name: Legacy on: pull_request: workflow_dispatch: schedule: - cron: '35 22 * * *' # every day @ 22:35 # cancel any previous runs on the same PR concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.run_id }} cancel-in-progress: true permissions: id-token: write # for fetching the OIDC token contents: read # for actions/checkout pull-requests: write # For dflook comments on PR env: PULL_COMMENT: | |legacy UI changes| [device test](https://data.trezor.io/dev/firmware/ui_report/${{ github.run_id }}/T1B1-en-legacy_device_test/index.html)([screens](https://data.trezor.io/dev/firmware/ui_report/${{ github.run_id }}/T1B1-en-legacy_device_test/differing_screens.html)) [main](https://data.trezor.io/dev/firmware/master_diff/${{ github.run_id }}/)([screens](https://data.trezor.io/dev/firmware/master_diff/${{ github.run_id }}/master_diff.html))| |-----------------|-----| jobs: legacy_firmware: name: Firmware runs-on: ubuntu-latest strategy: matrix: coins: [universal, btconly] # type: [normal, debuglink] type: [debuglink] env: BITCOIN_ONLY: ${{ matrix.coins == 'universal' && '0' || '1' }} DEBUG_LINK: ${{ matrix.type == 'debuglink' && '1' || '0' }} steps: - uses: actions/checkout@v4 with: submodules: recursive - uses: ./.github/actions/environment - run: nix-shell --run "export PRODUCTION=1 && poetry run legacy/script/cibuild" - run: nix-shell --run "poetry run legacy/script/setup" - run: nix-shell --run "export PRODUCTION=0 && poetry run legacy/script/cibuild" - run: nix-shell --run "poetry run make -C legacy/demo" if: matrix.coins == 'universal' && matrix.type == 'normal' - uses: actions/upload-artifact@v4 with: name: legacy-firmware-${{ matrix.coins }}-${{ matrix.type }} path: legacy/firmware/firmware-*.bin retention-days: 7 legacy_emu: name: Emulator runs-on: ubuntu-latest strategy: matrix: coins: [universal, btconly] # type: [normal, debuglink] type: [debuglink] arch: [x86_64] asan: ${{ fromJSON(github.event_name == 'schedule' && '["noasan", "asan"]' || '["noasan"]') }} env: EMULATOR: 1 BITCOIN_ONLY: ${{ matrix.coins == 'universal' && '0' || '1' }} DEBUG_LINK: ${{ matrix.type == 'debuglink' && '1' || '0' }} ADDRESS_SANITIZER: ${{ matrix.asan == 'asan' && '1' || '0' }} steps: - uses: actions/checkout@v4 with: submodules: recursive - uses: ./.github/actions/environment - run: nix-shell --run "poetry run legacy/script/cibuild" - run: cp legacy/firmware/trezor.elf legacy/firmware/trezor-emu-legacy-T1B1-${{ matrix.coins }} - uses: actions/upload-artifact@v4 with: name: legacy-emu-${{ matrix.coins }}-${{ matrix.type }}-${{ matrix.asan }} path: | legacy/firmware/*.elf legacy/firmware/trezor-emu-legacy* retention-days: 7 legacy_emu_arm: if: github.event_name == 'schedule' name: Emulator arm runs-on: ubuntu-latest-arm64 strategy: matrix: coins: [universal] type: [debuglink] asan: ${{ fromJSON(github.event_name == 'schedule' && '["noasan", "asan"]' || '["noasan"]') }} env: EMULATOR: 1 BITCOIN_ONLY: ${{ matrix.coins == 'universal' && '0' || '1' }} DEBUG_LINK: ${{ matrix.type == 'debuglink' && '1' || '0' }} ADDRESS_SANITIZER: ${{ matrix.asan == 'asan' && '1' || '0' }} steps: - uses: actions/checkout@v4 with: submodules: recursive - uses: ./.github/actions/environment - run: nix-shell --run "poetry run legacy/script/cibuild" - run: mv legacy/firmware/trezor.elf legacy/firmware/trezor-emu-arm-legacy-T1B1-${{ matrix.coins }} - uses: actions/upload-artifact@v4 with: name: legacy-emu-arm-${{ matrix.coins }}-${{ matrix.type }}-${{ matrix.asan }} path: | legacy/firmware/trezor-emu-arm-legacy* retention-days: 7 legacy_device_test: name: Device test runs-on: ubuntu-latest needs: legacy_emu strategy: matrix: coins: [universal, btconly] asan: ${{ fromJSON(github.event_name == 'schedule' && '["noasan", "asan"]' || '["noasan"]') }} env: EMULATOR: 1 TREZOR_PYTEST_SKIP_ALTCOINS: ${{ matrix.coins == 'universal' && '0' || '1' }} steps: - uses: actions/checkout@v4 with: submodules: recursive - uses: actions/download-artifact@v4 with: name: legacy-emu-${{ matrix.coins }}-debuglink-${{ matrix.asan }} path: legacy/firmware - run: chmod +x legacy/firmware/*.elf - uses: ./.github/actions/environment - run: nix-shell --run "poetry run make -C legacy test_emu_ui" if: matrix.coins == 'universal' - run: nix-shell --run "poetry run make -C legacy test_emu" if: matrix.coins != 'universal' - uses: ./.github/actions/ui-report with: model: T1B1 lang: en status: ${{ job.status }} continue-on-error: true if: ${{ always() && matrix.coins == 'universal' }} legacy_upgrade_test: name: Upgrade test runs-on: ubuntu-latest needs: legacy_emu strategy: matrix: asan: ${{ fromJSON(github.event_name == 'schedule' && '["noasan", "asan"]' || '["noasan"]') }} env: TREZOR_UPGRADE_TEST: legacy steps: - uses: actions/checkout@v4 with: submodules: recursive - uses: actions/download-artifact@v4 with: name: legacy-emu-universal-debuglink-${{ matrix.asan }} path: legacy/firmware - run: chmod +x legacy/firmware/*.elf - uses: ./.github/actions/environment - run: nix-shell --run "tests/download_emulators.sh" - run: nix-shell --run "poetry run pytest tests/upgrade_tests" legacy_hwi_test: name: HWI test if: false # XXX currently failing continue-on-error: true runs-on: ubuntu-latest needs: legacy_emu env: EMULATOR: 1 steps: - uses: actions/checkout@v4 with: submodules: recursive - uses: actions/download-artifact@v4 with: name: legacy-emu-universal-debuglink-noasan path: legacy/firmware - run: chmod +x legacy/firmware/*.elf - uses: ./.github/actions/environment - run: nix-shell --run "git clone --depth=1 https://github.com/bitcoin-core/HWI.git" # see python_test for explanation of _PYTHON_SYSCONFIGDATA_NAME - run: nix-shell --arg fullDeps true --run "unset _PYTHON_SYSCONFIGDATA_NAME && cd HWI && poetry install && poetry run ./test/test_trezor.py --model_1 ../legacy/firmware/trezor.elf bitcoind" legacy_ui_main: name: UI diff from main branch runs-on: ubuntu-latest needs: - legacy_device_test continue-on-error: true steps: - uses: actions/checkout@v4 - uses: actions/download-artifact@v4 with: pattern: ui-records-* merge-multiple: true - uses: ./.github/actions/environment - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: arn:aws:iam::538326561891:role/gh_actions_deploy_dev_firmware_data aws-region: eu-west-1 continue-on-error: true - run: "for F in screens_*.tar; do tar xvf $F; done || true" - run: nix-shell --run "poetry run python -m tests.ui_tests.reporting master-diff T1" - run: | mv tests/ui_tests/reports/master_diff . if [ "${{ job.status }}" = "success" ]; then cp .github/actions/ui-report/success.png master_diff/status.png else cp .github/actions/ui-report/failure.png master_diff/status.png fi - name: Upload main branch diff run: | aws s3 sync --only-show-errors master_diff s3://data.trezor.io/dev/firmware/master_diff/${{ github.run_id }} continue-on-error: true legacy_ui_comment: name: Post comment with UI diff URLs if: github.event_name == 'pull_request' runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: ./.github/actions/ui-comment legacy_upload_emu: name: Upload emulator binaries if: github.event_name == 'schedule' runs-on: ubuntu-latest needs: - legacy_emu - legacy_emu_arm steps: - uses: actions/download-artifact@v4 with: pattern: legacy-emu*debuglink-noasan merge-multiple: true - name: Configure aws credentials uses: aws-actions/configure-aws-credentials@v4 with: role-to-assume: arn:aws:iam::538326561891:role/gh_actions_deploy_dev_firmware_data aws-region: eu-west-1 continue-on-error: true - run: | mkdir emulators cp trezor-emu-* emulators aws s3 sync --only-show-errors emulators s3://data.trezor.io/dev/firmware/emu-nightly