Build

Merge pull request #394 from ava-labs/dev #865

Workflow file for this run

	name: Build
	on:
	workflow_dispatch:
	push:
	pull_request:
	branches:
	- main
	- develop
	- master
	- dev

	jobs:
	configure:
	runs-on: ubuntu-latest
	outputs:
	uid_gid: ${{ steps.get-user.outputs.uid_gid }}
	steps:
	- id: get-user
	run: echo "uid_gid=$(id -u):$(id -g)" >> $GITHUB_OUTPUT

	rust_tests:
	runs-on: ubuntu-latest
	container:
	image: zondax/rust-ci:latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: true
	- name: Cache/restore Cargo dependencies
	uses: actions/cache@v3
	with:
	path: ./app/rust/.cargo
	key: ${{ runner.os }}-${{ hashFiles('./Cargo.lock') }}
	restore-keys: \|
	${{ runner.os }}-${{ github.sha }}
	- name: run rust tests
	run: make rust_test

	clippy:
	runs-on: ubuntu-latest
	container:
	image: zondax/rust-ci:latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: true
	- name: Cache/restore Cargo dependencies
	uses: actions/cache@v3
	with:
	path: ./app/rust/.cargo
	key: ${{ runner.os }}-${{ hashFiles('./Cargo.lock') }}
	restore-keys: \|
	${{ runner.os }}-${{ github.sha }}
	- name: clippy
	run: \|
	cd ./app/rust
	cargo clippy --all-targets --features "full,clippy"

	setup_rust:
	runs-on: ubuntu-latest
	outputs:
	cargo_home: ${{ steps.set_paths.outputs.cargo_home }}
	rustup_home: ${{ steps.set_paths.outputs.rustup_home }}
	steps:
	- id: set_paths
	run: \|
	echo "cargo_home=$GITHUB_WORKSPACE/app/rust/.cargo" >> $GITHUB_OUTPUT
	echo "rustup_home=$GITHUB_WORKSPACE/app/rust/.rustup" >> $GITHUB_OUTPUT

	build_application:
	name: Build application using the reusable workflow
	uses: LedgerHQ/ledger-app-workflows/.github/workflows/reusable_build.yml@v1
	with:
	upload_app_binaries_artifact: "compiled_app_binaries"
	builder: ledger-app-builder

	build_ledger:
	needs: [configure, setup_rust]
	runs-on: ubuntu-latest
	container:
	image: zondax/ledger-app-builder:latest
	options: --user root
	env:
	BOLOS_SDK: /opt/nanosplus-secure-sdk
	HOME: /root
	CARGO_HOME: ${{ needs.setup_rust.outputs.cargo_home }}
	RUSTUP_HOME: ${{ needs.setup_rust.outputs.rustup_home }}
	PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${{ needs.setup_rust.outputs.cargo_home }}/bin
	outputs:
	size: ${{steps.build.outputs.size}}
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive
	- name: Setup Rust environment
	uses: actions-rs/toolchain@v1
	with:
	toolchain: stable
	target: thumbv6m-none-eabi
	override: true
	- name: Cache Rust dependencies
	uses: actions/cache@v3
	with:
	path: \|
	${{ needs.setup_rust.outputs.cargo_home }}
	target/
	key: ${{ runner.os }}-rust-${{ hashFiles('**/Cargo.lock') }}
	restore-keys: \|
	${{ runner.os }}-rust-
	- name: Build Standard app
	id: build
	shell: bash -l {0}
	run: \|
	make PRODUCTION_BUILD=0
	echo "size=$(python3 deps/ledger-zxlib/scripts/getSize.py s2)" >> $GITHUB_OUTPUT

