From 3d73ca957cc185422243066bccc9b4343482d95a Mon Sep 17 00:00:00 2001
From: matejcik <ja@matejcik.cz>
Date: Fri, 14 Apr 2023 16:39:43 +0200
Subject: [PATCH] build: add support for prodtest into build-docker

---
 build-docker.sh | 62 ++++++++++++++++++++++++++++++++++++++-----------
 1 file changed, 49 insertions(+), 13 deletions(-)

diff --git a/build-docker.sh b/build-docker.sh
index d4d845a18a..d58e5f563b 100755
--- a/build-docker.sh
+++ b/build-docker.sh
@@ -52,6 +52,7 @@ function help_and_die() {
   echo "  --skip-normal - do not build regular firmwares"
   echo "  --skip-core - do not build core"
   echo "  --skip-legacy - do not build legacy"
+  echo "  --prodtest - build core prodtest"
   echo "  --repository path/to/repo - checkout the repository from the given path/url"
   echo "  --no-init - do not recreate docker environments"
   echo "  --help"
@@ -64,6 +65,7 @@ OPT_BUILD_CORE=1
 OPT_BUILD_LEGACY=1
 OPT_BUILD_NORMAL=1
 OPT_BUILD_BITCOINONLY=1
+OPT_BUILD_PRODTEST=0
 INIT=1
 
 REPOSITORY="/local"
@@ -89,6 +91,10 @@ while true; do
       OPT_BUILD_LEGACY=0
       shift
       ;;
+    --prodtest)
+      OPT_BUILD_PRODTEST=1
+      shift
+      ;;
     --repository)
       REPOSITORY="$2"
       shift 2
@@ -333,6 +339,42 @@ EOF
     /nix/var/nix/profiles/default/bin/nix-shell --run "bash /local/build/$SCRIPT_NAME"
 done
 
+if [ "$OPT_BUILD_PRODTEST" -eq "1" ]; then
+  DIRSUFFIX="-prodtest"
+  SCRIPT_NAME=".build_prodtest.sh"
+  cat <<EOF > "build/$SCRIPT_NAME"
+    # DO NOT MODIFY!
+    # this file was generated by ${BASH_SOURCE[0]}
+    # variant: core build prodtest
+    set -e -o pipefail
+    cd /reproducible-build/trezor-firmware/core
+    $GIT_CLEAN_REPO
+    poetry run make clean vendor build_prodtest
+    poetry run ../python/tools/firmware-fingerprint.py \
+                -o build/prodtest/prodtest.bin.fingerprint \
+                build/prodtest/prodtest.bin
+    rm -rf /build/*
+    cp -r build/* /build
+    chown -R $USER:$GROUP /build
+EOF
+
+  echo
+  echo ">>> DOCKER RUN core prodtest PRODUCTION=$PRODUCTION"
+  echo
+
+  $DOCKER run \
+    --network=host \
+    -it \
+    --rm \
+    -v "$DIR:/local" \
+    -v "$DIR/build/core$DIRSUFFIX":/build:z \
+    --env PRODUCTION="$PRODUCTION" \
+    --init \
+    "$SNAPSHOT_NAME" \
+    /nix/var/nix/profiles/default/bin/nix-shell --run "bash /local/build/$SCRIPT_NAME"
+fi
+
+
 echo
 echo "Docker image retained as $SNAPSHOT_NAME"
 echo "To remove it, run:"
@@ -345,19 +387,13 @@ echo "Built from commit $COMMIT_HASH"
 echo
 echo "Fingerprints:"
 for VARIANT in core legacy; do
-
-  VARIANTS="VARIANTS_$VARIANT[@]"
-
-  for BITCOIN_ONLY in ${!VARIANTS}; do
-
-    DIRSUFFIX=${BITCOIN_ONLY/1/-bitcoinonly}
-    DIRSUFFIX=${DIRSUFFIX/0/}
-
-    for item in bootloader firmware; do
-      FWPATH=build/${VARIANT}${DIRSUFFIX}/${item}/${item}.bin
-      if [ -f $FWPATH -a -f "$FWPATH.fingerprint" ]; then
-        FINGERPRINT=$(tr -d '\n' < $FWPATH.fingerprint)
-        echo "$FINGERPRINT $FWPATH"
+  for DIRSUFFIX in "" "-bitcoinonly" "-prodtest"; do
+    BUILD_DIR=build/${VARIANT}${DIRSUFFIX}
+    for file in $BUILD_DIR/*/*.fingerprint; do
+      if [ -f "$file" ]; then
+        origfile="${file%.fingerprint}"
+        fingerprint=$(tr -d '\n' < $file)
+        echo "$fingerprint $origfile"
       fi
     done
   done