[Qa-jenkins-scm] Build failed in Jenkins: reproducible_fdroid_test #427
jenkins at jenkins.debian.net
jenkins at jenkins.debian.net
Tue Mar 23 20:44:38 GMT 2021
See <https://jenkins.debian.net/job/reproducible_fdroid_test/427/display/redirect?page=changes>
Changes:
[hans] buildserver: SharedFoldersEnableSymlinksCreate: false
[hans] include /etc/issue.net in status JSON to identify the base system
[hans] verify: include diffoscope setup info in output JSON
[hans] add complete tests for finding apksigner; fix minor detection bug
[hans] jenkins-build-all: use $WORKSPACE var to find correct file to modify
------------------------------------------
[...truncated 34.43 KB...]
.WARNING:root:config.py is deprecated, use config.yml
DOES NOT VERIFY
ERROR: Missing META-INF/MANIFEST.MF
ERROR:root:
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/urzip-release-unsigned.apk:
DEBUG:root:> /usr/bin/apksigner sign --ks /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/keystore.jks --ks-pass env:FDROID_KEY_STORE_PASS --key-pass env:FDROID_KEY_PASS --ks-key-alias sova --in /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/urzip-release-unsigned.apk --out /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/urzip-release.apk
DEBUG:root:/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/urzip-release.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true
Number of signers: 1
DEBUG:root:> /usr/bin/apksigner sign --ks /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/keystore.jks --ks-pass env:FDROID_KEY_STORE_PASS --key-pass env:FDROID_KEY_PASS --ks-key-alias sova --in /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/duplicate.permisssions_9999999-unsigned.apk --out /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/duplicate.permisssions_9999999.apk
DEBUG:root:/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/duplicate.permisssions_9999999.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true
Number of signers: 1
DOES NOT VERIFY
ERROR: No JAR signatures
ERROR:root:
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/minimal_targetsdk_30_unsigned.apk:
DEBUG:root:> /usr/bin/apksigner sign --ks /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/keystore.jks --ks-pass env:FDROID_KEY_STORE_PASS --key-pass env:FDROID_KEY_PASS --ks-key-alias sova --in /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/minimal_targetsdk_30_unsigned.apk --out /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/minimal_targetsdk_30.apk
DEBUG:root:/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/minimal_targetsdk_30.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true
Number of signers: 1
DEBUG:root:> /usr/bin/apksigner sign --ks /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/keystore.jks --ks-pass env:FDROID_KEY_STORE_PASS --key-pass env:FDROID_KEY_PASS --ks-key-alias sova --in /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/no_targetsdk_minsdk30_unsigned.apk --out /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/no_targetsdk_minsdk30_signed.apk
DEBUG:root:/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/no_targetsdk_minsdk30_signed.apk: Verifies
Verified using v1 scheme (JAR signing): false
Verified using v2 scheme (APK Signature Scheme v2): true
Number of signers: 1
DOES NOT VERIFY
ERROR: No JAR signatures
ERROR:root:
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/no_targetsdk_minsdk1_unsigned.apk:
DEBUG:root:> /usr/bin/apksigner sign --ks /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/keystore.jks --ks-pass env:FDROID_KEY_STORE_PASS --key-pass env:FDROID_KEY_PASS --ks-key-alias sova --in /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/no_targetsdk_minsdk1_unsigned.apk --out /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/no_targetsdk_minsdk1_signed.apk
DEBUG:root:/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_sign_apkixiq76vb/no_targetsdk_minsdk1_signed.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): true
Number of signers: 1
.WARNING:root:config.py is deprecated, use config.yml
DEBUG:root:> /usr/bin/jarsigner -keystore keystore.jks -storepass:env FDROID_KEY_STORE_PASS -digestalg SHA1 -sigalg SHA1withRSA /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_signjar3tc9tm75/testy.jar sova -keypass:env FDROID_KEY_PASS
jar signed.
Warning:
The signer's certificate is self-signed.
The SHA1 algorithm specified for the -digestalg option is considered a security risk. This algorithm will be disabled in a future update.
The SHA1withRSA algorithm specified for the -sigalg option is considered a security risk. This algorithm will be disabled in a future update.
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/common.TestCase:389: ResourceWarning: unclosed file <_io.BufferedReader name='/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/signindex/testy.jar'>
self.assertNotEqual(open(sourcefile, 'rb').read(), open(testfile, 'rb').read())
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/common.TestCase:389: ResourceWarning: unclosed file <_io.BufferedReader name='/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_signjar3tc9tm75/testy.jar'>
self.assertNotEqual(open(sourcefile, 'rb').read(), open(testfile, 'rb').read())
ResourceWarning: Enable tracemalloc to get the object allocation traceback
DEBUG:root:> /usr/bin/jarsigner -keystore keystore.jks -storepass:env FDROID_KEY_STORE_PASS -digestalg SHA1 -sigalg SHA1withRSA /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_signjar3tc9tm75/guardianproject.jar sova -keypass:env FDROID_KEY_PASS
jar signed.
