Update for v2.5 release

* Switch to GitHub actions for the build

.github/workflows/build.yml

@@ -0,0 +1,78 @@
+# Copyright (c) 2021, Pete Batard <[email protected]>
+# SPDX-License-Identifier: BSD-3-Clause
+
+name: TF-A - Raspberry Pi build
+
+on:  
+  push:
+    tags:
+      - '*'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+
+    steps:
+    - name: Set version
+      id: set_version
+      run: echo "::set-output name=version::${GITHUB_REF/refs\/tags\//}"
+    - name: Set up Linux environment
+      run: sudo apt install gcc-aarch64-linux-gnu
+    - name: Download and extract TF-A release
+      run: |
+        curl -L https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/snapshot/trusted-firmware-a-${{steps.set_version.outputs.version}}.tar.gz -o trusted-firmware-a-${{steps.set_version.outputs.version}}.tar.gz
+        tar -xzf trusted-firmware-a-${{steps.set_version.outputs.version}}.tar.gz
+    - name: Build TF-A
+      run: |
+        cd trusted-firmware-a-${{steps.set_version.outputs.version}}
+        export CROSS_COMPILE=/usr/bin/aarch64-linux-gnu-
+        make PLAT=rpi3 RPI3_PRELOADED_DTB_BASE=0x10000 PRELOADED_BL33_BASE=0x30000 SUPPORT_VFP=1 RPI3_USE_UEFI_MAP=1 DEBUG=0 fip all
+        make PLAT=rpi4 RPI3_PRELOADED_DTB_BASE=0x1F0000 PRELOADED_BL33_BASE=0x20000 SUPPORT_VFP=1 DEBUG=0 all
+    - name: Upload TF-A artifacts
+      uses: actions/upload-artifact@v2
+      with:
+        name: TF-A ${{steps.set_version.outputs.version}} Artifacts
+        path: |
+          trusted-firmware-a-${{steps.set_version.outputs.version}}/build/rpi3/release/bl1.bin
+          trusted-firmware-a-${{steps.set_version.outputs.version}}/build/rpi3/release/fip.bin
+          trusted-firmware-a-${{steps.set_version.outputs.version}}build/rpi4/release/bl31.bin
+    - name: Display SHA-256
+      run: sha256sum trusted-firmware-a-${{steps.set_version.outputs.version}}/build/rpi3/release/bl1.bin trusted-firmware-a-${{steps.set_version.outputs.version}}/build/rpi3/release/fip.bin trusted-firmware-a-${{steps.set_version.outputs.version}}/build/rpi4/release/bl31.bin
+    - name: Create release
+      id: create_release
+      uses: actions/create-release@v1
+      env:
+        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+      with:
+        draft: false
+        prerelease: false
+        release_name: ${{steps.set_version.outputs.version}}
+        body: Raspberry Pi Arm Trusted Firmware ${{steps.set_version.outputs.version}}
+        tag_name: ${{steps.set_version.outputs.version}}
+    - name: Upload RPi3 bl1.bin
+      uses: actions/upload-release-asset@v1
+      env:
+        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+      with:
+        upload_url: ${{steps.create_release.outputs.upload_url}}
+        asset_path: trusted-firmware-a-${{steps.set_version.outputs.version}}/build/rpi3/release/bl1.bin
+        asset_name: bl1.bin
+        asset_content_type: application/octet-stream
+    - name: Upload RPi3 fip.bin
+      uses: actions/upload-release-asset@v1
+      env:
+        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+      with:
+        upload_url: ${{steps.create_release.outputs.upload_url}}
+        asset_path: trusted-firmware-a-${{steps.set_version.outputs.version}}/build/rpi3/release/fip.bin
+        asset_name: fip.bin
+        asset_content_type: application/octet-stream
+    - name: Upload RPi4 bl31.bin
+      uses: actions/upload-release-asset@v1
+      env:
+        GITHUB_TOKEN: ${{secrets.GITHUB_TOKEN}}
+      with:
+        upload_url: ${{steps.create_release.outputs.upload_url}}
+        asset_path: trusted-firmware-a-${{steps.set_version.outputs.version}}/build/rpi4/release/bl31.bin
+        asset_name: bl31.bin
+        asset_content_type: application/octet-stream

Readme.md

@@ -1,33 +1,34 @@
 Raspberry Pi - Arm Trusted Firmware binaries
 ============================================
 
-[![Build status](https://img.shields.io/appveyor/ci/pbatard/pitf.svg?style=flat-square)](https://ci.appveyor.com/project/pbatard/pitf)
+[![Build status](https://img.shields.io/github/workflow/status/pftf/pitf/TF-A%20-%20Raspberry%20Pi%20build.svg?style=flat-square)](https://github.com/pftf/pitf/actions)
 [![Github stats](https://img.shields.io/github/downloads/pbatard/pitf/total.svg?style=flat-square)](https://github.com/pbatard/pitf/releases)
+[![Release](https://img.shields.io/github/release-pre/pftf/pitf?style=flat-square)](https://github.com/pftf/pitf/releases)
 
 # Summary
 
 This repository is meant to host builds of the Arm Trusted Firmware for use with
 the [EDK2 Raspberry Pi UEFI firmwares](https://github.com/tianocore/edk2-platforms/tree/master/Platform/RaspberryPi).
 
 Because of the sensitive nature of these firmware blobs, this process is
-accomplished in a fully transparent manner, through AppVeyor, and in a way that
+accomplished in a fully transparent manner, through GitHub actions, in a way that
 allows complete validation that the binaries provided for download have not been
-altered from the ones one would build locally using the official ATF source. 
+altered from the ones one would build locally using the official TF-A source. 
 
 # Current version
 
-The version of ATF being built is 2.3, which was released on 2020.04.20.
+The version of TF-A being built is 2.5, which was released on 2021.05.17.
 
 # Binary validation
 
 The binaries being provided can be validated not to have been altered by
-checking the [latest AppVeyor build log](https://ci.appveyor.com/project/pbatard/pitf)
+checking the [latest GitHub Actions build log](https://github.com/pftf/pitf/actions)
 and confirming that:
 
 - The SHA-1 of the commit that triggered the build is the same as the latest
   commit from this repo (ensures that the built wasn't produced from a "hidden"
   malicious commit that would then have been deleted).
-- The ATF source that was downloaded for the build is the official one that can
+- The TF-A source that was downloaded for the build is the official one that can
   be found at https://git.trustedfirmware.org/TF-A/trusted-firmware-a.git/
 - No alterations have been performed to the binary blobs after the build.
 - The SHA-256 sums of the binary blobs, which are explicitly displayed as part