From 8f8252eff810ef4723005d872a4664aab8f8d281 Mon Sep 17 00:00:00 2001 From: Alex Pyrgiotis Date: Mon, 4 Nov 2024 15:52:35 +0200 Subject: [PATCH 1/3] Increase the size of the `dz` qube to 5GiB Increase the size of the `dz` qube in our build instructions. We increase it from 2GiB (default), to 5GiB (suggested), in order to cater for some extra space that our build instructions need (e.g., the download of the Tesseract data). --- BUILD.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/BUILD.md b/BUILD.md index c395f50..5845a65 100644 --- a/BUILD.md +++ b/BUILD.md @@ -260,11 +260,16 @@ The following instructions require typing commands in a terminal in dom0. ``` qvm-create --class AppVM --label red --template fedora-40-dz dz + qvm-volume resize dz:private $(numfmt --from=auto 5Gi) ``` > :bulb: Alternatively, you can use a different app qube for Dangerzone > development. In that case, replace `dz` with the qube of your choice in the > steps below. + > + > In the commands above, we also resize the private volume of the `dz` qube + > to 5GiB, since the Tesseract data that will be downloaded in the next steps + > take a bit of space. 4. Add an RPC policy (`/etc/qubes/policy.d/50-dangerzone.policy`) that will allow launching a disposable qube (`dz-dvm`) when Dangerzone converts a From eb095a612aeb48c464ebb54cef2eca56609191e8 Mon Sep 17 00:00:00 2001 From: Alex Pyrgiotis Date: Mon, 4 Nov 2024 16:17:35 +0200 Subject: [PATCH 2/3] Update our description --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 69a3304..a3a9d35 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,7 @@ Take potentially dangerous PDFs, office documents, or images and convert them to | ![Settings](./assets/screenshot1.png) | ![Converting](./assets/screenshot2.png) |--|--| -Dangerzone works like this: You give it a document that you don't know if you can trust (for example, an email attachment). Inside of a sandbox, Dangerzone converts the document to a PDF (if it isn't already one), and then converts the PDF into raw pixel data: a huge list of RGB color values for each page. Then, in a separate sandbox, Dangerzone takes this pixel data and converts it back into a PDF. +Dangerzone works like this: You give it a document that you don't know if you can trust (for example, an email attachment). Inside of a sandbox, Dangerzone converts the document to a PDF (if it isn't already one), and then converts the PDF into raw pixel data: a huge list of RGB color values for each page. Then, outside of the sandbox, Dangerzone takes this pixel data and converts it back into a PDF. _Read more about Dangerzone in the [official site](https://dangerzone.rocks/about/)._ From dad09ada660d74f0affe71577c75ac889bb973b9 Mon Sep 17 00:00:00 2001 From: Alex Pyrgiotis Date: Mon, 4 Nov 2024 15:48:53 +0200 Subject: [PATCH 3/3] dev_scripts: Implement two more steps Implement the following steps from the QA docs: 1. Check if the latest Python version that we support is installed. For example, we currently support Python 3.12, so we add code to check that the latest Python 3.12.x version is installed. 2. Download the Tesseract data using our script, both on Windows and Linux. --- dev_scripts/qa.py | 41 ++++++++++++++++++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/dev_scripts/qa.py b/dev_scripts/qa.py index 8bc95b7..956794d 100755 --- a/dev_scripts/qa.py +++ b/dev_scripts/qa.py @@ -3,14 +3,21 @@ import abc import argparse import difflib +import json import logging import re import selectors import subprocess import sys +import urllib.request +from pathlib import Path logger = logging.getLogger(__name__) +PYTHON_VERSION_STR = "3.12" +PYTHON_VERSION = [int(num) for num in PYTHON_VERSION_STR.split(".")] +EOL_PYTHON_URL = "https://endoflife.date/api/python.json" + CONTENT_QA = r"""## QA To ensure that new releases do not introduce regressions, and support existing @@ -776,6 +783,10 @@ class QABase(abc.ABC): self.prompt("Does it pass?", choices=["y", "n"]) logger.info("Successfully completed QA scenarios") + @task("Download Tesseract data", auto=True) + def download_tessdata(self): + self.run("python", str(Path("install", "common", "download-tessdata.py"))) + @classmethod @abc.abstractmethod def get_id(cls): @@ -802,6 +813,31 @@ class QAWindows(QABase): while msvcrt.kbhit(): msvcrt.getch() + @QABase.task( + f"Install the latest version of Python {PYTHON_VERSION_STR}", ref=REF_BUILD + ) + def install_python(self): + cur_version = list(sys.version_info[:3]) + + logger.info("Getting latest Python release") + with urllib.request.urlopen(EOL_PYTHON_URL) as f: + resp = f.read() + releases = json.loads(resp) + for release in releases: + if release["cycle"] == PYTHON_VERSION_STR: + latest_version = [int(num) for num in release["latest"].split(".")] + if latest_version > cur_version: + self.prompt( + f"You need to install the latest Python version ({release['latest']})" + ) + elif latest_version == cur_version: + logger.info( + f"Verified that the latest Python version ({release['latest']}) is installed" + ) + return + + logger.error("Could not verify that the latest Python version is installed") + @QABase.task("Install and Run Docker Desktop", ref=REF_BUILD) def install_docker(self): logger.info("Checking if Docker Desktop is installed and running") @@ -816,7 +852,7 @@ class QAWindows(QABase): ) def install_poetry(self): self.run("python", "-m", "pip", "install", "poetry") - self.run("poetry", "install") + self.run("poetry", "install", "--sync") @QABase.task("Build Dangerzone container image", ref=REF_BUILD, auto=True) def build_image(self): @@ -838,9 +874,11 @@ class QAWindows(QABase): return "windows" def start(self): + self.install_python() self.install_docker() self.install_poetry() self.build_image() + self.download_tessdata() self.run_tests() self.build_dangerzone_exe() @@ -933,6 +971,7 @@ class QALinux(QABase): def start(self): self.build_dev_image() self.build_container_image() + self.download_tessdata() self.run_tests() self.build_package() self.build_qa_image()