✓ Built build/app/outputs/flutter-apk/app-freeproduction-release.apk (28.5MB)
+ popd
~/build
+ mv /tmp/build com.kjxbyz.watermarkassistant
2024-09-16 02:46:53,998 DEBUG: Popen(['git', 'cat-file', '--batch-check'], cwd=/home/vagrant/build/com.kjxbyz.watermarkassistant, universal_newlines=False, shell=None, istream=<valid stream>)
2024-09-16 02:46:54,055 INFO: Successfully built version 1.0.2 of com.kjxbyz.watermarkassistant from 372bd7c5292ce24f202892518e2a52f7f362986a
2024-09-16 02:46:54,170 DEBUG: Checking build/com.kjxbyz.watermarkassistant/build/app/outputs/flutter-apk/app-freeproduction-release.apk
2024-09-16 02:46:54,172 INFO: Scanning APK with dexdump for known non-free classes.
2024-09-16 02:46:54,180 DEBUG: > /opt/android-sdk/build-tools/34.0.0/dexdump /tmp/tmp92_p7mrg/classes.dex
2024-09-16 02:46:55,865 INFO: Created directory for storing developer supplied reference binaries: 'tmp/binaries'
2024-09-16 02:46:55,865 INFO: ...retrieving https://github.com/picguard/picguard/releases/download/v1.0.2+407/PicGuard_1.0.2+407-free_universal.apk
2024-09-16 02:46:55,867 DEBUG: Starting new HTTPS connection (1): github.com:443
2024-09-16 02:46:56,049 DEBUG: https://github.com:443 "GET /picguard/picguard/releases/download/v1.0.2+407/PicGuard_1.0.2+407-free_universal.apk HTTP/1.1" 302 0
2024-09-16 02:46:56,052 DEBUG: Starting new HTTPS connection (1): objects.githubusercontent.com:443
2024-09-16 02:46:56,173 DEBUG: https://objects.githubusercontent.com:443 "GET /github-production-release-asset-2e65be/753703846/0bc00f4e-14c3-4624-ad1f-d74a953f60ea?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=[MASKED]&X-Amz-Date=20240916T024656Z&X-Amz-Expires=300&X-Amz-Signature=[MASKED]&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=753703846&response-content-disposition=attachment%3B%20filename%3DPicGuard_1.0.2%2B407-free_universal.apk&response-content-type=application%2Fvnd.android.package-archive HTTP/1.1" 200 28478651
2024-09-16 02:46:56,949 DEBUG: tmp/binaries/com.kjxbyz.watermarkassistant_407.binary.apk: Verifies
Verified using v1 scheme (JAR signing): false
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): false
Verified using v4 scheme (APK Signature Scheme v4): false
Verified for SourceStamp: false
Number of signers: 1
DOES NOT VERIFY
ERROR: APK Signature Scheme v2 signer #1: APK integrity check failed. CHUNKED_SHA256 digest mismatch. Expected: <85eb57137d693b676e0410aebb5583368639823b7fdc3a2ea85d1fcc6a415b1a>, actual: <d2984348c4e5e6c6d3b8057d2c4a3cd02a06320f0dd74c8f138e258c7686e4a0>
2024-09-16 02:46:57,254 ERROR:
/tmp/tmp5xbjkj9t/sigcp_com.kjxbyz.watermarkassistant_407.apk:
2024-09-16 02:46:57,254 INFO: ...NOT verified - /tmp/tmp5xbjkj9t/sigcp_com.kjxbyz.watermarkassistant_407.apk
2024-09-16 02:46:57,951 DEBUG: > diff -r /tmp/tmp5xbjkj9t/tmp_binaries_com.kjxbyz.watermarkassistant_407.binary /tmp/tmp5xbjkj9t/_tmp_tmp5xbjkj9t_sigcp_com.kjxbyz.watermarkassistant_407
2024-09-16 02:46:58,195 WARNING: Keeping failed build "tmp/com.kjxbyz.watermarkassistant_407.apk"
2024-09-16 02:46:58,195 DEBUG: removing tmp/binaries/com.kjxbyz.watermarkassistant_407.binary.apk
2024-09-16 02:46:58,246 ERROR: Could not build app com.kjxbyz.watermarkassistant: compared built binary to supplied reference binary but failed
==== detail begin ====
verification of APK with copied signature failed
Comparing reference APK to APK with copied signature...
Unexpected diff output:
Binary files /tmp/tmp5xbjkj9t/tmp_binaries_com.kjxbyz.watermarkassistant_407.binary/content/lib/arm64-v8a/libapp.so and /tmp/tmp5xbjkj9t/_tmp_tmp5xbjkj9t_sigcp_com.kjxbyz.watermarkassistant_407/content/lib/arm64-v8a/libapp.so differ
Binary files /tmp/tmp5xbjkj9t/tmp_binaries_com.kjxbyz.watermarkassistant_407.binary/content/lib/armeabi-v7a/libapp.so and /tmp/tmp5xbjkj9t/_tmp_tmp5xbjkj9t_sigcp_com.kjxbyz.watermarkassistant_407/content/lib/armeabi-v7a/libapp.so differ
Binary files /tmp/tmp5xbjkj9t/tmp_binaries_com.kjxbyz.watermarkassistant_407.binary/content/lib/x86_64/libapp.so and /tmp/tmp5xbjkj9t/_tmp_tmp5xbjkj9t_sigcp_com.kjxbyz.watermarkassistant_407/content/lib/x86_64/libapp.so differ
==== detail end ====
2024-09-16 02:46:58,246 DEBUG: Error encountered, stopping by user request.
