diff --git a/.github/workflows/common.yml b/.github/workflows/common.yml index 54ff2c22fa..ea0248df1f 100644 --- a/.github/workflows/common.yml +++ b/.github/workflows/common.yml @@ -120,3 +120,36 @@ jobs: - run: unset PYTEST_TIMEOUT - run: nix-shell --run "poetry run make -C storage/tests build" - run: nix-shell --run "poetry run make -C storage/tests tests_all" + + docker_build: + name: Firmware docker build + # scheduled, manual runs, PRs for release branches + if: github.event_name != 'pull_request' || startsWith(github.head_ref, 'mmilata/') + runs-on: ubuntu-latest + strategy: + fail-fast: false + matrix: + # model: [T1B1, T2T1, T2B1, T3B1, T3T1] # TODO update exprs below + model: ["1", "T", "R", T3B1, T3T1] + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - run: git checkout ${{ github.head_ref || github.ref_name }} + - run: ./build-docker.sh ${{ matrix.model == '1' && '--skip-core' || '--skip-legacy' }} --models ${{ matrix.model }} ${{ github.head_ref || github.ref_name }} + - name: Show fingerprints + run: | + for file in build/*/*/*.fingerprint; do + if [ -f "$file" ]; then + origfile="${file%.fingerprint}" + fingerprint=$(tr -d '\n' < $file) + echo "\`$fingerprint\` $origfile" >> $GITHUB_STEP_SUMMARY + fi + done + cat $GITHUB_STEP_SUMMARY + - uses: actions/upload-artifact@v4 + with: + name: reproducible-${{ matrix.model }} + path: | + build/*/*/*.bin + retention-days: 7 diff --git a/build-docker.sh b/build-docker.sh index a5598a4f16..1df5cf5f97 100755 --- a/build-docker.sh +++ b/build-docker.sh @@ -227,7 +227,7 @@ cat <> "$SCRIPT_NAME" git fetch origin "$COMMIT_HASH" git checkout "$COMMIT_HASH" git submodule update --init --recursive - poetry install + poetry install -v --no-ansi --no-interaction cd core/embed/rust cargo fetch @@ -307,7 +307,6 @@ EOF $DOCKER run \ --network=host \ - -it \ --rm \ -v "$DIR:/local" \ -v "$DIR/build/core$DIRSUFFIX":/build:z \ @@ -356,7 +355,6 @@ EOF $DOCKER run \ --network=host \ - -it \ --rm \ -v "$DIR:/local" \ -v "$DIR/build/legacy$DIRSUFFIX":/build:z \