Skip to content

chore(deps): update github actions #3629

chore(deps): update github actions

chore(deps): update github actions #3629

Workflow file for this run

name: Katana
on:
pull_request:
push:
branches:
- develop
tags:
- v*
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
env:
TZ: UTC
permissions:
contents: write
pull-requests: write
jobs:
cancel-stale-jobs:
name: Cancel stale jobs
runs-on: ubuntu-latest
steps:
- name: Cancel Stale Jobs
uses: styfle/cancel-workflow-action@bdaa46e4662006504ca6b0cfb7488010126dc98c # pin@0.12.1
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
validation:
name: Validation
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # pin@v4.2.2
with:
fetch-depth: 0
- name: Validate Gradle wrapper
uses: gradle/actions/wrapper-validation@0bdd871935719febd78681f197cd39af5b6e16a6 # pin@v4.2.2
assemble:
name: Assembling
runs-on: ubuntu-latest
if: github.event_name == 'pull_request'
steps:
- name: Checkout
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # pin@v4.2.2
with:
fetch-depth: 0
- name: Common Steps
uses: ./.github/actions/common-steps
with:
gradle-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Assemble Katana
run: ./gradlew assembleDebug --no-daemon --stacktrace
- name: Upload debug artifacts
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # pin@v4.5.0
with:
name: Katana v${{ github.run_number }}
path: |
${{ vars.ANDROID_DEBUG_APK }}
retention-days: 7
- name: Upload compose reports artifact
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # pin@v4.5.0
if: always()
with:
name: compose-reports
path: |
**/build/compose-metrics
**/build/compose-reports
retention-days: 7
static-analysis:
name: Static analysis
runs-on: ubuntu-latest
permissions:
contents: read
security-events: write
steps:
- name: Checkout
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # pin@v4.2.2
with:
fetch-depth: 0
- name: Common Steps
uses: ./.github/actions/common-steps
with:
gradle-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Run detekt
run: ./gradlew detektAll lintDebug --no-daemon --stacktrace
- name: Upload static reports artifact
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # pin@v4.5.0
with:
name: static-report
path: |
build/reports/detekt/detekt.xml
**/build/reports/lint-results-debug.xml
retention-days: 1
- name: Analyze detekt report
uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # pin@v3.28.1
with:
sarif_file: build/reports/detekt/detekt.sarif
checkout_path: ${{ github.workspace }}
unit-tests:
name: Unit testing
runs-on: ubuntu-latest
steps:
- name: Checkout
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # pin@v4.2.2
with:
fetch-depth: 0
- name: Common Steps
uses: ./.github/actions/common-steps
with:
gradle-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Run unit tests
run: ./gradlew :koverXmlReport :koverVerify --no-daemon --stacktrace
- name: Upload tests reports artifact
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # pin@v4.5.0
with:
name: tests-reports
path: |
**/build/reports/tests/jvmTest
**/build/reports/tests/testDebugUnitTest
retention-days: 7
- name: Upload report to Codecov
uses: codecov/codecov-action@adfacf2d276b158264c48ff298490fbdf13e4fb6 # pin@v5.1.2
with:
token: ${{ secrets.CODECOV_TOKEN }}
files: build/reports/kover/report.xml
flags: unittests
verbose: true
deploy-beta:
name: Beta deployment
runs-on: ubuntu-latest
if: github.ref == 'refs/heads/develop'
needs: [ static-analysis, unit-tests ]
steps:
- name: Checkout
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # pin@v4.2.2
with:
fetch-depth: 0
- name: Common Steps
uses: ./.github/actions/common-steps
with:
gradle-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Decode keystore
uses: timheuer/base64-to-file@604a8926a81a2da120d09b06bb76da9bba5aee6e # pin@v1.2.4
with:
fileDir: .
