-
Notifications
You must be signed in to change notification settings - Fork 13
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Switch to google-auth lib for authentication
This is not backwards-compatible: we now require the service account credentials in json format instead of PKCS#12 (and as a result the username is no longer passed separately, since it is directly available in the json file) Fixes #251
- Loading branch information
Showing
10 changed files
with
40 additions
and
77 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -37,27 +37,17 @@ source venv/bin/activate | |
* `sudo ln -s /usr/local/Cellar/openssl/1.0.2j/include/openssl/ /usr/local/include/openssl` | ||
5. Restore original permissions on /usr/local/bin: | ||
* `sudo chown root:wheel /usr/local` | ||
1. Some errors might happen when executing `mozapkpublisher/push_apk.py` | ||
1. You might have errors like | ||
* Errors in from_p12_keyfile in oauth2client/service_account.py or | ||
* ImportError: cannot import name `_openssl_crypt` | ||
* `pip uninstall oauth2client` | ||
* `pip install oauth2client==2.0.0` | ||
* `pip install google-api-python-client==1.5.0` | ||
1. Symbol not found: `_BIO_new_CMS` | ||
* `pip uninstall cryptography` | ||
* `LDFLAGS="-L/usr/local/opt/openssl/lib" pip install cryptography --no-use-wheel` | ||
|
||
## What to do when pushapk_scriptworker doesn't work? | ||
|
||
> A guide to manually publish APKs onto Google Play Store | ||
1. Generate a Google Play Store p12 certificate. This certificate needs to have write access to the app you want to publish. In this context, "app" means Fennec, Fennec Beta or Fennec Nightly. | ||
1. Generate a Google Play Store json certificate. This certificate needs to have write access to the app you want to publish. In this context, "app" means Fennec, Fennec Beta or Fennec Nightly. | ||
1. Execute the steps defined in the section above. | ||
1. Download the latest signed builds. For instance, for Fennec Nightly: `./mozapkpublisher/get_apk.py --latest-nightly` | ||
1. | ||
```sh | ||
./mozapkpublisher/push_apk.py --no-gp-string-update --track beta --credentials /path/to/your/googleplay/creds.p12 --service-account [email protected] x86.apk arm.apk | ||
./mozapkpublisher/push_apk.py --no-gp-string-update --track beta --credentials /path/to/your/googleplay/creds.json x86.apk arm.apk | ||
``` | ||
|
||
* Note `beta` track on Google Play, that's our way to show to people on Play Store that it's not a finished product. We don't use the "production" track for Nightly, unlike beta and release. | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -24,9 +24,6 @@ | |
aab2 = NamedTemporaryFile() | ||
|
||
AABS = [aab1, aab2] | ||
SERVICE_ACCOUNT = '[email protected]' | ||
CLIENT_ID = 'client' | ||
CLIENT_SECRET = 'secret' | ||
|
||
|
||
def patch_extract_metadata(monkeypatch): | ||
|
@@ -54,7 +51,7 @@ def patch_store_transaction(monkeypatch_, patch_target): | |
mock_edit = create_autospec(patch_target) | ||
|
||
@contextmanager | ||
def fake_transaction(_, __, ___, *, contact_server, dry_run): | ||
def fake_transaction(_, __, *, contact_server, dry_run): | ||
yield mock_edit | ||
|
||
monkeypatch_.setattr(patch_target, 'transaction', fake_transaction) | ||
|
@@ -64,7 +61,7 @@ def fake_transaction(_, __, ___, *, contact_server, dry_run): | |
def test_google(monkeypatch): | ||
mock_metadata = patch_extract_metadata(monkeypatch) | ||
edit_mock = patch_store_transaction(monkeypatch, store.GooglePlayEdit) | ||
push_aab(AABS, SERVICE_ACCOUNT, credentials, 'production', rollout_percentage=50, | ||
