mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-24 23:38:09 +00:00
ci: various fixes and updates
- fix Nix build on macOS Big Sur (by updating to nixpkgs-unstable) - update gcc-arm-embedded from 9.x to 10.x - update nix to 2.3.10 - update Alpine Linux to 3.12.3 - allow to change arch in Docker
This commit is contained in:
parent
9a9f23c54e
commit
453df567d3
@ -7,7 +7,7 @@ CONTAINER_NAME=${CONTAINER_NAME:-trezor-firmware-env.nix}
|
||||
ALPINE_CDN=${ALPINE_CDN:-http://dl-cdn.alpinelinux.org/alpine}
|
||||
ALPINE_RELEASE=${ALPINE_RELEASE:-3.12}
|
||||
ALPINE_ARCH=${ALPINE_ARCH:-x86_64}
|
||||
ALPINE_VERSION=${ALPINE_VERSION:-3.12.0}
|
||||
ALPINE_VERSION=${ALPINE_VERSION:-3.12.3}
|
||||
CONTAINER_FS_URL=${CONTAINER_FS_URL:-"$ALPINE_CDN/v$ALPINE_RELEASE/releases/$ALPINE_ARCH/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz"}
|
||||
|
||||
TAG=${1:-master}
|
||||
@ -16,7 +16,7 @@ PRODUCTION=${PRODUCTION:-1}
|
||||
MEMORY_PROTECT=${MEMORY_PROTECT:-1}
|
||||
|
||||
wget --no-config -nc -P ci/ "$CONTAINER_FS_URL"
|
||||
docker build -t "$CONTAINER_NAME" ci/
|
||||
docker build --platform "linux/$ALPINE_ARCH" --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" -t "$CONTAINER_NAME" ci/
|
||||
|
||||
# stat under macOS has slightly different cli interface
|
||||
USER=$(stat -c "%u" . 2>/dev/null || stat -f "%u" .)