fileName: ${{ secrets.SIGNING_FILE }}
encodedString: ${{ secrets.SIGNING_FILE_BASE64 }}
- name: Bump versionCode
uses: chkfung/android-version-actions@fcf89abef1c7afba2083146dcca0c6da4705ba4b # pin@v1.2.3
with:
gradlePath: build-logic/katana-convention/src/main/kotlin/dev/alvr/katana/buildlogic/extensions.kt
versionCode: ${{ github.run_number }}
- name: Build staging APK
env:
SIGNING_ALIAS: ${{ secrets.SIGNING_ALIAS }}
SIGNING_ALIAS_PASS: ${{ secrets.SIGNING_ALIAS_PASS }}
SIGNING_FILE: ${{ secrets.SIGNING_FILE }}
SIGNING_FILE_PASS: ${{ secrets.SIGNING_FILE_PASS }}
SENTRY_PROJECT: ${{ vars.SENTRY_ANDROID_BETA_PROJECT }}
SENTRY_ORG: ${{ vars.SENTRY_ORG }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
run: ./gradlew assembleBeta -Pkatana.flavor=beta --no-daemon --stacktrace
- name: Publish beta APK to TestApp.io
uses: testappio/github-action@8fa3853470e3c8c278f928c04d0691400d25fd4a # pin@v5
with:
api_token: ${{ secrets.TESTAPPIO_API_TOKEN }}
app_id: ${{ secrets.TESTAPPIO_APP_ID }}
file: ${{ vars.ANDROID_BETA_APK }}
git_release_notes: true
include_git_commit_id: true
notify: true
- name: Publish beta APK to AppCenter
uses: wzieba/AppCenter-Github-Action@70e33d4842b97b381833ad5c9c93a562b39d5d9f # pin@v1.3.4
with:
appName: KatanaApp/Katana-Android
token: ${{ secrets.APPCENTER_TOKEN }}
group: Testers
file: ${{ vars.ANDROID_BETA_APK }}
notifyTesters: true
gitReleaseNotes: true
debug: false
- name: Create Sentry release
uses: getsentry/action-release@1841d945bad68068f92f796114d0fa534129764d # pin@v1.7.0
env:
SENTRY_PROJECT: ${{ vars.SENTRY_ANDROID_BETA_PROJECT }}
SENTRY_ORG: ${{ vars.SENTRY_ORG }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
with:
environment: beta
version: ${{ github.run_number }}
deploy-production:
name: Production deployment
runs-on: ubuntu-latest
if: startsWith(github.ref, 'refs/tags/v')
needs: [ static-analysis, unit-tests ]
steps:
- name: Checkout
uses: actions/checkout@cbb722410c2e876e24abbe8de2cc27693e501dcb # pin@v4.2.2
with:
fetch-depth: 0
- name: Common Steps
uses: ./.github/actions/common-steps
with:
gradle-encryption-key: ${{ secrets.GRADLE_ENCRYPTION_KEY }}
- name: Decode keystore
uses: timheuer/base64-to-file@604a8926a81a2da120d09b06bb76da9bba5aee6e # pin@v1.2.4
with:
fileDir: .
fileName: ${{ secrets.SIGNING_FILE }}
encodedString: ${{ secrets.SIGNING_FILE_BASE64 }}
- name: Build production AAB
env:
SIGNING_ALIAS: ${{ secrets.SIGNING_ALIAS }}
SIGNING_ALIAS_PASS: ${{ secrets.SIGNING_ALIAS_PASS }}
SIGNING_FILE: ${{ secrets.SIGNING_FILE }}
SIGNING_FILE_PASS: ${{ secrets.SIGNING_FILE_PASS }}
SENTRY_PROJECT: ${{ vars.SENTRY_ANDROID_RELEASE_PROJECT }}
SENTRY_ORG: ${{ vars.SENTRY_ORG }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
run: ./gradlew assembleRelease bundleRelease -Pkatana.flavor=release --no-daemon --stacktrace
- name: Publish production AAB to Google Play
uses: r0adkll/upload-google-play@23e7aaf6cf6f9b3120ff3a386f194e31fbec4c4e # pin@v1.1.3
with:
serviceAccountJsonPlainText: ${{ secrets.GOOGLE_PLAY_SERVICE_ACCOUNT }}
packageName: dev.alvr.katana
releaseFiles: app/build/outputs/bundle/release/app-release.aab
track: internal
status: completed
mappingFile: app/build/outputs/mapping/release/mapping.txt
- name: Create Sentry release
uses: getsentry/action-release@1841d945bad68068f92f796114d0fa534129764d # pin@v1.7.0
env:
SENTRY_PROJECT: ${{ vars.SENTRY_ANDROID_RELEASE_PROJECT }}
SENTRY_ORG: ${{ vars.SENTRY_ORG }}
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
with:
environment: production
version: ${{ github.ref }}
- name: Create Release
uses: softprops/action-gh-release@c43d7637b9b9ce3e953168c325d27253a5d48d8e # pin@v2.2.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag_name: ${{ github.ref_name }}
name: Katana ${{ github.ref_name }}
files: |
${{ vars.ANDROID_RELEASE_APK }}
draft: true
prerelease: false