-
Notifications
You must be signed in to change notification settings - Fork 33
432 lines (356 loc) · 16.2 KB
/
Copy pathbuild.yml
File metadata and controls
432 lines (356 loc) · 16.2 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
name: build
on:
push:
branches:
- master
- release-*
pull_request:
branches:
- "**" # target all branches
schedule:
- cron: "15 0 * * *" # every day at 00:15 UTC
env:
CARGO_TERM_COLOR: always
RUST_LOG: debug
RUST_BACKTRACE: full
jobs:
build_windows:
runs-on: windows-latest
env:
# With the default CARGO_HOME the job will fail due to Windows path length limit when
# checking out the trezor firmware repo. E.g. one of the paths looks like this:
# C:/Users/runneradmin/.cargo/git/checkouts/mintlayer-trezor-firmware-04bdf62619936e0b/596b3eb/vendor/libtropic/scripts/tropic01_model/provisioning_data/2025-06-27T07-51-29Z__prod_C2S_T200__provisioning__lab_batch_package/cert_chain/tropicsquare_root_ca_certificate_sn_101.der
CARGO_HOME: C:\crg
steps:
- name: Checkout the repository
uses: actions/checkout@v5
with:
submodules: recursive
- name: Setup Python
uses: actions/setup-python@v6
with:
python-version-file: "./build-tools/.python-version"
- name: Install Rust
# Use bash to be able to escape the newline via '\'.
shell: bash
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \
--default-toolchain $(python ./build-tools/cargo-info-extractor/extract.py --rust-version)
- name: Build
run: cargo build --release --locked --features trezor,ledger
- name: Run tests
run: cargo test --release --workspace --features trezor,ledger
- name: Run doc tests
run: cargo test --release --doc --features trezor,ledger
# This test is ignored, so it needs to run separately.
- name: Run mixed_sighash_types test
run: cargo test --release mixed_sighash_types --features trezor,ledger
# This test is ignored, so it needs to run separately.
- name: Run test_4opc_sequences test
run: cargo test --release test_4opc_sequences -- --ignored
- name: Run functional tests
run: cargo test --release -p mintlayer-test --test functional -- --ignored
- uses: actions/upload-artifact@v4
if: failure()
with:
name: windows-functional-test-artifacts
path: target/tmp
build_ubuntu:
env:
ML_CONTAINERIZED_TESTS: 1
runs-on: ubuntu-latest
steps:
- name: Checkout the repository
uses: actions/checkout@v5
with:
submodules: recursive
- name: Update the list of available system packages
run: sudo apt-get update
- name: Install build dependencies
run: sudo apt-get install -yqq --no-install-recommends build-essential podman pkg-config libssl-dev libdbus-1-dev libusb-1.0-0-dev
- name: Setup Python
uses: actions/setup-python@v6
with:
python-version-file: "./build-tools/.python-version"
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \
--default-toolchain $(python ./build-tools/cargo-info-extractor/extract.py --rust-version)
- name: Build
run: cargo build --release --locked --features trezor,ledger
- name: Run tests
run: cargo test --release --workspace --features trezor,ledger
- name: Run doc tests
run: cargo test --release --doc --features trezor,ledger
# This test is ignored, so it needs to run separately.
- name: Run mixed_sighash_types test
run: cargo test --release mixed_sighash_types --features trezor,ledger
# This test is ignored, so it needs to run separately.
- name: Run test_4opc_sequences test
run: cargo test --release test_4opc_sequences
- name: Run functional tests
run: cargo test --release -p mintlayer-test --test functional -- --ignored
- uses: actions/upload-artifact@v4
if: failure()
with:
name: ubuntu-functional-test-artifacts
path: target/tmp
build_macos:
runs-on: macos-latest
steps:
- name: Checkout the repository
uses: actions/checkout@v5
with:
submodules: recursive
- name: Setup Python
uses: actions/setup-python@v6
with:
python-version-file: "./build-tools/.python-version"
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \
--default-toolchain $(python ./build-tools/cargo-info-extractor/extract.py --rust-version)
- name: Build
run: cargo build --release --locked --features trezor,ledger
- name: Run tests
run: cargo test --release --workspace --features trezor,ledger
- name: Run doc tests
run: cargo test --release --doc --features trezor,ledger
# This test is ignored, so it needs to run separately.
- name: Run mixed_sighash_types test
run: cargo test --release mixed_sighash_types --features trezor,ledger
# This test is ignored, so it needs to run separately.
- name: Run test_4opc_sequences test
run: cargo test --release test_4opc_sequences
- name: Run functional tests
run: cargo test --release -p mintlayer-test --test functional -- --ignored
- uses: actions/upload-artifact@v4
if: failure()
with:
name: macos-functional-test-artifacts
path: target/tmp
# Build Trezor-specific tests and archive them using cargo-nextest's "archive" feature.
run_tests_on_trezor_preparation:
runs-on: ubuntu-latest
steps:
# Note: we need to mimic the directory structure of the run_tests_on_trezor job, otherwise nextest
# will fail to execute archived tests. So we checkout the source code to "./mintlayer-core".
# (Also note that because of this the resulting path of the source dir will be "/.../mintlayer-core/mintlayer-core/mintlayer-core")
- name: Checkout the core repository
uses: actions/checkout@v5
with:
submodules: recursive
path: ./mintlayer-core
- name: Update the list of available system packages
run: sudo apt-get update
- name: Install build dependencies
run: sudo apt-get install -yqq --no-install-recommends build-essential pkg-config libssl-dev libdbus-1-dev libusb-1.0-0-dev
- name: Setup Python
uses: actions/setup-python@v6
with:
python-version-file: "./mintlayer-core/build-tools/.python-version"
- name: Extract required info from Cargo.toml
id: extract_cargo_info
run: echo "RUST_VERSION=$(python ./build-tools/cargo-info-extractor/extract.py --rust-version)" >> $GITHUB_OUTPUT
working-directory: ./mintlayer-core
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \
--default-toolchain ${{ steps.extract_cargo_info.outputs.RUST_VERSION }}
- name: Install cargo-nextest
uses: taiki-e/install-action@nextest
- name: Build and archive the tests
run: cargo nextest archive --release --locked -p wallet --features enable-trezor-device-tests --archive-file tests.tar.zst
working-directory: ./mintlayer-core
- name: Upload archived tests
uses: actions/upload-artifact@v4
with:
name: archived-trezor-tests
path: ./mintlayer-core/tests.tar.zst
retention-days: 1
run_tests_on_trezor:
needs: run_tests_on_trezor_preparation
runs-on: ubuntu-latest
strategy:
matrix:
model: [T2T1, T3B1, T3T1, T3W1]
env:
TREZOR_MODEL: ${{ matrix.model }}
# Note: these are the default values, but it's better to specify them explicitly.
TREZOR_TESTS_USE_REAL_DEVICE: false
TREZOR_TESTS_AUTO_CONFIRM: true
steps:
# Note: THP is the new protocol used by Safe 7, which we do not yet support, so we disable
# it by setting THP to 0. This means that we're not emulating the real Safe 7 here, i.e. it's
# just a hack to make the CI pass.
# TODO:
# 1) Remove this after THP support is implemented.
# 2) Another thing that is different about Safe 7 is the use of an additional secure element
# called Tropic. Tests on the firmware side build the firmware with DISABLE_TROPIC=0, which
# then requires a Tropic model server to be run alongside the emulator. We might want to do
# the same here, to make the emulator behave more like the real device.
- name: Disable THP for T3W1
if: ${{ matrix.model == 'T3W1' }}
run: echo "THP=0" >> "$GITHUB_ENV"
# Note: cargo-nextest requires the source code to be present when running archived test binaries.
- name: Checkout the core repository
uses: actions/checkout@v5
with:
submodules: recursive
path: ./mintlayer-core
- name: Download archived tests
uses: actions/download-artifact@v4
with:
name: archived-trezor-tests
path: ./mintlayer-core
- name: Install cargo-nextest
uses: taiki-e/install-action@nextest
- name: Update the list of available system packages
run: sudo apt-get update
- name: Setup Python
uses: actions/setup-python@v6
with:
python-version-file: "./mintlayer-core/build-tools/.python-version"
- name: Extract required info from Cargo.toml
id: extract_cargo_info
run: |
echo "TREZOR_REPO_REV=$(python ./build-tools/cargo-info-extractor/extract.py --trezor-repo-rev)" >> $GITHUB_OUTPUT
working-directory: ./mintlayer-core
- name: Checkout mintlayer-trezor-firmware repository
uses: actions/checkout@v5
with:
repository: mintlayer/mintlayer-trezor-firmware
ref: ${{ steps.extract_cargo_info.outputs.TREZOR_REPO_REV }}
submodules: recursive
path: ./mintlayer-trezor-firmware
# Note: this is basically a copy of ".github/actions/environment" from the trezor repo, with
# the "full-deps" parameter equal to false (which is the default).
# Also note that the original "environment" action could technically be called from here
# via "uses", so in theory the duplication could be avoided. Unfortunately, the "nix-shell"
# calls require the current directory to be the one where the trezor repo has been checked out
# and there is no way of overriding the working dir for another action (unless the action itself
# supports it).
- name: Install nix
uses: cachix/install-nix-action@v23
with:
nix_path: nixpkgs=channel:nixos-unstable
- name: Setup trezor repo build dependencies, part 1
run: nix-shell --arg fullDeps false --run "true"
working-directory: ./mintlayer-trezor-firmware
- name: Setup trezor repo build dependencies, part 2
run: nix-shell --arg fullDeps false --run "uv sync"
working-directory: ./mintlayer-trezor-firmware
- name: Build the firmware
run: nix-shell --run "uv run make -C core build_unix"