Uploading artifacts for failed job
00:05
Uploading artifacts...
WARNING: repo/: no matching files. Ensure that the artifact path is relative to the working directory (/builds/picguard/fdroiddata)
unsigned/: found 1 matching artifact files and directories
tmp/: found 3 matching artifact files and directories
WARNING: Upload request redirected location=https://gitlab.com/api/v4/jobs/7829671779/artifacts?artifact_format=zip&artifact_type=archive&expire_in=1+month new-url=https://gitlab.com
WARNING: Retrying... context=artifacts-uploader error=request redirected
Uploading artifacts as "archive" to coordinator... 201 Created id=7829671779 responseStatus=201 Created token=glcbt-66
Cleaning up project directory and file based variables
00:01
ERROR: Job failed: exit code 1
you can do this simple test
in your original APK: strings lib/arm64-v8a/libapp.so | grep file\:
and then do the same for the fdroidserver built one
you’ll see this issue: Reproducible Builds | F-Droid - Free and Open Source Android App Repository
if you build on Linux or macOS or some CI, we can fix it
1 Like
It should be caused by the embedded build paths.
I modify the build directory /tmp/build to /home/runner/work/picguard/picguard
Original APK:
file:///
file:
must have scheme 'file:'.
file:///home/runner/work/picguard/picguard/.dart_tool/flutter_build/dart_plugin_registrant.dart
file://
APK built by fdroidserver:
file:///
file:///tmp/build/.dart_tool/flutter_build/dart_plugin_registrant.dart
file:
must have scheme 'file:'.
file://
we use a trick for that yes, take a look at: metadata/tech.lolli.toolbox.yml · master · F-Droid / Data · GitLab
sudo:
- mkdir -p /home/runner
- chown vagrant /home/runner
...
prebuild:
- export repo=/home/runner/work/flutter_server_box
- mkdir -p $repo
- cd ..
- mv tech.lolli.toolbox $repo/flutter_server_box
- pushd $repo/flutter_server_box
...
- export PUB_CACHE=$(pwd)/.pub-cache
- $$flutter$$/bin/flutter config --no-analytics
- $$flutter$$/bin/flutter packages pub get
- popd
- mv $repo/flutter_server_box tech.lolli.toolbox
scandelete:
- .pub-cache
build:
- export repo=/home/runner/work/flutter_server_box
- cd ..
- mv tech.lolli.toolbox $repo/flutter_server_box
- pushd $repo/flutter_server_box
- export PUB_CACHE=$(pwd)/.pub-cache
- export PATH=$$flutter$$/bin/:$PATH
- $$flutter$$/bin/flutter build apk --release --split-per-abi --target-platform="android-arm64"
- popd
- mv $repo/flutter_server_box tech.lolli.toolbox
so we create the same folder as your local one (or your CI one) and move our folder there and build there, then move it back
1 Like
The output has been updated, but the error still exists.
APK built by fdroidserver:
file:///
file:
must have scheme 'file:'.
file:///home/runner/work/picguard/picguard/.dart_tool/flutter_build/dart_plugin_registrant.dart
file://
✓ Built build/app/outputs/flutter-apk/app-freeproduction-release.apk (28.5MB)
+ popd
~/build
+ mv /home/runner/work/picguard/picguard com.kjxbyz.watermarkassistant
2024-09-16 15:43:29,913 DEBUG: Popen(['git', 'cat-file', '--batch-check'], cwd=/home/vagrant/build/com.kjxbyz.watermarkassistant, universal_newlines=False, shell=None, istream=<valid stream>)
2024-09-16 15:43:29,949 INFO: Successfully built version 1.0.2 of com.kjxbyz.watermarkassistant from 372bd7c5292ce24f202892518e2a52f7f362986a
2024-09-16 15:43:30,050 DEBUG: Checking build/com.kjxbyz.watermarkassistant/build/app/outputs/flutter-apk/app-freeproduction-release.apk
2024-09-16 15:43:30,052 INFO: Scanning APK with dexdump for known non-free classes.
