feat(espsecure): Allow prompting for HSM PIN in read_hsm_config #380
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build esptool | |
| on: [push, pull_request] | |
| jobs: | |
| build-esptool-binaries: | |
| name: Build esptool binaries for ${{ matrix.os }} | |
| runs-on: ${{ matrix.os }} | |
| strategy: | |
| matrix: | |
| os: [macos-latest, ubuntu-20.04, windows-latest, ARM, ARM64] | |
| include: | |
| - os: macos-latest | |
| TARGET: macos | |
| SEPARATOR: ':' | |
| - os: ubuntu-20.04 | |
| TARGET: linux-amd64 | |
| SEPARATOR: ':' | |
| - os: windows-latest | |
| TARGET: win64 | |
| EXTEN: .exe | |
| SEPARATOR: ';' | |
| - os: ARM | |
| CONTAINER: python:3.8-bullseye | |
| TARGET: arm | |
| SEPARATOR: ':' | |
| - os: ARM64 | |
| CONTAINER: python:3.8-bullseye | |
| TARGET: arm64 | |
| SEPARATOR: ':' | |
| container: ${{ matrix.CONTAINER }} # use python container on ARM | |
| env: | |
| DISTPATH: esptool-${{ matrix.TARGET }} | |
| STUBS_DIR: /esptool/targets/stub_flasher/ | |
| EFUSE_DIR: /espefuse/efuse_defs/ | |
| PIP_EXTRA_INDEX_URL: "https://dl.espressif.com/pypi" | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@master | |
| - name: Set up Python 3.8 | |
| # Skip setting python on ARM because of missing compatibility: https://github.com/actions/setup-python/issues/108 | |
| if: matrix.os != 'ARM' && matrix.os != 'ARM64' | |
| uses: actions/setup-python@master | |
| with: | |
| python-version: 3.8 | |
| - name: Install dependencies | |
| run: | | |
| python -m pip install --upgrade pip | |
| pip install pyinstaller | |
| pip install --user -e . | |
| - name: Build with PyInstaller | |
| run: | | |
| pyinstaller --distpath ./${{ env.DISTPATH }} -F --icon=ci/espressif.ico --add-data=".${{ env.STUBS_DIR }}*.json${{ matrix.SEPARATOR }}${{ env.STUBS_DIR }}" esptool.py | |
| pyinstaller --distpath ./${{ env.DISTPATH }} -F --icon=ci/espressif.ico --add-data=".${{ env.EFUSE_DIR }}*.yaml${{ matrix.SEPARATOR }}${{ env.EFUSE_DIR }}" espefuse.py | |
| pyinstaller --distpath ./${{ env.DISTPATH }} -F --icon=ci/espressif.ico espsecure.py | |
| pyinstaller --distpath ./${{ env.DISTPATH }} -F --icon=ci/espressif.ico esp_rfc2217_server.py | |
| - name: Sign binaries | |
| if: matrix.os == 'windows-latest' && github.event_name != 'pull_request' | |
| env: | |
| CERTIFICATE: ${{ secrets.CERTIFICATE }} | |
| CERTIFICATE_PASSWORD: ${{ secrets.CERTIFICATE_PASSWORD }} | |
| shell: pwsh | |
| run: | | |
| ./ci/Sign-File.ps1 -Path ./${{ env.DISTPATH }}/esptool.exe | |
| ./ci/Sign-File.ps1 -Path ./${{ env.DISTPATH }}/espefuse.exe | |
| ./ci/Sign-File.ps1 -Path ./${{ env.DISTPATH }}/espsecure.exe | |
| ./ci/Sign-File.ps1 -Path ./${{ env.DISTPATH }}/esp_rfc2217_server.exe | |
| - name: Test binaries | |
| shell: bash | |
| run: | | |
| ./${{ env.DISTPATH }}/esptool${{ matrix.EXTEN }} -h | |
| ./${{ env.DISTPATH }}/espefuse${{ matrix.EXTEN }} -h | |
| ./${{ env.DISTPATH }}/espsecure${{ matrix.EXTEN }} -h | |
| ./${{ env.DISTPATH }}/esp_rfc2217_server${{ matrix.EXTEN }} -h | |
| - name: Add license and readme | |
| shell: bash | |
| run: mv LICENSE README.md ./${{ env.DISTPATH }} | |
| - name: Archive artifact | |
| uses: actions/upload-artifact@master | |
| with: | |
| name: ${{ env.DISTPATH }} | |
| path: ${{ env.DISTPATH }} | |
| create_release: | |
| name: Create GitHub release | |
| if: startsWith(github.ref, 'refs/tags/') | |
| needs: build-esptool-binaries | |
| runs-on: ubuntu-latest | |
| outputs: | |
| upload_url: ${{ steps.create_release.outputs.upload_url }} | |
| VERSION: ${{ steps.get_version.outputs.VERSION }} | |
| steps: | |
| - name: Create release | |
| id: create_release | |
| uses: actions/create-release@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: ${{ github.ref }} | |
| release_name: Version ${{ github.ref }} | |
| draft: true | |
| prerelease: false | |
| - name: Get version | |
| id: get_version | |
| run: echo ::set-output name=VERSION::${GITHUB_REF/refs\/tags\//} | |
| shell: bash | |
| upload_assets: | |
| name: Upload release assets | |
| if: startsWith(github.ref, 'refs/tags/') | |
| needs: create_release | |
| runs-on: ubuntu-latest | |
| strategy: | |
| matrix: | |
| TARGET: [macos, linux-amd64, win64, arm, arm64] | |
| env: | |
| DISTPATH: esptool-${{ needs.create_release.outputs.VERSION }}-${{ matrix.TARGET }} | |
| steps: | |
| - name: Download built binaries | |
| uses: actions/download-artifact@master | |
| - name: Rename and package binaries | |
| run: | | |
| mv esptool-${{ matrix.TARGET }} ${{ env.DISTPATH }} | |
| zip -r ${{ env.DISTPATH }}.zip ./${{ env.DISTPATH }}/* | |
| - name: Upload release assets | |
| id: upload-release-asset | |
| uses: actions/upload-release-asset@v1 | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| upload_url: ${{ needs.create_release.outputs.upload_url }} | |
| asset_path: "${{ env.DISTPATH }}.zip" | |
| asset_name: "${{ env.DISTPATH }}.zip" | |
| asset_content_type: application/zip |