v1.json
! grep -F 'info.guardianproject.urzip_100_b4964fd.apk' repo/index.xml
cp $WORKSPACE/tests/urzip-release.apk repo/
$fdroid update --rename-apks --pretty --nosign
test -e repo/info.guardianproject.urzip_100.apk
test -e repo/info.guardianproject.urzip_100_b4964fd.apk
test -e duplicates/repo/info.guardianproject.urzip_100_b4964fd.apk
grep -F 'info.guardianproject.urzip_100.apk' repo/index-v1.json repo/index.xml
grep -F 'info.guardianproject.urzip_100_b4964fd.apk' repo/index-v1.json
! grep -F 'info.guardianproject.urzip_100_b4964fd.apk' repo/index.xml

#------------------------------------------------------------------------------#
echo_header "test for added date being set correctly for repo and archive"
REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
mkdir -p {repo,archive,metadata,stats}
cp $WORKSPACE/tests/repo/com.politedroid_5.apk archive
cp $WORKSPACE/tests/repo/com.politedroid_6.apk repo
cp $WORKSPACE/tests/metadata/com.politedroid.yml metadata
#TODO: the timestamp of the oldest apk in the file should be used, even if that
# doesn't exist anymore
echo "com.politedroid_4.apk com.politedroid 2016-01-01" > stats/known_apks.txt
echo "com.politedroid_5.apk com.politedroid 2017-01-01" >> stats/known_apks.txt
echo "com.politedroid_6.apk com.politedroid 2018-01-01" >> stats/known_apks.txt
sed -i -e 's/ArchivePolicy:.*/ArchivePolicy: 1 versions/' metadata/com.politedroid.yml
# Get the java ms timestamp from UTC time
timestamp=$(date -u --date=2017-01-01 +%s)000

$fdroid update --pretty --nosign
grep -F "\"added\": $timestamp" repo/index-v1.json
# the archive will have the added timestamp for the app and for the apk, both need to be there
if [ $(grep -F "\"added\": $timestamp" archive/index-v1.json | wc -l) == 2 ]; then true; else false;fi

#------------------------------------------------------------------------------#
echo_header "test whatsnew from fastlane without CVC set"
REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
mkdir -p metadata/com.politedroid/en-US/changelogs/
cp $WORKSPACE/tests/repo/com.politedroid_6.apk repo
cp $WORKSPACE/tests/metadata/com.politedroid.yml metadata
echo "whatsnew test" > metadata/com.politedroid/en-US/changelogs/6.txt
sed -i -e '/CurrentVersion/d' metadata/com.politedroid.yml
$fdroid update --pretty --nosign
grep -F 'whatsnew' repo/index-v1.json

#------------------------------------------------------------------------------#
echo_header "test metadata checks"

REPOROOT=`create_test_dir`
cd $REPOROOT

mkdir repo
cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/

set +e
$fdroid build
if [ $? -eq 0 ]; then
    echo "This should have failed because there is no metadata!"
    exit 1
else
    echo "testing metadata checks passed"
fi
set -e

mkdir $REPOROOT/metadata/
cp $WORKSPACE/tests/metadata/org.smssecure.smssecure.yml $REPOROOT/metadata/
$fdroid readmeta


#------------------------------------------------------------------------------#
echo_header "ensure commands that don't need the JDK work without a JDK configed"

REPOROOT=`create_test_dir`
cd $REPOROOT
mkdir repo
mkdir metadata
echo "License: GPL-2.0-only" >> metadata/fake.yml
echo "Summary: Yup still fake" >> metadata/fake.yml
echo "Categories: [Internet]" >> metadata/fake.yml
echo "Description: |" >> metadata/fake.yml
echo " this is fake" >> metadata/fake.yml

# fake that no JDKs are available
echo 'java_paths = {}' > config.py

LOCAL_COPY_DIR=`create_test_dir`/fdroid
mkdir -p $LOCAL_COPY_DIR/repo
echo "local_copy_dir = '$LOCAL_COPY_DIR'" >> config.py

