-
Notifications
You must be signed in to change notification settings - Fork 20
281 lines (278 loc) · 11.6 KB
/
status-checks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
# Workflow to check whether changes in a pull request fulfill all requirements.
# We execute build stages in separate jobs to prevent artifact duplication.
name: Status checks
on:
pull_request:
schedule:
# Run every sunday at noon. We run this on sunday such that we can utilize the free test minutes we get from Firebase.
# The weekly run ensures that cached resources don't expire.
- cron: "0 12 * * 0"
concurrency:
group: ${{ github.ref }}
cancel-in-progress: true
jobs:
# We make sure that lint succeeds before we start any other job to
# prevent that the setup-build-environment action runs in parallel.
lint:
runs-on: ubuntu-latest
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- run: bundle exec fastlane lint
unit-test:
runs-on: ubuntu-latest
needs: lint
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- run: bundle exec fastlane unit_test
build-irmagobridge-ios:
runs-on: macos-15 # MacOS version is pinned, because it determines which XCode version is used.
needs: lint
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- run: bundle exec fastlane ios_build_irmagobridge
- uses: actions/upload-artifact@v4
with:
name: irmagobridge-ios
path: ios/Runner/Irmagobridge.xcframework/
build-irmagobridge-android:
runs-on: ubuntu-latest
needs: lint
steps:
- name: Check out repository
uses: actions/checkout@v4
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- run: bundle exec fastlane android_build_irmagobridge
- uses: actions/upload-artifact@v4
with:
name: irmagobridge-android
path: android/irmagobridge/irmagobridge.aar
build-prototypes-android:
runs-on: ubuntu-latest
needs: build-irmagobridge-android
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
submodules: true
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- name: Download irmagobridge artifact
uses: actions/download-artifact@v4
with:
name: irmagobridge-android
path: android/irmagobridge/
- run: flutter build apk --flavor alpha -t lib/main_prototypes.dart
- uses: actions/upload-artifact@v4
with:
name: prototypes-alpha-android
path: ./build/app/outputs/apk/alpha/release/*.apk
build-app-ios-alpha:
runs-on: macos-15 # MacOS version is pinned, because it determines which XCode version is used.
needs: build-irmagobridge-ios
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
submodules: true
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- name: Download irmagobridge artifact
uses: actions/download-artifact@v4
with:
name: irmagobridge-ios
path: ios/Runner/Irmagobridge.xcframework/
- name: Decode binary environment secrets
env:
APPLE_DEVELOPMENT_CERTIFICATE: ${{ secrets.APPLE_DEVELOPMENT_CERTIFICATE }}
APPLE_DEVELOPMENT_PROVISIONING_PROFILE: ${{ secrets.APPLE_DEVELOPMENT_PROVISIONING_PROFILE }}
run: |
mkdir -p ./fastlane/profiles
echo $APPLE_DEVELOPMENT_CERTIFICATE | base64 --decode > ./fastlane/profiles/ios_development.p12
echo $APPLE_DEVELOPMENT_PROVISIONING_PROFILE | base64 --decode > ./fastlane/profiles/development.mobileprovision
- name: Build
run: >
bundle exec fastlane ios_build_app
flavor:alpha
certificate_path:profiles/ios_development.p12
certificate_password:${{ secrets.APPLE_DEVELOPMENT_CERTIFICATE_PASSWORD }}
provisioning_profile_path:profiles/development.mobileprovision
code_signing_identity:"iPhone Developer"
- uses: actions/upload-artifact@v4
with:
name: app-alpha-ios
path: ./fastlane/build/*.ipa
build-app-android:
runs-on: ubuntu-latest
needs: build-irmagobridge-android
strategy:
matrix:
flavor: [alpha, beta]
type: [apk, appbundle]
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
submodules: true
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- name: Download irmagobridge artifact
uses: actions/download-artifact@v4
with:
name: irmagobridge-android
path: android/irmagobridge/
- name: Decode binary environment secrets
env:
ANDROID_DEVELOPMENT_SIGNING_KEYSTORE: ${{ secrets.ANDROID_DEVELOPMENT_SIGNING_KEYSTORE }}
run: |
mkdir -p ./fastlane/profiles
echo $ANDROID_DEVELOPMENT_SIGNING_KEYSTORE | base64 --decode > ./fastlane/profiles/keystore.jks
- name: Build
run: >
bundle exec fastlane android_build_${{ matrix.type }}
flavor:${{ matrix.flavor }}
keystore_path:profiles/keystore.jks
key_alias:android-signing-development
keystore_password:${{ secrets.ANDROID_DEVELOPMENT_SIGNING_KEYSTORE_PASSWORD }}
key_password:${{ secrets.ANDROID_DEVELOPMENT_SIGNING_KEYSTORE_PASSWORD }}
- uses: actions/upload-artifact@v4
with:
name: app-${{ matrix.flavor }}-android-${{ matrix.type }}
path: ./fastlane/build/*
build-integration-test-ios:
runs-on: macos-15 # MacOS version is pinned, because it determines which XCode version is used.