Warning:
The signer's certificate is self-signed.
The SHA1 algorithm specified for the -digestalg option is considered a security risk. This algorithm will be disabled in a future update.
The SHA1withRSA algorithm specified for the -sigalg option is considered a security risk. This algorithm will be disabled in a future update.
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/common.TestCase:389: ResourceWarning: unclosed file <_io.BufferedReader name='/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/signindex/guardianproject.jar'>
self.assertNotEqual(open(sourcefile, 'rb').read(), open(testfile, 'rb').read())
ResourceWarning: Enable tracemalloc to get the object allocation traceback
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/common.TestCase:389: ResourceWarning: unclosed file <_io.BufferedReader name='/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_signjar3tc9tm75/guardianproject.jar'>
self.assertNotEqual(open(sourcefile, 'rb').read(), open(testfile, 'rb').read())
ResourceWarning: Enable tracemalloc to get the object allocation traceback
...WARNING:root:config.py is deprecated, use config.yml
DEBUG:root:bad-unicode-πÇÇ现代通用字-български-عربي1.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
DEBUG:root:org.bitbucket.tickytacky.mirrormirror_1.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
DEBUG:root:org.bitbucket.tickytacky.mirrormirror_2.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
DEBUG:root:org.bitbucket.tickytacky.mirrormirror_3.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
DEBUG:root:org.bitbucket.tickytacky.mirrormirror_4.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
DEBUG:root:org.dyndns.fules.ck_20.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
WARNING: META-INF/buildserverid not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
WARNING: META-INF/fdroidserverid not protected by signature. Unauthorized modifications to this JAR entry will not be detected. Delete or move the entry outside of META-INF/.
DEBUG:root:urzip.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
DOES NOT VERIFY
ERROR: JAR signer CERT.RSA: JAR signature META-INF/CERT.RSA did not verify against META-INF/CERT.SF
ERROR:root:
urzip-badcert.apk:
DOES NOT VERIFY
ERROR: JAR signer CERT.RSA: SHA-1 digest of META-INF/MANIFEST.MF section for AndroidManifest.xml does not match the digest specified in META-INF/CERT.SF. Expected: <JYBUMhOCUqbNupF0uRUilMG8psI=>, actual: <osOjbkldSAk+vTAdsdLeXI6f58c=>
ERROR:root:
urzip-badsig.apk: WARNING: JAR signer CERT.RSA: SHA-1 digest of META-INF/MANIFEST.MF does not match the digest specified in META-INF/CERT.SF. Expected: <xnVQzXMpgNgZtvjZJC+y28A9cjo=>, actual: <5+8iqbzUfegBixjQUeg1++LwFe4=>
DEBUG:root:urzip-release.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
DOES NOT VERIFY
ERROR: Missing META-INF/MANIFEST.MF
ERROR:root:
urzip-release-unsigned.apk:
.WARNING:root:config.py is deprecated, use config.yml
DEBUG:root:/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-copy.apk: Verifies
Verified using v1 scheme (JAR signing): true
Verified using v2 scheme (APK Signature Scheme v2): false
Number of signers: 1
WARNING:root:Ignoring META-INF/MANIFEST.MF from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-copy.apk
WARNING:root:Ignoring META-INF/CERT.SF from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-copy.apk
WARNING:root:Ignoring META-INF/CERT.RSA from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-copy.apk
DEBUG:root:JAR signature verified: /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/sigcp_urzip-copy.apk
INFO:root:...successfully verified
DEBUG:root:JAR signature verified: /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/sigcp_urzip-unsigned.apk
INFO:root:...successfully verified
DOES NOT VERIFY
ERROR: Duplicate entry: META-INF/MANIFEST.MF
ERROR: Duplicate entry: META-INF/CERT.SF
ERROR: Duplicate entry: META-INF/CERT.RSA
/usr/lib/python3.7/zipfile.py:1470: UserWarning: Duplicate name: 'META-INF/MANIFEST.MF'
return self._open_to_write(zinfo, force_zip64=force_zip64)
/usr/lib/python3.7/zipfile.py:1470: UserWarning: Duplicate name: 'META-INF/CERT.SF'
return self._open_to_write(zinfo, force_zip64=force_zip64)
/usr/lib/python3.7/zipfile.py:1470: UserWarning: Duplicate name: 'META-INF/CERT.RSA'
return self._open_to_write(zinfo, force_zip64=force_zip64)
ERROR:root:
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-twosig.apk:
WARNING:root:Ignoring META-INF/MANIFEST.MF from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-twosig.apk
WARNING:root:Ignoring META-INF/MANIFEST.MF from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-twosig.apk
WARNING:root:Ignoring META-INF/CERT.SF from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-twosig.apk
