Added a section re pushing wallet to device.
It is surprisingly tricky, but using specifically the "/data/local/tmp"
folder as an intermediary, it works.
Note that 0f541be6f1 added a warning log if asserts are disabled.
It is intentional that these two things are in separate files:
We always want to log that warning, even if someone is using electrum as a library.
However, in that latter case, I think it's fine not to sys.exit(), but leave the decision up to the library user.
Similar thinking when running from source: let's log the warning but don't sys.exit().
- repro builds to use fixed uid=1000 inside the container
- in case the file permissions leak into the binaries, they are still reproducible
- chown 1000:1000 fresh_clone
- repro builds to create fresh_clone dir outside git clone
- otherwise the local dev build would still interact with the fresh_clone dir
- due to e.g. recursive "find -exec touch",
- and even the "docker build" cmd itself would try to stat/read it
- see https://github.com/docker/for-linux/issues/380
- and "rm -rf fresh_clone" needs sudo if the host uid is not 1000
- this way the local dev build does not need sudo
to recap:
- local dev builds use the host userid inside the container, directly operate on the project dir
- does not need sudo
- repro builds create a fresh git clone, chown it to 1000, and use userid=1000 inside the container
- if the host userid is 1000, does not need sudo
- otherwise, needs sudo
closes https://github.com/spesmilo/electrum/issues/8261
reproducibility probably needs a hardcoded userid
Also, move the UID arg later in the dockerfiles, for better caching.
(if local dev build and repro build set different UIDs, the build caches
will diverge at that step)
The .dockerignore symlink in the project root dir is only picked up by the android build.
The android build has the project root as its build context for "docker build" --
the other builds have their own subdirectories as build context, e.g. contrib/build-linux/appimage.
No longer needed with the "chmod 444 *" trick in 697c700a1f.
(it is now cheap to re-run upload.sh, it no longer redundantly re-uploads hundreds of MBs)
- follow-up prev: CONTRIB was not defined
- rm folder signed/stripped if already exists (otherwise script early-exited silently)
- quote paths to guard against whitespace shenanigans
This allows the add_cosigner workflow to be done before the website links to new binaries.
(so Emzy or other builders can try to reproduce builds and add signatures before new binaries are fully live)
Victor Forgeoux
ThomasV
SomberNight
Sander van Grieken