[Oztechan/CCC#1457] Lock file maintenance #9300
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CCC CI | |
on: | |
push: | |
branches: | |
- develop | |
pull_request: | |
schedule: | |
- cron: '0 0 * * *' # At 00:00 every day | |
concurrency: | |
group: ${{ github.ref == 'refs/heads/develop' && 'develop' || github.ref }} # Only run one job at a time for the same branch | |
cancel-in-progress: ${{ github.ref != 'refs/heads/develop' }} # Only cancel the same branch but not develop | |
env: | |
BASE_URL_BACKEND: ${{ secrets.BASE_URL_BACKEND }} | |
BASE_URL_API: ${{ secrets.BASE_URL_API }} | |
BASE_URL_API_PREMIUM: ${{ secrets.BASE_URL_API_PREMIUM }} | |
API_KEY_PREMIUM: ${{ secrets.API_KEY_PREMIUM }} | |
ANDROID_KEY_STORE_PATH: ${{ secrets.ANDROID_KEY_STORE_PATH }} | |
ANDROID_STORE_PASSWORD: ${{ secrets.ANDROID_STORE_PASSWORD }} | |
ANDROID_KEY_ALIAS: ${{ secrets.ANDROID_KEY_ALIAS }} | |
ANDROID_KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }} | |
RELEASE_ADVERTISEMENT_ID_GOOGLE: ${{ secrets.RELEASE_ADVERTISEMENT_ID_GOOGLE }} | |
DEBUG_ADVERTISEMENT_ID_GOOGLE: ${{ secrets.DEBUG_ADVERTISEMENT_ID_GOOGLE }} | |
RELEASE_ADVERTISEMENT_ID_HUAWEI: ${{ secrets.RELEASE_ADVERTISEMENT_ID_HUAWEI }} | |
DEBUG_ADVERTISEMENT_ID_HUAWEI: ${{ secrets.DEBUG_ADVERTISEMENT_ID_HUAWEI }} | |
GOOGLE_BANNER_AD_UNIT_ID_CALCULATOR_RELEASE: ${{ secrets.GOOGLE_BANNER_AD_UNIT_ID_CALCULATOR_RELEASE }} | |
GOOGLE_BANNER_AD_UNIT_ID_SETTINGS_RELEASE: ${{ secrets.GOOGLE_BANNER_AD_UNIT_ID_SETTINGS_RELEASE }} | |
GOOGLE_BANNER_AD_UNIT_ID_CURRENCIES_RELEASE: ${{ secrets.GOOGLE_BANNER_AD_UNIT_ID_CURRENCIES_RELEASE }} | |
GOOGLE_INTERSTITIAL_AD_ID_RELEASE: ${{ secrets.GOOGLE_INTERSTITIAL_AD_ID_RELEASE }} | |
GOOGLE_REWARDED_AD_UNIT_ID_RELEASE: ${{ secrets.GOOGLE_REWARDED_AD_UNIT_ID_RELEASE }} | |
GOOGLE_BANNER_AD_UNIT_ID_CALCULATOR_DEBUG: ${{ secrets.GOOGLE_BANNER_AD_UNIT_ID_CALCULATOR_DEBUG }} | |
GOOGLE_BANNER_AD_UNIT_ID_SETTINGS_DEBUG: ${{ secrets.GOOGLE_BANNER_AD_UNIT_ID_SETTINGS_DEBUG }} | |
GOOGLE_BANNER_AD_UNIT_ID_CURRENCIES_DEBUG: ${{ secrets.GOOGLE_BANNER_AD_UNIT_ID_CURRENCIES_DEBUG }} | |
GOOGLE_INTERSTITIAL_AD_ID_DEBUG: ${{ secrets.GOOGLE_INTERSTITIAL_AD_ID_DEBUG }} | |
GOOGLE_REWARDED_AD_UNIT_ID_DEBUG: ${{ secrets.GOOGLE_REWARDED_AD_UNIT_ID_DEBUG }} | |
HUAWEI_BANNER_AD_UNIT_ID_CALCULATOR_RELEASE: ${{ secrets.HUAWEI_BANNER_AD_UNIT_ID_CALCULATOR_RELEASE }} | |
HUAWEI_BANNER_AD_UNIT_ID_SETTINGS_RELEASE: ${{ secrets.HUAWEI_BANNER_AD_UNIT_ID_SETTINGS_RELEASE }} | |
HUAWEI_BANNER_AD_UNIT_ID_CURRENCIES_RELEASE: ${{ secrets.HUAWEI_BANNER_AD_UNIT_ID_CURRENCIES_RELEASE }} | |
