1
0
mirror of https://github.com/trezor/trezor-firmware.git synced 2024-10-31 20:39:48 +00:00

feat(ci): add sha checksum for alpine download and change to https

This commit is contained in:
vdovhanych 2021-07-20 11:07:03 +02:00 committed by Tomas Susanka
parent 2b3c75c4de
commit 63a42def17
2 changed files with 21 additions and 2 deletions

View File

@ -18,8 +18,22 @@ if [ -z "$ALPINE_ARCH" ]; then
esac esac
fi fi
if [ -z "$ALPINE_CHECKSUM" ]; then
case "$ALPINE_ARCH" in
aarch64)
ALPINE_CHECKSUM="bc541e148463b3dde10fdbb1af8eac4e34706eae8883c6d126263db07a9a9c42"
;;
x86_64)
ALPINE_CHECKSUM="bcdf5a4e58637b9228f8e474547a3de9ea02a05a5fa68a2495b0657ada7e65f6"
;;
*)
exit
esac
fi
CONTAINER_NAME=${CONTAINER_NAME:-trezor-firmware-env.nix} CONTAINER_NAME=${CONTAINER_NAME:-trezor-firmware-env.nix}
ALPINE_CDN=${ALPINE_CDN:-http://dl-cdn.alpinelinux.org/alpine} ALPINE_CDN=${ALPINE_CDN:-https://dl-cdn.alpinelinux.org/alpine}
ALPINE_RELEASE=${ALPINE_RELEASE:-3.14} ALPINE_RELEASE=${ALPINE_RELEASE:-3.14}
ALPINE_VERSION=${ALPINE_VERSION:-3.14.0} ALPINE_VERSION=${ALPINE_VERSION:-3.14.0}
ALPINE_TARBALL=${ALPINE_FILE:-alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz} ALPINE_TARBALL=${ALPINE_FILE:-alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz}
@ -59,6 +73,9 @@ else
fi fi
fi fi
# check alpine checksum
echo "${ALPINE_CHECKSUM} ci/${ALPINE_TARBALL}" | sha256sum -c
docker build --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" --build-arg NIX_VERSION="$NIX_VERSION" -t "$CONTAINER_NAME" ci/ docker build --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" --build-arg NIX_VERSION="$NIX_VERSION" -t "$CONTAINER_NAME" ci/
# stat under macOS has slightly different cli interface # stat under macOS has slightly different cli interface

View File

@ -8,13 +8,15 @@ environment:
ALPINE_RELEASE: "3.14" ALPINE_RELEASE: "3.14"
ALPINE_ARCH: "x86_64" ALPINE_ARCH: "x86_64"
ALPINE_VERSION: "3.14.0" ALPINE_VERSION: "3.14.0"
ALPINE_CHECKSUM: "bcdf5a4e58637b9228f8e474547a3de9ea02a05a5fa68a2495b0657aaa7e65f6"
NIX_VERSION: "2.3.14" NIX_VERSION: "2.3.14"
services: services:
- docker:dind - docker:dind
before_script: before_script:
- docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD - docker login $CI_REGISTRY -u $CI_REGISTRY_USER -p $CI_REGISTRY_PASSWORD
script: script:
- wget -nc -P ci/ http://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/releases/$ALPINE_ARCH/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz - wget -nc -P ci/ https://dl-cdn.alpinelinux.org/alpine/v$ALPINE_RELEASE/releases/$ALPINE_ARCH/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz
- echo "${ALPINE_CHECKSUM} ci/alpine-minirootfs-$ALPINE_VERSION-$ALPINE_ARCH.tar.gz" | sha256sum -c
- docker build --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" --build-arg NIX_VERSION="$NIX_VERSION" --build-arg FULLDEPS_TESTING=1 ci/ - docker build --tag $CONTAINER_NAME:$CI_COMMIT_SHA --tag $CONTAINER_NAME:latest --build-arg ALPINE_VERSION="$ALPINE_VERSION" --build-arg ALPINE_ARCH="$ALPINE_ARCH" --build-arg NIX_VERSION="$NIX_VERSION" --build-arg FULLDEPS_TESTING=1 ci/
- docker push $CONTAINER_NAME:$CI_COMMIT_SHA - docker push $CONTAINER_NAME:$CI_COMMIT_SHA
- docker push $CONTAINER_NAME:latest - docker push $CONTAINER_NAME:latest