lukechilds
/
passport-firmware
mirror of https://github.com/lukechilds/passport-firmware.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
85 Commits
42 Branches
8 Tags
43 MiB
 
 
 
 
 
 
Branch: dev-v1.0.7
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'dev-v1.0.7'
${ noResults }
passport-firmware/Justfile

100 lines
3.0 KiB
Raw Permalink Blame History

export DOCKER_REGISTRY_BASE := ''
commit_sha := `git rev-parse HEAD`
docker_image := 'foundation-devices/firmware-builder:' + commit_sha
base_path := 'ports/stm32'
firmware_path := base_path + '/build-Passport/firmware.bin'
# build the docker image and then the firmware and bootloader
build: docker-build firmware-build bootloader-build
# build the dependency docker image
docker-build:
#!/usr/bin/env bash
set -exo pipefail
docker build -t ${DOCKER_REGISTRY_BASE}{{ docker_image }} .
# build the firmware inside docker
firmware-build:
#!/usr/bin/env bash
set -exo pipefail
docker run --rm -v "$PWD":/workspace \
-w /workspace/{{ base_path }} \
--entrypoint bash \
${DOCKER_REGISTRY_BASE}{{ docker_image }} \
-c 'make BOARD=Passport MPY_CROSS=/usr/bin/mpy-cross'
# build the bootloader inside docker
bootloader-build:
#!/usr/bin/env bash
set -exo pipefail
docker run --rm -v "$PWD":/workspace \
-w /workspace/{{ base_path }} \
--entrypoint bash \
${DOCKER_REGISTRY_BASE}{{ docker_image }} \
-c 'make -C boards/Passport/bootloader'
# build the docker image and get the tools from it
tools: docker-build cosign-tool add-secrets-tool word-list-gen-tool
# get cosign tool from built docker image
cosign-tool:
#!/usr/bin/env bash
set -exo pipefail
docker run --rm -v "$PWD":/workspace \
-w /workspace \
--entrypoint bash \
${DOCKER_REGISTRY_BASE}{{ docker_image }} \
-c 'cp /usr/bin/cosign cosign'
# get add-secrets tool from built docker image
add-secrets-tool:
#!/usr/bin/env bash
set -exo pipefail
docker run --rm -v "$PWD":/workspace \
-w /workspace \
--entrypoint bash \
${DOCKER_REGISTRY_BASE}{{ docker_image }} \
-c 'make -C ports/stm32/boards/Passport/tools/add-secrets'
# get word_list_gen tool from built docker image
word-list-gen-tool:
#!/usr/bin/env bash
set -exo pipefail
docker run --rm -v "$PWD":/workspace \
-w /workspace/ports/stm32/boards/Passport/tools/word_list_gen \
--entrypoint bash \
${DOCKER_REGISTRY_BASE}{{ docker_image }} \
-c 'gcc word_list_gen.c bip39_words.c bytewords_words.c -o word_list_gen'
# run the built firmware through SHA256
verify-sha sha: build
#!/usr/bin/env bash
sha=$(shasum -a 256 {{ firmware_path }} | awk '{print $1}')
echo -e "Expected SHA:\t{{ sha }}"
echo -e "Actual SHA:\t${sha}"
if [ "$sha" = "{{ sha }}" ]; then
echo "Hashes match!"
else
echo "ERROR: Hashes DO NOT match!"
fi
# sign the built firmware using a private key and the cosign tool
sign keypath version filepath=firmware_path: firmware-build
#!/usr/bin/env bash
set -exo pipefail
docker run --rm -v "$PWD":/workspace \
-w /workspace \
--entrypoint bash \
${DOCKER_REGISTRY_BASE}{{ docker_image }} \
-c "cosign -f {{ filepath }} -k {{ keypath }} -v {{ version }}"
# clean firmware build
clean:
docker run --rm -v "$PWD":/workspace \
-w /workspace/{{ base_path }} \
--entrypoint bash \
${DOCKER_REGISTRY_BASE}{{ docker_image }} \
-c "make clean BOARD=Passport"