SFT-906: only verify addresses of multisig that contain the current xfp #1468
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# SPDX-FileCopyrightText: © 2021 Foundation Devices, Inc. <hello@foundationdevices.com> | |
# SPDX-License-Identifier: GPL-3.0-or-later | |
# | |
# validate_and_build.yaml - GitHub actions for Passport | |
name: Validate and Build | |
on: [push] | |
jobs: | |
lint: | |
name: Lint | |
runs-on: ubuntu-20.04 | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v2 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v4 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: extractions/setup-just@aa5d15c144db4585980a44ebfdd2cf337c4f14cb | |
- run: echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
- name: Lint the codebase | |
run: just lint | |
build-firmware: | |
name: Build Firmware | |
runs-on: ubuntu-20.04 | |
needs: [lint] | |
strategy: | |
matrix: | |
build: [{screen: "mono", suffix: "-founders-passport"}, {screen: "color", suffix: "-passport"}] | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v2 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v4 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: extractions/setup-just@aa5d15c144db4585980a44ebfdd2cf337c4f14cb | |
- run: | | |
echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
echo "SCREEN_MODE=$(echo "${{ matrix.build.screen }}" | tr a-z A-Z)" >> $GITHUB_ENV | |
- name: Build | |
run: | | |
echo "$SIGNING_KEY" > ports/stm32/signing_key.pem | |
version=$(cat version.txt) | |
echo "version=$(cat version.txt)" >> $GITHUB_ENV | |
just sign signing_key.pem "${version}" ${{ matrix.build.screen }} | |
env: | |
SIGNING_KEY: ${{ secrets.UserSigningKey }} | |
- name: Upload firmware (unsigned) | |
uses: actions/upload-artifact@v2 | |
with: | |
name: v${{env.version}}-unsigned${{ matrix.build.suffix }}.bin | |
path: ports/stm32/build-Passport/firmware-${{ env.SCREEN_MODE }}.bin | |
- name: Upload firmware (signed) | |
uses: actions/upload-artifact@v2 | |
with: | |
name: v${{env.version}}-beta${{ matrix.build.suffix }}.bin | |
path: ports/stm32/build-Passport/v${{env.version}}-beta${{ matrix.build.suffix }}.bin | |
build-bootloader: | |
name: Build Bootloader | |
runs-on: ubuntu-20.04 | |
needs: [lint, build-firmware] | |
# TODO: PASS1-665. | |
strategy: | |
matrix: | |
screen: ["color"] | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v2 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v4 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: extractions/setup-just@aa5d15c144db4585980a44ebfdd2cf337c4f14cb | |
- run: | | |
echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
echo "SCREEN_MODE=$(echo ${{ matrix.screen }} | tr a-z A-Z)" >> $GITHUB_ENV | |
- name: Build | |
run: just build-bootloader ${{ matrix.screen }} | |
- name: Upload bootloader | |
uses: actions/upload-artifact@v2 | |
with: | |
name: bootloader-${{ env.SCREEN_MODE }}.bin | |
path: ports/stm32/boards/Passport/bootloader/arm/release/bootloader-${{ env.SCREEN_MODE }}.bin | |
build-simulator: | |
name: Build Simulator | |
runs-on: ubuntu-20.04 | |
needs: [lint, build-firmware] | |
strategy: | |
matrix: | |
screen: ["mono", "color"] | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v2 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v4 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: extractions/setup-just@aa5d15c144db4585980a44ebfdd2cf337c4f14cb | |
- run: echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
- name: Build | |
run: just build-simulator ${{ matrix.screen }} | |
build-tools: | |
name: Build Tools | |
runs-on: ubuntu-20.04 | |
needs: [lint] | |
services: | |
registry: | |
image: registry:2 | |
ports: | |
- 5000:5000 | |
steps: | |
- uses: actions/checkout@v3 | |
with: | |
fetch-depth: 0 | |
- uses: docker/setup-buildx-action@v2 | |
with: | |
driver-opts: network=host | |
- uses: docker/build-push-action@v4 | |
with: | |
push: true | |
context: . | |
cache-from: type=gha | |
cache-to: type=gha | |
tags: localhost:5000/foundation-devices/passport2:latest | |
- uses: extractions/setup-just@aa5d15c144db4585980a44ebfdd2cf337c4f14cb | |
- run: echo "DOCKER_IMAGE=localhost:5000/foundation-devices/passport2:latest" >> $GITHUB_ENV | |
- name: Build | |
run: just tools |