mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-11-22 07:28:10 +00:00
ci: various fixes and updates
- fix Nix build on macOS Big Sur (by updating to nixpkgs-unstable) - update gcc-arm-embedded from 9.x to 10.x - update nix to 2.3.10 - update Alpine Linux to 3.12.3 - allow to change arch in Docker
This commit is contained in:
parent
9a9f23c54e
commit
453df567d3
@ -7,7 +7,7 @@ CONTAINER_NAME=${CONTAINER_NAME:-trezor-firmware-env.nix}
|
|||||||
ALPINE_CDN=${ALPINE_CDN:-http://dl-cdn.alpinelinux.org/alpine}
|
ALPINE_CDN=${ALPINE_CDN:-http://dl-cdn.alpinelinux.org/alpine}
|
||||||
ALPINE_RELEASE=${ALPINE_RELEASE:-3.12}
|
ALPINE_RELEASE=${ALPINE_RELEASE:-3.12}
|
||||||
ALPINE_ARCH=${ALPINE_ARCH:-x86_64}
|
ALPINE_ARCH=${ALPINE_ARCH:-x86_64}
|
||||||
ALPINE_VERSION=${ALPINE_VERSION:-3.12.0}
|
ALPINE_VERSION=${ALPINE_VERSION:-3.12.3}
|
||||||
CONTAINER_FS_URL=${CONTAINER_FS_URL:-"$ALPINE_CDN/v$ALPINE_RELEASE/releases/$ALPINE_ARCH/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz"}
|
CONTAINER_FS_URL=${CONTAINER_FS_URL:-"$ALPINE_CDN/v$ALPINE_RELEASE/releases/$ALPINE_ARCH/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz"}
|
||||||
|
|
||||||
TAG=${1:-master}
|
TAG=${1:-master}
|
||||||
@ -16,7 +16,7 @@ PRODUCTION=${PRODUCTION:-1}
|
|||||||
MEMORY_PROTECT=${MEMORY_PROTECT:-1}
|
MEMORY_PROTECT=${MEMORY_PROTECT:-1}
|
||||||
|
|
||||||
wget --no-config -nc -P ci/ "$CONTAINER_FS_URL"
|
wget --no-config -nc -P ci/ "$CONTAINER_FS_URL"
|
||||||
docker build -t "$CONTAINER_NAME" ci/
|
docker build --platform "linux/$ALPINE_ARCH" --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" -t "$CONTAINER_NAME" ci/
|
||||||
|
|
||||||
# stat under macOS has slightly different cli interface
|
# stat under macOS has slightly different cli interface
|
||||||
USER=$(stat -c "%u" . 2>/dev/null || stat -f "%u" .)
|
USER=$(stat -c "%u" . 2>/dev/null || stat -f "%u" .)
|
||||||
@ -54,7 +54,7 @@ for BITCOIN_ONLY in 0 1; do
|
|||||||
chown -R $USER:$GROUP /build
|
chown -R $USER:$GROUP /build
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
docker run -it --rm \
|
docker run --platform "linux/$ALPINE_ARCH" -it --rm \
|
||||||
-v "$DIR:/local" \
|
-v "$DIR:/local" \
|
||||||
-v "$DIR/build/core$DIRSUFFIX":/build:z \
|
-v "$DIR/build/core$DIRSUFFIX":/build:z \
|
||||||
--env BITCOIN_ONLY="$BITCOIN_ONLY" \
|
--env BITCOIN_ONLY="$BITCOIN_ONLY" \
|
||||||
@ -94,7 +94,7 @@ for BITCOIN_ONLY in 0 1; do
|
|||||||
chown -R $USER:$GROUP /build
|
chown -R $USER:$GROUP /build
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
docker run -it --rm \
|
docker run --platform "linux/$ALPINE_ARCH" -it --rm \
|
||||||
-v "$DIR:/local" \
|
-v "$DIR:/local" \
|
||||||
-v "$DIR/build/legacy$DIRSUFFIX":/build:z \
|
-v "$DIR/build/legacy$DIRSUFFIX":/build:z \
|
||||||
--env BITCOIN_ONLY="$BITCOIN_ONLY" \
|
--env BITCOIN_ONLY="$BITCOIN_ONLY" \
|
||||||
|
@ -1,8 +1,9 @@
|