working-directory: ./mintlayer-trezor-firmware
# Note: since we haven't installed Cargo in this job, we have to execute "cargo-nextest nextest"
# instead of "cargo nextest".
- name: Run tests in the emulator
run: nix-shell --run "
uv run core/emu.py
--headless --quiet --temporary-profile
--mnemonic \"abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about\"
--command env --chdir ../mintlayer-core
cargo-nextest nextest run --archive-file tests.tar.zst -j1 trezor_signer
"
working-directory: ./mintlayer-trezor-firmware
timeout-minutes: 10
# Build Ledger-specific tests and archive them
run_tests_on_ledger_preparation:
runs-on: ubuntu-latest
steps:
- name: Checkout the core repository
uses: actions/checkout@v5
with:
submodules: recursive
path: ./mintlayer-core
- name: Update the list of available system packages
run: sudo apt-get update
- name: Install build dependencies
run: sudo apt-get install -yqq --no-install-recommends build-essential pkg-config libdbus-1-dev libusb-1.0-0-dev
- name: Setup Python
uses: actions/setup-python@v6
with:
python-version-file: "./mintlayer-core/build-tools/.python-version"
- name: Extract required info from Cargo.toml
id: extract_cargo_info
run: echo "RUST_VERSION=$(python ./build-tools/cargo-info-extractor/extract.py --rust-version)" >> $GITHUB_OUTPUT
working-directory: ./mintlayer-core
- name: Install Rust
run: |
curl --proto '=https' --tlsv1.2 -sSf https://sh.rustup.rs | sh -s -- -y \
--default-toolchain ${{ steps.extract_cargo_info.outputs.RUST_VERSION }}
- name: Install cargo-nextest
uses: taiki-e/install-action@nextest
- name: Build and archive the tests
run: cargo nextest archive --release --locked -p wallet --features enable-ledger-device-tests --archive-file ledger-tests.tar.zst
working-directory: ./mintlayer-core
- name: Upload archived tests
uses: actions/upload-artifact@v4
with:
name: archived-ledger-tests
path: ./mintlayer-core/ledger-tests.tar.zst
retention-days: 1
# Run Ledger-specific tests on an emulator
run_tests_on_ledger:
needs: run_tests_on_ledger_preparation
runs-on: ubuntu-latest
strategy:
matrix:
model: [apex_p, flex, stax, nanox, nanosplus]
env:
LEDGER_TESTS_AUTO_CONFIRM: true
steps:
- name: Checkout the core repository
uses: actions/checkout@v5
with:
submodules: recursive
path: ./mintlayer-core
- name: Extract required info from Cargo.toml
id: extract_cargo_info
run: |
echo "LEDGER_REPO_REV=$(python ./build-tools/cargo-info-extractor/extract.py --ledger-repo-rev)" >> $GITHUB_OUTPUT
working-directory: ./mintlayer-core
- name: Checkout mintlayer-ledger-app repository
uses: actions/checkout@v5
with:
repository: mintlayer/mintlayer-ledger-app
ref: ${{ steps.extract_cargo_info.outputs.LEDGER_REPO_REV }}
path: ./mintlayer-ledger-app
- name: Download archived tests
uses: actions/download-artifact@v4
with:
name: archived-ledger-tests
path: ./mintlayer-core
- name: Install cargo-nextest
uses: taiki-e/install-action@nextest
- name: Build Ledger app in container
run: |
sudo docker run --rm \
-v "$(realpath ./mintlayer-ledger-app):/app" \
ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest \
sh -c 'cargo ledger build ${{ matrix.model }}'
- name: Run Ledger emulator and execute tests
run: |
set -e
sudo docker run -d --rm --name ledger-emulator \
-v "$(realpath ./mintlayer-ledger-app):/app" \
--publish 5000:5000 --publish 9999:9999 \
ghcr.io/ledgerhq/ledger-app-builder/ledger-app-dev-tools:latest \
sh -c 'speculos --apdu-port 9999 --api-port 5000 --display headless \
-s "abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about" \
target/${{ matrix.model }}/release/mintlayer-app'
echo "--- Waiting for emulator to initialize ---"
sleep 15
# Set up a trap to ensure the container is stopped even if tests fail or the job is cancelled
trap "echo '--- Dumping Ledger emulator logs ---'; \
sudo docker logs ledger-emulator; \
echo '--- Stopping Ledger emulator ---'; \
sudo docker stop ledger-emulator" \
EXIT
echo "--- Running Ledger device tests on the host ---"
cd ./mintlayer-core
# Export the device model from the matrix so the Rust test can pick it up
export LEDGER_TESTS_DEVICE_MODEL=${{ matrix.model }}
cargo-nextest nextest run --archive-file ledger-tests.tar.zst -j1 ledger_signer
timeout-minutes: 15