Merge pull request #579 from Foundation-Devices/SFT-4448-signing-out-… #290
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: © 2021 Foundation Devices, Inc. <[email protected]> | |
# SPDX-License-Identifier: GPL-3.0-or-later | |
# | |
# validate_and_build.yaml - GitHub actions for Passport | |
name: Build | |
on: [push] | |
jobs: | |
firmware: | |
name: Firmware | |
runs-on: ubuntu-24.04 | |
strategy: | |
matrix: | |
build: | |
[ | |
{ screen: 'mono', suffix: '-founders-passport', hash_suffix: '-founders'}, | |
{ screen: 'color', suffix: '-passport', hash_suffix: ''}, | |
] | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v6 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: ./.github/actions/rust-toolchain | |
with: | |
toolchain: 1.77.1 | |
targets: thumbv7em-none-eabihf | |
- run: cargo install [email protected] --locked | |
- run: | | |
echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
echo "SCREEN_MODE=$(echo "${{ matrix.build.screen }}" | tr a-z A-Z)" >> $GITHUB_ENV | |
- name: Build | |
run: | | |
echo "$SIGNING_KEY" > ports/stm32/signing_key.pem | |
version=$(cat version.txt) | |
echo "version=$(cat version.txt)" >> $GITHUB_ENV | |
just hash signing_key.pem "${version}" build-Passport/v${version}-beta${{ matrix.build.suffix }}.bin ${{ matrix.build.screen}} | |
env: | |
SIGNING_KEY: ${{ secrets.UserSigningKey }} | |
- name: Upload firmware ELF | |
uses: actions/upload-artifact@v4 | |
with: | |
name: v${{env.version}}${{ matrix.build.suffix }}.elf | |
path: ports/stm32/build-Passport/firmware.elf | |
- name: Upload firmware (unsigned) | |
uses: actions/upload-artifact@v4 | |
with: | |
name: v${{env.version}}-unsigned${{ matrix.build.suffix }}.bin | |
path: ports/stm32/build-Passport/firmware-${{ env.SCREEN_MODE }}.bin | |
- name: Upload firmware (signed) | |
uses: actions/upload-artifact@v4 | |
with: | |
name: v${{env.version}}-beta${{ matrix.build.suffix }}.bin | |
path: ports/stm32/build-Passport/v${{env.version}}-beta${{ matrix.build.suffix }}.bin | |
- name: Upload MD5 Hash | |
uses: actions/upload-artifact@v4 | |
with: | |
name: v${{env.version}}${{ matrix.build.hash_suffix }}-md5 | |
path: ports/stm32/build-Passport/v${{env.version}}-beta${{ matrix.build.hash_suffix }}-md5 | |
- name: Upload Build Hash | |
uses: actions/upload-artifact@v4 | |
with: | |
name: v${{env.version}}${{ matrix.build.hash_suffix }}-build-hash | |
path: ports/stm32/build-Passport/v${{env.version}}-beta${{ matrix.build.hash_suffix }}-build-hash | |
- name: Upload SHA256 Hash | |
uses: actions/upload-artifact@v4 | |
with: | |
name: v${{env.version}}${{ matrix.build.hash_suffix }}-sha256 | |
path: ports/stm32/build-Passport/v${{env.version}}-beta${{ matrix.build.hash_suffix }}-sha256 | |
- name: Upload Hashes Markdown | |
uses: actions/upload-artifact@v4 | |
with: | |
name: v${{env.version}}${{ matrix.build.hash_suffix }}-hashes.md | |
path: ports/stm32/build-Passport/v${{env.version}}-beta${{ matrix.build.hash_suffix }}-hashes.md | |
bootloader: | |
name: Bootloader | |
runs-on: ubuntu-24.04 | |
needs: [firmware] | |
# TODO: SFT-1077. | |
strategy: | |
matrix: | |
screen: ['color'] | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v6 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: ./.github/actions/rust-toolchain | |
with: | |
toolchain: 1.77.1 | |
targets: thumbv7em-none-eabihf | |
- run: cargo install [email protected] --locked | |
- run: | | |
echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
echo "SCREEN_MODE=$(echo ${{ matrix.screen }} | tr a-z A-Z)" >> $GITHUB_ENV | |
- name: Build | |
run: just build-bootloader ${{ matrix.screen }} | |
- name: Upload bootloader | |
uses: actions/upload-artifact@v4 | |
with: | |
name: bootloader-${{ env.SCREEN_MODE }}.bin | |
path: ports/stm32/boards/Passport/bootloader/arm/release/bootloader-${{ env.SCREEN_MODE }}.bin | |
simulator: | |
name: Simulator | |
runs-on: ubuntu-24.04 | |
needs: [firmware] | |
strategy: | |
matrix: | |
screen: ['mono', 'color'] | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v6 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: ./.github/actions/rust-toolchain | |
with: | |
toolchain: 1.77.1 | |
targets: thumbv7em-none-eabihf | |
- run: cargo install [email protected] --locked | |
- run: echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
- name: Build | |
run: just build-simulator ${{ matrix.screen }} | |
build-tools: | |
name: Tools | |
runs-on: ubuntu-24.04 | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v3 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v6 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: ./.github/actions/rust-toolchain | |
with: | |
toolchain: 1.77.1 | |
targets: thumbv7em-none-eabihf | |
- run: cargo install [email protected] --locked | |
- run: echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
- name: Build | |
run: just tools |