|||||||
# install the latest Alpine linux from scratch
|
# install the latest Alpine linux from scratch
|
||||||
|
|
||||||
FROM scratch
|
FROM scratch
|
||||||
ARG ALPINE_VERSION=3.12.0
|
ARG ALPINE_VERSION=3.12.3
|
||||||
ADD alpine-minirootfs-${ALPINE_VERSION}-x86_64.tar.gz /
|
ARG ALPINE_ARCH=x86_64
|
||||||
|
ADD alpine-minirootfs-${ALPINE_VERSION}-${ALPINE_ARCH}.tar.gz /
|
||||||
|
|
||||||
# the following is adapted from https://github.com/NixOS/docker/blob/master/Dockerfile
|
# the following is adapted from https://github.com/NixOS/docker/blob/master/Dockerfile
|
||||||
|
|
||||||
@ -11,16 +12,16 @@ RUN apk add --no-cache --update openssl \
|
|||||||
&& echo hosts: dns files > /etc/nsswitch.conf
|
&& echo hosts: dns files > /etc/nsswitch.conf
|
||||||
|
|
||||||
# Download Nix and install it into the system.
|
# Download Nix and install it into the system.
|
||||||
ARG NIX_VERSION=2.3.6
|
ARG NIX_VERSION=2.3.10
|
||||||
RUN wget https://nixos.org/releases/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-x86_64-linux.tar.xz \
|
RUN wget https://nixos.org/releases/nix/nix-${NIX_VERSION}/nix-${NIX_VERSION}-${ALPINE_ARCH}-linux.tar.xz \
|
||||||
&& tar xf nix-${NIX_VERSION}-x86_64-linux.tar.xz \
|
&& tar xf nix-${NIX_VERSION}-${ALPINE_ARCH}-linux.tar.xz \
|
||||||
&& addgroup -g 30000 -S nixbld \
|
&& addgroup -g 30000 -S nixbld \
|
||||||
&& for i in $(seq 1 30); do adduser -S -D -h /var/empty -g "Nix build user $i" -u $((30000 + i)) -G nixbld nixbld$i ; done \
|
&& for i in $(seq 1 30); do adduser -S -D -h /var/empty -g "Nix build user $i" -u $((30000 + i)) -G nixbld nixbld$i ; done \
|
||||||
&& mkdir -m 0755 /etc/nix \
|
&& mkdir -m 0755 /etc/nix \
|
||||||
&& echo 'sandbox = false' > /etc/nix/nix.conf \
|
&& echo 'sandbox = false' > /etc/nix/nix.conf \
|
||||||
&& mkdir -m 0755 /nix && USER=root sh nix-${NIX_VERSION}-x86_64-linux/install \
|
&& mkdir -m 0755 /nix && USER=root sh nix-${NIX_VERSION}-${ALPINE_ARCH}-linux/install \
|
||||||
&& ln -s /nix/var/nix/profiles/default/etc/profile.d/nix.sh /etc/profile.d/ \
|
&& ln -s /nix/var/nix/profiles/default/etc/profile.d/nix.sh /etc/profile.d/ \
|
||||||
&& rm -r /nix-${NIX_VERSION}-x86_64-linux* \
|
&& rm -r /nix-${NIX_VERSION}-${ALPINE_ARCH}-linux* \
|
||||||
&& rm -rf /var/cache/apk/* \
|
&& rm -rf /var/cache/apk/* \
|
||||||
&& /nix/var/nix/profiles/default/bin/nix-collect-garbage --delete-old \
|
&& /nix/var/nix/profiles/default/bin/nix-collect-garbage --delete-old \
|
||||||
&& /nix/var/nix/profiles/default/bin/nix-store --optimise \
|
&& /nix/var/nix/profiles/default/bin/nix-store --optimise \
|
||||||
|
@ -5,12 +5,15 @@ environment:
|
|||||||
variables:
|
variables:
|
||||||
GIT_SUBMODULE_STRATEGY: none # no need to fetch submodules
|
GIT_SUBMODULE_STRATEGY: none # no need to fetch submodules
|
||||||
CONTAINER_NAME: "$CI_REGISTRY/satoshilabs/trezor/trezor-firmware/trezor-firmware-env.nix"