2024-09-16 15:43:30,060 DEBUG: > /opt/android-sdk/build-tools/34.0.0/dexdump /tmp/tmp8gpwvtev/classes.dex
2024-09-16 15:43:31,845 INFO: Created directory for storing developer supplied reference binaries: 'tmp/binaries'
2024-09-16 15:43:31,845 INFO: ...retrieving https://github.com/picguard/picguard/releases/download/v1.0.2+407/PicGuard_1.0.2+407-free_universal.apk
2024-09-16 15:43:31,858 DEBUG: Starting new HTTPS connection (1): github.com:443
2024-09-16 15:43:32,004 DEBUG: https://github.com:443 "GET /picguard/picguard/releases/download/v1.0.2+407/PicGuard_1.0.2+407-free_universal.apk HTTP/1.1" 302 0
2024-09-16 15:43:32,006 DEBUG: Starting new HTTPS connection (1): objects.githubusercontent.com:443
2024-09-16 15:43:32,144 DEBUG: https://objects.githubusercontent.com:443 "GET /github-production-release-asset-2e65be/753703846/0bc00f4e-14c3-4624-ad1f-d74a953f60ea?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=[MASKED]&X-Amz-Date=20240916T154331Z&X-Amz-Expires=300&X-Amz-Signature=[MASKED]&X-Amz-SignedHeaders=host&actor_id=0&key_id=0&repo_id=753703846&response-content-disposition=attachment%3B%20filename%3DPicGuard_1.0.2%2B407-free_universal.apk&response-content-type=application%2Fvnd.android.package-archive HTTP/1.1" 200 28478651
2024-09-16 15:43:32,807 DEBUG: tmp/binaries/com.kjxbyz.watermarkassistant_407.binary.apk: Verifies
Verified using v1 scheme (JAR signing): false
Verified using v2 scheme (APK Signature Scheme v2): true
Verified using v3 scheme (APK Signature Scheme v3): false
Verified using v4 scheme (APK Signature Scheme v4): false
Verified for SourceStamp: false
Number of signers: 1
DOES NOT VERIFY
ERROR: APK Signature Scheme v2 signer #1: APK integrity check failed. CHUNKED_SHA256 digest mismatch. Expected: <85eb57137d693b676e0410aebb5583368639823b7fdc3a2ea85d1fcc6a415b1a>, actual: <8637ca35176fc0f5de5c3bd5bc664d58789586282a3e45181e10a982a5f2f62f>
2024-09-16 15:43:33,110 ERROR:
/tmp/tmp9onsdg0_/sigcp_com.kjxbyz.watermarkassistant_407.apk:
2024-09-16 15:43:33,110 INFO: ...NOT verified - /tmp/tmp9onsdg0_/sigcp_com.kjxbyz.watermarkassistant_407.apk
2024-09-16 15:43:33,802 DEBUG: > diff -r /tmp/tmp9onsdg0_/tmp_binaries_com.kjxbyz.watermarkassistant_407.binary /tmp/tmp9onsdg0_/_tmp_tmp9onsdg0__sigcp_com.kjxbyz.watermarkassistant_407
2024-09-16 15:43:34,006 WARNING: Keeping failed build "tmp/com.kjxbyz.watermarkassistant_407.apk"
2024-09-16 15:43:34,006 DEBUG: removing tmp/binaries/com.kjxbyz.watermarkassistant_407.binary.apk
2024-09-16 15:43:34,059 ERROR: Could not build app com.kjxbyz.watermarkassistant: compared built binary to supplied reference binary but failed
==== detail begin ====
verification of APK with copied signature failed
Comparing reference APK to APK with copied signature...
Unexpected diff output:
Binary files /tmp/tmp9onsdg0_/tmp_binaries_com.kjxbyz.watermarkassistant_407.binary/content/lib/arm64-v8a/libapp.so and /tmp/tmp9onsdg0_/_tmp_tmp9onsdg0__sigcp_com.kjxbyz.watermarkassistant_407/content/lib/arm64-v8a/libapp.so differ
Binary files /tmp/tmp9onsdg0_/tmp_binaries_com.kjxbyz.watermarkassistant_407.binary/content/lib/armeabi-v7a/libapp.so and /tmp/tmp9onsdg0_/_tmp_tmp9onsdg0__sigcp_com.kjxbyz.watermarkassistant_407/content/lib/armeabi-v7a/libapp.so differ
Binary files /tmp/tmp9onsdg0_/tmp_binaries_com.kjxbyz.watermarkassistant_407.binary/content/lib/x86_64/libapp.so and /tmp/tmp9onsdg0_/_tmp_tmp9onsdg0__sigcp_com.kjxbyz.watermarkassistant_407/content/lib/x86_64/libapp.so differ
==== detail end ====
2024-09-16 15:43:34,059 DEBUG: Error encountered, stopping by user request.
Uploading artifacts for failed job
00:05
Uploading artifacts...
WARNING: repo/: no matching files. Ensure that the artifact path is relative to the working directory (/builds/picguard/fdroiddata)
unsigned/: found 1 matching artifact files and directories
tmp/: found 3 matching artifact files and directories
WARNING: Upload request redirected location=https://gitlab.com/api/v4/jobs/7836187081/artifacts?artifact_format=zip&artifact_type=archive&expire_in=1+month new-url=https://gitlab.com
WARNING: Retrying... context=artifacts-uploader error=request redirected
Uploading artifacts as "archive" to coordinator... 201 Created id=7836187081 responseStatus=201 Created token=glcbt-66
Cleaning up project directory and file based variables
00:00
ERROR: Job failed: exit code 1
Any updates?
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
It works for me! PR created. Thank you!