needs: build-irmagobridge-ios
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
submodules: true
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- name: Download irmagobridge artifact
uses: actions/download-artifact@v4
with:
name: irmagobridge-ios
path: ios/Runner/Irmagobridge.xcframework/
- name: Decode binary environment secrets
env:
APPLE_DEVELOPMENT_CERTIFICATE: ${{ secrets.APPLE_DEVELOPMENT_CERTIFICATE }}
APPLE_DEVELOPMENT_PROVISIONING_PROFILE: ${{ secrets.APPLE_DEVELOPMENT_PROVISIONING_PROFILE }}
run: |
mkdir -p ./fastlane/profiles
echo $APPLE_DEVELOPMENT_CERTIFICATE | base64 --decode > ./fastlane/profiles/ios_development.p12
echo $APPLE_DEVELOPMENT_PROVISIONING_PROFILE | base64 --decode > ./fastlane/profiles/development.mobileprovision
- name: Build
run: >
bundle exec fastlane ios_build_integration_test
certificate_path:profiles/ios_development.p12
certificate_password:${{ secrets.APPLE_DEVELOPMENT_CERTIFICATE_PASSWORD }}
provisioning_profile_path:profiles/development.mobileprovision
code_signing_identity:"iPhone Developer"
- uses: actions/upload-artifact@v4
with:
name: integration-test-ios
path: ./fastlane/build/*.zip
- name: Dynamically generate matrix for running integration tests
id: set-matrix
# This oneliner gets every test zip generated by Fastlane and writes this as output to GitHub. This is used for the matrix in the integration-test-ios job below.
run: echo "matrix=$(for file in $(ls ./fastlane/build/*.zip); do basename "$file"; done | jq -R . | jq -sc .)" >> $GITHUB_OUTPUT
build-integration-test-android:
runs-on: ubuntu-latest
needs: build-irmagobridge-android
steps:
- name: Check out repository
uses: actions/checkout@v4
with:
submodules: true
- name: Setup build environment
uses: ./.github/actions/setup-build-environment
- name: Download irmagobridge artifact
uses: actions/download-artifact@v4
with:
name: irmagobridge-android
path: android/irmagobridge/
- run: bundle exec fastlane android_build_integration_test
- uses: actions/upload-artifact@v4
with:
name: integration-test-android
path: ./fastlane/build/*.apk
integration-test-ios:
runs-on: ubuntu-latest
container: google/cloud-sdk:latest
needs:
- build-integration-test-ios
- unit-test # To prevent that test resources are used when we already know there is an issue.
strategy:
matrix:
file_name: ${{ fromJson(needs.build-integration-test-ios.outputs.matrix) }}
fail-fast: false # To prevent we have to re-run all tests when one run is flaky.
concurrency: integration-test-ios-${{ matrix.file_name }} # To prevent that we use too much test resources at the same time.
steps:
- name: Download test artifacts
uses: actions/download-artifact@v4
with:
name: integration-test-ios
path: .
- name: Authenticate to Firebase
env:
GCLOUD_SERVICE_KEY: ${{ secrets.GCLOUD_SERVICE_KEY }}
run: gcloud auth activate-service-account --key-file <(echo $GCLOUD_SERVICE_KEY)
shell: bash
- name: Set Firebase project
run: gcloud config set project ${{ secrets.GCLOUD_PROJECT_NAME }}
- name: Run integration tests for each zip file
run: |
gcloud firebase test ios run \
--test ${{ matrix.file_name }} \
--timeout 7m \
--device=model=iphone8,orientation=portrait \
--device=model=iphone8,orientation=landscape
# this summary is needed to report a final result for the ios test matrix
# this job is added to the branch protection rules, so the matrix has to fully pass before merge
integration-test-ios-summary:
runs-on: ubuntu-latest
needs: integration-test-ios # Wait for all matrix jobs
if: ${{ always() }} # Run even if a matrix job fails
steps:
- name: Check integration test results
run: |
if [ "${{ needs.integration-test-ios.result }}" == "failure" ] || [ "${{ needs.integration-test-ios.result }}" == "cancelled" ]; then
echo "One or more integration tests failed."
exit 1
else
echo "All integration tests passed."
fi
integration-test-android:
runs-on: ubuntu-latest
container: google/cloud-sdk:latest
needs:
- build-integration-test-android
- unit-test # To prevent that test resources are used when we already know there is an issue.
concurrency: integration-test-android # To prevent that we use too much test resources at the same time.
steps:
- name: Download test artifacts
uses: actions/download-artifact@v4
with:
name: integration-test-android
path: .
- name: Authenticate to Firebase
env:
GCLOUD_SERVICE_KEY: ${{ secrets.GCLOUD_SERVICE_KEY }}
run: gcloud auth activate-service-account --key-file <(echo $GCLOUD_SERVICE_KEY)
shell: bash
- name: Set Firebase project
run: gcloud config set project ${{ secrets.GCLOUD_PROJECT_NAME }}
- name: Run integration tests
run: gcloud firebase test android run --use-orchestrator --app app-alpha-debug.apk --test app-alpha-debug-androidTest.apk --timeout 20m --device=model=Pixel2,version=28,orientation=portrait --device=model=Pixel2,version=28,orientation=landscape