How to build release version? release-android.sh fail with "release/password cannot be represented as a Nix string"

Question

How to build release version? release-android.sh fail with "release/password cannot be represented as a Nix string"

Closed this issue 3 years ago · 4 comments

Running ./release-android.sh Result in error:

++ nix-build --arg gitHash '"79d33f55"' -A android.ergvein-wallet --arg release true -o android-release
error: the contents of the file '/tmp/ergvein/release/password' cannot be represented as a Nix string
(use '--show-trace' to show detailed location information)

Cause the file ./release/password is encrypted with GITCRYPT, what the contents of the file should be? (not actual secrets)

I am looking to test this app for reproducible-builds and need to build a release app (the ./make-android.sh create debug app), can you post dummy content for ./release/password file and possibly add section in README for it (how to build release version)

Answer 1 · 2021-06-15T10:17:35.000Z

Hi, ./release/password contains password for signing key for release APK.

I will add a section how to build release with own keys to README.md.

Answer 2 · 2021-06-15T11:09:47.000Z

@emanuelb, could you test a branch from #967? it contains manual and modified scripts for custom release build.

Answer 3 · 2021-06-15T11:35:35.000Z

Reopen until @emanuelb confirmed that the PR solves the question.

Answer 4 · 2021-06-18T11:38:06.000Z

Thanks, changed the file manually (applied patch) and called keytool command to generate store and it worked.
used Containerfile:
build: podman build --rm -t ergvein_build_apk_alpine -f Containerfile
run: podman run --rm --name ergvein_build_apk_alpine -ti ergvein_build_apk_alpine

FROM ubuntu:rolling

RUN set -ex; \
    apt-get update; \
    DEBIAN_FRONTEND=noninteractive apt-get install --yes -o APT::Install-Suggests=false --no-install-recommends \
        git \
        curl \
        gnupg2 \
        xz-utils \
        sudo \
        ca-certificates \
        openjdk-11-jre-headless; \
    rm -rf /var/lib/apt/lists/*; \
    useradd -ms /bin/bash sroot; \
    echo 'sroot ALL=(ALL:ALL) NOPASSWD: ALL' > /etc/sudoers.d/sroot;

USER sroot

RUN set -ex; \
    cd /home/sroot/; \
    curl -o install-nix-2.3.12 https://releases.nixos.org/nix/nix-2.3.12/install; \
    curl -o install-nix-2.3.12.asc https://releases.nixos.org/nix/nix-2.3.12/install.asc; \
    curl -o edolstra.gpg https://nixos.org/edolstra.gpg; \
    gpg2 --import edolstra.gpg; \
    gpg2 --verify ./install-nix-2.3.12.asc; \
    mkdir -p ~/.config/nix/; \
    echo 'sandbox = false' > ~/.config/nix/nix.conf; \
    sh ./install-nix-2.3.12; \
    git clone https://github.com/hexresearch/ergvein; \
    cd ergvein; \
    git checkout v25;

WORKDIR /home/sroot/ergvein/

in container run:

USER=sroot . /home/sroot/.nix-profile/etc/profile.d/nix.sh;
nix-env -iA cachix -f https://cachix.org/api/v1/install;
USER=sroot cachix use ergvein;
rm default.nix;
curl -o default.nix https://raw.githubusercontent.com/hexresearch/ergvein/f007af96444f1bb0e277f1f202d6c643b5c8c922/default.nix
keytool -genkey -alias ergvein_releasekey -keystore /home/sroot/ergvein/release/ergvein.keystore -storetype PKCS12 -keyalg RSA -keysize 4096 -storepass ergvein_releasekey -keypass ergvein_releasekey -validity 10000 -dname CN=IL;
echo ergvein_releasekey >  /home/sroot/ergvein/release/ergveinpassword
/home/sroot/ergvein/release-android.sh --arg releasePasswordFile /home/sroot/ergvein/release/ergveinpassword --arg releaseKeyStore /home/sroot/ergvein/release/ergvein.keystore