HUAWEI_INTERSTITIAL_AD_ID_RELEASE: ${{ secrets.HUAWEI_INTERSTITIAL_AD_ID_RELEASE }} | |
HUAWEI_REWARDED_AD_UNIT_ID_RELEASE: ${{ secrets.HUAWEI_REWARDED_AD_UNIT_ID_RELEASE }} | |
HUAWEI_BANNER_AD_UNIT_ID_CALCULATOR_DEBUG: ${{ secrets.HUAWEI_BANNER_AD_UNIT_ID_CALCULATOR_DEBUG }} | |
HUAWEI_BANNER_AD_UNIT_ID_SETTINGS_DEBUG: ${{ secrets.HUAWEI_BANNER_AD_UNIT_ID_SETTINGS_DEBUG }} | |
HUAWEI_BANNER_AD_UNIT_ID_CURRENCIES_DEBUG: ${{ secrets.HUAWEI_BANNER_AD_UNIT_ID_CURRENCIES_DEBUG }} | |
HUAWEI_INTERSTITIAL_AD_ID_DEBUG: ${{ secrets.HUAWEI_INTERSTITIAL_AD_ID_DEBUG }} | |
HUAWEI_REWARDED_AD_UNIT_ID_DEBUG: ${{ secrets.HUAWEI_REWARDED_AD_UNIT_ID_DEBUG }} | |
APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }} | |
APP_STORE_CONNECT_KEY_CONTENT: ${{ secrets.APP_STORE_CONNECT_KEY_CONTENT }} | |
APP_STORE_CONNECT_KEY_ID: ${{ secrets.APP_STORE_CONNECT_KEY_ID }} | |
IOS_RELEASE_FIREBASE_APP_ID: ${{ secrets.IOS_RELEASE_FIREBASE_APP_ID }} | |
IOS_DEBUG_FIREBASE_APP_ID: ${{ secrets.IOS_DEBUG_FIREBASE_APP_ID }} | |
FIREBASE_CLI_TOKEN: ${{ secrets.FIREBASE_CLI_TOKEN }} | |
GIT_AUTHORIZATION: ${{ secrets.GIT_AUTHORIZATION }} | |
SECRET_PASSWORD: ${{ secrets.SECRET_PASSWORD }} | |
MATCH_PASSWORD: ${{ secrets.SECRET_PASSWORD }} | |
SLACK_BOT_TOKEN: ${{ secrets.SLACK_BOT_TOKEN }} | |
FASTLANE_XCODEBUILD_SETTINGS_TIMEOUT: 5 | |
FASTLANE_XCODEBUILD_SETTINGS_RETRIES: 5 | |
CI: true | |
BUILD_TYPE: ${{ github.event_name == 'schedule' && 'Release' || 'Debug' }} | |
BUILD_TYPE_LOWERCASE: ${{ github.event_name == 'schedule' && 'release' || 'debug' }} | |
jobs: | |
GradleBuild: | |
runs-on: macos-14 | |
outputs: | |
status: ${{ steps.status.outputs.status }} | |
steps: | |
- name: Setup Gradle Repo | |
uses: Oztechan/Global/actions/setup-gradle-repo@f3f5fec1f5562978457d820f6d6c83b81cac28a9 | |
- name: Adding secret files | |
uses: ./.github/actions/add-secret-files | |
with: | |
ANDROID_RELEASE_KEYSTORE_ASC: ${{ secrets.ANDROID_RELEASE_KEYSTORE_ASC }} | |
SECRET_PASSWORD: ${{ secrets.SECRET_PASSWORD }} | |
GOOGLE_SERVICES_JSON_ASC: ${{ secrets.GOOGLE_SERVICES_JSON_ASC }} | |
AG_CONNECT_SERVICES_JSON_ASC: ${{ secrets.AG_CONNECT_SERVICES_JSON_ASC }} | |
GOOGLE_SERVICE_INFO_PLIST_ASC_RELEASE: ${{ secrets.GOOGLE_SERVICE_INFO_PLIST_ASC_RELEASE }} | |
GOOGLE_SERVICE_INFO_PLIST_ASC_DEBUG: ${{ secrets.GOOGLE_SERVICE_INFO_PLIST_ASC_DEBUG }} | |
IOS_XCCONFIG_ASC_RELEASE: ${{ secrets.IOS_XCCONFIG_ASC_RELEASE }} | |
IOS_XCCONFIG_ASC_DEBUG: ${{ secrets.IOS_XCCONFIG_ASC_DEBUG }} | |
GOOGLE_PLAY_SERVICE_ACCOUNT_JSON: ${{ secrets.GOOGLE_PLAY_SERVICE_ACCOUNT_JSON }} | |
- name: Assemble ${{ env.BUILD_TYPE }} | |
run: ./gradlew assemble${{ env.BUILD_TYPE }} | |
