mirror
/
solo1
kopia lustrzana https://github.com/solokeys/solo1
1
0
Forkuj 0
Kod Zgłoszenia Packages Projekty Wydania Wiki Aktywność

Lock down reproducible make targets and use in docker build

pull/111/head
Nicolas Stalder 2019-02-16 18:46:13 +01:00
rodzic 6b97807f51
commit de31924be3
4 zmienionych plików z 41 dodań i 26 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

4
Makefile
Wyświetl plik

@ -75,10 +75,10 @@ fido2-test: venv
venv/bin/python tools/ctap_test.py
DOCKER_IMAGE := "solokeys/solo-firmware:local"
SOLO_VERSION := "master"
SOLO_VERSIONISH := "master"
docker-build:
docker build -t $(DOCKER_IMAGE) .
docker run --rm -v$(PWD)/builds:/builds -v$(PWD)/docker-build.sh:/build.sh $(DOCKER_IMAGE) /build.sh $(SOLO_VERSION)
docker run --rm -v$(PWD)/builds:/builds -v$(PWD)/in-docker-build.sh:/in-docker-build.sh $(DOCKER_IMAGE) /in-docker-build.sh $(SOLO_VERSIONISH)
CPPCHECK_FLAGS=--quiet --error-exitcode=2

22
docker-build.sh
Wyświetl plik

@ -1,22 +0,0 @@
#!/bin/bash -xe
version=${1:-master}
export PREFIX=/opt/gcc-arm-none-eabi-8-2018-q4-major/bin/
cd /solo/targets/stm32l432
git fetch
git checkout ${version}
version=$(git describe)
make cbor
make all-hacker
cd /
out_dir="builds"
out_hex="solo-${version}.hex"
out_sha2="solo-${version}.sha2"
cp /solo/targets/stm32l432/solo.hex ${out_dir}/${out_hex}
cd ${out_dir}
sha256sum ${out_hex} > ${out_sha2}

37
in-docker-build.sh 100755
Wyświetl plik

@ -0,0 +1,37 @@
#!/bin/bash -xe
version=${1:-master}
export PREFIX=/opt/gcc-arm-none-eabi-8-2018-q4-major/bin/
cd /solo/targets/stm32l432
git fetch
git checkout ${version}
version=$(git describe)
make cbor
out_dir="/builds"
function build() {
part=${1}
variant=${2}
output=${3:-${part}}
what="${part}-${variant}"
make full-clean
make ${what}
out_hex="${what}-${version}.hex"
out_sha2="${what}-${version}.sha2"
mv ${output}.hex ${out_hex}
sha256sum ${out_hex} > ${out_sha2}
cp ${out_hex} ${out_sha2} ${out_dir}
}
build bootloader nonverifying
build bootloader verifying
build firmware hacker solo
build firmware secure solo

4
targets/stm32l432/Makefile
Wyświetl plik

@ -13,10 +13,10 @@ merge_hex=../../tools/solotool.py mergehex
# The following are the main targets for reproducible builds.
# TODO: better explanation
firmware-hacker:
$(MAKE) -f $(APPMAKE) -j8 solo.hex PREFIX=$(PREFIX) DEBUG=$(DEBUG) EXTRA_DEFINES='-DSOLO_HACKER -DFLASH_ROP=1'
$(MAKE) -f $(APPMAKE) -j8 solo.hex PREFIX=$(PREFIX) DEBUG=0 EXTRA_DEFINES='-DSOLO_HACKER -DFLASH_ROP=1'
firmware-secure:
$(MAKE) -f $(APPMAKE) -j8 solo.hex PREFIX=$(PREFIX) DEBUG=$(DEBUG) EXTRA_DEFINES='-DUSE_SOLOKEYS_CERT -DFLASH_ROP=2'
$(MAKE) -f $(APPMAKE) -j8 solo.hex PREFIX=$(PREFIX) DEBUG=0 EXTRA_DEFINES='-DUSE_SOLOKEYS_CERT -DFLASH_ROP=2'
bootloader-nonverifying:
$(MAKE) -f $(BOOTMAKE) -j8 bootloader.hex PREFIX=$(PREFIX) EXTRA_DEFINES='-DSOLO_HACKER' DEBUG=0