$fdroid checkupdates --allow-dirty
which gpg && $fdroid gpgsign
$fdroid lint
$fdroid readmeta
$fdroid rewritemeta fake
$fdroid deploy
$fdroid server update
$fdroid scanner

# run these to get their output, but the are not setup, so don't fail
$fdroid build || true
$fdroid import || true
$fdroid install || true


#------------------------------------------------------------------------------#
# only run this test if running from a git repo, not all files are in the tarball
if [ -e .git/config ]; then
    echo_header "create a source tarball"

    cd $WORKSPACE
    ./setup.py compile_catalog sdist

    REPOROOT=`create_test_dir`
    cd $REPOROOT
    tar xzf `ls -1 $WORKSPACE/dist/fdroidserver-*.tar.gz | sort -n | tail -1`
    cd $REPOROOT
    ./fdroidserver-*/fdroid init
    copy_apks_into_repo $REPOROOT
    ./fdroidserver-*/fdroid update --create-metadata --verbose
fi

#------------------------------------------------------------------------------#
echo_header "test config checks of local_copy_dir"

REPOROOT=`create_test_dir`
cd $REPOROOT
$fdroid init
$fdroid update --create-metadata --verbose
$fdroid readmeta
$fdroid server update --local-copy-dir=/tmp/fdroid
$fdroid deploy --local-copy-dir=/tmp/fdroid --verbose

# now test the errors work
set +e
$fdroid server update --local-copy-dir=thisisnotanabsolutepath
if [ $? -eq 0 ]; then
    echo "This should have failed because thisisnotanabsolutepath is not an absolute path!"
    exit 1
else
    echo "testing absolute path checker passed"
fi
$fdroid server update --local-copy-dir=/tmp/IReallyDoubtThisPathExistsasdfasdf
if [ $? -eq 0 ]; then
    echo "This should have failed because the path does not end with 'fdroid'!"
    exit 1
else
    echo "testing dirname exists checker passed"
fi
$fdroid server update --local-copy-dir=/tmp/IReallyDoubtThisPathExistsasdfasdf/fdroid
if [ $? -eq 0 ]; then
    echo "This should have failed because the dirname path does not exist!"
    exit 1
else
    echo "testing dirname exists checker passed"
fi
set -e


#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch using ANDROID_HOME and do a local sync"

REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
copy_apks_into_repo $REPOROOT
$fdroid update --create-metadata --verbose
$fdroid readmeta
grep -F '<application id=' repo/index.xml > /dev/null

LOCALCOPYDIR=`create_test_dir`/fdroid
$fdroid server update --local-copy-dir=$LOCALCOPYDIR
NEWREPOROOT=`create_test_dir`
cd $NEWREPOROOT
fdroid_init_with_prebuilt_keystore
echo "sync_from_local_copy_dir = True" >> config.py
$fdroid server update --local-copy-dir=$LOCALCOPYDIR


#------------------------------------------------------------------------------#
# check that --android-home fails when dir does not exist or is not a dir

REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
set +e
$fdroid init --keystore $KEYSTORE --android-home /opt/fakeandroidhome
if [ $? -eq 0 ]; then
    echo "This should have failed because /opt/fakeandroidhome does not exist!"
    exit 1
else
    echo "testing android-home path checker passed"
fi
TESTFILE=`create_test_file`
$fdroid init --keystore $KEYSTORE --android-home $TESTFILE
if [ $? -eq 0 ]; then
    echo "This should have failed because $TESTFILE is a file not a dir!"
    exit 1
else
    echo "testing android-home not-dir checker passed"
fi
set -e


#------------------------------------------------------------------------------#
echo_header "check that fake android home passes 'fdroid init'"

REPOROOT=`create_test_dir`
FAKE_ANDROID_HOME=`create_test_dir`
create_fake_android_home $FAKE_ANDROID_HOME
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME


#------------------------------------------------------------------------------#
echo_header "check that 'fdroid init' fails when build-tools cannot be found"

if [ -e /usr/bin/aapt ] || python3 -c 'import androguard'; then
    echo "/usr/bin/aapt or androguard installed, not running test"
else
    REPOROOT=`create_test_dir`
    FAKE_ANDROID_HOME=`create_test_dir`
    create_fake_android_home $FAKE_ANDROID_HOME
    rm -f $FAKE_ANDROID_HOME/build-tools/*/aapt
    KEYSTORE=$REPOROOT/keystore.jks
    cd $REPOROOT
    set +e
    $fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
    [ $? -eq 0 ] && exit 1
    set -e
fi


#------------------------------------------------------------------------------#
echo_header "check that --android-home overrides ANDROID_HOME"

REPOROOT=`create_test_dir`
FAKE_ANDROID_HOME=`create_test_dir`
create_fake_android_home $FAKE_ANDROID_HOME
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE --android-home $FAKE_ANDROID_HOME
set +e
grep $FAKE_ANDROID_HOME $REPOROOT/config.py
if [ $? -ne 0 ]; then
    echo "the value set in --android-home '$FAKE_ANDROID_HOME' should override ANDROID_HOME '$ANDROID_HOME'"
    exit 1
fi
set -e


#------------------------------------------------------------------------------#
# In this case, ANDROID_HOME is set to a fake, non-working version that will
# be detected by fdroid as an Android SDK install.  It should use the path set
# by --android-home over the one in ANDROID_HOME, therefore if it uses the one
# in ANDROID_HOME, it won't work because it is a fake one.  Only
# --android-home provides a working one.
if [ -z "$ANDROID_HOME" ]; then
    echo_header "SKIP setup a new repo from scratch with keystore and android-home set on cmd line"
else
    echo_header "setup a new repo from scratch with keystore and android-home set on cmd line"

    REPOROOT=`create_test_dir`
    KEYSTORE=$REPOROOT/keystore.jks
    FAKE_ANDROID_HOME=`create_test_dir`
    create_fake_android_home $FAKE_ANDROID_HOME
    STORED_ANDROID_HOME=$ANDROID_HOME
    unset ANDROID_HOME
    echo "ANDROID_HOME: $ANDROID_HOME"
    cd $REPOROOT
    $fdroid init --keystore $KEYSTORE --android-home $STORED_ANDROID_HOME --no-prompt
    test -e $KEYSTORE
    copy_apks_into_repo $REPOROOT
    $fdroid update --create-metadata --verbose
    $fdroid readmeta
    grep -F '<application id=' repo/index.xml > /dev/null
    test -e repo/index.xml
    test -e repo/index.jar
    test -e repo/index-v1.jar
    test -e tmp/apkcache.json
    ! test -z tmp/apkcache.json
    export ANDROID_HOME=$STORED_ANDROID_HOME
fi

#------------------------------------------------------------------------------#
echo_header "check duplicate files are properly handled by fdroid update"

REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
mkdir $REPOROOT/metadata
cp -a $WORKSPACE/tests/metadata/obb.mainpatch.current.yml $REPOROOT/metadata
cp $WORKSPACE/tests/repo/obb.mainpatch.current_1619.apk $REPOROOT/repo/
cp $WORKSPACE/tests/repo/obb.mainpatch.current_1619_another-release-key.apk $REPOROOT/repo/
$fdroid update --pretty
grep -F 'obb.mainpatch.current_1619.apk' repo/index.xml repo/index-v1.json
grep -F 'obb.mainpatch.current_1619_another-release-key.apk' repo/index-v1.json
! grep -F 'obb.mainpatch.current_1619_another-release-key.apk' repo/index.xml
# die if there are exact duplicates
cp $WORKSPACE/tests/repo/obb.mainpatch.current_1619.apk $REPOROOT/repo/duplicate.apk
! $fdroid update


#------------------------------------------------------------------------------#
echo_header "setup new repo from scratch using ANDROID_HOME, putting APKs in repo first"

REPOROOT=`create_test_dir`
cd $REPOROOT
mkdir repo
copy_apks_into_repo $REPOROOT
fdroid_init_with_prebuilt_keystore
$fdroid update --create-metadata --verbose
$fdroid readmeta
grep -F '<application id=' repo/index.xml > /dev/null


#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch and generate a keystore"

REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE
test -e $KEYSTORE
copy_apks_into_repo $REPOROOT
$fdroid update --create-metadata --verbose
$fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
grep -F '<application id=' repo/index.xml > /dev/null


#------------------------------------------------------------------------------#
echo_header "setup a new repo manually and generate a keystore"

REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
cp $WORKSPACE/examples/fdroid-icon.png $REPOROOT/
! test -e $KEYSTORE
set +e
$fdroid update
if [ $? -eq 0 ]; then
    echo "This should have failed because this repo has no keystore!"
    exit 1
else
    echo '`fdroid update` prompted to add keystore'
fi
set -e
$fdroid update --create-key
test -e $KEYSTORE
copy_apks_into_repo $REPOROOT
$fdroid update --create-metadata --verbose
$fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
grep -F '<application id=' repo/index.xml > /dev/null


#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch, generate a keystore, then add APK and update"

REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
$fdroid init --keystore $KEYSTORE
test -e $KEYSTORE
copy_apks_into_repo $REPOROOT
$fdroid update --create-metadata --verbose
$fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
grep -F '<application id=' repo/index.xml > /dev/null
test -e $REPOROOT/repo/info.guardianproject.urzip_100.apk || \
    cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/
$fdroid update --create-metadata --verbose
$fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
grep -F '<application id=' repo/index.xml > /dev/null


#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch with a HSM/smartcard"
REPOROOT=`create_test_dir`
cd $REPOROOT
$fdroid init --keystore NONE
test -e opensc-fdroid.cfg
test ! -e NONE


#------------------------------------------------------------------------------#
echo_header "setup a new repo with no keystore, add APK, and update"

REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
touch fdroid-icon.png
mkdir repo
cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/
set +e
$fdroid update --create-metadata --verbose
if [ $? -eq 0 ]; then
    echo "This should have failed because this repo has no keystore!"
    exit 1
else
    echo '`fdroid update` prompted to add keystore'
fi
set -e

# now set up fake, non-working keystore setup
touch $KEYSTORE
echo "keystore = \"$KEYSTORE\"" >> config.py
echo 'repo_keyalias = "foo"' >> config.py
echo 'keystorepass = "foo"' >> config.py
echo 'keypass = "foo"' >> config.py
set +e
$fdroid update --create-metadata --verbose
if [ $? -eq 0 ]; then
    echo "This should have failed because this repo has a bad/fake keystore!"
    exit 1
else
    echo '`fdroid update` prompted to add keystore'
fi
set -e


#------------------------------------------------------------------------------#
echo_header "copy tests/repo, update with binary transparency log"

REPOROOT=`create_test_dir`
GIT_REMOTE=`create_test_dir`
GNUPGHOME=$REPOROOT/gnupghome
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
cp -a $WORKSPACE/tests/metadata $WORKSPACE/tests/repo $WORKSPACE/tests/stats $REPOROOT/
echo "binary_transparency_remote = '$GIT_REMOTE'" >> config.py
$fdroid update --verbose
if have_git_2_3; then
    $fdroid server update --verbose
    test -e repo/index.xml
    test -e repo/index.jar
    test -e repo/index-v1.jar
    grep -F '<application id=' repo/index.xml > /dev/null
    cd binary_transparency
    [ `git rev-list --count HEAD` == "2" ]
    cd $GIT_REMOTE
    [ `git rev-list --count HEAD` == "2" ]
else
    echo "Skipping test, `git --version` older than 2.3"
fi


#------------------------------------------------------------------------------#
echo_header "setup a new repo with keystore with APK, update, then without key"

REPOROOT=`create_test_dir`
KEYSTORE=$REPOROOT/keystore.jks
cd $REPOROOT
cp $WORKSPACE/tests/keystore.jks $KEYSTORE
fdroid_init_with_prebuilt_keystore $KEYSTORE
test -e $KEYSTORE
cp $WORKSPACE/tests/urzip.apk $REPOROOT/repo/
$fdroid update --create-metadata --verbose
$fdroid readmeta
test -e repo/index.xml
test -e repo/index.jar
test -e repo/index-v1.jar
test -e tmp/apkcache.json
! test -z tmp/apkcache.json
grep -F '<application id=' repo/index.xml > /dev/null