- name: Upload Android ${{ env.BUILD_TYPE }} Artifacts | |
uses: actions/[email protected] | |
if: github.event_name == 'push' || github.event_name == 'schedule' | |
with: | |
name: androidArtifacts | |
path: | | |
android/app/build/outputs/apk/google/${{ env.BUILD_TYPE_LOWERCASE }}/app-google-${{ env.BUILD_TYPE_LOWERCASE }}.apk | |
android/app/build/outputs/apk/huawei/${{ env.BUILD_TYPE_LOWERCASE }}/app-huawei-${{ env.BUILD_TYPE_LOWERCASE }}.apk | |
- name: Cancel other jobs if this fails | |
if: failure() | |
uses: andymckay/[email protected] | |
- name: Set Job Status | |
id: status | |
run: echo "status=success" >> $GITHUB_OUTPUT | |
DistributeAndroid: | |
runs-on: ubuntu-24.04 | |
needs: [ GradleBuild ] | |
if: github.event_name == 'push' || github.event_name == 'schedule' | |
outputs: | |
status: ${{ steps.status.outputs.status }} | |
steps: | |
- name: Clone Repo # Needed for reading commit message for Firebase App Distribution | |
uses: actions/[email protected] | |
- name: Download Android ${{ env.BUILD_TYPE }} Artifacts | |
uses: actions/[email protected] | |
with: | |
name: androidArtifacts | |
- name: Firebase App Distribution Google ${{ env.BUILD_TYPE }} | |
uses: wzieba/[email protected] | |
with: | |
appId: ${{ github.event_name == 'schedule' && secrets.ANDROID_GOOGLE_RELEASE_FIREBASE_APP_ID || secrets.ANDROID_GOOGLE_DEBUG_FIREBASE_APP_ID }} | |
token: ${{secrets.FIREBASE_CLI_TOKEN}} | |
groups: QA | |
file: google/${{ env.BUILD_TYPE_LOWERCASE }}/app-google-${{ env.BUILD_TYPE_LOWERCASE }}.apk | |
- name: Firebase App Distribution Huawei ${{ env.BUILD_TYPE }} | |
uses: wzieba/[email protected] | |
with: | |
appId: ${{ github.event_name == 'schedule' && secrets.ANDROID_HUAWEI_RELEASE_FIREBASE_APP_ID || secrets.ANDROID_HUAWEI_DEBUG_FIREBASE_APP_ID }} | |
token: ${{secrets.FIREBASE_CLI_TOKEN}} | |
groups: QA | |
file: huawei/${{ env.BUILD_TYPE_LOWERCASE }}/app-huawei-${{ env.BUILD_TYPE_LOWERCASE }}.apk | |
- name: Delete Android ${{ env.BUILD_TYPE }} Artifacts | |
uses: geekyeggo/[email protected] | |
with: | |
name: androidArtifacts | |
- name: Set Job Status | |
id: status | |
run: echo "status=success" >> $GITHUB_OUTPUT | |
XCodeBuild: | |
runs-on: macos-14 | |
outputs: | |
status: ${{ steps.status.outputs.status }} | |
steps: | |
- name: Setup Gradle Repo | |
uses: Oztechan/Global/actions/setup-gradle-repo@f3f5fec1f5562978457d820f6d6c83b81cac28a9 | |
- name: Adding secret files | |
uses: ./.github/actions/add-secret-files | |
with: | |
ANDROID_RELEASE_KEYSTORE_ASC: ${{ secrets.ANDROID_RELEASE_KEYSTORE_ASC }} | |
SECRET_PASSWORD: ${{ secrets.SECRET_PASSWORD }} | |
