From 69e323c36ee9960e156c7e980fe63a212e527c7b Mon Sep 17 00:00:00 2001
From: Jamie Kerber <kerber.jg@gmail.com>
Date: Sat, 7 Sep 2024 16:56:39 +0200
Subject: [PATCH] Added CI builds

---
 .gitlab-ci.yml | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++
 README.md      | 35 +++++++++++++++++++++---
 2 files changed, 105 insertions(+), 3 deletions(-)
 create mode 100644 .gitlab-ci.yml

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
new file mode 100644
index 00000000..5cb8f090
--- /dev/null
+++ b/.gitlab-ci.yml
@@ -0,0 +1,73 @@
+# This CI will run:
+workflow:
+  rules:
+    - if: $CI_PIPELINE_SOURCE == 'merge_request_event'    # ... on merge requests
+    - if: $CI_COMMIT_TAG                                  # ... on tags
+    - if: $CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH         # ... on default (master/main) branch
+
+stages:
+  - build-image
+  - test
+
+
+variables:
+  # Fetch submodules
+  GIT_SUBMODULE_STRATEGY: recursive
+  # Only fetch the latest commit (shallow clone, faster)
+  GIT_SUBMODULE_DEPTH: 1
+  GIT_DEPTH: 1
+
+# Builds the image and pushes it to the registry
+# This image contains all the tooling necessary to run the compilation tools
+build-image:
+  stage: build-image
+  # Run image build only if packages changed
+  only:
+    changes:
+      - Dockerfile
+      - packages.txt
+      - requirements.txt
+      - .gitlab-ci.yml
+      - tools/*
+  # Set up the docker daemon for building the image
+  image: docker:latest
+  services:
+    - docker:dind
+  variables:
+    DOCKER_DRIVER: overlay2
+  script:
+    - docker login -u gitlab-ci-token -p $CI_JOB_TOKEN $CI_REGISTRY     # Login to the registry
+    - docker pull $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME || true        # Pull the image if it exists
+                                                                        # Build the image and tag it with the branch name and latest
+    - |
+      docker build \
+      --build-arg BUILDKIT_INLINE_CACHE=1 \
+      --cache-from $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME \
+      -t $CI_REGISTRY_IMAGE:$CI_COMMIT_REF_NAME \
+      -t $CI_REGISTRY_IMAGE:latest \
+      .
+    - docker push --all-tags $CI_REGISTRY_IMAGE                         # Push the image to the registry
+
+# Try to compile the code inside the image to make sure it works (run docker container)
+build-test:
+  stage: test
+  image:
+    name: $CI_REGISTRY_IMAGE:latest
+    entrypoint: [""]
+  before_script:
+    # Download the baserom from $BASEROM_URL, decrypt with $BASEROM_KEY and save as baserom.us.v10.z64, and check the sha1sum against $BASEROM_SHA1
+    - curl -L "$BASEROM_URL" -o baserom.us.v10.enc.z64
+    - openssl enc -d -aes-256-cbc -in baserom.us.v10.enc.z64 -out baserom.us.v10.z64 -k "$BASEROM_KEY"
+    - FILE_SHA1=$(sha1sum baserom.us.v10.z64 | awk '{ print $1 }')
+    - echo "Calculated SHA1 - $FILE_SHA1"
+    - echo "Expected SHA1   - $BASEROM_SHA1"
+    - if [ "${FILE_SHA1}" != "${BASEROM_SHA1}" ]; then echo "Checksum verification failed"; exit 1; else echo "Checksum verification passed"; fi
+  script:
+    # Compile the code
+    - make
+    # Check if the resulting ROM is the same as the expected one
+    - FILE_SHA1=$(sha1sum build/us.v10/banjo.us.v10.z64 | awk '{ print $1 }')
+    - echo "Calculated SHA1 - $FILE_SHA1"
+    - echo "Expected SHA1   - $BASEROM_SHA1"
+    - if [ "${FILE_SHA1}" != "${BASEROM_SHA1}" ]; then echo "Checksum verification failed"; exit 1; else echo "Checksum verification passed"; fi
+
diff --git a/README.md b/README.md
index 5a60c20f..9c607708 100644
--- a/README.md
+++ b/README.md
@@ -5,9 +5,9 @@
 ### Baserom checksums
 
 - `baserom.us.v10.z64`: `1fe1632098865f639e22c11b9a81ee8f29c75d7a`
-- `baserom.us.v11.z64`: TODO
-- `baserom.jp.z64`: TODO
-- `baserom.pal.z64`: TODO
+- `baserom.us.v11.z64`: `ded6ee166e740ad1bc810fd678a84b48e245ab80`
+- `baserom.jp.z64`:     `90726d7e7cd5bf6cdfd38f45c9acbf4d45bd9fd8`
+- `baserom.pal.z64`:    `bb359a75941df74bf7290212c89fbc6e2c5601fe`
 
 ## Building
 
@@ -125,6 +125,35 @@ Follow the same instructions as Step 4 above in "Local (Linux)".
 
 To exit Docker, simply type `exit`.
 
+### Cloud (GitLab CI)
+
+These are the instructions for building on GitLab CI.
+This applies to the main repo - **if you have a fork**, you will need to follow these steps too!
+
+#### 1. Upload the baserom
+
+Upload the file for `US v1.0` as `baserom.us.v10.enc.z64` to a remote server where it can be downloaded from with `wget` or `curl`. The file has to be encrypted with `AES-256-CBC`, as follows:
+
+```sh
+openssl enc -aes-256-cbc -salt -in baserom.us.v10.z64 -out baserom.us.v10.enc.z64
+```
+
+Then, upload the encrypted file to a server and get a direct download link.
+
+Sharing services like Google Drive, Dropbox, or OneDrive might not work, as they require manual interaction to download the file.
+
+#### 2. Set up environment variables
+
+In your GitLab project, go to `Settings > CI/CD > Variables` and add the following variables:
+
+- `BASEROM_URL`: a direct download URL for the baserom.us.v10.z64 file (see above); this file has to be encrypted with `AES-256-CBC`
+- `BASEROM_KEY`: the AES key used to encrypt the baserom file above
+- `BASEROM_SHA1`: the SHA1 checksum of the baserom file; simply use the one mentioned above
+
+#### 3. Trigger the pipeline
+
+Push a commit to your repository and you should see a new pipeline starting in the `CI/CD > Pipelines` section! 
+
 ## Other versions
 
 Drop in `us.v11`, `jp`, or `pal` as `baserom.<version>.z64` e.g. `baserom.us.v11.z64`