tiiuae-pixhawk-and-saluki #1361
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: tiiuae-pixhawk-and-saluki | |
| on: | |
| push: | |
| branches: [ main ] | |
| tags: | |
| - 'v1.14.0-*' | |
| pull_request: | |
| branches: [ main ] | |
| # Allows you to run this workflow manually from the Actions tab | |
| workflow_dispatch: | |
| inputs: | |
| jfrog-upload: | |
| description: 'upload to Artifactory' | |
| required: false | |
| default: false | |
| type: boolean | |
| saluki-v2-manual-fpga-version: | |
| description: 'saluki-v2 optional fpga version (e.g. sha-3b85ccc)' | |
| required: false | |
| default: '' | |
| type: string | |
| saluki-v3-manual-fpga-version: | |
| description: 'saluki-v3 optional fpga version (e.g. sha-3b85ccc)' | |
| required: false | |
| default: '' | |
| type: string | |
| saluki-pi-manual-fpga-version: | |
| description: 'saluki-pi optional fpga version (e.g. sha-cd7bb6b)' | |
| required: false | |
| default: '' | |
| type: string | |
| permissions: | |
| contents: read | |
| packages: write | |
| env: | |
| saluki_pi_fpga_version: "sha-b7e842d" | |
| saluki_v2_fpga_version: "sha-b7e842d" | |
| saluki_v3_fpga_version: "sha-b7e842d" | |
| jobs: | |
| fc_matrix: | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| product: [pixhawk, fmu-v6xrt, saluki-v2_default, saluki-v2_amp, saluki-v2_flat, saluki-pi_default, saluki-pi_amp, saluki-pi_flat, saluki-v3_default, saluki-v3_amp, saluki-v3_flat] | |
| include: | |
| - product: saluki-v2_custom_keys | |
| keys: Tools/saluki-sec-scripts/custom_keys/saluki-v2/px4_bin_ed25519_private.pem | |
| - product: saluki-v3_custom_keys | |
| keys: Tools/saluki-sec-scripts/custom_keys/saluki-v3/px4_bin_ed25519_private.pem | |
| - product: saluki-pi_custom_keys | |
| keys: Tools/saluki-sec-scripts/custom_keys/saluki-pi/px4_bin_ed25519_private.pem | |
| uses: ./.github/workflows/tiiuae-pixhawk-and-saluki-builder.yaml | |
| with: | |
| product: ${{ matrix.product }} | |
| keys: ${{ matrix.keys }} | |
| # old workflow had condition to run only if PR is done to current repo (or triggered with other event) | |
| enabled: ${{ github.event.pull_request.head.repo.full_name == github.repository || github.event_name == 'push' || github.event_name == 'workflow_dispatch' }} | |
| secrets: inherit | |
| variables: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| jfrog_upload: ${{ steps.variables.outputs.jfrog_upload }} | |
| saluki_v2_fpga_version: ${{ steps.variables.outputs.saluki_v2_fpga_version }} | |
| saluki_v3_fpga_version: ${{ steps.variables.outputs.saluki_v3_fpga_version }} | |
| saluki_pi_fpga_version: ${{ steps.variables.outputs.saluki_pi_fpga_version }} | |
| steps: | |
| - name: Print input variables | |
| id: variables | |
| run: | | |
| # use saluki-v2-fpga default version if custom is not provided | |
| saluki_v2_fpga_version=${{ env.saluki_v2_fpga_version }} | |
| if [ -n "${{ github.event.inputs.saluki-v2-manual-fpga-version }}" ]; then | |
| saluki_v2_fpga_version=${{ github.event.inputs.saluki-v2-manual-fpga-version }} | |
| fi | |
| # use saluki-v3-fpga default version if custom is not provided | |
| saluki_v3_fpga_version=${{ env.saluki_v3_fpga_version }} | |
| if [ -n "${{ github.event.inputs.saluki-v3-manual-fpga-version }}" ]; then | |
