From 74bc28b3cb8f1898e72c2446e083f46e5e344c9c Mon Sep 17 00:00:00 2001 From: Tomas Susanka Date: Wed, 14 Aug 2019 16:27:17 +0200 Subject: [PATCH] ci: deploy firmwares to the internal server --- ci/build.yml | 19 +++--- ci/deploy.yml | 180 ++++++++++++++++++++++++++++++++++++++++++++++---- 2 files changed, 178 insertions(+), 21 deletions(-) diff --git a/ci/build.yml b/ci/build.yml index b435a13816..f26499be01 100644 --- a/ci/build.yml +++ b/ci/build.yml @@ -46,11 +46,11 @@ core fw regular build: - pipenv run make sizecheck - cd .. - export VERSION=$(./tools/version.sh core/embed/firmware/version.h) - - cp core/build/firmware/firmware.bin trezor-$VERSION-$CI_COMMIT_SHORT_SHA.bin + - cp core/build/firmware/firmware.bin trezor-fw-regular-$VERSION-$CI_COMMIT_SHORT_SHA.bin artifacts: name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" paths: - - trezor-*.*.*-$CI_COMMIT_SHORT_SHA.bin + - trezor-fw-regular-*.*.*-$CI_COMMIT_SHORT_SHA.bin expire_in: 1 week core fw btconly build: @@ -65,11 +65,11 @@ core fw btconly build: - cd .. - pipenv run ./tools/check-bitcoin-only core/build/firmware/firmware-bitcoinonly.bin - export VERSION=$(./tools/version.sh core/embed/firmware/version.h) - - cp core/build/firmware/firmware-bitcoinonly.bin trezor-$VERSION-$CI_COMMIT_SHORT_SHA-bitcoinonly.bin + - cp core/build/firmware/firmware-bitcoinonly.bin trezor-fw-btconly-$VERSION-$CI_COMMIT_SHORT_SHA.bin artifacts: name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" paths: - - trezor-*.*.*-$CI_COMMIT_SHORT_SHA-bitcoinonly.bin + - trezor-fw-btconly-*.*.*-$CI_COMMIT_SHORT_SHA.bin expire_in: 1 week core unix regular build: @@ -132,11 +132,12 @@ build core unix frozen regular darwin: - mkdir -p TrezorEmu-$CI_COMMIT_SHORT_SHA.app/Contents/{MacOS,libs} - cp -v core/build/unix/micropython TrezorEmu-$CI_COMMIT_SHORT_SHA.app/Contents/MacOS/TrezorEmu-$CI_COMMIT_SHORT_SHA - dylibbundler -of -b -i /usr/lib/system -d TrezorEmu-$CI_COMMIT_SHORT_SHA.app/Contents/libs -x TrezorEmu-$CI_COMMIT_SHORT_SHA.app/Contents/MacOS/TrezorEmu-$CI_COMMIT_SHORT_SHA + - mv TrezorEmu-$CI_COMMIT_SHORT_SHA.app trezor-emu-regular-macos-$VERSION-$CI_COMMIT_SHORT_SHA.app allow_failure: true artifacts: name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" paths: - - TrezorEmu-$CI_COMMIT_SHORT_SHA.app + - trezor-emu-regular-macos-$VERSION-$CI_COMMIT_SHORT_SHA.app expire_in: 1 week # Crypto @@ -175,11 +176,11 @@ legacy fw regular build: - pipenv run make -C demo - cd .. - export VERSION=$(./tools/version.sh legacy/firmware/version.h) - - cp legacy/firmware/trezor.bin trezor-$VERSION-$CI_COMMIT_SHORT_SHA.bin + - mv legacy/firmware/trezor.bin trezor-fw-regular-$VERSION-$CI_COMMIT_SHORT_SHA.bin artifacts: name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" paths: - - trezor-*.*.*-$CI_COMMIT_SHORT_SHA.bin + - trezor-fw-regular-*.*.*-$CI_COMMIT_SHORT_SHA.bin expire_in: 1 week legacy fw debug build: @@ -205,11 +206,11 @@ legacy fw btconly build: - cd .. - pipenv run ./tools/check-bitcoin-only legacy/firmware/trezor-bitcoinonly.bin - export VERSION=$(./tools/version.sh legacy/firmware/version.h) - - cp legacy/firmware/trezor-bitcoinonly.bin trezor-$VERSION-$CI_COMMIT_SHORT_SHA-bitcoinonly.bin + - mv legacy/firmware/trezor-bitcoinonly.bin trezor-fw-btconly-$VERSION-$CI_COMMIT_SHORT_SHA.bin artifacts: name: "$CI_JOB_NAME-$CI_COMMIT_SHORT_SHA" paths: - - trezor-*.*.*-$CI_COMMIT_SHORT_SHA-bitcoinonly.bin + - trezor-fw-btconly-*.