Mastodon
/
pachli-android
mirror of https://github.com/pachli/pachli-android.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

ci: Upload SARIF files with lint results (#1060) 

Perform the lint check as normal, saving the exit code and ignoring any
error exit codes.

Then upload the lint results as SARIF files for display in GitHub.

Then exit with whatever exit code lint returned, to ensure that a lint
failure causes the CI job to fail too.
This commit is contained in:
Nik Clayton 2024-10-29 17:17:12 +01:00 committed by GitHub
parent 04d98ae616
commit f10e125a5f
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 30 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
.github/workflows/ci.yml vendored
View File

@ -68,8 +68,8 @@ jobs:
strategy:
matrix:
color: ["orange"]
store: ["fdroid", "github", "google"]
type: ["debug", "release"]
store: [ "Fdroid", "Github", "Google" ]
type: [ "Debug", "Release" ]
name: Android Lint
runs-on: ubuntu-latest
@ -81,16 +81,37 @@ jobs:
with:
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
# Run lint. Ignore a failing exit code, but save it for later.
- name: Regular lint ${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
run: ./gradlew lint${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
id: runlint
run: |
set +e
./gradlew lint${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
echo "exitcode=$?" >> $GITHUB_OUTPUT
- name: Merge SARIF files
run: |
jq -s '{ "$schema": "https://json.schemastore.org/sarif-2.1.0", "version": "2.1.0", "runs": map(.runs) | add }' */*/build/reports/lint-results-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif */build/reports/lint-results-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif > merged-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif
- name: Upload SARIF file
uses: github/codeql-action/upload-sarif@v3
with:
category: ${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
sarif_file: merged-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif
# Exit with whatever exit code the original lint run exited with, to
# ensure this job fails if lint fails, *but* the lint reports are still
# uploaded.
- name: Fail if lint failed
run: exit ${{ steps.runlint.outputs.exitcode }}
# Android tests are per variant
test:
strategy:
matrix:
color: ["orange"]
store: ["fdroid", "github", "google"]
type: ["debug", "release"]
store: [ "Fdroid", "Github", "Google" ]
type: [ "Debug", "Release" ]
name: Android Test
runs-on: ubuntu-latest
@ -110,8 +131,8 @@ jobs:
strategy:
matrix:
color: ["orange"]
store: ["fdroid", "github", "google"]
type: ["debug", "release"]
store: [ "Fdroid", "Github", "Google" ]
type: [ "Debug", "Release" ]
name: Android Assemble
runs-on: ubuntu-latest

4
build-logic/convention/src/main/kotlin/AndroidLintConventionPlugin.kt
View File

@ -15,14 +15,13 @@
* see <http://www.gnu.org/licenses>.
*/
import com.android.build.api.dsl.ApplicationExtension
import com.android.build.api.dsl.LibraryExtension
import com.android.build.api.dsl.Lint
import java.io.File
import org.gradle.api.Plugin
import org.gradle.api.Project
import org.gradle.kotlin.dsl.configure
import java.io.File
class AndroidLintConventionPlugin : Plugin<Project> {
override fun apply(target: Project) {
@ -46,4 +45,5 @@ class AndroidLintConventionPlugin : Plugin<Project> {
private fun Lint.configure(project: Project) {
lintConfig = File(project.findProject(":app")?.projectDir, "lint.xml")
baseline = File("lint-baseline.xml")
sarifReport = true
}