forked from trezor/trezor-firmware
-
Notifications
You must be signed in to change notification settings - Fork 0
/
build-docker.sh
executable file
·100 lines (80 loc) · 2.83 KB
/
build-docker.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
#!/usr/bin/env bash
set -e
CONTAINER_NAME=trezor-firmware-env.nix
TAG=${1:-master}
REPOSITORY=${2:-local}
PRODUCTION=${PRODUCTION:-1}
MEMORY_PROTECT=${MEMORY_PROTECT:-1}
if [ "$REPOSITORY" = "local" ]; then
REPOSITORY=file:///local/
else
REPOSITORY=https://github.com/$REPOSITORY/trezor-firmware.git
fi
wget -nc -P ci/ http://dl-cdn.alpinelinux.org/alpine/v3.12/releases/x86_64/alpine-minirootfs-3.12.0-x86_64.tar.gz
docker build -t "$CONTAINER_NAME" ci/
USER=$(ls -lnd . | awk '{ print $3 }')
GROUP=$(ls -lnd . | awk '{ print $4 }')
mkdir -p $(pwd)/build/core $(pwd)/build/legacy
mkdir -p $(pwd)/build/core-bitcoinonly $(pwd)/build/legacy-bitcoinonly
# build core
for BITCOIN_ONLY in 0 1; do
DIRSUFFIX=${BITCOIN_ONLY/1/-bitcoinonly}
DIRSUFFIX=${DIRSUFFIX/0/}
docker run -it --rm \
-v $(pwd):/local \
-v $(pwd)/build/core"${DIRSUFFIX}":/build:z \
--env BITCOIN_ONLY="$BITCOIN_ONLY" \
--env PRODUCTION="$PRODUCTION" \
"$CONTAINER_NAME" \
/nix/var/nix/profiles/default/bin/nix-shell --run "\
cd /tmp && \
git clone $REPOSITORY trezor-firmware && \
cd trezor-firmware/core && \
ln -s /build build &&
git checkout $TAG && \
git submodule update --init --recursive && \
pipenv install && \
pipenv run make clean vendor build_firmware && \
pipenv run ../python/tools/firmware-fingerprint.py \
-o build/firmware/firmware.bin.fingerprint \
build/firmware/firmware.bin && \
chown -R $USER:$GROUP /build"
done
# build legacy
for BITCOIN_ONLY in 0 1; do
DIRSUFFIX=${BITCOIN_ONLY/1/-bitcoinonly}
DIRSUFFIX=${DIRSUFFIX/0/}
docker run -it --rm \
-v $(pwd):/local \
-v $(pwd)/build/legacy"${DIRSUFFIX}":/build:z \
--env BITCOIN_ONLY="$BITCOIN_ONLY" \
--env MEMORY_PROTECT="$MEMORY_PROTECT" \
"$CONTAINER_NAME" \
/nix/var/nix/profiles/default/bin/nix-shell --run "\
cd /tmp && \
git clone $REPOSITORY trezor-firmware && \
cd trezor-firmware/legacy && \
ln -s /build build &&
git checkout $TAG && \
git submodule update --init --recursive && \
pipenv install && \
pipenv run script/cibuild && \
mkdir -p build/firmware && \
cp firmware/trezor.bin build/firmware/firmware.bin && \
cp firmware/trezor.elf build/firmware/firmware.elf && \
pipenv run ../python/tools/firmware-fingerprint.py \
-o build/firmware/firmware.bin.fingerprint \
build/firmware/firmware.bin && \
chown -R $USER:$GROUP /build"
done
# all built, show fingerprints
echo "Fingerprints:"
for VARIANT in core legacy; do
for BITCOIN_ONLY in 0 1; do
DIRSUFFIX=${BITCOIN_ONLY/1/-bitcoinonly}
DIRSUFFIX=${DIRSUFFIX/0/}
FWPATH=build/${VARIANT}${DIRSUFFIX}/firmware/firmware.bin
FINGERPRINT=$(tr -d '\n' < $FWPATH.fingerprint)
echo "$FINGERPRINT $FWPATH"
done
done