*.*-$CI_COMMIT_SHORT_SHA.bin expire_in: 1 week legacy emu regular build: diff --git a/ci/deploy.yml b/ci/deploy.yml index e4be2310d7..565ebd69e3 100644 --- a/ci/deploy.yml +++ b/ci/deploy.yml @@ -1,40 +1,196 @@ image: registry.gitlab.com/satoshilabs/trezor/trezor-firmware/environment -# Core +# Releases -core to upgrade tests deploy: +release core fw regular deploy: stage: deploy variables: - DEPLOY_DIRECTORY: "${DEPLOY_BASE_DIR}/upgrade_tests" + DEPLOY_DIRECTORY: "releases/firmwares" + before_script: [] # no pipenv + dependencies: + - core fw regular build + script: + - export VERSION=$(./tools/version.sh core/embed/firmware/version.h) + - export NAME="trezor-fw-regular-$VERSION-$CI_COMMIT_SHORT_SHA.bin" + - echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME" + - mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}" + - rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME" + only: + - /^core\/v[0-9.]*$/ + except: + - branches # run for tags only + tags: + - deploy + +release core fw btconly deploy: + stage: deploy + variables: + DEPLOY_DIRECTORY: "releases/firmwares" + before_script: [] # no pipenv + dependencies: + - core fw btconly build + script: + - export VERSION=$(./tools/version.sh core/embed/firmware/version.h) + - export NAME="trezor-fw-btconly-$VERSION-$CI_COMMIT_SHORT_SHA.bin" + - echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME" + - mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}" + - rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME" + only: + - /^core\/v[0-9.]*$/ + except: + - branches # run for tags only + tags: + - deploy + +release legacy fw regular deploy: + stage: deploy + variables: + DEPLOY_DIRECTORY: "releases/firmwares" + before_script: [] # no pipenv + dependencies: + - legacy fw regular build + script: + - export VERSION=$(./tools/version.sh legacy/firmware/version.h) + - export NAME="trezor-fw-regular-$VERSION-$CI_COMMIT_SHORT_SHA.bin" + - echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME" + - mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}" + - rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME" + only: + - /^legacy\/v[0-9.]*$/ + except: + - branches # run for tags only + tags: + - deploy + +legacy fw btconly deploy: + stage: deploy + variables: + DEPLOY_DIRECTORY: "releases/firmwares" + before_script: [] # no pipenv + dependencies: + - legacy fw regular build + script: + - export VERSION=$(./tools/version.sh legacy/firmware/version.h) + - export NAME="trezor-fw-btconly-$VERSION-$CI_COMMIT_SHORT_SHA.bin" + - echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME" + - mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}" + - rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME" + only: + - /^legacy\/v[0-9.]*$/ + except: + - branches # run for tags only + tags: + - deploy + + +# Release candidates + +rc core fw regular deploy: + stage: deploy + before_script: [] # no pipenv + dependencies: + - core fw regular build + script: + - export DEPLOY_DIRECTORY="release_candidates/${CI_COMMIT_REF_NAME:8}/firmwares" # stripping 'release/' + - export VERSION=$(./tools/version.sh core/embed/firmware/version.h) + - export NAME="trezor-fw-regular-$VERSION-$CI_COMMIT_SHORT_SHA.bin" + - echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME" + - mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}" + - rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME" + only: + - /^release\/[0-9]{4}-[0-9]{2}$/ + tags: + - deploy + +rc core fw btconly deploy: + stage: deploy + before_script: [] # no pipenv + dependencies: + - core fw btconly build + script: + - export DEPLOY_DIRECTORY="release_candidates/${CI_COMMIT_REF_NAME:8}/firmwares" # stripping 'release/' + - export VERSION=$(./tools/version.sh core/embed/firmware/version.h) + - export NAME="trezor-fw-btconly-$VERSION-$CI_COMMIT_SHORT_SHA.bin" + - echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME" + - mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}" + - rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME" + only: + - /^release\/[0-9]{4}-[0-9]{2}$/ + tags: + - deploy + +rc legacy fw regular deploy: + stage: deploy + before_script: [] # no pipenv + dependencies: + - legacy fw regular build + script: + - export DEPLOY_DIRECTORY="release_candidates/${CI_COMMIT_REF_NAME:8}/firmwares" # stripping 'release/' + - export VERSION=$(./tools/version.sh legacy/firmware/version.h) + - export NAME="trezor-fw-regular-$VERSION-$CI_COMMIT_SHORT_SHA.bin" + - echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME" + - mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}" + - rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME" + only: + - /^release\/[0-9]{4}-[0-9]{2}$/ + tags: + - deploy + +rc legacy fw btconly deploy: + stage: deploy + before_script: [] # no pipenv + dependencies: + - legacy fw btconly build + script: + - export DEPLOY_DIRECTORY="release_candidates/${CI_COMMIT_REF_NAME:8}/firmwares" # stripping 'release/' + - export VERSION=$(./tools/version.sh legacy/firmware/version.h) + - export NAME="trezor-fw-btconly-$VERSION-$CI_COMMIT_SHORT_SHA.bin" + - echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME" + - mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}" + - rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME" + only: + - /^release\/[0-9]{4}-[0-9]{2}$/ + tags: + - deploy + +# Upgrade tests + +upgrade tests core deploy: + stage: deploy + variables: + DEPLOY_PATH: "${DEPLOY_BASE_DIR}/upgrade_tests" before_script: [] # no pipenv - when: manual dependencies: - core unix frozen debug build script: - TAG=`git tag --points-at HEAD | sed "s/\//-/"` - "[[ ! $TAG =~ 'core' ]] && echo 'Tag is not core/*: exiting.' && exit 1" - - DEST=${DEPLOY_DIRECTORY}/trezor-emu-`git tag --points-at HEAD | sed "s/\//-/"` + - DEST=${DEPLOY_PATH}/trezor-emu-`git tag --points-at HEAD | sed "s/\//-/"` - echo "Deploying to $DEST" - rsync --delete -va core/build/unix/micropython "$DEST" + only: + - /^core\/v[0-9.]*$/ + except: + - branches # run for tags only tags: - deploy - -# Legacy - -legacy to upgrade tests deploy: +upgrade tests legacy deploy: stage: deploy variables: - DEPLOY_DIRECTORY: "${DEPLOY_BASE_DIR}/upgrade_tests" + DEPLOY_PATH: "${DEPLOY_BASE_DIR}/upgrade_tests" before_script: [] # no pipenv - when: manual dependencies: - legacy emu regular build script: - TAG=`git tag --points-at HEAD | sed "s/\//-/"` - "[[ ! $TAG =~ 'legacy' ]] && echo 'Tag is not legacy/*: exiting.' && exit 1" - - DEST=${DEPLOY_DIRECTORY}/trezor-emu-`git tag --points-at HEAD | sed "s/\//-/"` + - DEST=${DEPLOY_PATH}/trezor-emu-`git tag --points-at HEAD | sed "s/\//-/"` - echo "Deploying to $DEST" - rsync --delete -va legacy/firmware/trezor.elf "$DEST" + only: + - /^legacy\/v[0-9.]*$/ + except: + - branches # run for tags only tags: - deploy