Improve gitlab-ci tests

This was motivated by eliminating insecure HTTP usage in gradle, so that when fdroid devs run builds without a buildserver, they are not exposing themselves to easy exploits. This will require that gradle repositories use the HTTPS URL, never the plain HTTP URL. gradle does not check this, nor even provide warnings. gradle will happily download code via plain HTTP and execute it immediately. ./gradlew will also download gradle via HTTP and execute it unverified without even a warning.

More details in the commit messages.

You can see this in action here: https://gitlab.com/eighthave/fdroiddata/-/jobs/48979906