mirror of
https://github.com/SchildiChat/SchildiChat-android.git
synced 2024-12-23 16:21:26 +01:00
Merge pull request #6308 from vector-im/michaelk/exodus
Run exodus privacy scanner on all PRs
This commit is contained in:
commit
c9553d31e9
29
.github/workflows/build.yml
vendored
29
.github/workflows/build.yml
vendored
@ -46,8 +46,9 @@ jobs:
|
||||
release:
|
||||
name: Build unsigned GPlay APKs
|
||||
runs-on: ubuntu-latest
|
||||
if: github.ref == 'refs/heads/main'
|
||||
# Only runs on main, no concurrency.
|
||||
concurrency:
|
||||
group: ${{ github.ref == 'refs/head/main' && format('build-release-apk-main-{0}', github.sha) || github.ref == 'refs/heads/develop' && format('build-release-apk-develop-{0}', github.sha) || format('build-debug-{0}', github.ref) }}
|
||||
cancel-in-progress: ${{ github.ref != 'refs/head/main' }}
|
||||
steps:
|
||||
- uses: actions/checkout@v3
|
||||
- uses: actions/cache@v3
|
||||
@ -67,4 +68,26 @@ jobs:
|
||||
path: |
|
||||
vector/build/outputs/apk/*/release/*.apk
|
||||
|
||||
# TODO add exodus checks
|
||||
exodus:
|
||||
runs-on: ubuntu-latest
|
||||
needs: release
|
||||
steps:
|
||||
- name: Obtain apk from artifact
|
||||
id: download
|
||||
uses: actions/download-artifact@v3
|
||||
with:
|
||||
name: vector-gplay-release-unsigned
|
||||
- name: Show apks in artifact
|
||||
run: ls -R ${{steps.download.outputs.download-path}}
|
||||
- name: Execute exodus-standalone
|
||||
uses: docker://exodusprivacy/exodus-standalone:latest
|
||||
with:
|
||||
args: /github/workspace/gplay/release/vector-gplay-universal-release-unsigned.apk -j -o /github/workspace/exodus.json
|
||||
- name: Upload exodus json report
|
||||
uses: actions/upload-artifact@v3
|
||||
with:
|
||||
name: exodus.json
|
||||
path: |
|
||||
exodus.json
|
||||
- name: Check for trackers
|
||||
run: "jq -e '.trackers == []' exodus.json > /dev/null || { echo '::error static analysis identified user tracking library' ; exit 1; }"
|
||||
|
Loading…
Reference in New Issue
Block a user