feat: add codeql scanning to ci #320
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Compilation & tests | |
| on: | |
| push: | |
| branches: [ "master", "dev" ] | |
| pull_request: | |
| branches: [ "master", "dev" ] | |
| jobs: | |
| job_build_debug: | |
| name: Build debug | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest | |
| steps: | |
| - name: Clone | |
| uses: actions/checkout@v2 | |
| - name: Build | |
| run: | | |
| make DEBUG=1 | |
| - name: Upload app binary | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: hathor-app-debug | |
| path: bin | |
| job_unit_test: | |
| name: Unit test | |
| needs: job_build_debug | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/ledgerhq/ledger-app-builder/ledger-app-builder:latest | |
| steps: | |
| - name: Clone | |
| uses: actions/checkout@v2 | |
| - name: Build unit tests | |
| run: | | |
| cd unit-tests/ | |
| bash run_tests.sh | |
| - name: Generate code coverage | |
| run: | | |
| cd unit-tests/ | |
| bash gen_coverage.sh | |
| - uses: actions/upload-artifact@v2 | |
| with: | |
| name: code-coverage | |
| path: unit-tests/coverage | |
| job_test: | |
| name: Test | |
| needs: job_build_debug | |
| runs-on: ubuntu-latest | |
| container: | |
| image: ghcr.io/ledgerhq/speculos:latest | |
| ports: | |
| - 5000:5000 | |
| - 1234:1234 | |
| - 9999:9999 | |
| - 40000:40000 | |
| - 41000:41000 | |
| - 42000:42000 | |
| - 43000:43000 | |
| options: --entrypoint /bin/bash | |
| steps: | |
| - name: Clone | |
| uses: actions/checkout@v2 | |
| - name: Download app binary | |
| uses: actions/download-artifact@v2 | |
| with: | |
| name: hathor-app-debug | |
| path: bin | |
| - name: Install Poetry | |
| run: | | |
| apt update && apt install -qy make gcc # /!\ workaround for pysha3 | |
| pip -q --no-input install poetry | |
| - name: Run test | |
| run: | | |
| nohup bash -c "python /speculos/speculos.py bin/app.elf --sdk 2.0 --display headless" > speculos.log 2<&1 & | |
| cd tests && make install && make test | |
| - name: Upload Speculos log | |
| uses: actions/upload-artifact@v2 | |
| with: | |
| name: speculos-log | |
| path: speculos.log | |