	build_ledger_production:
	needs: [configure, setup_rust]
	runs-on: ubuntu-latest
	container:
	image: zondax/ledger-app-builder:latest
	options: --user root
	env:
	BOLOS_SDK: /opt/nanosplus-secure-sdk
	HOME: /root
	CARGO_HOME: ${{ needs.setup_rust.outputs.cargo_home }}
	RUSTUP_HOME: ${{ needs.setup_rust.outputs.rustup_home }}
	PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${{ needs.setup_rust.outputs.cargo_home }}/bin
	outputs:
	size: ${{steps.build.outputs.size}}
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive
	- name: Setup Rust environment
	uses: actions-rs/toolchain@v1
	with:
	toolchain: stable
	target: thumbv6m-none-eabi
	override: true
	profile: minimal
	- name: Cache Rust dependencies
	uses: actions/cache@v3
	with:
	path: \|
	${{ needs.setup_rust.outputs.cargo_home }}
	target/
	key: ${{ runner.os }}-rust-${{ hashFiles('**/Cargo.lock') }}
	restore-keys: \|
	${{ runner.os }}-rust-
	- name: Build Production app
	id: build
	shell: bash -l {0}
	run: \|
	make PRODUCTION_BUILD=1
	echo "size=$(python3 deps/ledger-zxlib/scripts/getSize.py s2)" >> $GITHUB_OUTPUT

	tests_zemu_setup:
	if: ${{ !contains(toJSON(github.event.commits[*].message), '[skip-zemu]') }}
	runs-on: ubuntu-latest
	outputs:
	tests: ${{ steps.get-tests.outputs.tests }}
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: true

	- name: Install node
	uses: actions/setup-node@v4
	with:
	node-version: "22"

	- name: Install yarn
	run: npm install -g yarn

	- name: Build/Install build js deps
	run: \|
	export PATH=~/.cargo/bin:$PATH
	make zemu_install

	- name: Get test files
	id: get-tests
	run: \|
	cd tests_zemu
	TESTS=`yarn test --listTests --json \| head -n 3 \| tail -n 1 \| jq -cM 'to_entries \| map({id: .key, file: .value})'`
	echo "tests=$TESTS" >> "$GITHUB_OUTPUT"

	test_zemu:
	needs: [configure, tests_zemu_setup]
	runs-on: ubuntu-latest
	strategy:
	fail-fast: false
	matrix:
	test: ${{ fromJson(needs.tests_zemu_setup.outputs['tests']) }}
	steps:
	- name: Debug needs context
	run: echo "${{ toJson(needs) }}"
	- name: Test
	run: \|
	id
	echo $HOME
	echo $DISPLAY
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive
	- run: sudo apt-get update -y && sudo apt-get install -y libusb-1.0.0 libudev-dev
	- name: Install node
	uses: actions/setup-node@v4
	with:
	node-version: "22"
	- name: Install yarn
	run: \|
	npm install -g yarn
	- name: Build Ledger app
	run: make PRODUCTION_BUILD=1

	- name: Build/Install build js deps
	run: make zemu_install

	- name: Run zemu tests
	run: \|
	cd tests_zemu
	yarn jest ${{ matrix.test.file }} --maxConcurrency 2 \
	--reporters='@matteoh2o1999/github-actions-jest-reporter'
	env:
	FORCE_COLOR: 1

	- name: Upload Snapshots (only failure)
	if: ${{ failure() }}
	uses: actions/upload-artifact@v4
	with:
	name: snapshots-tmp
	path: tests_zemu/snapshots-tmp/

	build_package_nanosp:
	needs:
	[
	configure,
	setup_rust,
	build_ledger,
	tests_zemu_setup,
	test_zemu,
	rust_tests,
	]
	runs-on: ubuntu-latest
	container:
	image: zondax/ledger-app-builder:latest
	options: --user root
	env:
	BOLOS_SDK: /opt/nanosplus-secure-sdk
	HOME: /root
	CARGO_HOME: ${{ needs.setup_rust.outputs.cargo_home }}
	RUSTUP_HOME: ${{ needs.setup_rust.outputs.rustup_home }}
	PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${{ needs.setup_rust.outputs.cargo_home }}/bin
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive
	- name: Setup Rust environment
	uses: actions-rs/toolchain@v1
	with:
	toolchain: stable
	target: thumbv6m-none-eabi
	override: true
	profile: minimal
	- name: Cache Rust dependencies
	uses: actions/cache@v3
	with:
	path: \|
	${{ needs.setup_rust.outputs.cargo_home }}
	target/
	key: ${{ runner.os }}-rust-${{ hashFiles('**/Cargo.lock') }}
	restore-keys: \|
	${{ runner.os }}-rust-
	- name: Install deps
	run: pip install --break-system-packages ledgerblue
	- name: Build NanoSP
	shell: bash -l {0}
	run: \|
	make PRODUCTION_BUILD=0
	mv ./app/pkg/installer_s2.sh ./app/pkg/installer_nanos_plus.sh
	- name: Set tag
	id: nanosp
	run: echo "tag_name=$(./app/pkg/installer_nanos_plus.sh version)" >> $GITHUB_OUTPUT
	- name: Update Release
	if: ${{ github.ref == 'refs/heads/main' }}
	id: update_release_2
	uses: softprops/action-gh-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	files: ./app/pkg/installer_nanos_plus.sh
	tag_name: ${{ steps.nanosp.outputs.tag_name }}
	draft: false
	prerelease: false

