From 2b4e5f3ef54e7ee2397f1b883b0d16359ba7a6d4 Mon Sep 17 00:00:00 2001
From: Sarah GLINER <sarah.gliner@ledger.fr>
Date: Tue, 7 Nov 2023 09:56:35 +0100
Subject: [PATCH 1/2] Add url to slack messages

---
 .github/workflows/build_all.yml      | 5 ++++-
 .github/workflows/refresh_inputs.yml | 7 ++++++-
 .github/workflows/scan_all.yml       | 5 ++++-
 .github/workflows/test_all.yml       | 5 ++++-
 scripts/output_scripts/slack.py      | 3 +++
 5 files changed, 21 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/build_all.yml b/.github/workflows/build_all.yml
index 4cfab1e..8260499 100644
--- a/.github/workflows/build_all.yml
+++ b/.github/workflows/build_all.yml
@@ -585,9 +585,12 @@ jobs:
           python3 scripts/output_scripts/convert.py --input_file full_build_output.json --output_file out.md --key build
           cat out.md >> $GITHUB_STEP_SUMMARY
 
+      - name: Echo GHA url 
+        run: echo "url"=${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} >> $GITHUB_ENV
+
       - name: Convert to slack json
         run: |
-          python3 scripts/output_scripts/slack.py --input_file full_build_output.json --output_file slack.json --key build --devices ${{ needs.setup-devices.outputs.names }}
+          python3 scripts/output_scripts/slack.py --input_file full_build_output.json --output_file slack.json --key build --devices ${{ needs.setup-devices.outputs.names }} --url ${{ env.url }}
 
       - name: Send custom JSON data to Slack workflow
         if: ${{ github.event_name == 'schedule' || inputs.send_to_slack == true }}
diff --git a/.github/workflows/refresh_inputs.yml b/.github/workflows/refresh_inputs.yml
index b2c4b23..bc18a5d 100644
--- a/.github/workflows/refresh_inputs.yml
+++ b/.github/workflows/refresh_inputs.yml
@@ -49,6 +49,10 @@ jobs:
           else
             echo "Files are the same!"
           fi
+      - name: Echo GHA url 
+        if: ${{ failure() && (github.event_name == 'schedule' || inputs.send_to_slack == true) }}
+        run: echo "url"=${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} >> $GITHUB_ENV
+
       - name: Send custom JSON data to Slack workflow
         if: ${{ failure() && (github.event_name == 'schedule' || inputs.send_to_slack == true) }}
         id: slack
@@ -59,7 +63,8 @@ jobs:
                 {
                     "title": "Check input list",
                     "status": ":red-cross: Fail",
-                    "status_detail": ":alert: Please update input file ! "
+                    "status_detail": ":alert: Please update input file ! ",
+                    "url": "${{ env.url }}"
                 }
         env:
             SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
diff --git a/.github/workflows/scan_all.yml b/.github/workflows/scan_all.yml
index 7060ac0..5802697 100644
--- a/.github/workflows/scan_all.yml
+++ b/.github/workflows/scan_all.yml
@@ -562,9 +562,12 @@ jobs:
           python3 scripts/output_scripts/convert.py --input_file full_scan_output.json --output_file out.md --key scan
           cat out.md >> $GITHUB_STEP_SUMMARY
 
+      - name: Echo GHA url 
+        run: echo "url"=${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} >> $GITHUB_ENV
+
       - name: Convert to slack json
         run: |
-          python3 scripts/output_scripts/slack.py --input_file full_scan_output.json --output_file slack.json --key scan --devices ${{ needs.setup-devices.outputs.names }}
+          python3 scripts/output_scripts/slack.py --input_file full_scan_output.json --output_file slack.json --key scan --devices ${{ needs.setup-devices.outputs.names }} --url ${{ env.url }}
 
       - name: Send custom JSON data to Slack workflow
         if: ${{ github.event_name == 'schedule' || inputs.send_to_slack == true }}
diff --git a/.github/workflows/test_all.yml b/.github/workflows/test_all.yml
index c1c94d7..538333b 100644
--- a/.github/workflows/test_all.yml
+++ b/.github/workflows/test_all.yml
@@ -354,9 +354,12 @@ jobs:
           python scripts/output_scripts/convert.py --input_file test_output.json --output_file out.md --key test
           cat out.md >> $GITHUB_STEP_SUMMARY
 
+      - name: Echo GHA url 
+        run: echo "url"=${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }} >> $GITHUB_ENV
+
       - name: Convert to slack json
         run: |
-          python scripts/output_scripts/slack.py --input_file test_output.json --output_file slack.json --key test
+          python scripts/output_scripts/slack.py --input_file test_output.json --output_file slack.json --key test --url ${{ env.url }}
 
