From 8f9ff17bef3904e0de13504baa8bd923bfa6bec6 Mon Sep 17 00:00:00 2001
From: Nicolas Stalder <n@stalder.io>
Date: Wed, 13 Feb 2019 23:58:45 +0100
Subject: [PATCH] ability to build solo versions via `make docker-build
 SOLO_VERSION=...`

---
 .gitignore      |  2 ++
 Dockerfile      | 47 +++++------------------------------------------
 Makefile        | 11 +++++++----
 builds/.gitkeep |  0
 docker-build.sh | 21 +++++++++++++++++++++
 5 files changed, 35 insertions(+), 46 deletions(-)
 create mode 100644 builds/.gitkeep
 create mode 100755 docker-build.sh

diff --git a/.gitignore b/.gitignore
index f6da0e3..2571b5f 100644
--- a/.gitignore
+++ b/.gitignore
@@ -91,3 +91,5 @@ targets/efm32/EFM32_EFM32JG1B200F128GM32.hwconf
 targets/efm32/emlib/em_adc.c
 targets/efm32/emlib/em_assert.c
 targets/efm32/emlib/em_cmu.c
+
+builds/*
diff --git a/Dockerfile b/Dockerfile
index 5c2f51b..f987e91 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,11 +1,10 @@
-# Step 1: build the firmware
 FROM debian:stretch-slim
 MAINTAINER SoloKeys <hello@solokeys.com>
 
 RUN apt-get update -qq
 RUN apt-get install -qq bzip2 git make wget >/dev/null
 
-# get ARM GCC
+# 1. ARM GCC: for compilation
 RUN wget -q -O gcc.tar.bz2 https://developer.arm.com/-/media/Files/downloads/gnu-rm/8-2018q4/gcc-arm-none-eabi-8-2018-q4-major-linux.tar.bz2?revision=d830f9dd-cd4f-406d-8672-cca9210dd220?product=GNU%20Arm%20Embedded%20Toolchain,64-bit,,Linux,8-2018-q4-major
 #   from website
 RUN echo "f55f90d483ddb3bcf4dae5882c2094cd  gcc.tar.bz2" > gcc.md5
@@ -15,23 +14,7 @@ RUN echo "fb31fbdfe08406ece43eef5df623c0b2deb8b53e405e2c878300f7a1f303ee52  gcc.
 RUN sha256sum -c gcc.sha256
 RUN tar -C /opt -xf gcc.tar.bz2
 
-# get Solo source code
-RUN git clone --recurse-submodules https://github.com/solokeys/solo
-
-# build Solo
-ENV PREFIX=/opt/gcc-arm-none-eabi-8-2018-q4-major/bin/
-RUN cd solo/targets/stm32l432 && \
-    make cbor boot-no-sig clean all-hacker
-
-
-# Step 2: combine the firmware
-FROM debian:stretch-slim
-MAINTAINER SoloKeys <hello@solokeys.com>
-
-RUN apt-get update -qq
-RUN apt-get install -qq bzip2 git make wget >/dev/null
-
-# get Python3.7
+# 2. Python3.7: for solotool (merging etc.)
 RUN wget -q -O miniconda.sh https://repo.anaconda.com/miniconda/Miniconda3-4.5.12-Linux-x86_64.sh
 #   from website
 RUN echo "866ae9dff53ad0874e1d1a60b1ad1ef8  miniconda.sh" > miniconda.md5
@@ -42,28 +25,8 @@ RUN sha256sum -c miniconda.sha256
 
 RUN bash ./miniconda.sh -b -p /opt/conda
 RUN ln -s /opt/conda/bin/python3 /usr/local/bin/python3
+RUN ln -s /opt/conda/bin/python3 /usr/local/bin/python
 
-# get Solo source code
-RUN git clone --recurse-submodules https://github.com/solokeys/solo
+# 3. Source code
+RUN git clone --recurse-submodules https://github.com/solokeys/solo /solo
 
-# actually combine the two hex files
-COPY --from=0 /solo/targets/stm32l432/solo.elf .
-COPY --from=0 /solo/targets/stm32l432/solo.hex .
-COPY --from=0 /solo/targets/stm32l432/bootloader.elf .
-COPY --from=0 /solo/targets/stm32l432/bootloader.hex .
-
-RUN cd solo && make env3 && . env3/bin/activate && \
-    python3 tools/solotool.py mergehex /bootloader.hex /solo.hex /all.hex
-
-
-# Step 3: copy out firmware, assumes host volume mounted at /out
-FROM alpine
-MAINTAINER SoloKeys <hello@solokeys.com>
-
-COPY --from=1 /solo.elf .
-COPY --from=1 /solo.hex .
-COPY --from=1 /bootloader.elf .
-COPY --from=1 /bootloader.hex .
-COPY --from=1 /all.hex .
-
-CMD cp -v /solo.elf /solo.hex /bootloader.elf /bootloader.hex /all.hex /out
diff --git a/Makefile b/Makefile
index 0922257..bb5530f 100644
--- a/Makefile
+++ b/Makefile
@@ -30,7 +30,7 @@ CFLAGS += -DAES256=1 -DAPP_CONFIG=\"app.h\"
 
 name = main
 
-.PHONY: all $(LIBCBOR) black blackcheck cppcheck wink fido2-test clean full-clean travis test clean
+.PHONY: all $(LIBCBOR) black blackcheck cppcheck wink fido2-test clean full-clean travis test clean version
 all: main
 
 tinycbor/Makefile crypto/tiny-AES-c/aes.c:
@@ -42,6 +42,9 @@ cbor: $(LIBCBOR)
 $(LIBCBOR):
 	cd tinycbor/ && $(MAKE) clean && $(MAKE) -j8
 
+version:
+	@git describe
+
 test: venv
 	$(MAKE) clean
 	$(MAKE) -C . main
@@ -71,11 +74,11 @@ wink: venv
 fido2-test: venv
 	venv/bin/python tools/ctap_test.py
 
-DOCKER_IMAGE := "solokeys/solo-firmware:latest"
+DOCKER_IMAGE := "solokeys/solo-firmware:local"
+SOLO_VERSION := "master"
 docker-build:
 	docker build -t $(DOCKER_IMAGE) .
-	# docker build --no-cache -t $(DOCKER_IMAGE) .
-	docker run -rm -v$(PWD):/out $(DOCKER_IMAGE)
+	docker run --rm -v$(PWD)/builds:/builds -v$(PWD)/docker-build.sh:/build.sh $(DOCKER_IMAGE) /build.sh $(SOLO_VERSION)
 
 CPPCHECK_FLAGS=--quiet --error-exitcode=2
 
diff --git a/builds/.gitkeep b/builds/.gitkeep
new file mode 100644
index 0000000..e69de29
diff --git a/docker-build.sh b/docker-build.sh
new file mode 100755
index 0000000..b102399
--- /dev/null
+++ b/docker-build.sh
@@ -0,0 +1,21 @@
+#!/bin/bash -xe
+
+version=${1:-master}
+
+export PREFIX=/opt/gcc-arm-none-eabi-8-2018-q4-major/bin/
+
+cd /solo/targets/stm32l432
+git checkout ${version}
+version=$(git describe)
+make cbor
+make all-hacker
+
+cd /
+
+out_dir="builds"
+out_hex="solo-${version}.hex"
+out_sha2="solo-${version}.sha2"
+cp /solo/targets/stm32l432/solo.hex ${out_dir}/${out_hex}
+cd ${out_dir}
+sha256sum ${out_hex} > ${out_sha2}
+