WIP - Support apps for NanoX and NanoS+ built on NBGL #1565
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Continuous Integration & Deployment | |
on: | |
workflow_dispatch: | |
push: | |
tags: | |
- '*' | |
branches: | |
- master | |
pull_request: | |
branches: | |
- master | |
jobs: | |
coverage: | |
name: Code coverage | |
runs-on: ubuntu-latest | |
container: | |
image: docker://ghcr.io/ledgerhq/speculos-builder:latest | |
steps: | |
- name: Clone | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Build with code coverage instrumentation | |
env: | |
CTEST_OUTPUT_ON_FAILURE: 1 | |
RNG_SEED: 0 | |
run: | | |
cmake -Bbuild -H. -DPRECOMPILED_DEPENDENCIES_DIR=/install -DWITH_VNC=1 -DCODE_COVERAGE=ON | |
make -C build clean | |
make -C build | |
make -C build test | |
pip install pytest-cov | |
pip install . | |
PYTHONPATH=. pytest --cov=speculos --cov-report=xml | |
- run: git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
- name: Upload coverage to Codecov | |
uses: codecov/codecov-action@v4 | |
env: | |
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} | |
with: | |
name: codecov-speculos | |
build: | |
name: Clone, build, test | |
runs-on: ubuntu-latest | |
strategy: | |
matrix: | |
python_version: ['3.8', '3.9', '3.10', '3.11'] | |
# Use https://ghcr.io/ledgerhq/speculos-builder which has all the required | |
# dependencies | |
container: | |
image: docker://ghcr.io/ledgerhq/speculos-builder:latest | |
steps: | |
- name: Clone | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Setup Python version | |
uses: actions/setup-python@v5 | |
with: | |
python-version: ${{ matrix.python_version }} | |
- name: Build and install package | |
run: | | |
cmake -Bbuild -H. -DPRECOMPILED_DEPENDENCIES_DIR=/install -DWITH_VNC=1 | |
make -C build | |
pip install pytest | |
pip install . | |
- name: Test | |
env: | |
CTEST_OUTPUT_ON_FAILURE: 1 | |
run: | | |
make -C build/ test | |
pytest | |
package_python: | |
name: Build and deploy Speculos Python Package | |
runs-on: ubuntu-latest | |
needs: [build] | |
container: | |
image: docker://ghcr.io/ledgerhq/speculos-builder:latest | |
steps: | |
- name: Clone | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Use pip to install Speculos in a virtual environment | |
run: | | |
python3 -m venv venv-test | |
./venv-test/bin/pip install . | |
./venv-test/bin/speculos --help | |
echo "TAG_VERSION=$(python -c 'from speculos import __version__; print(__version__)')" >> "$GITHUB_ENV" | |
- name: Build Speculos python package | |
run: | | |
git config --global --add safe.directory "$GITHUB_WORKSPACE" | |
if [ -e dist ] ; then | |
echo >&2 "Error: dist/ directory already exists and this is unexpected. Refusing to build new packages." | |
exit 1 | |
fi | |
python3 -m venv venv-build | |
./venv-build/bin/pip install --upgrade pip build twine | |
./venv-build/bin/python -m build | |
./venv-build/bin/python -m twine check dist/* | |
- name: Check version against CHANGELOG | |
if: startsWith(github.ref, 'refs/tags/') | |
shell: bash | |
run: | | |
CHANGELOG_VERSION=$(grep -Po '(?<=## \[)(\d+\.)+[^\]]' CHANGELOG.md | head -n 1) | |
if [ "${{ env.TAG_VERSION }}" == "${CHANGELOG_VERSION}" ]; \ | |
then \ | |
exit 0; \ | |
else \ | |
echo "Tag '${{ env.TAG_VERSION }}' and CHANGELOG '${CHANGELOG_VERSION}' versions mismatch!"; \ | |
exit 1; \ | |
fi | |
- name: Publish Python package on pypi.org | |
if: success() && github.event_name == 'push' | |
run: ./venv-build/bin/python -m twine upload dist/* | |
env: | |
TWINE_USERNAME: __token__ | |
TWINE_PASSWORD: ${{ secrets.PYPI_PUBLIC_API_TOKEN }} | |
TWINE_NON_INTERACTIVE: 1 | |
package_and_test_docker: | |
name: Build and test the Speculos docker | |
uses: ./.github/workflows/reusable_ragger_tests_latest_speculos.yml | |
with: | |
app_repository: LedgerHQ/app-boilerplate | |
app_branch_name: master | |
test_dir: tests | |
speculos_app_branch_name: ${{ github.ref }} | |
deploy_docker: | |
name: Build and Upload the Speculos docker | |
runs-on: ubuntu-latest | |
if: | | |
github.event_name == 'push' && | |
(github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')) | |
needs: [build] | |
steps: | |
- name: Clone | |
uses: actions/checkout@v4 | |
with: | |
fetch-depth: 0 | |
- name: Build and publish to GitHub Packages | |
uses: docker/build-push-action@v1 | |
with: | |
repository: ledgerhq/speculos | |
registry: ghcr.io | |
username: ${{ github.actor }} | |
password: ${{ secrets.GITHUB_TOKEN }} | |
tag_with_sha: true | |
tags: latest |