forked from serkri/SmartEVSE-3
-
Notifications
You must be signed in to change notification settings - Fork 20
130 lines (129 loc) · 4.84 KB
/
pio-build.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
name: PlatformIO CI
on:
workflow_call:
inputs:
major:
required: true
type: string
minor:
required: true
type: string
patch:
required: true
type: string
prerelease:
required: false
type: string
outputs:
artifact:
description: "The first output string"
value: ${{ jobs.build.outputs.artifact }}
push:
branches:
- master
- release/*
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Get current branch
id: branch
run: echo "branch=${GITHUB_REF##*/}" >> $GITHUB_OUTPUT
- name: Get current datetime
id: datetime
run: echo "datetime=$(date +'%Y%m%dT%H%M%S')" >> $GITHUB_OUTPUT
- name: Get current time
id: time
run: echo "time=$(date +'%H%M%S')" >> $GITHUB_OUTPUT
- name: Get version
id: version
shell: bash
run: |
if [ -z "${{ inputs.major }}" ]
then
echo "version=${{ steps.time.outputs.time }}" >> $GITHUB_OUTPUT
else
if [ -z "${{ inputs.prerelease }}" ]
then
echo "version=${{ inputs.major }}.${{ inputs.minor }}.${{ inputs.patch }}" >> $GITHUB_OUTPUT
else
echo "version=${{ inputs.major }}.${{ inputs.minor }}.${{ inputs.patch }}-${{ inputs.prerelease }}" >> $GITHUB_OUTPUT
fi
fi
- uses: actions/checkout@v3
- name: Cache pip
uses: actions/cache@v3
with:
path: ~/.cache/pip
key: '${{ runner.os }}-pip-${{ hashFiles(''**/requirements.txt'') }}'
restore-keys: |
${{ runner.os }}-pip-
- name: Cache PlatformIO
uses: actions/cache@v3
with:
path: ~/.platformio
key: '${{ runner.os }}-${{ hashFiles(''**/lockfiles'') }}'
- name: Set up Python
uses: actions/setup-python@v4
with:
python-version: '3.10'
- name: Install PlatformIO
run: |
python -m pip install --upgrade pip
pip install --upgrade platformio
- name: Install libs
run: |
cd SmartEVSE-3
pio lib install
- name: Build normal version
env:
super_secret: ${{ secrets.SECRET_RSA_KEY }}
run: |
PLATFORMIO_BUILD_FLAGS='-DVERSION=\"v${{ steps.version.outputs.version }}\" -DDBG=0' pio run -d SmartEVSE-3/
# Create a temporary file
secret_file=$(mktemp)
# Write the secret to the temporary file, because passing it as command line argument might reveal it for users using ps -a
echo "$super_secret" > "$secret_file"
# Create signature file
openssl dgst -sign "$secret_file" -keyform PEM -sha256 -out firmware.sign -binary ./SmartEVSE-3/.pio/build/release/firmware.bin
# throw it all in one file
cat firmware.sign ./SmartEVSE-3/.pio/build/release/firmware.bin > ./SmartEVSE-3/.pio/build/release/firmware.signed.bin
# Remove the temporary file
rm -f "$secret_file"
- name: Upload firmware.bin
uses: actions/upload-artifact@v3
with:
name: dists_zip
path: ./SmartEVSE-3/.pio/build/release/*.bin
retention-days: 10
- name: Upload HowToFlash.txt
uses: actions/upload-artifact@v3
with:
name: dists_zip
path: ./SmartEVSE-3/HowToFlash.txt
retention-days: 10
- name: Build debug version
env:
super_secret: ${{ secrets.SECRET_RSA_KEY }}
run: |
PLATFORMIO_BUILD_FLAGS='-DVERSION=\"v${{ steps.version.outputs.version }}\" -DDBG=1' pio run -d SmartEVSE-3/
# Create a temporary file
secret_file=$(mktemp)
# Write the secret to the temporary file, because passing it as command line argument might reveal it for users using ps -a
echo "$super_secret" > "$secret_file"
# Create signature file
openssl dgst -sign "$secret_file" -keyform PEM -sha256 -out firmware.sign -binary ./SmartEVSE-3/.pio/build/release/firmware.bin
# throw it all in one file
cat firmware.sign ./SmartEVSE-3/.pio/build/release/firmware.bin > ./SmartEVSE-3/.pio/build/release/firmware.signed.bin
# Remove the temporary file
rm -f "$secret_file"
mv ./SmartEVSE-3/.pio/build/release/firmware.bin ./SmartEVSE-3/.pio/build/release/firmware.debug.bin
mv ./SmartEVSE-3/.pio/build/release/firmware.signed.bin ./SmartEVSE-3/.pio/build/release/firmware.debug.signed.bin
- name: Upload Artifact debug firmware
uses: actions/upload-artifact@v3
with:
name: dists_zip
path: ./SmartEVSE-3/.pio/build/release/*.bin
retention-days: 10
outputs:
artifact: dists_zip