| saluki_v3_fpga_version=${{ github.event.inputs.saluki-v3-manual-fpga-version }} | |
| fi | |
| # use saluki-pi-fpga default version if custom is not provided | |
| saluki_pi_fpga_version=${{ env.saluki_pi_fpga_version }} | |
| if [ -n "${{ github.event.inputs.saluki-pi-manual-fpga-version }}" ]; then | |
| saluki_pi_fpga_version=${{ github.event.inputs.saluki-pi-manual-fpga-version }} | |
| fi | |
| echo "saluki_v2_fpga_version=${saluki_v2_fpga_version}" >> $GITHUB_OUTPUT | |
| echo "saluki_v3_fpga_version=${saluki_v3_fpga_version}" >> $GITHUB_OUTPUT | |
| echo "saluki_pi_fpga_version=${saluki_pi_fpga_version}" >> $GITHUB_OUTPUT | |
| echo "jfrog_upload=${{ github.event.inputs.jfrog-upload }}" >> $GITHUB_OUTPUT | |
| echo "saluki_v2_fpga_version: ${saluki_v2_fpga_version}" | |
| echo "saluki_v3_fpga_version: ${saluki_v3_fpga_version}" | |
| echo "saluki_pi_fpga_version: ${saluki_pi_fpga_version}" | |
| echo "jfrog_upload: ${{ github.event.inputs.jfrog-upload }}" | |
| px4fwupdater: | |
| name: build px4fwupdater | |
| runs-on: ubuntu-latest | |
| needs: | |
| - fc_matrix | |
| steps: | |
| - name: Checkout px4-firmware | |
| uses: actions/checkout@v4 | |
| with: | |
| path: px4-firmware | |
| fetch-depth: 0 | |
| - name: Download pixhawk artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: saluki-* | |
| path: bin | |
| merge-multiple: true | |
| - name: Run px4-firmware px4fwupdater build | |
| run: | | |
| set -eux | |
| mkdir -p bin | |
| cd px4-firmware/ | |
| ./clone_public.sh | |
| ./build.sh ../bin/ px4fwupdater | |
| ls ../bin | |
| - name: Upload px4fwupdater to tmp storage | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: pixhawk | |
| path: bin/ | |
| retention-days: 1 | |
| overwrite: true | |
| upload-px4fwupdater: | |
| name: upload px4fwupdater to docker registry | |
| runs-on: ubuntu-latest | |
| needs: | |
| - px4fwupdater | |
| - variables | |
| steps: | |
| - name: Checkout px4-firmware | |
| uses: actions/checkout@v4 | |
| with: | |
| path: px4-firmware | |
| fetch-depth: 0 | |
| - name: Download pixhawk artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| name: pixhawk | |
| path: bin | |
| - name: Firmware flasher - Container metadata | |
| id: containermeta # referenced from later step | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: ghcr.io/tiiuae/px4-firmware | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=sha | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Firmware flasher - Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| context: . | |
| file: px4-firmware/Tools/px_uploader.Dockerfile | |
| tags: ${{ steps.containermeta.outputs.tags }} | |
| labels: ${{ steps.containermeta.outputs.labels }} | |
| build-args: | | |
| "saluki_pi_fpga_version=${{ needs.variables.outputs.saluki_pi_fpga_version }}" | |
| "saluki_v2_fpga_version=${{ needs.variables.outputs.saluki_v2_fpga_version }}" | |
| "saluki_v3_fpga_version=${{ needs.variables.outputs.saluki_v3_fpga_version }}" | |
| - name: Build overview | |
| run: | | |
| echo "### Build overview:" >> $GITHUB_STEP_SUMMARY | |
| echo "Build version: ${{ steps.containermeta.outputs.tags }}" | |
| echo "Build labels: ${{ steps.containermeta.outputs.labels }}" | |
| echo "Build args:" | |
| echo " saluki_pi_fpga_version: ${{ needs.variables.outputs.saluki_pi_fpga_version }}" | |