|
CONTAINER_NAME: "$CI_REGISTRY/satoshilabs/trezor/trezor-firmware/trezor-firmware-env.nix"
|
||||||
|
ALPINE_RELEASE: "3.12"
|
||||||
|
ALPINE_ARCH: "x86_64"
|
||||||
|
ALPINE_VERSION: "3.12.3"
|
||||||
services:
|
services:
|
||||||
- docker:dind
|
- docker:dind
|
||||||
before_script:
|
before_script:
|
||||||
- docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
|
- docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
|
||||||
script:
|
script:
|
||||||
- wget -nc -P ci/ http://dl-cdn.alpinelinux.org/alpine/v3.12/releases/x86_64/alpine-minirootfs-3.12.0-x86_64.tar.gz
|
- wget -nc -P ci/ http://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/releases/$ALPINE_ARCH/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz
|
||||||
- docker build --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest --build-arg FULLDEPS_TESTING=1 ci/
|
- docker build --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest --platform "linux/$ALPINE_ARCH" --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" --build-arg FULLDEPS_TESTING=1 ci/
|
||||||
- docker push $CONTAINER_NAME:$CI_COMMIT_SHA
|
- docker push $CONTAINER_NAME:$CI_COMMIT_SHA
|
||||||
- docker push $CONTAINER_NAME:latest
|
- docker push $CONTAINER_NAME:latest
|
||||||
|
@ -1,10 +1,10 @@
|
|||||||
{ fullDeps ? false }:
|
{ fullDeps ? false }:
|
||||||
|
|
||||||
# the last successful build of nixos-20.09 (stable) as of 2020-12-15
|
# the last successful build of nixpkgs-unstable as of 2020-12-30
|
||||||
with import
|
with import
|
||||||
(builtins.fetchTarball {
|
(builtins.fetchTarball {
|
||||||
url = "https://github.com/NixOS/nixpkgs/archive/647cc06986c1ae4a2bb05298e0cf598723e42970.tar.gz";
|
url = "https://github.com/NixOS/nixpkgs/archive/bea44d5ebe332260aa34a1bd48250b6364527356.tar.gz";
|
||||||
sha256 = "1n1sd5lbds08vxy8x9l94w0z8bbq39fh2rrr6mnq0rmhf4xb2mj1";
|
sha256 = "14sfk04iyvyh3jl1s2wayw1y077dwpk2d712nhjk1wwfjkdq03r3";
|
||||||
})
|
})
|
||||||
{ };
|
{ };
|
||||||
|
|
||||||
@ -51,11 +51,11 @@ stdenv.mkDerivation ({
|
|||||||
pkgconfig
|
pkgconfig
|
||||||
poetry
|
poetry
|
||||||
protobuf3_6
|
protobuf3_6
|
||||||
valgrind
|
|
||||||
wget
|
wget
|
||||||
zlib
|
zlib
|
||||||
] ++ stdenv.lib.optionals (!stdenv.isDarwin) [
|
] ++ stdenv.lib.optionals (!stdenv.isDarwin) [
|
||||||
procps
|
procps
|
||||||
|
valgrind
|
||||||
] ++ stdenv.lib.optionals (stdenv.isDarwin) [
|
] ++ stdenv.lib.optionals (stdenv.isDarwin) [
|
||||||
darwin.apple_sdk.frameworks.CoreAudio
|
darwin.apple_sdk.frameworks.CoreAudio
|
||||||
darwin.apple_sdk.frameworks.AudioToolbox
|
darwin.apple_sdk.frameworks.AudioToolbox
|
||||||
|
2
vendor/nanopb
vendored
2
vendor/nanopb
vendored
@ -1 +1 @@
|
|||||||
Subproject commit 1466e6f953835b191a7f5acf0c06c941d4cd33d9
|
Subproject commit 2b48a361786dfb1f63d229840217a93aae064667
|
Loading…
Reference in New Issue
Block a user