mirror of
https://github.com/trezor/trezor-firmware.git
synced 2024-12-21 05:48:23 +00:00
306 lines
9.8 KiB
YAML
306 lines
9.8 KiB
YAML
image: registry.gitlab.com/satoshilabs/trezor/trezor-firmware/trezor-firmware-env.nix
|
|
|
|
# Releases
|
|
|
|
release core fw regular deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_DIRECTORY: "releases/firmwares/tt"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- core fw regular build
|
|
script:
|
|
- export VERSION=$(./tools/version.sh core/embed/firmware/version.h)
|
|
- export NAME="firmware-T2T1-$VERSION-$CI_COMMIT_SHORT_SHA.bin"
|
|
- echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME"
|
|
- mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}"
|
|
- rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME"
|
|
only:
|
|
- /^core\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
release core fw btconly deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_DIRECTORY: "releases/firmwares/tt"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- core fw btconly build
|
|
script:
|
|
- export VERSION=$(./tools/version.sh core/embed/firmware/version.h)
|
|
- export NAME="firmware-T2T1-btconly-$VERSION-$CI_COMMIT_SHORT_SHA.bin"
|
|
- echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME"
|
|
- mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}"
|
|
- rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME"
|
|
only:
|
|
- /^core\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
release core fw regular debug deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_DIRECTORY: "releases/firmwares/tt"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- core fw regular debug build
|
|
script:
|
|
- export VERSION=$(./tools/version.sh core/embed/firmware/version.h)
|
|
- export NAME="firmware-T2T1-debug-$VERSION-$CI_COMMIT_SHORT_SHA.bin"
|
|
- echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME"
|
|
- mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}"
|
|
- rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME"
|
|
only:
|
|
- /^core\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
release core fw btconly debug deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_DIRECTORY: "releases/firmwares/tt"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- core fw btconly debug build
|
|
script:
|
|
- export VERSION=$(./tools/version.sh core/embed/firmware/version.h)
|
|
- export NAME="firmware-T2T1-btconly-debug-$VERSION-$CI_COMMIT_SHORT_SHA.bin"
|
|
- echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME"
|
|
- mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}"
|
|
- rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME"
|
|
only:
|
|
- /^core\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
# Legacy
|
|
|
|
release legacy fw regular deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_DIRECTORY: "releases/firmwares/t1"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- legacy fw regular build
|
|
script:
|
|
- export VERSION=$(./tools/version.sh legacy/firmware/version.h)
|
|
- export NAME="firmware-T1B1-$VERSION-$CI_COMMIT_SHORT_SHA.bin"
|
|
- echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME"
|
|
- mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}"
|
|
- rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME"
|
|
only:
|
|
- /^legacy\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
release legacy fw btconly deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_DIRECTORY: "releases/firmwares/t1"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- legacy fw btconly build
|
|
script:
|
|
- export VERSION=$(./tools/version.sh legacy/firmware/version.h)
|
|
- export NAME="firmware-T1B1-btconly-$VERSION-$CI_COMMIT_SHORT_SHA.bin"
|
|
- echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME"
|
|
- mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}"
|
|
- rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME"
|
|
only:
|
|
- /^legacy\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
release legacy fw regular debug deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_DIRECTORY: "releases/firmwares/t1"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- legacy fw regular debug build
|
|
script:
|
|
- export VERSION=$(./tools/version.sh legacy/firmware/version.h)
|
|
- export NAME="firmware-T1B1-debug-$VERSION-$CI_COMMIT_SHORT_SHA.bin"
|
|
- echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME"
|
|
- mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}"
|
|
- rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME"
|
|
only:
|
|
- /^legacy\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
release legacy fw btconly debug deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_DIRECTORY: "releases/firmwares/t1"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- legacy fw btconly debug build
|
|
script:
|
|
