2023-07-10 21:02:14 +02:00
|
|
|
name: CI
|
|
|
|
|
|
|
|
on:
|
|
|
|
push:
|
|
|
|
tags:
|
|
|
|
- '*'
|
2024-04-15 16:02:01 +02:00
|
|
|
branches:
|
|
|
|
- main
|
2024-02-09 17:18:50 +01:00
|
|
|
pull_request:
|
2023-07-10 21:02:14 +02:00
|
|
|
workflow_dispatch:
|
|
|
|
|
2024-02-04 20:45:00 +01:00
|
|
|
permissions: read-all
|
|
|
|
|
2024-04-15 21:34:12 +02:00
|
|
|
concurrency:
|
|
|
|
group: ${{ github.workflow }}-${{ github.ref_name }}
|
|
|
|
cancel-in-progress: true
|
|
|
|
|
2023-07-10 21:02:14 +02:00
|
|
|
jobs:
|
2024-04-15 15:24:07 +02:00
|
|
|
# ktlintCheck does not have per-variant tasks, so runs once over everything
|
|
|
|
ktlint:
|
|
|
|
name: ktlintCheck
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
2024-10-30 17:09:08 +01:00
|
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
2024-04-15 15:24:07 +02:00
|
|
|
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
|
|
with:
|
|
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
|
|
|
|
- name: ktlintCheck
|
|
|
|
run: ./gradlew ktlintCheck
|
|
|
|
|
|
|
|
# Tools are not per-variant
|
|
|
|
tools:
|
|
|
|
name: Test tools
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
2024-10-30 17:09:08 +01:00
|
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
2024-04-15 15:24:07 +02:00
|
|
|
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
|
|
with:
|
|
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
|
|
|
|
- name: Test tools
|
|
|
|
working-directory: tools
|
|
|
|
run: ../gradlew test
|
|
|
|
|
|
|
|
# Custom lint rules are not per-variant
|
|
|
|
custom-lint:
|
|
|
|
name: Custom lint
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
2024-10-30 17:09:08 +01:00
|
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
2024-04-15 15:24:07 +02:00
|
|
|
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
|
|
with:
|
|
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
|
|
|
|
- name: Test custom lint rules
|
|
|
|
working-directory: checks
|
|
|
|
run: ../gradlew test
|
|
|
|
|
|
|
|
# Android lint is per-variant
|
|
|
|
lint:
|
2024-11-26 21:42:52 +01:00
|
|
|
permissions:
|
|
|
|
# Required to upload SARIF files
|
|
|
|
security-events: write
|
feat: Periodically check for updates and alert user (#236)
Users can inadvertently get stuck on older versions of the app; e.g., by
installing from one F-Droid repository that stops hosting the app at
some later time.
Analytics from the Play Store also shows a long tail of users who are,
for some reason, on an older version.
On resuming `MainActivity`, and approximately once per day, check and
see if a newer version of Pachli is available, and prompt the user to
update by going to the relevant install location (Google Play, F-Droid,
or GitHub).
The dialog prompt allows them to ignore this specific version, or
disable all future update notifications. This is also exposed through
the preferences, so the user can adjust it there too.
A different update check method is used for each installation location.
- F-Droid: Use the F-Droid API to query for the newest released version
- GitHub: Use the GitHub API to query for the newest release, and check
the APK filename attached to that release
- Google Play: Use the Play in-app-updates library
(https://developer.android.com/guide/playcore/in-app-updates) to query
for the newest released version
These are kept in different build flavours (source sets), so that e.g.,
the build for the F-Droid store can only query the F-Droid API, the UI
strings are specific to F-Droid, etc. This also ensures that the update
service libraries are specific to that build and do not
"cross-contaminate".
Note that this *does not* update the app, it takes the user to either
the relevant store page (F-Droid, Play) or GitHub release page. The user
must still start the update from that page.
CI configuration is updated to build the different flavours.
