huntc b0529bc943 Support codesigning in the firmware updater
This commit provides a method to verify that firmware has been signed with a private key given its public key. The implementation uses ed25519-dalek as the signature verifier. An "ed25519" feature is required to enable the functionality. When disabled (the default), calling the firmware updater's verify method will return a failure.
2023-01-12 13:30:58 +11:00

79 lines
2.2 KiB
YAML

name: Rust
on:
push:
branches: [staging, trying, master]
pull_request:
branches: [master]
env:
CARGO_TERM_COLOR: always
jobs:
all:
runs-on: ubuntu-latest
needs: [build-nightly, build-stable, test]
steps:
- name: Done
run: exit 0
build-nightly:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- uses: actions/checkout@v2
with:
submodules: true
- name: Cache multiple paths
uses: actions/cache@v2
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target_ci
key: rust3-${{ runner.os }}-${{ hashFiles('rust-toolchain.toml') }}
- name: build
run: |
curl -L -o /usr/local/bin/cargo-batch https://github.com/embassy-rs/cargo-batch/releases/download/batch-0.3.0/cargo-batch
chmod +x /usr/local/bin/cargo-batch
./ci.sh
rm -rf target_ci/*{,/release}/{build,deps,.fingerprint}/{lib,}{embassy,stm32}*
build-stable:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
with:
submodules: true
- name: Cache multiple paths
uses: actions/cache@v2
with:
path: |
~/.cargo/bin/
~/.cargo/registry/index/
~/.cargo/registry/cache/
~/.cargo/git/db/
target_ci_stable
key: rust-stable-${{ runner.os }}-${{ hashFiles('rust-toolchain.toml') }}
- name: build
run: |
curl -L -o /usr/local/bin/cargo-batch https://github.com/embassy-rs/cargo-batch/releases/download/batch-0.3.0/cargo-batch
chmod +x /usr/local/bin/cargo-batch
./ci_stable.sh
rm -rf target_ci_stable/*{,/release}/{build,deps,.fingerprint}/{lib,}{embassy,stm32}*
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- name: Test boot
working-directory: ./embassy-boot/boot
run: cargo test && cargo test --features "ed25519-dalek" && cargo test --features "ed25519-salty"
- name: Test sync
working-directory: ./embassy-sync
run: cargo test