LedgerHQ · lpascal-ledger · Jan 22, 2025
diff --git a/.github/workflows/continuous-integration-workflow.yml b/.github/workflows/continuous-integration-workflow.yml
@@ -1,270 +1,15 @@
-name: Continuous Integration & Deployment
-
+name: Debug
 on:
   workflow_dispatch:
   push:
-    tags:
-      - '*'
-    branches:
-      - master
-  pull_request:
-    branches:
-      - master
 
 jobs:
-  coverage:
-    name: Code coverage
-    runs-on: ubuntu-latest
-    container:
-      image: docker://ghcr.io/ledgerhq/speculos-builder:latest
-    steps:
-    - name: Clone
-      uses: actions/checkout@v4
-      with:
-        fetch-depth: 0
-    - name: Build with code coverage instrumentation
-      env:
-        CTEST_OUTPUT_ON_FAILURE: 1
-        RNG_SEED: 0
-      run: |
-        cmake -Bbuild -H. -DPRECOMPILED_DEPENDENCIES_DIR=/install -DWITH_VNC=1 -DCODE_COVERAGE=ON
-        make -C build clean
-        make -C build
-        make -C build test
-        pip install pytest-cov
-        pip install .
-        PYTHONPATH=. pytest --cov=speculos --cov-report=xml
-    - run: git config --global --add safe.directory "$GITHUB_WORKSPACE"
-    - name: Upload coverage to Codecov
-      uses: codecov/codecov-action@v4
-      env:
-        CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
-      with:
-        name: codecov-speculos
-
-  build:
-    name: Clone, build, test
+  not_working:
     runs-on: ubuntu-latest
-    strategy:
-      matrix:
-        python_version: ['3.8', '3.9', '3.10', '3.11']
-    # Use https://ghcr.io/ledgerhq/speculos-builder which has all the required
-    # dependencies
     container:
-      image: docker://ghcr.io/ledgerhq/speculos-builder:latest
-
-    steps:
-    - name: Clone
-      uses: actions/checkout@v4
-      with:
-        fetch-depth: 0
-
-    - name: Setup Python version
-      uses: actions/setup-python@v5
-      with:
-        python-version: ${{ matrix.python_version }}
-
-    - name: Build and install package
-      run: |
-        cmake -Bbuild -H. -DPRECOMPILED_DEPENDENCIES_DIR=/install -DWITH_VNC=1
-        make -C build
-        pip install pytest
-        pip install .
-
-    - name: Test
-      env:
-        CTEST_OUTPUT_ON_FAILURE: 1
-      run: |
-        make -C build/ test
-        pytest
-
-  package_python:
-    name: Build and deploy Speculos Python Package
-    runs-on: ubuntu-latest
-    needs: [build]
-    container:
-      image: docker://ghcr.io/ledgerhq/speculos-builder:latest
-
-    steps:
-    - name: Clone
-      uses: actions/checkout@v4
-      with:
-        fetch-depth: 0
-
-    - name: Use pip to install Speculos in a virtual environment
-      run: |
-        python3 -m venv venv-test
-        ./venv-test/bin/pip install .
-        ./venv-test/bin/speculos --help
-        echo "TAG_VERSION=$(python -c 'from speculos import __version__; print(__version__)')" >> "$GITHUB_ENV"
-
-    - name: Build Speculos python package
-      run: |
-        git config --global --add safe.directory "$GITHUB_WORKSPACE"
-        if [ -e dist ] ; then
-          echo >&2 "Error: dist/ directory already exists and this is unexpected. Refusing to build new packages."
-          exit 1
-        fi
-        python3 -m venv venv-build
-        ./venv-build/bin/pip install --upgrade pip build twine
-        ./venv-build/bin/python -m build
-        ./venv-build/bin/python -m twine check dist/*
-
-    - name: Check version against CHANGELOG
-      if: startsWith(github.ref, 'refs/tags/')
-      shell: bash
-      run: |
-        CHANGELOG_VERSION=$(grep -Po '(?<=## \[)(\d+\.)+[^\]]' CHANGELOG.md | head -n 1)
-        if [ "${{ env.TAG_VERSION }}" == "${CHANGELOG_VERSION}" ]; \
-        then \
-            exit 0; \
-        else \
-            echo "Tag '${{ env.TAG_VERSION }}' and CHANGELOG '${CHANGELOG_VERSION}' versions mismatch!"; \
-            exit 1; \
-        fi
-
-    - name: Publish Python package on pypi.org
-      if: success() && github.event_name == 'push'
-      run: ./venv-build/bin/python -m twine upload dist/*
-      env:
-        TWINE_USERNAME: __token__
-        TWINE_PASSWORD: ${{ secrets.PYPI_PUBLIC_API_TOKEN  }}
-        TWINE_NON_INTERACTIVE: 1
-
-  package_and_test_docker:
-    name: Build and test the Speculos docker
-    uses: ./.github/workflows/reusable_ragger_tests_latest_speculos.yml
-    with:
-      app_repository: LedgerHQ/app-boilerplate
-      app_branch_name: master
-      test_dir: tests
-      speculos_app_branch_name: ${{ github.ref }}
-
-  package_and_test_docker_for_nanos:
-    name: Build and test the Speculos docker for Nano S
-    uses: ./.github/workflows/reusable_ragger_tests_latest_speculos.yml
-    with:
-      app_repository: LedgerHQ/app-boilerplate
-      app_branch_name: nanos_baseline
-      test_dir: tests
-      speculos_app_branch_name: ${{ github.ref }}
