-
Notifications
You must be signed in to change notification settings - Fork 7
179 lines (147 loc) · 4.96 KB
/
ci-workflow.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
name: Compilation & tests
on: [push, pull_request]
jobs:
job_build_nano_debug:
name: Build application for NanoS+, X, Stax, Flex
runs-on: ubuntu-latest
strategy:
matrix:
include:
- SDK: "$NANOX_SDK"
artifact: ergo-app-debug-nanox
- SDK: "$NANOSP_SDK"
artifact: ergo-app-debug-nanosp
- SDK: "$STAX_SDK"
artifact: ergo-app-debug-stax
- SDK: "$FLEX_SDK"
artifact: ergo-app-debug-flex
container:
image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-lite:latest
steps:
- name: Clone
uses: actions/checkout@v4
- name: Build
run: |
git config --global --add safe.directory "$GITHUB_WORKSPACE"
make BOLOS_SDK=${{ matrix.SDK }} DEBUG=1
- name: Upload app binary
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.artifact }}
path: bin
job_unit_test:
name: Unit tests
runs-on: ubuntu-latest
container:
image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-lite:latest
steps:
- name: Clone
uses: actions/checkout@v4
- name: Build unit tests
run: |
cd unit-tests/
cmake -Bbuild -H. && make -C build
- name: Run unit tests
run: |
cd unit-tests/
make -C build test
- name: Generate code coverage
run: |
cd unit-tests/
lcov --directory . -b "$(realpath build/)" --capture --initial -o coverage.base && \
lcov --rc lcov_branch_coverage=1 --directory . -b "$(realpath build/)" --capture -o coverage.capture && \
lcov --directory . -b "$(realpath build/)" --add-tracefile coverage.base --add-tracefile coverage.capture -o coverage.info && \
lcov --directory . -b "$(realpath build/)" --remove coverage.info '*/unit-tests/*' -o coverage.info && \
genhtml coverage.info -o coverage
- uses: actions/upload-artifact@v4
with:
name: code-coverage
path: unit-tests/coverage
- name: Upload to codecov.io
if: false
uses: codecov/codecov-action@v4
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: ./unit-tests/coverage.info
flags: unittests
name: codecov-app-ergo
fail_ci_if_error: true
verbose: true
job_generate_doc:
name: Generate project documentation
runs-on: ubuntu-latest
container:
image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-lite:latest
steps:
- name: Clone
uses: actions/checkout@v4
- name: HTML documentation
run: doxygen .doxygen/Doxyfile
- uses: actions/upload-artifact@v4
with:
name: documentation
path: doc/html
job_scan_build:
name: Clang Static Analyzer
runs-on: ubuntu-latest
strategy:
matrix:
include:
- SDK: "$NANOSP_SDK"
- SDK: "$STAX_SDK"
container:
image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder-lite:latest
steps:
- name: Clone
uses: actions/checkout@v4
- name: Build with Clang Static Analyzer
run: |
export BOLOS_SDK=${{ matrix.SDK }}
make clean
scan-build --use-cc=clang -analyze-headers -enable-checker security -enable-checker unix -enable-checker valist -o scan-build --status-bugs make default
- name: Upload scan result
uses: actions/upload-artifact@v4
if: failure()
with:
name: scan-build
path: scan-build
job_test:
name: Functional Tests
strategy:
matrix:
include:
- model: nanox
- model: nanosp
#- model: stax
#- model: flex
needs: job_build_nano_debug
runs-on: ubuntu-latest
container:
image: ghcr.io/ledgerhq/speculos:latest
ports:
- 5000:5000
- 9999:9999
options: --entrypoint /bin/bash
steps:
- name: Clone
uses: actions/checkout@v4
- name: Download app binary
uses: actions/download-artifact@v4
with:
name: ergo-app-debug-${{matrix.model}}
path: bin
- name: Run test
run: |
apt-get update && apt-get install -qy curl netcat-traditional
curl -fsSL https://deb.nodesource.com/setup_18.x | bash -
apt-get install -qy nodejs
export SEED=`cat tests/seed.txt`
nohup bash -c "python /speculos/speculos.py bin/app.elf --apdu-port 9999 --api-port 5000 --display headless --model=${{ matrix.model }} --seed \"${SEED}\"" > speculos.log 2<&1 &
cd tests && npm install
until `nc -w5 -z -v 127.0.0.1 9999`; do sleep 1; done;
npm --model=${{matrix.model}} --port=5000 run test
- name: Upload Speculos log
uses: actions/upload-artifact@v4
with:
name: speculos-${{matrix.model}}-log
path: speculos.log