build-classic1s #591

Workflow file for this run

.github/workflows/build-classic1s.yml at c9ddd18

	name: "build-classic1s"

	on:
	schedule:
	- cron: '30 19 * * 0,1,2,3,4'
	workflow_dispatch:

	jobs:
	build-classic1s:
	runs-on: ubuntu-latest
	name: "Build Classic1S (${{ matrix.artifact_suffix }})"
	outputs:
	firmware_version: ${{ steps.vars.outputs.firmware_version }}
	boot_version: ${{ steps.vars.outputs.boot_version }}
	short_hash: ${{ steps.vars.outputs.short_hash }}
	build_date: ${{ steps.vars.outputs.build_date }}
	artifacts_url: ${{ steps.vars.outputs.artifacts_url }}
	strategy:
	fail-fast: false
	matrix:
	include:
	- build_type: "prod"
	bitcoin_only: 0
	artifact_suffix: "prod"
	- build_type: "prod"
	bitcoin_only: 1
	artifact_suffix: "prod-bitcoin-only"
	- build_type: "qa"
	bitcoin_only: 0
	artifact_suffix: "qa"
	- build_type: "qa"
	bitcoin_only: 1
	artifact_suffix: "qa-bitcoin-only"

	steps:
	- name: "Checkout"
	uses: actions/checkout@v3

	- name: Populate vars
	id: vars
	run: \|
	BOOT_VERSION=$(./tools/version.sh ./legacy/bootloader/version.h)
	FIRMWARE_VERSION=$(awk -F '"' '/ONEKEY_VERSION /{print $2}' ./legacy/firmware/version.h)
	BUILD_DATE=$(date +"%Y%m%d")
	SHORT_HASH=$(git rev-parse --short HEAD)

	echo "BOOT_VERSION=$BOOT_VERSION" >> $GITHUB_ENV
	echo "BUILD_DATE=$BUILD_DATE" >> $GITHUB_ENV
	echo "SHORT_HASH=$SHORT_HASH" >> $GITHUB_ENV
	echo "FIRMWARE_VERSION=$FIRMWARE_VERSION" >> $GITHUB_ENV
	ARTIFACTS_URL="${GITHUB_SERVER_URL}/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}"
	echo "ARTIFACTS_URL=${ARTIFACTS_URL}" >> $GITHUB_ENV

	echo "firmware_version=$FIRMWARE_VERSION" >> $GITHUB_OUTPUT
	echo "boot_version=$BOOT_VERSION" >> $GITHUB_OUTPUT
	echo "short_hash=$SHORT_HASH" >> $GITHUB_OUTPUT
	echo "build_date=$BUILD_DATE" >> $GITHUB_OUTPUT
	echo "artifacts_url=$ARTIFACTS_URL" >> $GITHUB_OUTPUT

	- name: "Build classic1S firmware"
	run: \|
	sh <(curl -L https://releases.nixos.org/nix/nix-2.23.3/install) --no-daemon
	. $HOME/.nix-profile/etc/profile.d/nix.sh

	nix-shell --run "poetry install"
	nix-shell --run "poetry run ./legacy/script/setup"

	if [ "${{ matrix.bitcoin_only }}" = "1" ]; then
	export BITCOIN_ONLY=1
	fi

	if [ "${{ matrix.build_type }}" = "qa" ]; then
	export FIRMWARE_QA=1
	export PRODUCTION=0
	export BOOTLOADER_QA=1
	SIGN_SCRIPT="./legacy/debug_signing/sign_onekey_qa.py"
	else
	export PRODUCTION=1
	fi

	nix-shell --run "poetry run ./legacy/script/cibuild"

	mkdir -p ${{ matrix.artifact_suffix }}

	if [ "${{ matrix.build_type }}" = "qa" ]; then
	nix-shell --run "poetry run pip install ecdsa && poetry run $SIGN_SCRIPT \
	./legacy/firmware/classicStable.bin \
	-S 1:${{ secrets.SECRET_QA_KEY_1 }} \
	-S 2:${{ secrets.SECRET_QA_KEY_2 }} \
	-S 3:${{ secrets.SECRET_QA_KEY_3 }} \
	-S 4:${{ secrets.SECRET_QA_KEY_4 }}"

	cp ./legacy/firmware/classicStableqa.signed.bin ${{ matrix.artifact_suffix }}
	else
	cp ./legacy/firmware/classicStable.bin ${{ matrix.artifact_suffix }}
	fi

	if [ "${{ matrix.bitcoin_only }}" = "0" ]; then
	cp ./legacy/bootloader/classic1s_bootloaderStable.bin ${{ matrix.artifact_suffix }}
	./legacy/script/hash.py -t bootloader -f ${{ matrix.artifact_suffix }}/classic1s_bootloaderStable.bin > ${{ matrix.artifact_suffix }}/hash.txt
	./legacy/script/hash.py -t firmware -f ${{ matrix.artifact_suffix }}/classic1s.Stable.bin >> ${{ matrix.artifact_suffix }}/hash.txt
	else
	./legacy/script/hash.py -t firmware -f ${{ matrix.artifact_suffix }}/classic1s.Stable.bin > ${{ matrix.artifact_suffix }}/hash.txt
	fi

	- name: "Upload Artifacts"
	uses: actions/upload-artifact@v4
	with:
	name: classic1s-${{ matrix.artifact_suffix }}-${{ env.SHORT_HASH }}
	path: ${{ matrix.artifact_suffix }}/

	notify-slack:
	runs-on: ubuntu-latest
	needs: build-classic1s
	env:
	FIRMWARE_VERSION: ${{ needs.build-classic1s.outputs.firmware_version }}
	BOOT_VERSION: ${{ needs.build-classic1s.outputs.boot_version }}
	SHORT_HASH: ${{ needs.build-classic1s.outputs.short_hash }}
	BUILD_DATE: ${{ needs.build-classic1s.outputs.build_date }}
	steps:
	- name: "Send notification"
	uses: onekeyhq/actions/notice-slack-app-update@main
	with:
	web-hook-url: ${{ secrets.SLACK_DEV_RELEASE_WEBHOOK }}
	artifact-type: CLASSIC-FIRMWARE-1S
	artifact-name: Classic-Hardware-Firmware-1S
	artifact-bundle-id: 'so.onekey.firmware.classic2'
	artifact-version-name: '${{ env.FIRMWARE_VERSION }}'
	artifact-version-code: '${{ env.SHORT_HASH }}-${{ env.BUILD_DATE }}'
	artifact-download-url: '${{ needs.build-classic1s.outputs.artifacts_url }}'
	change-log: 'firmware@${{ env.FIRMWARE_VERSION }} / boot@${{ env.BOOT_VERSION }}'
	custom-issue-url: ''

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build-classic1s #591

Workflow file

build-classic1s #591

Uh oh!

Workflow file for this run