push_aab(AABS, credentials, 'production', rollout_percentage=50, | ||
contact_server=False) | ||
edit_mock.update_aab.assert_called_once_with([ | ||
(aab1, mock_metadata[aab1]), | ||
|
@@ -78,7 +75,7 @@ def test_push_aab_tunes_down_logs(monkeypatch): | |
monkeypatch.setattr('mozapkpublisher.push_aab.extract_aabs_metadata', MagicMock()) | ||
monkeypatch.setattr('mozapkpublisher.common.utils.metadata_by_package_name', MagicMock()) | ||
|
||
push_aab(AABS, SERVICE_ACCOUNT, credentials, 'alpha', contact_server=False) | ||
push_aab(AABS, credentials, 'alpha', contact_server=False) | ||
|
||
main_logging_mock.init.assert_called_once_with() | ||
|
||
|
@@ -94,7 +91,6 @@ def test_main_google(monkeypatch): | |
file = os.path.join(os.path.dirname(__file__), 'data', 'blob') | ||
fail_manual_validation_args = [ | ||
'script', | ||
'--username', '[email protected]', | ||
'--secret', file, | ||
'alpha', | ||
file, | ||
|
@@ -106,7 +102,6 @@ def test_main_google(monkeypatch): | |
|
||
mock_push_aab.assert_called_once_with( | ||
ANY, | ||
'[email protected]', | ||
file, | ||
'alpha', | ||
None, | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -24,9 +24,6 @@ | |
apk_arm = NamedTemporaryFile() | ||
|
||
APKS = [apk_x86, apk_arm] | ||
SERVICE_ACCOUNT = '[email protected]' | ||
CLIENT_ID = 'client' | ||
CLIENT_SECRET = 'secret' | ||
|
||
|
||
def patch_extract_metadata(monkeypatch): | ||
|
@@ -78,7 +75,7 @@ def patch_store_transaction(monkeypatch_, patch_target): | |
mock_edit = create_autospec(patch_target) | ||
|
||
@contextmanager | ||
def fake_transaction(_, __, ___, *, contact_server, dry_run): | ||
def fake_transaction(_, __, *, contact_server, dry_run): | ||
yield mock_edit | ||
|
||
monkeypatch_.setattr(patch_target, 'transaction', fake_transaction) | ||
|
@@ -88,7 +85,7 @@ def fake_transaction(_, __, ___, *, contact_server, dry_run): | |
def test_google(monkeypatch): | ||
mock_metadata = patch_extract_metadata(monkeypatch) | ||
edit_mock = patch_store_transaction(monkeypatch, store.GooglePlayEdit) | ||
push_apk(APKS, SERVICE_ACCOUNT, credentials, [], 'rollout', rollout_percentage=50, | ||
push_apk(APKS, credentials, [], 'rollout', rollout_percentage=50, | ||
contact_server=False) | ||
edit_mock.update_app.assert_called_once_with([ | ||
(apk_arm, mock_metadata[apk_arm]), | ||
|
@@ -102,7 +99,7 @@ def test_push_apk_tunes_down_logs(monkeypatch): | |
monkeypatch.setattr('mozapkpublisher.push_apk.extract_and_check_apks_metadata', MagicMock()) | ||
monkeypatch.setattr('mozapkpublisher.common.utils.metadata_by_package_name', MagicMock()) | ||
|
||
push_apk(APKS, SERVICE_ACCOUNT, credentials, [], 'alpha', contact_server=False) | ||
push_apk(APKS, credentials, [], 'alpha', contact_server=False) | ||
|
||
main_logging_mock.init.assert_called_once_with() | ||
|
||
|
@@ -118,7 +115,6 @@ def test_main_google(monkeypatch): | |
file = os.path.join(os.path.dirname(__file__), 'data', 'blob') | ||
fail_manual_validation_args = [ | ||
'script', | ||
'--username', '[email protected]', | ||
'--secret', file, | ||
'alpha', | ||
file, | ||
|
@@ -131,7 +127,6 @@ def test_main_google(monkeypatch): | |
|
||
mock_push_apk.assert_called_once_with( | ||
ANY, | ||
'[email protected]', | ||
file, | ||
['org.mozilla.fennec_aurora'], | ||
'alpha', | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,9 +1,8 @@ | ||
aiohttp | ||
androguard | ||
google-api-python-client | ||
google-auth | ||
humanize | ||
mozilla-version | ||
oauth2client | ||
pyOpenSSL # Even not imported once in mozapkpublisher, it's needed to open p12 files | ||
requests | ||
voluptuous |