2023-11-08 08:42:39 +01:00
|
|
|
strategy:
|
|
|
|
matrix:
|
|
|
|
color: ["orange"]
|
2024-10-29 17:17:12 +01:00
|
|
|
store: [ "Fdroid", "Github", "Google" ]
|
|
|
|
type: [ "Debug", "Release" ]
|
2024-04-15 15:24:07 +02:00
|
|
|
name: Android Lint
|
2023-07-10 21:02:14 +02:00
|
|
|
runs-on: ubuntu-latest
|
2024-04-15 15:24:07 +02:00
|
|
|
|
2023-07-10 21:02:14 +02:00
|
|
|
steps:
|
|
|
|
- name: Checkout
|
2024-10-30 17:09:08 +01:00
|
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
2023-07-10 21:02:14 +02:00
|
|
|
|
2024-04-15 15:24:07 +02:00
|
|
|
- uses: ./.github/actions/setup-build-env
|
2023-07-10 21:02:14 +02:00
|
|
|
with:
|
2024-04-15 15:24:07 +02:00
|
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
2023-07-10 21:02:14 +02:00
|
|
|
|
2024-10-29 17:17:12 +01:00
|
|
|
# Run lint. Ignore a failing exit code, but save it for later.
|
2024-04-15 15:24:07 +02:00
|
|
|
- name: Regular lint ${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
2024-10-29 17:17:12 +01:00
|
|
|
id: runlint
|
|
|
|
run: |
|
|
|
|
set +e
|
|
|
|
./gradlew lint${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
|
|
|
echo "exitcode=$?" >> $GITHUB_OUTPUT
|
|
|
|
|
|
|
|
- name: Merge SARIF files
|
|
|
|
run: |
|
|
|
|
jq -s '{ "$schema": "https://json.schemastore.org/sarif-2.1.0", "version": "2.1.0", "runs": map(.runs) | add }' */*/build/reports/lint-results-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif */build/reports/lint-results-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif > merged-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif
|
|
|
|
|
|
|
|
- name: Upload SARIF file
|
2024-11-24 21:09:56 +01:00
|
|
|
uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
|
2024-10-29 17:17:12 +01:00
|
|
|
with:
|
|
|
|
sarif_file: merged-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif
|
|
|
|
|
|
|
|
# Exit with whatever exit code the original lint run exited with, to
|
|
|
|
# ensure this job fails if lint fails, *but* the lint reports are still
|
|
|
|
# uploaded.
|
|
|
|
- name: Fail if lint failed
|
|
|
|
run: exit ${{ steps.runlint.outputs.exitcode }}
|
2023-07-10 21:02:14 +02:00
|
|
|
|
2024-04-15 15:24:07 +02:00
|
|
|
# Android tests are per variant
|
|
|
|
test:
|
|
|
|
strategy:
|
|
|
|
matrix:
|
|
|
|
color: ["orange"]
|
2024-10-29 17:17:12 +01:00
|
|
|
store: [ "Fdroid", "Github", "Google" ]
|
|
|
|
type: [ "Debug", "Release" ]
|
2024-04-15 15:24:07 +02:00
|
|
|
name: Android Test
|
|
|
|
runs-on: ubuntu-latest
|
|
|
|
|
|
|
|
steps:
|
|
|
|
- name: Checkout
|
2024-10-30 17:09:08 +01:00
|
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
2023-08-08 23:04:29 +02:00
|
|
|
|
2024-04-15 15:24:07 +02:00
|
|
|
- uses: ./.github/actions/setup-build-env
|
2023-07-12 13:26:30 +02:00
|
|
|
with:
|
2024-04-15 15:24:07 +02:00
|
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
2023-07-30 15:50:04 +02:00
|
|
|
|
2024-04-15 15:24:07 +02:00
|
|
|
- name: test ${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
|
|
|
run: ./gradlew test${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
2023-07-30 15:50:04 +02:00
|
|
|
|
2024-04-15 15:24:07 +02:00
|
|
|
# Android assemble is per variant
|
|
|
|
assemble:
|
|
|
|
strategy:
|
|
|
|
matrix:
|
|
|
|
color: ["orange"]
|
2024-10-29 17:17:12 +01:00
|
|
|
store: [ "Fdroid", "Github", "Google" ]
|
|
|
|
type: [ "Debug", "Release" ]
|
2024-04-15 15:24:07 +02:00
|
|
|
name: Android Assemble
|
|
|
|
runs-on: ubuntu-latest
|
2023-07-30 15:50:04 +02:00
|
|
|
|
2024-04-15 15:24:07 +02:00
|
|
|
steps:
|
|
|
|
- name: Checkout
|
2024-10-30 17:09:08 +01:00
|
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
2024-04-15 15:24:07 +02:00
|
|
|
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
|
|
with:
|
|
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
2023-07-30 15:50:04 +02:00
|
|
|
|
2024-04-15 15:24:07 +02:00
|
|
|
- name: assemble ${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
|
|
|
run: ./gradlew assemble${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|