Skip to content

update the sign fimrware action #10

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
JakubMini merged 1 commit into from
May 13, 2026
Merged

update the sign fimrware action #10

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion actions/build-stm32/Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@ FROM xanderhendriks/stm32cubeide:15.0

# Tools your script needs
RUN apt-get -y update && \
apt-get -y install curl python3 python3-pycryptodome python3-ecdsa python3-pyelftools python3-numpy python3-cryptography python3-intelhex git srecord ca-certificates bear cppcheck jq \
apt-get -y install curl python3 python3-venv python3-pip python3-pycryptodome python3-ecdsa python3-pyelftools python3-numpy python3-cryptography python3-intelhex git srecord ca-certificates bear cppcheck jq \
&& ln -s $(which python3) /usr/bin/python \
&& rm -rf /var/lib/apt/lists/*

Expand Down
27 changes: 22 additions & 5 deletions actions/sign-firmware/run.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,11 +16,28 @@ if python3 -c "import cryptography, intelhex" 2>/dev/null; then
fi

VENV="$SCRIPT_DIR/.venv"
if [ ! -x "$VENV/bin/python" ]; then
VENV_PY="$VENV/bin/python"
if [ -x "$VENV_PY" ] && "$VENV_PY" -c "import cryptography, intelhex" 2>/dev/null; then
exec "$VENV_PY" "$SCRIPT_DIR/sign_firmware.py" "$@"
fi

if [ ! -x "$VENV_PY" ] || ! "$VENV_PY" -c "import cryptography, intelhex" 2>/dev/null; then
echo "sign-firmware: bootstrapping venv at $VENV (one-time)" >&2
python3 -m venv "$VENV"
"$VENV/bin/pip" install --quiet --upgrade pip
"$VENV/bin/pip" install --quiet "cryptography>=41" "intelhex>=2.3"
rm -rf "$VENV"
if ! python3 -m venv "$VENV"; then
if [ "$(id -u)" = "0" ] && command -v apt-get >/dev/null 2>&1; then
echo "sign-firmware: installing python3-venv in container" >&2
apt-get update
apt-get install -y python3-venv python3-pip
rm -rf "$VENV"
python3 -m venv "$VENV"
else
echo "sign-firmware: python3 venv support is unavailable; install python3-venv" >&2
exit 1
fi
fi
"$VENV_PY" -m pip install --quiet --upgrade pip
"$VENV_PY" -m pip install --quiet "cryptography>=41" "intelhex>=2.3"
fi

exec "$VENV/bin/python" "$SCRIPT_DIR/sign_firmware.py" "$@"
exec "$VENV_PY" "$SCRIPT_DIR/sign_firmware.py" "$@"
Loading