meshtastic/Meshtastic-Android
1
0
Fork 0
mirror of https://github.com/meshtastic/Meshtastic-Android.git synced 2026-04-20 22:23:37 +00:00
Code Issues Projects Releases Packages Wiki Activity

ci: optimize, secure, and modernize CI pipeline (#4711)

Browse source
This commit is contained in:
James Rich 2026-03-04 11:34:46 -06:00 committed by GitHub
parent bd9c730c25
commit 02e01bb331
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
4 changed files with 58 additions and 80 deletions
Download patch file Download diff file Expand all files Collapse all files

55
.github/workflows/reusable-check.yml vendored
View file

@ -12,15 +12,9 @@ on:
run_instrumented_tests:
type: boolean
default: true
flavors:
type: string
default: '["google"]'
api_levels:
type: string
default: '[35]'
num_shards:
type: number
default: 1
upload_artifacts:
type: boolean
default: true
@ -45,14 +39,14 @@ on:
jobs:
check:
runs-on: ubuntu-latest
permissions:
contents: read
timeout-minutes: 60
strategy:
fail-fast: true
matrix:
api_level: ${{ fromJson(inputs.api_levels) }}
flavor: ${{ fromJson(inputs.flavors) }}
env:
GRADLE_OPTS: "-Dorg.gradle.daemon=false"
DATADOG_APPLICATION_ID: ${{ secrets.DATADOG_APPLICATION_ID }}
DATADOG_CLIENT_TOKEN: ${{ secrets.DATADOG_CLIENT_TOKEN }}
MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }}
@ -67,16 +61,21 @@ jobs:
fetch-depth: 0
submodules: 'recursive'
- name: Validate Gradle Wrapper
uses: gradle/actions/wrapper-validation@v4
- name: Set up JDK 17
uses: actions/setup-java@v5
with:
java-version: '17'
distribution: 'jetbrains'
distribution: 'zulu'
- name: Setup Gradle
uses: gradle/actions/setup-gradle@v5
with:
dependency-graph: generate-and-submit
cache-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
cache-cleanup: true
build-scan-publish: true
build-scan-terms-of-use-url: 'https://gradle.com/terms-of-service'
build-scan-terms-of-use-agree: 'yes'
@ -89,40 +88,26 @@ jobs:
- name: Determine Tasks
id: tasks
run: |
FLAVOR="${{ matrix.flavor }}"
FLAVOR_CAP=$(echo $FLAVOR | awk '{print toupper(substr($0,1,1))substr($0,2)}')
IS_FIRST_API=$(echo '${{ inputs.api_levels }}' | jq -r '.[0] == ${{ matrix.api_level }}')
IS_FIRST_FLAVOR=$(echo '${{ inputs.flavors }}' | jq -r '.[0] == "${{ matrix.flavor }}"')
# Matrix-specific tasks
TASKS="assemble${FLAVOR_CAP}Debug "
[ "${{ inputs.run_lint }}" = "true" ] && TASKS="$TASKS lint${FLAVOR_CAP}Debug "
[ "${{ inputs.run_unit_tests }}" = "true" ] && TASKS="$TASKS test${FLAVOR_CAP}DebugUnitTest "
TASKS="assembleDebug "
[ "${{ inputs.run_lint }}" = "true" ] && TASKS="$TASKS lintDebug "
# Instrumented Test Tasks
if [ "${{ inputs.run_instrumented_tests }}" = "true" ]; then
if [ "$FLAVOR" = "google" ]; then
TASKS="$TASKS connectedGoogleDebugAndroidTest "
elif [ "$FLAVOR" = "fdroid" ]; then
TASKS="$TASKS connectedFdroidDebugAndroidTest "
fi
fi
# Run coverage report for this flavor
if [ "${{ inputs.run_unit_tests }}" = "true" ]; then
TASKS="$TASKS koverXmlReport${FLAVOR_CAP}Debug "
TASKS="$TASKS connectedDebugAndroidTest "
fi
echo "tasks=$TASKS" >> $GITHUB_OUTPUT
echo "is_first_api=$IS_FIRST_API" >> $GITHUB_OUTPUT
echo "is_first_flavor=$IS_FIRST_FLAVOR" >> $GITHUB_OUTPUT
- name: Code Style & Static Analysis
if: steps.tasks.outputs.is_first_api == 'true' && steps.tasks.outputs.is_first_flavor == 'true'
if: steps.tasks.outputs.is_first_api == 'true'
run: ./gradlew spotlessCheck detekt -Pci=true
- name: Shared Unit Tests
if: steps.tasks.outputs.is_first_api == 'true' && steps.tasks.outputs.is_first_flavor == 'true' && inputs.run_unit_tests == true
if: steps.tasks.outputs.is_first_api == 'true' && inputs.run_unit_tests == true
run: ./gradlew testDebugUnitTest koverXmlReportDebug -Pci=true --continue
- name: Enable KVM group perms
@ -143,13 +128,13 @@ jobs:
force-avd-creation: false
emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
disable-animations: true
script: ./gradlew ${{ steps.tasks.outputs.tasks }} -Pci=true -PenableComposeCompilerMetrics=true -PenableComposeCompilerReports=true --continue --scan
script: ./gradlew ${{ steps.tasks.outputs.tasks }} -Pci=true -PenableComposeCompilerMetrics=true -PenableComposeCompilerReports=true --parallel --configuration-cache --continue --scan
- name: Run Flavor Check (no Emulator)
if: inputs.run_instrumented_tests == false
env:
VERSION_CODE: ${{ steps.calculate_version_code.outputs.versionCode }}
run: ./gradlew ${{ steps.tasks.outputs.tasks }} -Pci=true -PenableComposeCompilerMetrics=true -PenableComposeCompilerReports=true --continue --scan
run: ./gradlew ${{ steps.tasks.outputs.tasks }} -Pci=true -PenableComposeCompilerMetrics=true -PenableComposeCompilerReports=true --parallel --configuration-cache --continue --scan
- name: Upload coverage results to Codecov
if: ${{ !cancelled() }}
@ -169,10 +154,10 @@ jobs:
- name: Upload debug artifact
if: ${{ steps.tasks.outputs.is_first_api == 'true' && inputs.upload_artifacts }}
uses: actions/upload-artifact@v7
uses: actions/upload-artifact@v4
with:
name: ${{ matrix.flavor }}Debug
path: app/build/outputs/apk/${{ matrix.flavor }}/debug/app-${{ matrix.flavor }}-debug.apk
name: app-debug-apks
path: app/build/outputs/apk/*/debug/*.apk
retention-days: 14
- name: Report App Size
@ -185,9 +170,9 @@ jobs:
- name: Upload reports
if: ${{ always() && inputs.upload_artifacts }}
uses: actions/upload-artifact@v7
uses: actions/upload-artifact@v4
with:
name: reports-${{ matrix.flavor }}-api-${{ matrix.api_level }}
name: reports-api-${{ matrix.api_level }}
path: |
**/build/reports
**/build/test-results