name: "[Release] emulators for trezor-user-env"
on:
push:
tags:
- 'core/v*'
- 'legacy/v*'
workflow_dispatch:
permissions:
id-token: write # for fetching the OIDC token
contents: read # for actions/checkout
jobs:
get_models:
name: Get models
runs-on: ubuntu-latest
outputs:
models: ${{ steps.get_models.outputs.models }}
version: ${{ steps.get_models.outputs.version }}
steps:
- uses: actions/checkout@v4
- name: Get models from releases.json
id: get_models
run: |
if [[ $GITHUB_REF == refs/tags/core/* ]]; then
VERSION=${GITHUB_REF#refs/tags/core/v}
MODELS=$(jq -r --arg version "$VERSION" '.firmware[$version] | join(",")' ./common/releases.json)
elif [[ $GITHUB_REF == refs/tags/legacy/* ]]; then
VERSION=${GITHUB_REF#refs/tags/legacy/v}
MODELS=$(jq -r --arg version "$VERSION" '.firmware[$version] | join(",")' ./common/releases.json)
fi
echo "models=$MODELS" >> $GITHUB_OUTPUT
echo "version=$VERSION" >> $GITHUB_OUTPUT
core_emu:
if: startsWith(github.ref, 'refs/tags/core/v')
name: Build emu
needs: get_models
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
model: ${{ fromJson(needs.get_models.outputs.models) }}
coins: [universal]
type: [debuglink]
asan: [noasan]
exclude:
- type: normal
asan: asan
env:
TREZOR_MODEL: ${{ matrix.model }}
BITCOIN_ONLY: ${{ matrix.coins == 'universal' && '0' || '1' }}
PYOPT: ${{ matrix.type == 'debuglink' && '0' || '1' }}
ADDRESS_SANITIZER: "0"
LSAN_OPTIONS: "suppressions=../../asan_suppressions.txt"
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: ./.github/actions/environment
- run: nix-shell --run "poetry run make -C core build_bootloader_emu"
if: matrix.coins == 'universal'
- run: nix-shell --run "poetry run make -C core build_unix_frozen"
- run: cp core/build/unix/trezor-emu-core core/build/unix/trezor-emu-core-${{ matrix.model }}-v${{ needs.get_models.outputs.version }}
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::538326561891:role/gh_actions_deploy_dev_firmware_data
aws-region: eu-west-1
continue-on-error: true
- name: Upload emulator binaries
run: |
aws s3 mv core/build/unix/trezor-emu-core-${{ matrix.model }}-v${{ needs.get_models.outputs.version }} s3://data.trezor.io/dev/firmware/releases/emulators-new/${{ matrix.model}}/
- uses: actions/upload-artifact@v4
with:
name: core-emu-${{ matrix.model }}-${{ matrix.coins }}-${{ matrix.type }}-${{ matrix.asan }}
path: |
core/build/unix/trezor-emu-core*
core/build/bootloader_emu/bootloader.elf
retention-days: 7
core_emu_arm:
if: startsWith(github.ref, 'refs/tags/core/v')
name: Build core emu arm
needs: get_models
runs-on: ubuntu-latest-arm64
strategy:
fail-fast: false
matrix:
model: ${{ fromJson(needs.get_models.outputs.models) }}
coins: [universal]
type: [debuglink]
asan: [noasan]
exclude:
- type: normal
asan: asan
env:
TREZOR_MODEL: ${{ matrix.model }}
BITCOIN_ONLY: ${{ matrix.coins == 'universal' && '0' || '1' }}
PYOPT: ${{ matrix.type == 'debuglink' && '0' || '1' }}
ADDRESS_SANITIZER: ${{ matrix.asan == 'asan' && '1' || '0' }}
LSAN_OPTIONS: "suppressions=../../asan_suppressions.txt"
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: ./.github/actions/environment
- run: nix-shell --run "poetry run make -C core build_bootloader_emu"
if: matrix.coins == 'universal'
- run: nix-shell --run "poetry run make -C core build_unix_frozen"
- run: mv core/build/unix/trezor-emu-core core/build/unix/trezor-emu-core-${{ matrix.model }}-v${{ needs.get_models.outputs.version }}-arm
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::538326561891:role/gh_actions_deploy_dev_firmware_data
aws-region: eu-west-1
continue-on-error: true
- name: Upload emulator binaries
run: |
aws s3 cp core/build/unix/trezor-emu-core-${{ matrix.model }}-v${{ needs.get_models.outputs.version }}-arm s3://data.trezor.io/dev/firmware/releases/emulators-new/${{ matrix.model}}/
- uses: actions/upload-artifact@v4
with:
name: core-emu-${{ matrix.model }}-${{ matrix.coins }}-${{ matrix.type }}-${{ matrix.asan }}
path: |
core/build/unix/trezor-emu-core*
core/build/bootloader_emu/bootloader.elf
retention-days: 7
legacy_emu:
if: startsWith(github.ref, 'refs/tags/legacy/v')
name: Build legacy emu
needs: get_models
runs-on: ubuntu-latest
strategy:
matrix:
coins: [universal]
type: [debuglink]
arch: [x86_64]
asan: [noasan]
env:
EMULATOR: 1
BITCOIN_ONLY: ${{ matrix.coins == 'universal' && '0' || '1' }}
DEBUG_LINK: ${{ matrix.type == 'debuglink' && '1' || '0' }}
ADDRESS_SANITIZER: ${{ matrix.asan == 'asan' && '1' || '0' }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: ./.github/actions/environment
- run: nix-shell --run "poetry run legacy/script/cibuild"
- run: mv legacy/firmware/trezor.elf legacy/firmware/trezor-emu-legacy-T1B1-v${{ needs.get_models.outputs.version }}
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::538326561891:role/gh_actions_deploy_dev_firmware_data
aws-region: eu-west-1
continue-on-error: true
- name: Upload emulator binaries
run: |
aws s3 cp legacy/firmware/trezor-emu-legacy-T1B1-v${{ needs.get_models.outputs.version }} s3://data.trezor.io/dev/firmware/releases/emulators-new/T1B1/
legacy_emu_arm:
if: startsWith(github.ref, 'refs/tags/legacy/v')
name: Build legacy emu arm
needs: get_models
runs-on: ubuntu-latest-arm64
strategy:
matrix:
coins: [universal]
type: [debuglink]
asan: [noasan]
env:
EMULATOR: 1
BITCOIN_ONLY: ${{ matrix.coins == 'universal' && '0' || '1' }}
DEBUG_LINK: ${{ matrix.type == 'debuglink' && '1' || '0' }}
ADDRESS_SANITIZER: ${{ matrix.asan == 'asan' && '1' || '0' }}
steps:
- uses: actions/checkout@v4
with:
submodules: recursive
- uses: ./.github/actions/environment
- run: nix-shell --run "poetry run legacy/script/cibuild"
- run: mv legacy/firmware/trezor.elf legacy/firmware/trezor-emu-legacy-T1B1-v${{ needs.get_models.outputs.version }}-arm
- name: Configure aws credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: arn:aws:iam::538326561891:role/gh_actions_deploy_dev_firmware_data
aws-region: eu-west-1
continue-on-error: true
- name: Upload emulator binaries
run: |
aws s3 cp legacy/firmware/trezor-emu-legacy-T1B1-v${{ needs.get_models.outputs.version }}-arm s3://data.trezor.io/dev/firmware/releases/emulators-new/T1B1/