-
Notifications
You must be signed in to change notification settings - Fork 26
126 lines (113 loc) · 4.15 KB
/
ci.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
name: '👷 Build → 🧑🔬 Test → 🕵️ Lint'
on:
push:
branches: ["main", "hotfix/*", "chore-updated-icons"]
pull_request:
branches: ["main", "hotfix/*", "chore-updated-icons"]
merge_group:
types: [ checks_requested ]
branches: ["main", "hotfix/*", "chore-updated-icons"]
concurrency:
group: '${{ github.workflow }}-${{ github.event.pull_request.head.label || github.head_ref || github.ref }}'
cancel-in-progress: true
permissions:
security-events: write
jobs:
validation:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/check-git-lfs
- uses: ./.github/actions/setup-java
- uses: ./.github/actions/setup-gradle
- uses: ./.github/actions/setup-gradle-properties
- run: ./gradlew dependencyGuard --quiet
- run: ./gradlew spotlessCheck :build-logic:spotlessCheck
build-test-lint:
needs: validation
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
with:
lfs: true
- uses: ./.github/actions/setup-java
- uses: ./.github/actions/setup-gradle
- uses: ./.github/actions/setup-gradle-properties
- name: '👷 Build'
id: build
run: ./gradlew assembleRelease
- name: '📦 Archive APKs'
uses: actions/upload-artifact@v4
with:
name: apk
path: '**/build/outputs/apk/**/*.apk'
- name: '📦 Archive AARs'
uses: actions/upload-artifact@v4
with:
name: aar
path: '**/build/outputs/aar'
- name: '📢 Diffuse reports'
if: ${{ always() && github.event_name == 'pull_request' && steps.build.outcome == 'success' }}
uses: ./.github/actions/diffuse-aar
- name: '🧑🔬 Test'
id: test
run: ./gradlew globalCiUnitTest verifyPaparazziRelease
- name: '📦 Archive JUnit reports'
if: ${{ always() && contains(fromJSON('["success", "failure"]'), steps.test.outcome) }}
uses: ./.github/actions/archive-junit-reports
with:
html: '**/build/reports/tests/test*'
xml: '**/build/test-results/test*/**.xml'
- name: '📦 Archive Paparazzi reports'
if: ${{ always() && contains(fromJSON('["success", "failure"]'), steps.test.outcome) }}
uses: ./.github/actions/archive-paparazzi-reports
- name: '📢 Paparazzi report'
if: ${{ failure() && steps.test.outcome == 'failure' && github.event_name == 'pull_request'}}
uses: ./.github/actions/paparazzi-report
with:
github-token: ${{ secrets.GITHUB_TOKEN }}
pr-number: ${{ github.event.pull_request.number }}
- name: '🕵️ Lint'
id: lint
run: ./gradlew lintRelease
- name: '📦 Archive Lint reports'
if: ${{ always() && contains(fromJSON('["success", "failure"]'), steps.lint.outcome) }}
uses: ./.github/actions/archive-lint-reports
with:
analysis: './'
html: '**/build/reports/lint-results-*.html'
sarif: '**/build/reports/lint-results-*.sarif'
xml: '**/build/reports/lint-results-*.xml'
dokka:
needs: validation
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- uses: ./.github/actions/setup-java
- uses: ./.github/actions/setup-gradle
- uses: ./.github/actions/setup-gradle-properties
- name: '📋 Build Dokka'
# https://github.com/Kotlin/dokka/issues/1217
run: ./gradlew dokkaHtmlMultiModule --no-configuration-cache --no-parallel --max-workers=1
- name: '📦 Archive Dokka'
uses: actions/upload-artifact@v4
with:
name: dokka
path: 'build/dokka'
lava-scan:
needs: validation
runs-on: ubuntu-latest
timeout-minutes: 15
steps:
- uses: actions/checkout@v4
- name: '🌋 Run Lava Vulnerability Scanner'
uses: adevinta/lava-action@ddeeddd8ccf45b403741359471a5627644a0c5f6 # v0.3.4
with:
version: latest
config: lava.yaml
- uses: actions/upload-artifact@v4
with:
name: lava-metrics.json
path: metrics.json