- export VERSION=$(./tools/version.sh legacy/firmware/version.h)
|
|
- export NAME="firmware-T1B1-btconly-debug-$VERSION-$CI_COMMIT_SHORT_SHA.bin"
|
|
- echo "Deploying to ${DEPLOY_DIRECTORY}/$NAME"
|
|
- mkdir -p "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}"
|
|
- rsync --delete -va $NAME "${DEPLOY_BASE_DIR}/${DEPLOY_DIRECTORY}/$NAME"
|
|
only:
|
|
- /^legacy\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
# Emulators, used also for upgrade tests
|
|
|
|
release core unix debug deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_PATH: "${DEPLOY_BASE_DIR}/releases/emulators"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- core unix frozen debug build
|
|
- core unix frozen debug build arm
|
|
script:
|
|
- export VERSION=$(./tools/version.sh core/embed/firmware/version.h)
|
|
- DEST="$DEPLOY_PATH/trezor-emu-core-v$VERSION"
|
|
- DEST_ARM="$DEPLOY_PATH/arm/trezor-emu-core-v$VERSION-arm"
|
|
- echo "Deploying to $DEST and $DEST_ARM"
|
|
- $NIX_SHELL -p patchelf --run "patchelf --set-interpreter /lib64/ld-linux-x86-64.so.2 core/build/unix/trezor-emu-core"
|
|
- $NIX_SHELL -p patchelf --run "patchelf --set-interpreter /lib/ld-linux-aarch64.so.1 core/build/unix/trezor-emu-core-arm"
|
|
- rsync --delete -va core/build/unix/trezor-emu-core "$DEST"
|
|
- rsync --delete -va core/build/unix/trezor-emu-core-arm "$DEST_ARM"
|
|
only:
|
|
- /^core\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
release legacy unix debug deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_PATH: "${DEPLOY_BASE_DIR}/releases/emulators"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- legacy emu regular debug build
|
|
- legacy emu regular debug build arm
|
|
script:
|
|
- export VERSION=$(./tools/version.sh legacy/firmware/version.h)
|
|
- DEST="$DEPLOY_PATH/trezor-emu-legacy-v$VERSION"
|
|
- DEST_ARM="$DEPLOY_PATH/arm/trezor-emu-legacy-v$VERSION-arm"
|
|
- echo "Deploying to $DEST and $DEST_ARM"
|
|
- $NIX_SHELL -p patchelf --run "patchelf --set-interpreter /lib64/ld-linux-x86-64.so.2 legacy/firmware/trezor.elf"
|
|
- $NIX_SHELL -p patchelf --run "patchelf --set-interpreter /lib/ld-linux-aarch64.so.1 legacy/firmware/trezor-arm.elf"
|
|
- rsync --delete -va legacy/firmware/trezor.elf "$DEST"
|
|
- rsync --delete -va legacy/firmware/trezor-arm.elf "$DEST_ARM"
|
|
only:
|
|
- /^legacy\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
# UI tests
|
|
|
|
ui tests fixtures deploy:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_PATH: "${DEPLOY_BASE_DIR}/ui_tests/"
|
|
BUCKET: "data.trezor.io"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
before_script: [] # no poetry
|
|
interruptible: false
|
|
needs:
|
|
- core click test
|
|
- core device test
|
|
- core persistence test
|
|
- legacy device test
|
|
- core device R test
|
|
- core click R test
|
|
script:
|
|
- echo "Deploying to $DEPLOY_PATH"
|
|
- rsync --delete -va ci/ui_test_records/* "$DEPLOY_PATH"
|
|
- source ${AWS_DEPLOY_DATA}
|
|
- aws s3 sync $DEPLOY_PATH s3://$BUCKET/dev/firmware/ui_tests
|
|
# This "hack" is needed because aws does not have an easy option to generate autoindex. We fetch the one autogenerated by nginx on local server.
|
|
- wget https://firmware.corp.sldev.cz/ui_tests/ -O index.html && aws s3 cp index.html s3://$BUCKET/dev/firmware/ui_tests/
|
|
tags:
|
|
- deploy
|
|
|
|
# sync to aws
|
|
|
|
sync emulators to aws:
|
|
stage: deploy
|
|
variables:
|
|
DEPLOY_PATH: "${DEPLOY_BASE_DIR}/releases/emulators/"
|
|
BUCKET: "data.trezor.io"
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
interruptible: false
|
|
before_script: [] # no poetry
|
|
script:
|
|
- source ${AWS_DEPLOY_DATA}
|
|
- aws s3 sync $DEPLOY_PATH s3://$BUCKET/dev/firmware/releases/emulators/
|
|
# This "hack" is needed because aws does not have an easy option to generate autoindex. We fetch the one autogenerated by nginx on local server.
|
|
- wget https://firmware.corp.sldev.cz/releases/emulators/ -O index.html && aws s3 cp index.html s3://$BUCKET/dev/firmware/releases/emulators/
|
|
- wget https://firmware.corp.sldev.cz/releases/emulators/arm/ -O index.html && aws s3 cp index.html s3://$BUCKET/dev/firmware/releases/emulators/arm/
|
|
# invalidate cloudfront cache for dev/ directory.
|
|
- aws cloudfront create-invalidation --distribution-id E1ERY5K2OTKKI1 --paths '/dev/*'
|
|
only:
|
|
- /^legacy\//
|
|
- /^core\//
|
|
except:
|
|
- branches # run for tags only
|
|
tags:
|
|
- deploy
|
|
|
|
# common sync to trezor-common
|
|
|
|
common sync:
|
|
stage: deploy
|
|
variables:
|
|
GIT_SUBMODULE_STRATEGY: "none"
|
|
GIT_STRATEGY: clone # clone entire repo instead of reusing workspace
|
|
GIT_DEPTH: 0 # avoid shallow clone
|
|
only:
|
|
- schedules
|
|
interruptible: false
|
|
needs: []
|
|
before_script: [] # no poetry
|
|
script:
|
|
- echo "Synchronizing common with the trezor-common repository"
|
|
- ./ci/common_sync/common_repo_sync.sh
|