From 013accf28d530be5a1e98967cf6364ed46ab0c26 Mon Sep 17 00:00:00 2001 From: Thuc Nguyen Duy Date: Fri, 20 Oct 2023 16:35:34 +0700 Subject: [PATCH] [issue-1056] Setup CI/CD --- .github/workflows/build-internal.yml | 226 +++++++++++++++++++++++++++ 1 file changed, 226 insertions(+) create mode 100644 .github/workflows/build-internal.yml diff --git a/.github/workflows/build-internal.yml b/.github/workflows/build-internal.yml new file mode 100644 index 000000000..b77002c7a --- /dev/null +++ b/.github/workflows/build-internal.yml @@ -0,0 +1,226 @@ +name: Internal builds + +on: + pull_request: + branches: [ "koni-dev" ] + +jobs: + build-ios: + name: iOS builds + runs-on: macos-latest + env: + GH_PAT: ${{ secrets.GH_PAT }} + GH_RELEASE_GITHUB_API_TOKEN: ${{ secrets.GH_PAT }} + KS_PASSWORD: ${{ secrets.KS_PASSWORD }} + NEXTCLOUD_CONFIG: ${{ secrets.NEXTCLOUD_CONFIG }} + DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} + COMMIT_MESSAGE: ${{ github.event.pull_request.title }} + REF_NAME: ${{ github.ref_name }} + TRANSAK_API_KEY: ${{ secrets.TRANSAK_API_KEY }} + COINBASE_PAY_ID: ${{ secrets.COINBASE_PAY_ID }} + BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ secrets.GH_PAT }} + + - name: Add APP ENV + run: | + cp .env.development.example .env.production + if [ -f .env.production ]; then + sed -i '' "s/^TRANSAK_API_KEY=.*/TRANSAK_API_KEY=$TRANSAK_API_KEY/" .env.production + sed -i '' "s/^COINBASE_PAY_ID=.*/COINBASE_PAY_ID=$COINBASE_PAY_ID/" .env.production + else + echo "TRANSAK_API_KEY=$TRANSAK_API_KEY" >> .env.production + echo "COINBASE_PAY_ID=$COINBASE_PAY_ID" >> .env.production + fi + + - name: Get yarn cache directory path + id: yarn-cache-dir-path + run: echo "::set-output name=dir::$(yarn cache dir)" + + - name: Restore node_modules from cache + uses: actions/cache@v3.3.2 + id: yarn-cache + with: + path: ${{ steps.yarn-cache-dir-path.outputs.dir }} + key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} + restore-keys: | + ${{ runner.os }}-yarn- + + - name: Install dependencies + run: yarn install --frozen-lockfile --network-timeout 300000 + + - name: Autocheck + run: node ./scripts/autocheck.mjs + + - name: Setup Ruby (bundle) Environment + uses: ruby/setup-ruby@v1.156.0 + with: + ruby-version: 2.6 + bundler-cache: true + + - name: Restore Pods Cache + uses: actions/cache@v3.3.2 + with: + path: | + ios/Pods + ~/Library/Caches/CocoaPods + ~/.cocoapods + key: ${{ runner.os }}-pods-${{ hashFiles('ios/Podfile.lock') }} + restore-keys: | + ${{ runner.os }}-pods- + + - name: Install Pods + run: cd ios && pod install --repo-update && cd .. + + - name: iOS Build Action + uses: yukiarrr/ios-build-action@v1.11.0 + with: + project-path: ios/SubWalletMobile.xcodeproj + export-method: 'ad-hoc' + p12-base64: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} + certificate-password: ${{ secrets.P12_PASSWORD }} + mobileprovision-base64: ${{ secrets.BUILD_ADHOC_PROVISION_PROFILE_BASE64 }} + code-signing-identity: 'Apple Distribution: CDM SOFTWARE DEVELOPMENT COMPANY LIMITED (ZUZ7T3GQMT)' + team-id: ${{ secrets.APPLE_TEAM_ID }} + workspace-path: ios/SubWalletMobile.xcworkspace + scheme: SubWalletMobile-Production + + - name: Prepare Release Notes + id: release-notes + run: | + PR_ID="${{ github.event.number }}" + PR_TITLE="${{ github.event.pull_request.title }}" + PR_LINK="${{ github.event.pull_request._links.html.href }}" + + if [ -z "$PR_ID" ]; then PR_ID="Default branch"; fi + if [ -z "$PR_TITLE" ]; then PR_TITLE="Default commit"; fi + if [ -z "$PR_LINK" ]; then PR_LINK="Default"; fi + + RELEASE_NOTES="Pull request id: #${PR_ID} + Pull request title: $PR_TITLE + Pull request link: $PR_LINK" + + echo "::set-output name=releaseNotes::${RELEASE_NOTES}" + + - name: Upload build file + uses: nickwph/firebase-app-distribution-action@v1 + with: + app: ${{ secrets.FB_IOS_APP_ID }} + credentials: ${{ secrets.CREDENTIAL_FILE_CONTENT }} + groups: subwallet-team + file: output.ipa + release-notes: ${{ steps.release-notes.outputs.releaseNotes }} + + # - name: 'Upload app to TestFlight' + # uses: apple-actions/upload-testflight-build@v1 + # with: + # app-path: 'output.ipa' + # issuer-id: ${{ secrets.APPSTORE_ISSUER_ID }} + # api-key-id: ${{ secrets.APPSTORE_API_KEY_ID }} + # api-private-key: ${{ secrets.APPSTORE_API_PRIVATE_KEY }} + build-android: + name: Android builds + runs-on: macos-latest + env: + GH_PAT: ${{ secrets.GH_PAT }} + GH_RELEASE_GITHUB_API_TOKEN: ${{ secrets.GH_PAT }} + KS_PASSWORD: ${{ secrets.KS_PASSWORD }} + NEXTCLOUD_CONFIG: ${{ secrets.NEXTCLOUD_CONFIG }} + DISCORD_WEBHOOK: ${{ secrets.DISCORD_WEBHOOK }} + COMMIT_MESSAGE: ${{ github.event.pull_request.title }} + REF_NAME: ${{ github.ref_name }} + TRANSAK_API_KEY: ${{ secrets.TRANSAK_API_KEY }} + COINBASE_PAY_ID: ${{ secrets.COINBASE_PAY_ID }} + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + token: ${{ secrets.GH_PAT }} + + - name: Add APP ENV + run: | + cp .env.development.example .env.production + if [ -f .env.production ]; then + sed -i '' "s/^TRANSAK_API_KEY=.*/TRANSAK_API_KEY=$TRANSAK_API_KEY/" .env.production + sed -i '' "s/^COINBASE_PAY_ID=.*/COINBASE_PAY_ID=$COINBASE_PAY_ID/" .env.production + else + echo "TRANSAK_API_KEY=$TRANSAK_API_KEY" >> .env.production + echo "COINBASE_PAY_ID=$COINBASE_PAY_ID" >> .env.production + fi + + - name: Get yarn cache directory path + id: yarn-cache-dir-path + run: echo "::set-output name=dir::$(yarn cache dir)" + + - name: Restore node_modules from cache + uses: actions/cache@v3.3.2 + id: yarn-cache + with: + path: ${{ steps.yarn-cache-dir-path.outputs.dir }} + key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }} + restore-keys: | + ${{ runner.os }}-yarn- + + - name: Install dependencies + run: yarn install --frozen-lockfile --network-timeout 300000 + + - name: Autocheck + run: node ./scripts/autocheck.mjs + + - uses: actions/setup-java@v1 + with: + java-version: '11' + + - name: Cache Gradle Wrapper + uses: actions/cache@v2 + with: + path: ~/.gradle/wrapper + key: ${{ runner.os }}-gradle-wrapper-${{ hashFiles('gradle/wrapper/gradle-wrapper.properties') }} + + - name: Cache Gradle Dependencies + uses: actions/cache@v2 + with: + path: ~/.gradle/caches + key: ${{ runner.os }}-gradle-caches-${{ hashFiles('gradle/wrapper/gradle-wrapper.properties') }} + restore-keys: | + ${{ runner.os }}-gradle-caches- + + - name: Make Gradlew Executable + run: cd android && chmod +x ./gradlew + + - name: Prepare sign datarun + run: | + echo "${{ secrets.ANDROID_KEY_STORE_BASE64 }}" | base64 --decode > android/app/${{ secrets.MYAPP_UPLOAD_STORE_FILE }} + + - name: Generate App APK + run: | + cd android && export ENVFILE=.env.production && ./gradlew assembleRelease -PMYAPP_UPLOAD_STORE_FILE=${{ secrets.MYAPP_UPLOAD_STORE_FILE }} -PMYAPP_UPLOAD_STORE_PASSWORD=${{ secrets.ANDROID_KEY_STORE_PASSWORD }} -PMYAPP_UPLOAD_KEY_PASSWORD=${{ secrets.ANDROID_KEY_PASSWORD }} -PMYAPP_UPLOAD_KEY_ALIAS=${{ secrets.ANDROID_ALIAS }} + + - name: Prepare Release Notes + id: release-notes + run: | + PR_ID="${{ github.event.number }}" + PR_TITLE="${{ github.event.pull_request.title }}" + PR_LINK="${{ github.event.pull_request._links.html.href }}" + + if [ -z "$PR_ID" ]; then PR_ID="Default branch"; fi + if [ -z "$PR_TITLE" ]; then PR_TITLE="Default commit"; fi + if [ -z "$PR_LINK" ]; then PR_LINK="Default"; fi + + RELEASE_NOTES="Pull request id: #${PR_ID} + Pull request title: $PR_TITLE + Pull request link: $PR_LINK" + + echo "::set-output name=releaseNotes::${RELEASE_NOTES}" + + - name: Upload build file + uses: nickwph/firebase-app-distribution-action@v1 + with: + app: ${{ secrets.FB_ANDROID_APP_ID }} + credentials: ${{ secrets.CREDENTIAL_FILE_CONTENT }} + groups: subwallet-team + file: android/app/build/outputs/apk/release/app-release.apk + release-notes: ${{ steps.release-notes.outputs.releaseNotes }} \ No newline at end of file