       - name: Send custom JSON data to Slack workflow
         if: ${{ github.event_name == 'schedule' || inputs.send_to_slack == true }}
diff --git a/scripts/output_scripts/slack.py b/scripts/output_scripts/slack.py
index daa761c..cea4bd1 100644
--- a/scripts/output_scripts/slack.py
+++ b/scripts/output_scripts/slack.py
@@ -71,6 +71,7 @@ def count_status(json_list, key):
     parser.add_argument("--output_file", required=False, type=Path)
     parser.add_argument("--key", required=False, type=str, default="build")
     parser.add_argument("--devices", required=False, type=str)
+    parser.add_argument("--url", required=False, type=str)
 
     args = parser.parse_args()
 
@@ -115,6 +116,8 @@ def count_status(json_list, key):
     if status_detail:
         slack_json["status_detail"] = status_detail
 
+    slack_json["url"] = args.url
+
     if args.output_file:
         with open(args.output_file, 'w') as f:
             json.dump(slack_json, f, indent=1)

From fe22b29b9b3fe8ccf2660e6a6af39986ffe855e4 Mon Sep 17 00:00:00 2001
From: Sarah GLINER <sarah.gliner@ledger.fr>
Date: Tue, 7 Nov 2023 10:07:16 +0100
Subject: [PATCH 2/2] inputs: add scan_whitelisted apps

---
 input_files/input.json | 100 +++++++++++++++++++++++++++++++++++++++++
 1 file changed, 100 insertions(+)

diff --git a/input_files/input.json b/input_files/input.json
index fb72c8e..5b63196 100644
--- a/input_files/input.json
+++ b/input_files/input.json
@@ -468,6 +468,11 @@
    "nanox",
    "stax"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "binance_chain"
@@ -493,6 +498,12 @@
    "nanox",
    "stax"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "bitcoin_testnet_legacy",
@@ -623,6 +634,12 @@
    "nanox",
    "stax"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "bitcoin_testnet",
@@ -670,6 +687,12 @@
   "ref": "master",
   "url": "https://github.com/LedgerHQ/app-boilerplate",
   "test_dir": "tests",
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "BOL"
@@ -700,6 +723,12 @@
    "nanosp",
    "nanox",
    "stax"
+  ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
   ]
  },
  {
@@ -761,6 +790,12 @@
    "nanox",
    "stax"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "cardano_ada"
@@ -1005,6 +1040,11 @@
    "nanox",
    "stax"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "cro_org"
@@ -1231,6 +1271,12 @@
   "url": "https://github.com/LedgerHQ/app-ethereum",
   "test_dir": "tests/ragger",
   "extra_flags": "DEBUG=1 CAL_CI_KEY=1 DOMAIN_NAME_TEST_KEY=1",
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "CHAIN",
   "variants_nanos": [
    "akroma",
@@ -1504,6 +1550,12 @@
    "nanox",
    "stax"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "exchange"
@@ -2403,6 +2455,12 @@
   "url": "https://github.com/LedgerHQ/app-monero",
   "test_dir": "tests",
   "extra_flags": "DEBUG=1",
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "monero"
@@ -2578,6 +2636,12 @@
    "nanox",
    "stax"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "NEO3"
@@ -2814,6 +2878,12 @@
   "url": "https://github.com/LedgerHQ/app-passwords",
   "test_dir": "tests/functional",
   "extra_flags": "TESTING=1 POPULATE=1",
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "NONE",
   "variants_nanos": [
    "pwmgr"
@@ -3074,6 +3144,12 @@
    "nanox",
    "stax"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "pbol"
@@ -3981,6 +4057,12 @@
    "nanosp",
    "nanox"
   ],
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "APP",
   "variants_nanos": [
    "recovery_check"
@@ -4112,6 +4194,12 @@
   ],
   "test_param_nanosp": "--fast",
   "test_param_nanox": "--transport HID --fast",
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "APP",
   "variants_nanox": [
    "SecurityKey"
@@ -4640,6 +4728,12 @@
   "ref": "develop",
   "url": "https://github.com/LedgerHQ/app-tron",
   "test_dir": "tests",
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "tron"
@@ -4855,6 +4949,12 @@
   "url": "https://github.com/LedgerHQ/app-xrp",
   "test_dir": "tests",
   "extra_flags": "DEBUG=1",
+  "scan_whitelist": [
+   "nanos",
+   "nanosp",
+   "nanox",
+   "stax"
+  ],
   "variant_param": "COIN",
   "variants_nanos": [
    "xrp"