-
-  deploy_docker:
-    name: Build and Upload the Speculos docker
-    strategy:
-      matrix:
-        include:
-          - platform: linux/amd64
-            runner: ubuntu-latest
-          - platform: linux/arm64
-            runner: speculos-builder-2c-arm64-ubuntu_2404
-    runs-on: ${{ matrix.runner }}
-    needs: [build]
+      image: python:3.10-slim
     steps:
-
-    - name: Prepare
-      run: |
-        platform=${{ matrix.platform }}
-        echo "PLATFORM_PAIR=${platform//\//-}" >> $GITHUB_ENV
-
-        if [[ "${{ github.event_name }}" == 'push' && ( "${{ github.ref }}" == 'refs/heads/master' || "${{ github.ref }}" =~ '^refs/tags/.*' ) ]]; then
-           PUSH_FLAG='true'
-        else
-           PUSH_FLAG='false'
-        fi
-        echo "PUSH_FLAG=${PUSH_FLAG}" >> $GITHUB_ENV
-
-
-    - name: Clone
-      uses: actions/checkout@v4
-      with:
-        fetch-depth: 0
-
-    - name: Extract metadata
-      id: meta
-      uses: docker/metadata-action@v4
-      with:
-        images: ghcr.io/ledgerhq/speculos
-        tags: |
-          type=raw,value=${{ github.sha }}
-          type=ref,event=branch
-          type=ref,event=pr
-          type=semver,pattern={{version}}
-          type=semver,pattern={{major}}.{{minor}}
-
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v3
-
-    - name: Login to registry
-      uses: docker/login-action@v2
-      with:
-        registry: ghcr.io
-        username: ${{ github.actor }}
-        password: ${{ secrets.GITHUB_TOKEN }}
-
-    - name: Build and publish to GitHub Packages
-      uses: docker/build-push-action@v6
-      id: buildPush
-      with:
-        labels: ${{ steps.meta.outputs.labels }}
-        platforms: ${{ matrix.platform }}
-        outputs: type=image,name=ghcr.io/ledgerhq/speculos,push-by-digest=true,name-canonical=true,push=${{ env.PUSH_FLAG }}
-
-    - name: Export digest
-      run: |
-        mkdir -p /tmp/digests
-        digest="${{ steps.buildPush.outputs.digest }}"
-        touch "/tmp/digests/${digest#sha256:}"
-
-    - name: Upload digest
-      uses: actions/upload-artifact@v4
-      with:
-        name: digests-${{ env.PLATFORM_PAIR }}
-        path: /tmp/digests/*
-        if-no-files-found: error
-        retention-days: 1
-
-  final_tag_multiarch_merge_docker:
-    if: ${{ github.event_name == 'push' && (github.ref == 'refs/heads/master' || startsWith(github.ref, 'refs/tags/')) }}
-    needs:
-      - deploy_docker
-    runs-on: ubuntu-latest
-    steps:
-      - name: Download digests
-        uses: actions/download-artifact@v4
-        with:
-          path: /tmp/digests
-          pattern: digests-*
-          merge-multiple: true
-
-      - name: Login to GitHub Container Registry
-        uses: docker/login-action@v3
+      - uses: actions/setup-python@v5
         with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
-
-      - name: Extract metadata
-        id: meta
-        uses: docker/metadata-action@v4
-        with:
-          images: ghcr.io/ledgerhq/speculos
-          tags: |
-            type=raw,value=${{ github.sha }}
-            type=ref,event=branch
-            type=ref,event=pr
-            type=semver,pattern={{version}}
-            type=semver,pattern={{major}}.{{minor}}
-
-      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
-
-      - name: Create manifest list and push
-        working-directory: /tmp/digests
-        run: |
-          docker buildx imagetools create $(jq -cr '.tags | map("-t " + .) | join(" ")' <<< "$DOCKER_METADATA_OUTPUT_JSON") \
-            $(printf 'ghcr.io/ledgerhq/speculos@sha256:%s ' *)
-
-      - name: Inspect image
-        run: |
-          docker buildx imagetools inspect ghcr.io/ledgerhq/speculos:latest
+          python-version: "3.10"
+      - run: python
diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml
@@ -1,16 +1,7 @@
 name: Documentation generation & update
 
 on:
-  push:
-    tags:
-      - '*'
-    branches:
-      - develop
-      - master
-  pull_request:
-    branches:
-      - develop
-      - master
+  workflow_dispatch:
 
 jobs:
   generate:

diff --git a/.github/workflows/fast-checks.yml b/.github/workflows/fast-checks.yml
@@ -2,11 +2,6 @@ name: Fast checks
 
 on:
   workflow_dispatch:
-  push:
-    branches:
-      - master
-      - develop
-  pull_request:
 
 jobs:
   linter-python:

diff --git a/.github/workflows/speculos-builder.yml b/.github/workflows/speculos-builder.yml
@@ -4,18 +4,6 @@ name: Speculos Builder
 
 on:
   workflow_dispatch:
-  push:
-    branches:
-      - master
-    paths:
-      - .github/workflows/speculos-builder.yml
-      - build.Dockerfile
-  pull_request:
-    branches:
-      - master
-    paths:
-      - .github/workflows/speculos-builder.yml
-      - build.Dockerfile
 
 jobs:
   build: