151 lines
4.6 KiB
YAML
151 lines
4.6 KiB
YAML
name: CI
|
|
|
|
on:
|
|
push:
|
|
tags:
|
|
- '*'
|
|
branches:
|
|
- main
|
|
pull_request:
|
|
workflow_dispatch:
|
|
|
|
permissions: read-all
|
|
|
|
concurrency:
|
|
group: ${{ github.workflow }}-${{ github.ref_name }}
|
|
cancel-in-progress: true
|
|
|
|
jobs:
|
|
# ktlintCheck does not have per-variant tasks, so runs once over everything
|
|
ktlint:
|
|
name: ktlintCheck
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
with:
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
- name: ktlintCheck
|
|
run: ./gradlew ktlintCheck
|
|
|
|
# Tools are not per-variant
|
|
tools:
|
|
name: Test tools
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
with:
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
- name: Test tools
|
|
working-directory: tools
|
|
run: ../gradlew test
|
|
|
|
# Custom lint rules are not per-variant
|
|
custom-lint:
|
|
name: Custom lint
|
|
runs-on: ubuntu-latest
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
with:
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
- name: Test custom lint rules
|
|
working-directory: checks
|
|
run: ../gradlew test
|
|
|
|
# Android lint is per-variant
|
|
lint:
|
|
permissions:
|
|
# Required to upload SARIF files
|
|
security-events: write
|
|
strategy:
|
|
matrix:
|
|
color: ["orange"]
|
|
store: [ "Fdroid", "Github", "Google" ]
|
|
type: [ "Debug", "Release" ]
|
|
name: Android Lint
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
with:
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
# Run lint. Ignore a failing exit code, but save it for later.
|
|
- name: Regular lint ${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
|
id: runlint
|
|
run: |
|
|
set +e
|
|
./gradlew lint${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
|
echo "exitcode=$?" >> $GITHUB_OUTPUT
|
|
|
|
- name: Merge SARIF files
|
|
run: |
|
|
jq -s '{ "$schema": "https://json.schemastore.org/sarif-2.1.0", "version": "2.1.0", "runs": map(.runs) | add }' */*/build/reports/lint-results-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif */build/reports/lint-results-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif > merged-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif
|
|
|
|
- name: Upload SARIF file
|
|
uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3
|
|
with:
|
|
sarif_file: merged-${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}.sarif
|
|
|
|
# Exit with whatever exit code the original lint run exited with, to
|
|
# ensure this job fails if lint fails, *but* the lint reports are still
|
|
# uploaded.
|
|
- name: Fail if lint failed
|
|
run: exit ${{ steps.runlint.outputs.exitcode }}
|
|
|
|
# Android tests are per variant
|
|
test:
|
|
strategy:
|
|
matrix:
|
|
color: ["orange"]
|
|
store: [ "Fdroid", "Github", "Google" ]
|
|
type: [ "Debug", "Release" ]
|
|
name: Android Test
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
with:
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
- name: test ${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
|
run: ./gradlew test${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
|
|
|
# Android assemble is per variant
|
|
assemble:
|
|
strategy:
|
|
matrix:
|
|
color: ["orange"]
|
|
store: [ "Fdroid", "Github", "Google" ]
|
|
type: [ "Debug", "Release" ]
|
|
name: Android Assemble
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: Checkout
|
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
|
|
|
|
- uses: ./.github/actions/setup-build-env
|
|
with:
|
|
gradle-cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
|
|
|
|
- name: assemble ${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|
|
run: ./gradlew assemble${{ matrix.color }}${{ matrix.store }}${{ matrix.type }}
|