GOOGLE_SERVICES_JSON_ASC: ${{ secrets.GOOGLE_SERVICES_JSON_ASC }} | |
AG_CONNECT_SERVICES_JSON_ASC: ${{ secrets.AG_CONNECT_SERVICES_JSON_ASC }} | |
GOOGLE_SERVICE_INFO_PLIST_ASC_RELEASE: ${{ secrets.GOOGLE_SERVICE_INFO_PLIST_ASC_RELEASE }} | |
GOOGLE_SERVICE_INFO_PLIST_ASC_DEBUG: ${{ secrets.GOOGLE_SERVICE_INFO_PLIST_ASC_DEBUG }} | |
IOS_XCCONFIG_ASC_RELEASE: ${{ secrets.IOS_XCCONFIG_ASC_RELEASE }} | |
IOS_XCCONFIG_ASC_DEBUG: ${{ secrets.IOS_XCCONFIG_ASC_DEBUG }} | |
GOOGLE_PLAY_SERVICE_ACCOUNT_JSON: ${{ secrets.GOOGLE_PLAY_SERVICE_ACCOUNT_JSON }} | |
- name: Build ${{ env.BUILD_TYPE }} | |
working-directory: ios | |
run: fastlane build${{ env.BUILD_TYPE }} | |
- name: Upload iOS Debug Artifacts | |
uses: actions/[email protected] | |
if: github.event_name == 'push' | |
with: | |
name: iOSArtifacts | |
path: | | |
ios/CCC_I.ipa | |
ios/CCC_I.app.dSYM.zip | |
- name: Upload iOS Artifacts | |
uses: actions/[email protected] | |
if: github.event_name == 'schedule' | |
with: | |
name: iOSArtifacts | |
path: | | |
ios/CCC.ipa | |
ios/CCC.app.dSYM.zip | |
- name: Cancel other jobs if this fails | |
if: failure() | |
uses: andymckay/[email protected] | |
- name: Set Job Status | |
id: status | |
run: echo "status=success" >> $GITHUB_OUTPUT | |
DistributeIOS: | |
runs-on: ubuntu-24.04 | |
needs: [ XCodeBuild ] | |
if: github.event_name == 'push' || github.event_name == 'schedule' | |
outputs: | |
status: ${{ steps.status.outputs.status }} | |
steps: | |
- name: Clone Repo | |
uses: actions/[email protected] | |
- name: Download iOS ${{ env.BUILD_TYPE }} Artifacts | |
uses: actions/[email protected] | |
with: | |
name: iOSArtifacts | |
path: ios | |
# was necessary to use chown to fix permission issues in linux machines | |
- name: Distribute ${{ env.BUILD_TYPE }} | |
working-directory: ios | |
run: | | |
sudo chown -R $(whoami) /var/lib/gems/ | |
fastlane distribute${{ env.BUILD_TYPE }} | |
- name: Delete iOS ${{ env.BUILD_TYPE }} Artifacts | |
uses: geekyeggo/[email protected] | |
with: | |
name: iOSArtifacts | |
- name: Set Job Status | |
id: status | |
run: echo "status=success" >> $GITHUB_OUTPUT | |
Test: | |
runs-on: macos-14 | |
outputs: | |
status: ${{ steps.status.outputs.status }} | |
steps: | |
- name: Setup Gradle Repo | |
uses: Oztechan/Global/actions/setup-gradle-repo@f3f5fec1f5562978457d820f6d6c83b81cac28a9 | |
- name: Test | |
run: ./gradlew test | |
- name: Cancel other jobs if this fails | |
if: failure() | |
uses: andymckay/[email protected] | |
- name: Set Job Status | |
id: status | |
run: echo "status=success" >> $GITHUB_OUTPUT | |
Coverage: | |