| echo " saluki_v2_fpga_version: ${{ needs.variables.outputs.saluki_v2_fpga_version }}" | |
| echo " saluki_v3_fpga_version: ${{ needs.variables.outputs.saluki_v3_fpga_version }}" | |
| # in case more than one tag is generated, use the one which mentions commit sha | |
| if (( $(echo "${{ steps.containermeta.outputs.tags }}" | wc -l) > 1 )); then | |
| container_name=$(echo "${{ steps.containermeta.outputs.tags }}" | grep ':sha-' | head -n 1) | |
| else | |
| container_name="${{ steps.containermeta.outputs.tags }}" | |
| fi | |
| echo "Container name: $container_name" | |
| # display mermaid flowchart | |
| echo '```mermaid' >> $GITHUB_STEP_SUMMARY | |
| echo "flowchart LR" >> $GITHUB_STEP_SUMMARY | |
| # inputs | |
| echo "FPGA-V2[(Saluki-v2 FPGA\n${{ needs.variables.outputs.saluki_v2_fpga_version }})]" >> $GITHUB_STEP_SUMMARY | |
| echo "FPGA-V3[(Saluki-v3 FPGA\n${{ needs.variables.outputs.saluki_v3_fpga_version }})]" >> $GITHUB_STEP_SUMMARY | |
| echo "FPGA-PI[(Saluki-pi FPGA\n${{ needs.variables.outputs.saluki_pi_fpga_version }})]" >> $GITHUB_STEP_SUMMARY | |
| echo "PX4-SHA[${{ github.repository }}\n$GITHUB_REF]" >> $GITHUB_STEP_SUMMARY | |
| # build | |
| echo "BUILD[build PX4 fwupdater]" >> $GITHUB_STEP_SUMMARY | |
| # outputs | |
| echo "OUTPUT[(${container_name})]" >> $GITHUB_STEP_SUMMARY | |
| # links | |
| echo "PX4-SHA --> BUILD" >> $GITHUB_STEP_SUMMARY | |
| echo "FPGA-V2 --> BUILD" >> $GITHUB_STEP_SUMMARY | |
| echo "FPGA-V3 --> BUILD" >> $GITHUB_STEP_SUMMARY | |
| echo "FPGA-PI --> BUILD" >> $GITHUB_STEP_SUMMARY | |
| echo "BUILD --> OUTPUT" >> $GITHUB_STEP_SUMMARY | |
| # end mermaid flowchart | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| # set variables for container name and date | |
| CONTAINER_DATE=$(date +%s) | |
| PX4_TMP_CONTAINER_NAME="tmp_px4_container_$CONTAINER_DATE" | |
| px4_github_sha=$(echo "${{ github.sha }}" | cut -c1-7) | |
| echo "# Flashing this package to your Saluki" >> $GITHUB_STEP_SUMMARY | |
| echo "## Get these px4 firmware files to your computer" >> $GITHUB_STEP_SUMMARY | |
| echo "To get these files to you computer, you can use the following command" >> $GITHUB_STEP_SUMMARY | |
| echo "The command will create a temporary \`$PX4_TMP_CONTAINER_NAME\` container, copy the firmware files to directory \`px4-firmware_${px4_github_sha}\` and remove the temporary container" >> $GITHUB_STEP_SUMMARY | |
| # compose docker cp command | |
| docker_cp_cmd='docker cp $(docker create --name ' | |
| docker_cp_cmd+="$PX4_TMP_CONTAINER_NAME $container_name" | |
| docker_cp_cmd+='):/firmware ' | |
| docker_cp_cmd+=px4-firmware_${px4_github_sha} | |
| docker_cp_cmd+=' && docker rm ' | |
| docker_cp_cmd+=$PX4_TMP_CONTAINER_NAME | |
| # echo docker cp command to summary | |
| echo '```shell' >> $GITHUB_STEP_SUMMARY | |
| echo "${docker_cp_cmd}" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| # This flashing is not currently working, just keeping it here for the future | |
| # echo "## Flash this px4 firmware to your Saluki" >> $GITHUB_STEP_SUMMARY | |
| # echo "To flash this firmware to your Saluki, you can use the following command:" >> $GITHUB_STEP_SUMMARY | |
| # docker_flash_cmd='docker run --rm --network=host --entrypoint= --device=${dev}:/dev/px4serial ' | |
| # docker_flash_cmd+=$container_name | |
| # docker_flash_cmd+=' sh -c "/bin/px_uploader.py ssrc_saluki-v2_default-*.px4"' | |
| # echo '```shell' >> $GITHUB_STEP_SUMMARY | |
| # echo "${docker_flash_cmd}" >> $GITHUB_STEP_SUMMARY | |
| # echo '```' >> $GITHUB_STEP_SUMMARY | |
| # separator | |
| echo '---' >> $GITHUB_STEP_SUMMARY | |
| echo "## Flash this px4 firmware to your Saluki by using fpga-flashing tool" >> $GITHUB_STEP_SUMMARY | |
| echo "fpga-flashing is separate tool: https://github.com/tiiuae/fpga-flashing/" >> $GITHUB_STEP_SUMMARY | |
| echo "### Flash px4 firmware" >> $GITHUB_STEP_SUMMARY | |
| echo "To flash this px4 firmware and FPGA to your Saluki with fpga-flashing, you can use the following command:" >> $GITHUB_STEP_SUMMARY | |
| flash_tool_cmd='./flash.sh --update-package ' | |
| flash_tool_cmd+=$container_name | |
| flash_tool_cmd+=' --px4' | |
| echo '```shell' >> $GITHUB_STEP_SUMMARY | |
| echo "${flash_tool_cmd}" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| # separator | |
| echo '---' >> $GITHUB_STEP_SUMMARY | |
| echo "### Zeroize and flash FPGA and PX4" >> $GITHUB_STEP_SUMMARY | |
| echo "To zeroize the device as new and flash px4 firmware, FPGA and RD certificate to your Saluki with fpga-flashing -tool, you can use the following command:" >> $GITHUB_STEP_SUMMARY | |
| echo "please notice that FPGA flashing needs FlashPro connected" >> $GITHUB_STEP_SUMMARY | |
| flash_tool_cmd='./flash.sh --update-package ' | |
| flash_tool_cmd+=$container_name | |
| flash_tool_cmd+=' --zeroize --fpga --px4 --rdc' | |
| echo '```shell' >> $GITHUB_STEP_SUMMARY | |
| echo "${flash_tool_cmd}" >> $GITHUB_STEP_SUMMARY | |
| echo '```' >> $GITHUB_STEP_SUMMARY | |
| echo 'For more info please see: https://github.com/tiiuae/fpga-flashing/#usage' >> $GITHUB_STEP_SUMMARY | |
| upload-px4fwupdater-uae: | |
| name: upload px4fwupdater to UAE docker registry | |
| # temporarily disabled until we get new token from UAR | |
| if: false | |
| runs-on: ubuntu-latest | |
| needs: | |
| - px4fwupdater | |
| - variables | |
| steps: | |
| - name: Checkout px4-firmware | |
| uses: actions/checkout@v4 | |
| with: | |
| path: px4-firmware | |
| fetch-depth: 0 | |
| - name: Download pixhawk artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| pattern: pixhawk | |
| path: bin | |
| - name: Firmware flasher - Container metadata | |
| id: containermeta # referenced from later step | |
| uses: docker/metadata-action@v5 | |
| with: | |
| images: artifactory.ssrcdevops.tii.ae/tiiuae/px4-firmware | |
| tags: | | |
| type=ref,event=branch | |
| type=ref,event=pr | |
| type=semver,pattern={{version}} | |
| type=sha | |
| - name: Login to SSRC JFrog Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: artifactory.ssrcdevops.tii.ae | |
| username: ${{ secrets.UAE_RT_USER }} | |
| password: ${{ secrets.UAE_RT_APIKEY }} | |
| # have to login to ghcr as well to download fpga and BL | |
| - name: Login to GitHub Container Registry | |
| uses: docker/login-action@v3 | |
| with: | |
| registry: ghcr.io | |
| username: ${{ github.actor }} | |
| password: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Firmware flasher - Build and push | |
| uses: docker/build-push-action@v5 | |
| with: | |
| push: true | |
| context: . | |
| file: px4-firmware/Tools/px_uploader.Dockerfile | |
| tags: ${{ steps.containermeta.outputs.tags }} | |
