-
Notifications
You must be signed in to change notification settings - Fork 4
90 lines (81 loc) · 4.46 KB
/
build-pro.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
name: "build-pro"
on:
schedule:
- cron: '30 19 * * 0,1,2,3,4'
workflow_dispatch:
jobs:
build-pro:
runs-on: ubuntu-20.04
steps:
- name: "Checkout"
uses: actions/checkout@v3
- name: Populate vars
id: vars
run: |
BOOT_VERSION=$(./tools/version.sh ./core/embed/bootloader/version.h)
FIRMWARE_VERSION=$(cat ./core/embed/firmware/version.h | grep -E '#define ONEKEY_VERSION_(MAJOR|MINOR|PATCH)' | awk '{printf "%s.", $3}' | sed 's/\.$//')
BUILD_DATE=$(date +"%Y%m%d")
SHORT_HASH=$(git rev-parse --short HEAD)
echo "BOOT_VERSION=$BOOT_VERSION" >> $GITHUB_ENV
echo "FIRMWARE_VERSION=$FIRMWARE_VERSION" >> $GITHUB_ENV
echo "BUILD_DATE=$BUILD_DATE" >> $GITHUB_ENV
echo "SHORT_HASH=$SHORT_HASH" >> $GITHUB_ENV
echo "ARTIFACTS_URL="$GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID"" >> $GITHUB_ENV
- name: "Build boardloader bootloader firmware for production"
env:
PRODUCTION: 1
run: |
sh <(curl -L https://releases.nixos.org/nix/nix-2.23.3/install) --no-daemon
. $HOME/.nix-profile/etc/profile.d/nix.sh
nix-shell --run "poetry install"
git submodule update --init --recursive
nix-shell --run "poetry run make -C core build_boardloader"
nix-shell --run "poetry run make -C core build_bootloader"
nix-shell --run "poetry run make -C core build_firmware"
nix-shell --run "poetry run core/tools/headertool.py -h core/build/firmware/pro*Stable*.bin -S 1:${{ secrets.SECRET_KEY_1 }} -S 2:${{ secrets.SECRET_KEY_2 }}"
mkdir -p core/build/output/prod
cp ./core/build/boardloader/boardloader.bin core/build/output/prod
cp ./core/build/bootloader/pro.bootloader*Stable*.bin core/build/output/prod
cp ./core/build/firmware/pro*Stable*.bin core/build/output/prod
tools/hash.py -t bootloader -f core/build/bootloader/bootloader.bin > core/build/output/prod/bootloader_sha256.txt
tools/hash.py -t firmware -f core/build/firmware/pro.*.bin > core/build/output/prod/firmware_sha256.txt
- name: "Build boardloader bootloader firmware for qa"
env:
PRODUCTION: 0
run: |
sh <(curl -L https://releases.nixos.org/nix/nix-2.23.3/install) --no-daemon
. $HOME/.nix-profile/etc/profile.d/nix.sh
nix-shell --run "poetry install"
git submodule update --init --recursive
nix-shell --run "poetry run make -C core clean"
nix-shell --run "poetry run make -C core build_boardloader"
nix-shell --run "poetry run make -C core build_bootloader"
nix-shell --run "poetry run make -C core build_firmware"
nix-shell --run "poetry run core/tools/headertool.py -h core/build/bootloader/pro.bootloader*Stable*.bin -S 1:${{ secrets.SECRET_QA_KEY_1 }} -S 2:${{ secrets.SECRET_QA_KEY_2 }}"
nix-shell --run "poetry run core/tools/headertool.py -h core/build/firmware/pro*Stable*.bin -S 1:${{ secrets.SECRET_QA_KEY_1 }} -S 2:${{ secrets.SECRET_QA_KEY_2 }}"
mkdir -p core/build/output/qa
cp ./core/build/boardloader/boardloader.bin core/build/output/qa
cp ./core/build/bootloader/pro.bootloader*Stable*.bin core/build/output/qa
cp ./core/build/firmware/pro*Stable*.bin core/build/output/qa
tools/hash.py -t bootloader -f core/build/bootloader/bootloader.bin > core/build/output/qa/bootloader_sha256.txt
tools/hash.py -t firmware -f core/build/firmware/pro.*.bin >> core/build/output/qa/firmware_sha256.txt
- name: "Upload Artifacts"
uses: actions/upload-artifact@v3
with:
name: firmware-${{ github.sha }}
path: |
./core/build/output
- name: "Notify to Slack"
uses: onekeyhq/actions/notice-slack-app-update@main
with:
web-hook-url: ${{ secrets.SLACK_DEV_RELEASE_WEBHOOK }}
artifact-type: PRO-FIRMWARE
artifact-name: Pro-Hardware-Firmware
artifact-bundle-id: 'so.onekey.firmware.pro'
artifact-version-name: '${{ env.FIRMWARE_VERSION }}'
artifact-version-code: '${{ env.SHORT_HASH }}-${{ env.BUILD_DATE }}'
artifact-download-url: '${{ env.ARTIFACTS_URL }}'
change-log: 'firmware@${{ env.FIRMWARE_VERSION }} / boot@${{ env.BOOT_VERSION }}'
custom-issue-url: ''
custom-message-title: ''
custom-message-payload: ''