# now set fake repo_keyalias
$sed -i.tmp 's,^ *repo_keyalias.*,repo_keyalias = "fake",' $REPOROOT/config.py
set +e
$fdroid update
if [ $? -eq 0 ]; then
    echo "This should have failed because this repo has a bad repo_keyalias!"
    exit 1
else
    echo '`fdroid update` prompted to add keystore'
fi
set -e

# try creating a new keystore, but fail because the old one is there
test -e $KEYSTORE
set +e
$fdroid update --create-key
if [ $? -eq 0 ]; then
    echo "This should have failed because a keystore is already there!"
    exit 1
else
    echo '`fdroid update` complained about existing keystore'
fi
set -e

# now actually create the key with the existing settings
rm -f $KEYSTORE
! test -e $KEYSTORE
$fdroid update --create-key
test -e $KEYSTORE


#------------------------------------------------------------------------------#
echo_header "setup a new repo from scratch using ANDROID_HOME with git mirror"

# fake git remote server for repo mirror
SERVER_GIT_MIRROR=`create_test_dir`
cd $SERVER_GIT_MIRROR
git init
git config receive.denyCurrentBranch updateInstead

REPOROOT=`create_test_dir`
GIT_MIRROR=$REPOROOT/git-mirror
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
echo "servergitmirrors = '$SERVER_GIT_MIRROR'" >> config.py

cp $WORKSPACE/tests/repo/com.politedroid_[345].apk repo/
$fdroid update --create-metadata
$fdroid deploy
test -e $GIT_MIRROR/fdroid/repo/com.politedroid_3.apk
test -e $GIT_MIRROR/fdroid/repo/com.politedroid_4.apk
test -e $GIT_MIRROR/fdroid/repo/com.politedroid_5.apk
test -e $SERVER_GIT_MIRROR/fdroid/repo/com.politedroid_3.apk
test -e $SERVER_GIT_MIRROR/fdroid/repo/com.politedroid_4.apk
test -e $SERVER_GIT_MIRROR/fdroid/repo/com.politedroid_5.apk
date > $GIT_MIRROR/.git/test-stamp

# add one more APK to trigger archiving
cp $WORKSPACE/tests/repo/com.politedroid_6.apk repo/
$fdroid update
$fdroid deploy
test -e $REPOROOT/archive/com.politedroid_3.apk
! test -e $GIT_MIRROR/fdroid/archive/com.politedroid_3.apk
! test -e $SERVER_GIT_MIRROR/fdroid/archive/com.politedroid_3.apk
test -e $GIT_MIRROR/fdroid/repo/com.politedroid_4.apk
test -e $GIT_MIRROR/fdroid/repo/com.politedroid_5.apk
test -e $GIT_MIRROR/fdroid/repo/com.politedroid_6.apk
test -e $SERVER_GIT_MIRROR/fdroid/repo/com.politedroid_4.apk
test -e $SERVER_GIT_MIRROR/fdroid/repo/com.politedroid_5.apk
test -e $SERVER_GIT_MIRROR/fdroid/repo/com.politedroid_6.apk
before=`du -s --bytes $GIT_MIRROR/.git/ | awk '{print $1}'`

echo "git_mirror_size_limit = '60kb'" >> config.py
$fdroid update
$fdroid deploy
test -e $REPOROOT/archive/com.politedroid_3.apk
! test -e $SERVER_GIT_MIRROR/fdroid/archive/com.politedroid_3.apk
after=`du -s --bytes $GIT_MIRROR/.git/ | awk '{print $1}'`
! test -e $GIT_MIRROR/.git/test-stamp
git -C $GIT_MIRROR gc
git -C $SERVER_GIT_MIRROR gc
test $before -gt $after


#------------------------------------------------------------------------------#
echo_header "sign binary repo in offline box, then publishing from online box"

if have_git_2_3; then
    OFFLINE_ROOT=`create_test_dir`
    KEYSTORE=$WORKSPACE/tests/keystore.jks
    LOCAL_COPY_DIR=`create_test_dir`/fdroid
    mkdir $LOCAL_COPY_DIR
    ONLINE_ROOT=`create_test_dir`
    SERVERWEBROOT=`create_test_dir`