|
||||
@ -54,7 +54,7 @@ for BITCOIN_ONLY in 0 1; do
|
||||
chown -R $USER:$GROUP /build
|
||||
EOF
|
||||
|
||||
docker run -it --rm \
|
||||
docker run --platform "linux/$ALPINE_ARCH" -it --rm \
|
||||
-v "$DIR:/local" \
|
||||
-v "$DIR/build/core$DIRSUFFIX":/build:z \
|
||||
--env BITCOIN_ONLY="$BITCOIN_ONLY" \
|
||||
@ -94,7 +94,7 @@ for BITCOIN_ONLY in 0 1; do
|
||||
chown -R $USER:$GROUP /build
|
||||
EOF
|
||||
|
||||
docker run -it --rm \
|
||||
docker run --platform "linux/$ALPINE_ARCH" -it --rm \
|
||||
-v "$DIR:/local" \
|
||||
-v "$DIR/build/legacy$DIRSUFFIX":/build:z \
|
||||
--env BITCOIN_ONLY="$BITCOIN_ONLY" \
|
||||
|
@ -1,8 +1,9 @@
|
||||
# install the latest Alpine linux from scratch
|
||||
|
||||
FROM scratch
|
||||
ARG ALPINE_VERSION=3.12.0
|
||||
ADD alpine-minirootfs-${ALPINE_VERSION}-x86_64.tar.gz /
|
||||
ARG ALPINE_VERSION=3.12.3
|
||||
ARG ALPINE_ARCH=x86_64
|
||||
ADD alpine-minirootfs-${ALPINE_VERSION}-${ALPINE_ARCH}.tar.gz /
|
||||
|
||||
# the following is adapted from https://github.com/NixOS/docker/blob/master/Dockerfile
|
||||
|
||||
@ -11,16 +12,16 @@ RUN apk add --no-cache --update openssl \
|
||||
&& echo hosts: dns files > /etc/nsswitch.conf
|
||||
|
||||
# Download Nix and install it into the system.
|
||||
ARG NIX_VERSION=2.3.6
|
||||
RUN wget https://nixos.org/releases/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-x86_64-linux.tar.xz \
|
||||
&& tar xf nix-${NIX_VERSION}-x86_64-linux.tar.xz \
|
||||
ARG NIX_VERSION=2.3.10
|
||||
RUN wget https://nixos.org/releases/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-${ALPINE_ARCH}-linux.tar.xz \
|
||||
&& tar xf nix-${NIX_VERSION}-${ALPINE_ARCH}-linux.tar.xz \
|
||||
&& addgroup -g 30000 -S nixbld \
|
||||
&& for i in $(seq 1 30); do adduser -S -D -h /var/empty -g "Nix build user $i" -u $((30000 + i)) -G nixbld nixbld$i ; done \
|
||||
&& mkdir -m 0755 /etc/nix \
|
||||
&& echo 'sandbox = false' > /etc/nix/nix.conf \
|
||||
&& mkdir -m 0755 /nix && USER=root sh nix-${NIX_VERSION}-x86_64-linux/install \
|
||||
&& mkdir -m 0755 /nix && USER=root sh nix-${NIX_VERSION}-${ALPINE_ARCH}-linux/install \
|
||||
&& ln -s /nix/var/nix/profiles/default/etc/profile.d/nix.sh /etc/profile.d/ \
|
||||
&& rm -r /nix-${NIX_VERSION}-x86_64-linux* \
|
||||
&& rm -r /nix-${NIX_VERSION}-${ALPINE_ARCH}-linux* \
|
||||
&& rm -rf /var/cache/apk/* \
|
||||
&& /nix/var/nix/profiles/default/bin/nix-collect-garbage --delete-old \
|
||||
&& /nix/var/nix/profiles/default/bin/nix-store --optimise \
|
||||
|
@ -5,12 +5,15 @@ environment:
|
||||
variables:
|
||||
GIT_SUBMODULE_STRATEGY: none # no need to fetch submodules
|
||||
CONTAINER_NAME: "$CI_REGISTRY/satoshilabs/trezor/trezor-firmware/trezor-firmware-env.nix"
|
||||
ALPINE_RELEASE: "3.12"
|
||||
ALPINE_ARCH: "x86_64"
|
||||
ALPINE_VERSION: "3.12.3"
|
||||
services:
|
||||
- docker:dind
|
||||
before_script:
|
||||
- docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
|
||||
script:
|
||||
- wget -nc -P ci/ http://dl-cdn.alpinelinux.org/alpine/v3.12/releases/x86_64/alpine-minirootfs-3.12.0-x86_64.tar.gz
|
||||
- docker build --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest --build-arg FULLDEPS_TESTING=1 ci/
|
||||
- wget -nc -P ci/ http://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/releases/$ALPINE_ARCH/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz
|
||||
- docker build --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest --platform "linux/$ALPINE_ARCH" --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" --build-arg FULLDEPS_TESTING=1 ci/
|
||||
- docker push $CONTAINER_NAME:$CI_COMMIT_SHA
|
||||
- docker push $CONTAINER_NAME:latest
|
||||
|
@ -1,10 +1,10 @@
|
||||
{ fullDeps ? false }:
|
||||
|
||||
# the last successful build of nixos-20.09 (stable) as of 2020-12-15
|
||||
# the last successful build of nixpkgs-unstable as of 2020-12-30
|
||||
with import
|
||||
(builtins.fetchTarball {
|
||||
url = "https://github.com/NixOS/nixpkgs/archive/647cc06986c1ae4a2bb05298e0cf598723e42970.tar.gz";
|
||||
sha256 = "1n1sd5lbds08vxy8x9l94w0z8bbq39fh2rrr6mnq0rmhf4xb2mj1";
|
||||
url = "https://github.com/NixOS/nixpkgs/archive/bea44d5ebe332260aa34a1bd48250b6364527356.tar.gz";
|
||||
sha256 = "14sfk04iyvyh3jl1s2wayw1y077dwpk2d712nhjk1wwfjkdq03r3";
|
||||
})
|
||||
{ };
|
||||
|
||||
@ -51,11 +51,11 @@ stdenv.mkDerivation ({
|
||||
pkgconfig
|
||||
poetry
|
||||
protobuf3_6
|
||||
valgrind
|
||||
wget
|
||||
zlib
|
||||
] ++ stdenv.lib.optionals (!stdenv.isDarwin) [
|
||||
procps
|
||||
valgrind
|
||||
] ++ stdenv.lib.optionals (stdenv.isDarwin) [
|
||||
darwin.apple_sdk.frameworks.CoreAudio
|
||||
darwin.apple_sdk.frameworks.AudioToolbox
|
||||
|
2
vendor/nanopb
vendored
2
vendor/nanopb
vendored
@ -1 +1 @@
|
||||
Subproject commit 1466e6f953835b191a7f5acf0c06c941d4cd33d9
|
||||
Subproject commit 2b48a361786dfb1f63d229840217a93aae064667
|
Loading…
Reference in New Issue
Block a user