| labels: ${{ steps.containermeta.outputs.labels }} | |
| build-args: | | |
| "saluki_pi_fpga_version=${{ needs.variables.outputs.saluki_pi_fpga_version }}" | |
| "saluki_v2_fpga_version=${{ needs.variables.outputs.saluki_v2_fpga_version }}" | |
| "saluki_v3_fpga_version=${{ needs.variables.outputs.saluki_v3_fpga_version }}" | |
| artifactory-uae: | |
| name: upload builds to UAE artifactory | |
| if: ${{ github.event_name != 'workflow_dispatch' || inputs.jfrog-upload == true }} | |
| runs-on: ubuntu-latest | |
| needs: | |
| - px4fwupdater | |
| - fc_matrix | |
| steps: | |
| - name: Download pixhawk artifacts | |
| uses: actions/download-artifact@v4 | |
| with: | |
| path: bin | |
| merge-multiple: true | |
| - uses: jfrog/setup-jfrog-cli@v4 | |
| env: | |
| JF_ENV_1: ${{ secrets.UAE_ARTIFACTORY_TOKEN }} | |
| - name: Upload px4-firmware build to Artifactory | |
| env: | |
| ARTIFACTORY_GEN_REPO: gen-public-local | |
| BUILD_NAME_PX4: px4-firmware | |
| CI: true | |
| run: | | |
| set -exu | |
| pr_or_empty="" | |
| latest_link="" | |
| if [ ${{ github.event_name }} == 'pull_request' ]; then | |
| latest_link="pr/" | |
| pr_or_empty="pr/${{ github.head_ref || github.ref_name }}/" | |
| fi | |
| newline=$'\n' | |
| artifactory_links="| target | link | | |
| |--------|------|" | |
| artifactory_base_url="https://artifactory.ssrcdevops.tii.ae/artifactory/" | |
| for pkg in $(find bin -type f|sort); do | |
| file_name=$(basename $pkg) | |
| ext="${file_name##*.}" | |
| target_path="" | |
| pkg_name=$(echo $file_name | sed -r -e 's/-[0-9]+\.[0-9]+\.[0-9]+-.*//g') | |
| if [[ $file_name = px4_fmu* ]]; then | |
| target_path="pixhawk" | |
| elif [[ $file_name = ssrc_saluki* ]]; then | |
| target_path="saluki" | |
| else | |
| echo "$pkg ignored" | |
| continue | |
| fi | |
| artifactory_path=$ARTIFACTORY_GEN_REPO/builds/px4-firmware/${target_path}/${pr_or_empty} | |
| artifactory_latest_path=$ARTIFACTORY_GEN_REPO/builds/px4-firmware/${target_path}/${latest_link}latest/${pkg_name}.${ext} | |
| jfrog rt u --target-props COMMIT="$GITHUB_SHA" \ | |
| --build-name "$BUILD_NAME_PX4" \ | |
| --build-number "$GITHUB_SHA" \ | |
| "$pkg" \ | |
| "${artifactory_path}$file_name" | |
| # link to latest | |
| jfrog rt cp --flat \ | |
| "${artifactory_path}$file_name" \ | |
| "${artifactory_latest_path}" | |
| # append every file to artifactory_links | |
| artifactory_links+="${newline}| ${pkg_name} | ${artifactory_base_url}${artifactory_path}${file_name} |" | |
| done | |
| # export artifactory linds as gh step summary | |
| echo "### UAE Artifactory links:" >> $GITHUB_STEP_SUMMARY | |
| echo "${artifactory_links}" >> $GITHUB_STEP_SUMMARY | |
| - name: Upload px4-fwupdater build to Artifactory | |
| # disabled as token doesnt allow deb upload | |
| if: false | |
| env: | |
| ARTIFACTORY_DEB_REPO: debian-public-local | |
| DISTRIBUTION: focal | |
| COMPONENT: fog-sw | |
| ARCHITECTURE: amd64 | |
| BUILD_NAME_DEB: px4-fwupdater | |
| CI: true | |
| run: | | |
| set -exu | |
| pkg=$(find bin -name 'px4fwupdater*.deb') | |
| pkg_name=$(basename $pkg) | |
| jfrog rt u --deb "$DISTRIBUTION/$COMPONENT/$ARCHITECTURE" \ | |
| --target-props COMMIT="$GITHUB_SHA" \ | |
| --build-name "$BUILD_NAME_DEB" \ | |
| --build-number "$GITHUB_SHA" \ | |
| "$pkg" \ | |
| "$ARTIFACTORY_DEB_REPO/$pkg_name" |