diff --git a/build-docker.sh b/build-docker.sh index 44ea4ea9f..97982916f 100755 --- a/build-docker.sh +++ b/build-docker.sh @@ -52,12 +52,13 @@ function help_and_die() { echo " --skip-normal - do not build regular firmwares" echo " --skip-core - do not build core" echo " --skip-legacy - do not build legacy" - echo " --prodtest - build core prodtest" echo " --repository path/to/repo - checkout the repository from the given path/url" echo " --no-init - do not recreate docker environments" echo " --models - comma-separated list of models. default: --models R,T" + echo " --targets - comma-separated list of targets for core build. default: --targets boardloader,bootloader,firmware" echo " --help" echo + echo "Option --prodtest is deprecated. Use "--targets prodtest" to build prodtest." echo "Set PRODUCTION=0 to run non-production builds." echo "Set VENDOR_HEADER=vendorheader_prodtest_unsigned.bin to use the specified vendor header for prodtest." exit 0 @@ -67,9 +68,9 @@ OPT_BUILD_CORE=1 OPT_BUILD_LEGACY=1 OPT_BUILD_NORMAL=1 OPT_BUILD_BITCOINONLY=1 -OPT_BUILD_PRODTEST=0 INIT=1 MODELS=(R T) +CORE_TARGETS=(boardloader bootloader firmware) REPOSITORY="/local" @@ -94,10 +95,6 @@ while true; do OPT_BUILD_LEGACY=0 shift ;; - --prodtest) - OPT_BUILD_PRODTEST=1 - shift - ;; --repository) REPOSITORY="$2" shift 2 @@ -111,6 +108,11 @@ while true; do IFS=',' read -r -a MODELS <<< "$2" shift 2 ;; + --targets) + # take comma-separated next argument and turn it into an array + IFS=',' read -r -a CORE_TARGETS <<< "$2" + shift 2 + ;; *) break ;; @@ -267,6 +269,11 @@ for TREZOR_MODEL in ${MODELS[@]}; do DIRSUFFIX=${DIRSUFFIX/0/} DIRSUFFIX="-${TREZOR_MODEL}${DIRSUFFIX}" + MAKE_TARGETS="" + for TARGET in ${CORE_TARGETS[@]}; do + MAKE_TARGETS="$MAKE_TARGETS build_$TARGET" + done + SCRIPT_NAME=".build_core_${TREZOR_MODEL}_${BITCOIN_ONLY}.sh" cat < "build/$SCRIPT_NAME" # DO NOT MODIFY! @@ -275,11 +282,13 @@ for TREZOR_MODEL in ${MODELS[@]}; do set -e -o pipefail cd /reproducible-build/trezor-firmware/core $GIT_CLEAN_REPO - poetry run make clean vendor build_boardloader build_bootloader build_firmware - for item in bootloader firmware; do - poetry run ../python/tools/firmware-fingerprint.py \ - -o build/\$item/\$item.bin.fingerprint \ - build/\$item/\$item.bin + poetry run make clean vendor $MAKE_TARGETS + for item in bootloader firmware prodtest; do + if [ -f build/\$item/\$item.bin ]; then + poetry run ../python/tools/firmware-fingerprint.py \ + -o build/\$item/\$item.bin.fingerprint \ + build/\$item/\$item.bin + fi done rm -rf /build/* cp -r build/* /build @@ -288,6 +297,7 @@ EOF echo echo ">>> DOCKER RUN core BITCOIN_ONLY=$BITCOIN_ONLY TREZOR_MODEL=$TREZOR_MODEL PRODUCTION=$PRODUCTION" + echo " (targets: ${CORE_TARGETS[@]})" echo $DOCKER run \ @@ -299,6 +309,7 @@ EOF --env BITCOIN_ONLY="$BITCOIN_ONLY" \ --env TREZOR_MODEL="$TREZOR_MODEL" \ --env PRODUCTION="$PRODUCTION" \ + --env VENDOR_HEADER="$VENDOR_HEADER" \ --init \ "$SNAPSHOT_NAME" \ /nix/var/nix/profiles/default/bin/nix-shell --run "bash /local/build/$SCRIPT_NAME" @@ -351,46 +362,6 @@ EOF /nix/var/nix/profiles/default/bin/nix-shell --run "bash /local/build/$SCRIPT_NAME" done -if [ "$OPT_BUILD_PRODTEST" -eq "1" ]; then - for TREZOR_MODEL in ${MODELS[@]}; do - DIRSUFFIX="-${TREZOR_MODEL}-prodtest" - SCRIPT_NAME=".build_${TREZOR_MODEL}-prodtest.sh" - cat < "build/$SCRIPT_NAME" - # DO NOT MODIFY! - # this file was generated by ${BASH_SOURCE[0]} - # variant: core build prodtest - set -e -o pipefail - cd /reproducible-build/trezor-firmware/core - $GIT_CLEAN_REPO - poetry run make clean vendor build_prodtest - poetry run ../python/tools/firmware-fingerprint.py \ - -o build/prodtest/prodtest.bin.fingerprint \ - build/prodtest/prodtest.bin - rm -rf /build/* - cp -r build/* /build - chown -R $USER:$GROUP /build -EOF - - echo - echo ">>> DOCKER RUN core prodtest TREZOR_MODEL=$TREZOR_MODEL PRODUCTION=$PRODUCTION" - echo - - $DOCKER run \ - --network=host \ - -it \ - --rm \ - -v "$DIR:/local" \ - -v "$DIR/build/core$DIRSUFFIX":/build:z \ - --env TREZOR_MODEL="$TREZOR_MODEL" \ - --env PRODUCTION="$PRODUCTION" \ - --env VENDOR_HEADER="$VENDOR_HEADER" \ - --init \ - "$SNAPSHOT_NAME" \ - /nix/var/nix/profiles/default/bin/nix-shell --run "bash /local/build/$SCRIPT_NAME" - done -fi - - echo echo "Docker image retained as $SNAPSHOT_NAME" echo "To remove it, run:" @@ -403,8 +374,8 @@ echo "Built from commit $COMMIT_HASH" echo echo "Fingerprints:" for VARIANT in core legacy; do - for MODEL in "R" "T"; do - for DIRSUFFIX in "" "-bitcoinonly" "-prodtest"; do + for MODEL in ${MODELS[@]}; do + for DIRSUFFIX in "" "-bitcoinonly"; do BUILD_DIR=build/${VARIANT}-${MODEL}${DIRSUFFIX} for file in $BUILD_DIR/*/*.fingerprint; do if [ -f "$file" ]; then