diff --git a/.circleci/config.yml b/.circleci/config.yml deleted file mode 100644 index d1469603..00000000 --- a/.circleci/config.yml +++ /dev/null @@ -1,107 +0,0 @@ -version: 2 -jobs: - build: - docker: - - image: zondax/circleci:latest - steps: - - checkout - - run: git submodule update --init --recursive - - run: conan config install https://github.com/conan-io/conanclientcert.git - - run: cmake -DCMAKE_BUILD_TYPE=Debug . && make - # Unfortunately need to disable leak sanitizer https://github.com/google/sanitizers/issues/916 - # Still run all other ASAN components - - run: GTEST_COLOR=1 ASAN_OPTIONS=detect_leaks=0 ctest -VV - - build_ledger: - docker: - - image: zondax/builder-bolos:latest - working_directory: ~/project - environment: - BOLOS_SDK: /home/zondax/project/deps/nanos-secure-sdk - BOLOS_ENV: /opt/bolos - steps: - - checkout - # Docker entrypoint is not considered - - run: git submodule update --init --recursive - - run: - name: Build Standard app - command: | - source /home/zondax/.cargo/env - make - - test_zemu: - machine: - image: ubuntu-2004:202101-01 - resource_class: large - working_directory: ~/repo - environment: - BASH_ENV: "/opt/circleci/.nvm/nvm.sh" - steps: - - checkout - - run: git submodule update --init --recursive - - run: sudo apt-get update -y && sudo apt-get install -y libusb-1.0.0 libudev-dev - - run: - name: Install rust - command: | - sudo apt-get update - sudo apt-get install -y cmake binutils-dev libiberty-dev libelf-dev libdw-dev - curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- --no-modify-path --default-toolchain none -y; - no_output_timeout: 1800s - - run: - name: Install node + yarn - command: | - nvm install 14.17.0 - nvm use 14.17.0 - npm install -g yarn - - run: - name: Build Ledger app - command: | - make clean_build && make buildS - make clean_build && make buildX - - run: - name: Build/Install build js deps - command: | - nvm use 14.17.0 - export PATH=~/.cargo/bin:$PATH - make zemu_install - - run: - name: Run zemu tests - command: | - nvm use 14.17.0 - export PATH=~/.cargo/bin:$PATH - make zemu_test - - build_package: - docker: - - image: zondax/builder-bolos:latest - environment: - BOLOS_SDK: /home/zondax/project/deps/nanos-secure-sdk - BOLOS_ENV: /opt/bolos - steps: - - checkout - - run: git submodule update --init --recursive - - run: - name: Build - command: | - source /home/zondax/.cargo/env - cd /home/zondax/project - make - - run: /home/zondax/go/bin/ghr -t ${GITHUB_TOKEN} -u ${CIRCLE_PROJECT_USERNAME} -r ${CIRCLE_PROJECT_REPONAME} -c ${CIRCLE_SHA1} -delete $(/home/zondax/project/app/pkg/installer_s.sh version) /home/zondax/project/app/pkg/installer_s.sh - -workflows: - version: 2 - - default: - jobs: - - build - - build_ledger - - test_zemu - - build_package: - requires: - - build - - build_ledger - - test_zemu - filters: - branches: - only: - - master diff --git a/.github/workflows/ledger.yml b/.github/workflows/ledger.yml new file mode 100644 index 00000000..aefd0d8d --- /dev/null +++ b/.github/workflows/ledger.yml @@ -0,0 +1,31 @@ +name: CI + +on: + # Triggers the workflow on push or pull request events but only for the master branch + push: + branches: [ master ] + pull_request: + branches: [ master ] + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +jobs: + scan-build: + name: Clang Static Analyzer + runs-on: ubuntu-latest + + container: + image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest + + steps: + - uses: actions/checkout@v2 + + - name: Build with Clang Static Analyzer + run: | + scan-build --use-cc=clang -analyze-headers -enable-checker security -enable-checker unix -enable-checker valist -o scan-build --status-bugs make + - uses: actions/upload-artifact@v2 + if: failure() + with: + name: scan-build + path: scan-build diff --git a/.github/workflows/main.yml b/.github/workflows/main.yml new file mode 100644 index 00000000..4aa54f29 --- /dev/null +++ b/.github/workflows/main.yml @@ -0,0 +1,144 @@ +name: "Test/Build" +on: + workflow_dispatch: + push: + pull_request: + branches: [ main ] + +jobs: + configure: + runs-on: ubuntu-latest + outputs: + uid_gid: ${{ steps.get-user.outputs.uid_gid }} + steps: + - id: get-user + run: echo "::set-output name=uid_gid::$(id -u):$(id -g)" + + build: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + submodules: true + - name: Install deps + run: | + sudo update-alternatives --install /usr/bin/python python /usr/bin/python3 10 + make deps + brew install conan + conan config install https://github.com/conan-io/conanclientcert.git + - run: cmake -DCMAKE_BUILD_TYPE=Debug . && make + - run: GTEST_COLOR=1 ASAN_OPTIONS=detect_leaks=0 ctest -VV + + build_ledger_nano_S: + needs: configure + runs-on: ubuntu-latest + container: + image: zondax/builder-bolos:latest + options: --user ${{ needs.configure.outputs.uid_gid }} + env: + BOLOS_SDK: ${{ github.workspace }}/deps/nanos-secure-sdk + BOLOS_ENV: /opt/bolos + HOME: /home/zondax_circle + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + submodules: true + - name: Build Standard app + shell: bash -l {0} + run: | + source $HOME/.cargo/env + make + + build_ledger_nano_X: + needs: configure + runs-on: ubuntu-latest + container: + image: zondax/builder-bolos:latest + options: --user ${{ needs.configure.outputs.uid_gid }} + env: + BOLOS_SDK: ${{ github.workspace }}/deps/nanox-secure-sdk + BOLOS_ENV: /opt/bolos + HOME: /home/zondax_circle + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + submodules: true + - name: Build Standard app + shell: bash -l {0} + run: | + source $HOME/.cargo/env + make + + test_zemu: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + submodules: true + - run: sudo apt-get update -y && sudo apt-get install -y libusb-1.0.0 libudev-dev + - name: Install rust + run: | + sudo apt-get update + sudo apt-get install -y cmake binutils-dev libcurl4-openssl-dev libiberty-dev libelf-dev libdw-dev + curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- --no-modify-path --default-toolchain none -y; + - name: Install node + uses: actions/setup-node@v2 + with: + node-version: '14.17.0' + - name: Install yarn + run: | + npm install -g yarn + - name: Build Ledger app + run: | + make + - name: Build/Install build js deps + run: | + export PATH=~/.cargo/bin:$PATH + make zemu_install + - name: Run zemu tests + run: | + export PATH=~/.cargo/bin:$PATH + make zemu_test + + build_package: + needs: [ configure, build, build_ledger_nano_S, build_ledger_nano_X, test_zemu ] + if: ${{ github.ref == 'refs/heads/main' }} + runs-on: ubuntu-latest + container: + image: zondax/builder-bolos:latest + options: --user ${{ needs.configure.outputs.uid_gid }} + env: + BOLOS_SDK: ${{ github.workspace }}/deps/nanos-secure-sdk + BOLOS_ENV: /opt/bolos + HOME: /home/zondax_circle + steps: + - name: Checkout + uses: actions/checkout@v2 + with: + submodules: true + - name: Install deps + run: pip install ledgerblue + - name: Build + shell: bash -l {0} + run: | + source $HOME/.cargo/env + make + - name: Set tag name var + id: vars + run: | + pip install ledgerblue + echo ::set-output name=tag_name::$(./app/pkg/installer_s.sh version) + - name: Create or Update Release + id: create_release + uses: softprops/action-gh-release@v1 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # This token is provided by Actions, you do not need to create your own token + with: + files: ./app/pkg/installer_s.sh + tag_name: ${{ steps.vars.outputs.tag_name }} + draft: false + prerelease: false