WARNING:root:Ignoring META-INF/CERT.SF from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-twosig.apk
WARNING:root:Ignoring META-INF/CERT.RSA from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-twosig.apk
WARNING:root:Ignoring META-INF/CERT.RSA from /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp/urzip-twosig.apk
DEBUG:root:JAR signature verified: /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/sigcp_urzip-twosig.apk
INFO:root:...successfully verified
.WARNING:root:config.py is deprecated, use config.yml
.WARNING:root:config.py is deprecated, use config.yml
DEBUG:root:JAR signature verified: /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/signindex/testy.jar
DEBUG:root:JAR signature verified: /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/signindex/guardianproject.jar
.WARNING:root:config.py is deprecated, use config.yml
DEBUG:root:JAR signature verified: bad-unicode-πÇÇ现代通用字-български-عربي1.apk
DEBUG:root:JAR signature verified: org.bitbucket.tickytacky.mirrormirror_1.apk
DEBUG:root:JAR signature verified: org.bitbucket.tickytacky.mirrormirror_2.apk
DEBUG:root:JAR signature verified: org.bitbucket.tickytacky.mirrormirror_3.apk
DEBUG:root:JAR signature verified: org.bitbucket.tickytacky.mirrormirror_4.apk
DEBUG:root:JAR signature verified: org.dyndns.fules.ck_20.apk
DEBUG:root:JAR signature verified: urzip.apk
ERROR:root:Old APK signature failed to verify: urzip-badcert.apk
jarsigner: java.lang.SecurityException: cannot verify signature block file META-INF/CERT
ERROR:root:Old APK signature failed to verify: urzip-badsig.apk
jarsigner: java.lang.SecurityException: invalid SHA1 signature file digest for AndroidManifest.xml
DEBUG:root:JAR signature verified: urzip-release.apk
ERROR:root:Old APK signature failed to verify: urzip-release-unsigned.apk
no manifest.
jar is unsigned.
..ERROR:root:Conflicting config files! Using config.yml, ignoring config.py!
DEBUG:root:Reading 'config.yml'
.WARNING:root:config.py is deprecated, use config.yml
.DEBUG:root:Reading 'config.yml'
.DEBUG:root:Reading 'config.yml'
WARNING:root:unsafe permissions on 'config.yml' (should be 0600)!
.WARNING:root:No config.yml found, using defaults.
..WARNING:root:config.py is deprecated, use config.yml
WARNING:root:config.py is deprecated, use config.yml
WARNING:root:unsafe permissions on 'config.py' (should be 0600)!
..DEBUG:root:Reading 'config.yml'
DEBUG:root:Reading 'config.yml'
WARNING:root:unsafe permissions on 'config.yml' (should be 0600)!
.localmodule: /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps
testdir /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_prepare_sources_refreshooxpmi_c
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_remove_signing_keys13h3newo
/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_setup_status_output8z0anxk1
testdir /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/.testfiles/test_verify_apkse3wl7jyp
apksigner: yml
keypass: mysecretpassword
Tue 23 Mar 2021 08:44:37 PM UTC - cleanup in progress...
======================================================================
ERROR: test_find_apksigner_system_package_android_home (__main__.CommonTest)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/tests/common.TestCase", line 702, in test_find_apksigner_system_package_android_home
os.path.dirname(os.path.dirname(config.get('apksigner'))),
File "/usr/lib/python3.7/posixpath.py", line 156, in dirname
p = os.fspath(p)
TypeError: expected str, bytes or os.PathLike object, not NoneType
----------------------------------------------------------------------
Ran 70 tests in 34.284s
FAILED (errors=1)
+ cleanup_all
+ set +e
++ date -u
+ echo 'Tue 23 Mar 2021 08:44:37 PM UTC - cleanup in progress...'
+ killall adb
adb: no process found
+ killall gpg-agent
+ fdroiddata=/var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/fdroiddata
+ git -C /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/fdroiddata status
On branch master
Your branch is up to date with 'origin/master'.
nothing to commit, working tree clean
++ basename /tmp/jenkins-script-XONQirys
++ date +%s
+ jobtmpdir=/tmp/jenkins-script-XONQirys-1616532277/
+ mkdir /tmp/jenkins-script-XONQirys-1616532277/
++ git -C /var/lib/jenkins/userContent/reproducible/reproducible_fdroid_build_apps/fdroiddata status
++ sed -En 's,\s+modified:\s+,,p'
++ date -u
Tue 23 Mar 2021 08:44:38 PM UTC - cleanup done.
+ echo 'Tue 23 Mar 2021 08:44:38 PM UTC - cleanup done.'
Tue 23 Mar 2021 08:44:38 PM UTC - reproducible_fdroid_test.sh stopped running as /tmp/jenkins-script-XONQirys, which will now be removed.
SSH EXIT CODE: 1
Build step 'Execute shell' marked build as failure
More information about the Qa-jenkins-scm
mailing list