    # create offline binary transparency log
    cd $OFFLINE_ROOT
    mkdir binary_transparency
    cd binary_transparency
    git init

    # fake git remote server for binary transparency log
    BINARY_TRANSPARENCY_REMOTE=`create_test_dir`

    # fake git remote server for repo mirror
    SERVER_GIT_MIRROR=`create_test_dir`
    cd $SERVER_GIT_MIRROR
    git init
    git config receive.denyCurrentBranch updateInstead

    cd $OFFLINE_ROOT
    fdroid_init_with_prebuilt_keystore
    cp -a $WORKSPACE/tests/metadata $WORKSPACE/tests/repo $WORKSPACE/tests/stats $OFFLINE_ROOT/

    echo "mirrors = ['http://foo.bar/fdroid', 'http://asdflkdsfjafdsdfhkjh.onion/fdroid']" >> config.py
    echo "servergitmirrors = '$SERVER_GIT_MIRROR'" >> config.py
    echo "local_copy_dir = '$LOCAL_COPY_DIR'" >> config.py
    $fdroid update --pretty
    grep -F '<application id=' repo/index.xml > /dev/null
    grep -F '/fdroid/repo</mirror>' repo/index.xml
    grep -F '/fdroid/archive</mirror>' archive/index.xml
    test `grep '<mirror>' repo/index.xml | wc -l` -eq 2
    test `grep '<mirror>' archive/index.xml | wc -l` -eq 2
    cd binary_transparency
    [ `git rev-list --count HEAD` == "1" ]
    cd ..
    $fdroid server update --verbose
    grep -F '<application id=' $LOCAL_COPY_DIR/repo/index.xml > /dev/null
    cd $ONLINE_ROOT
    echo "local_copy_dir = '$LOCAL_COPY_DIR'" >> config.py
    echo "sync_from_local_copy_dir = True" >> config.py
    echo "serverwebroots = '$SERVERWEBROOT'" >> config.py
    echo "servergitmirrors = '$SERVER_GIT_MIRROR'" >> config.py
    echo "local_copy_dir = '$LOCAL_COPY_DIR'" >> config.py
    echo "binary_transparency_remote = '$BINARY_TRANSPARENCY_REMOTE'" >> config.py
    $fdroid server update --verbose
    cd $BINARY_TRANSPARENCY_REMOTE
    [ `git rev-list --count HEAD` == "1" ]
    cd $SERVER_GIT_MIRROR
    [ `git rev-list --count HEAD` == "1" ]
fi


#------------------------------------------------------------------------------#
echo_header 'test extracting and publishing with developer signature'

REPOROOT=`create_test_dir`
cd $REPOROOT
fdroid_init_with_prebuilt_keystore
echo 'keydname = "CN=Birdman, OU=Cell, O=Alcatraz, L=Alcatraz, S=California, C=US"' >> config.py
test -d metadata || mkdir metadata
cp $WORKSPACE/tests/metadata/com.politedroid.yml metadata/
test -d repo || mkdir repo
test -d unsigned || mkdir unsigned
cp $WORKSPACE/tests/repo/com.politedroid_6.apk unsigned/
$fdroid signatures unsigned/com.politedroid_6.apk
test -d metadata/com.politedroid/signatures/6
test -f metadata/com.politedroid/signatures/6/MANIFEST.MF
test -f metadata/com.politedroid/signatures/6/RELEASE.RSA
test -f metadata/com.politedroid/signatures/6/RELEASE.SF
! test -f repo/com.politedroid_6.apk
$fdroid publish
test -f repo/com.politedroid_6.apk
if which jarsigner; then
    jarsigner -verify repo/com.politedroid_6.apk
fi
if which apksigner; then
    apksigner verify repo/com.politedroid_6.apk
fi


#------------------------------------------------------------------------------#

# remove this to prevent git conflicts and complaining
rm -rf $WORKSPACE/fdroidserver.egg-info/

echo SUCCESS