	build_package_stax:
	needs:
	[
	configure,
	setup_rust,
	build_ledger,
	tests_zemu_setup,
	test_zemu,
	rust_tests,
	]
	runs-on: ubuntu-latest
	container:
	image: zondax/ledger-app-builder:latest
	options: --user root
	env:
	BOLOS_SDK: /opt/stax-secure-sdk
	HOME: /root
	CARGO_HOME: ${{ needs.setup_rust.outputs.cargo_home }}
	RUSTUP_HOME: ${{ needs.setup_rust.outputs.rustup_home }}
	PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${{ needs.setup_rust.outputs.cargo_home }}/bin
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive
	- name: Setup Rust environment
	uses: actions-rs/toolchain@v1
	with:
	toolchain: stable
	target: thumbv6m-none-eabi
	override: true
	profile: minimal
	- name: Cache Rust dependencies
	uses: actions/cache@v3
	with:
	path: \|
	${{ needs.setup_rust.outputs.cargo_home }}
	target/
	key: ${{ runner.os }}-rust-${{ hashFiles('**/Cargo.lock') }}
	restore-keys: \|
	${{ runner.os }}-rust-
	- name: Install deps
	run: pip install --break-system-packages ledgerblue
	- name: Build Stax
	shell: bash -l {0}
	run: \|
	make PRODUCTION_BUILD=0
	- name: Set tag
	id: stax
	run: echo "tag_name=$(./app/pkg/installer_stax.sh version)" >> $GITHUB_OUTPUT
	- name: Update Release
	if: ${{ github.ref == 'refs/heads/main' }}
	id: update_release_3
	uses: softprops/action-gh-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	files: \|
	./app/pkg/installer_stax.sh
	tag_name: ${{ steps.stax.outputs.tag_name }}
	draft: false
	prerelease: false

	build_package_flex:
	needs:
	[
	configure,
	setup_rust,
	build_ledger,
	tests_zemu_setup,
	test_zemu,
	rust_tests,
	]
	runs-on: ubuntu-latest
	container:
	image: zondax/ledger-app-builder:latest
	options: --user root
	env:
	BOLOS_SDK: /opt/flex-secure-sdk
	HOME: /root
	CARGO_HOME: ${{ needs.setup_rust.outputs.cargo_home }}
	RUSTUP_HOME: ${{ needs.setup_rust.outputs.rustup_home }}
	PATH: /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:${{ needs.setup_rust.outputs.cargo_home }}/bin
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	with:
	submodules: recursive
	- name: Setup Rust environment
	uses: actions-rs/toolchain@v1
	with:
	toolchain: stable
	target: thumbv6m-none-eabi
	override: true
	profile: minimal
	- name: Cache Rust dependencies
	uses: actions/cache@v3
	with:
	path: \|
	${{ needs.setup_rust.outputs.cargo_home }}
	target/
	key: ${{ runner.os }}-rust-${{ hashFiles('**/Cargo.lock') }}
	restore-keys: \|
	${{ runner.os }}-rust-
	- name: Install deps
	run: pip install --break-system-packages ledgerblue
	- name: Build Flex
	shell: bash -l {0}
	run: \|
	make PRODUCTION_BUILD=0
	- name: Set tag
	id: flex
	run: echo "tag_name=$(./app/pkg/installer_flex.sh version)" >> $GITHUB_OUTPUT
	- name: Update Release
	if: ${{ github.ref == 'refs/heads/main' }}
	id: update_release_3
	uses: softprops/action-gh-release@v1
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
	with:
	files: \|
	./app/pkg/installer_flex.sh
	tag_name: ${{ steps.flex.outputs.tag_name }}
	draft: false
	prerelease: false

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Merge pull request #394 from ava-labs/dev #865

Workflow file

Merge pull request #394 from ava-labs/dev #865

Uh oh!

Jobs

Run details

Workflow file for this run