runs-on: ubuntu-24.04 | |
outputs: | |
status: ${{ steps.status.outputs.status }} | |
steps: | |
- name: Setup Gradle Repo | |
uses: Oztechan/Global/actions/setup-gradle-repo@f3f5fec1f5562978457d820f6d6c83b81cac28a9 | |
- name: Generate Coverage | |
run: ./gradlew koverXmlReport | |
- name: Upload coverage to Codecov | |
uses: codecov/[email protected] | |
with: | |
token: ${{ secrets.CODECOV_TOKEN }} | |
files: build/reports/kover/report.xml | |
- name: Upload coverage to Codacy | |
uses: codacy/[email protected] | |
with: | |
project-token: ${{ secrets.CODACY_PROJECT_TOKEN }} | |
coverage-reports: build/reports/kover/report.xml | |
- name: SonarCloud Scan | |
uses: sonarsource/[email protected] | |
env: | |
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
with: | |
args: > | |
-Dsonar.organization=oztechan | |
-Dsonar.projectKey=Oztechan_CCC | |
-Dsonar.coverage.jacoco.xmlReportPaths=build/reports/kover/report.xml | |
- name: Cancel other jobs if this fails | |
if: failure() | |
uses: andymckay/[email protected] | |
- name: Set Job Status | |
id: status | |
run: echo "status=success" >> $GITHUB_OUTPUT | |
CodeAnalysis: | |
runs-on: ubuntu-24.04 | |
outputs: | |
status: ${{ steps.status.outputs.status }} | |
steps: | |
- name: Setup Gradle Repo | |
uses: Oztechan/Global/actions/setup-gradle-repo@f3f5fec1f5562978457d820f6d6c83b81cac28a9 | |
- name: Detekt & Lint | |
run: ./gradlew detektAll lint | |
- name: SwiftLint | |
uses: norio-nomura/[email protected] | |
env: | |
WORKING_DIRECTORY: ios | |
with: | |
args: --strict | |
- name: Cancel other jobs if this fails | |
if: failure() | |
uses: andymckay/[email protected] | |
- name: Set Job Status | |
id: status | |
run: echo "status=success" >> $GITHUB_OUTPUT | |
Notify: | |
runs-on: ubuntu-24.04 | |
needs: [ GradleBuild, XCodeBuild, Test, Coverage, CodeAnalysis, DistributeAndroid, DistributeIOS ] | |
if: always() | |
steps: | |
- name: Notify slack fail | |
if: false == (needs.GradleBuild.outputs.status == 'success') || | |
false == (needs.XCodeBuild.outputs.status == 'success') || | |
false == (needs.Test.outputs.status == 'success') || | |
false == (needs.Coverage.outputs.status == 'success') || | |
false == (needs.CodeAnalysis.outputs.status == 'success') || | |
(false == (needs.DistributeAndroid.outputs.status == 'success') && (github.event_name == 'push' || github.event_name == 'schedule')) || | |
(false == (needs.DistributeIOS.outputs.status == 'success') && (github.event_name == 'push' || github.event_name == 'schedule')) | |
uses: voxmedia/[email protected] | |
with: | |
channel: ccc-github | |
status: FAILED | |
color: danger |