CI improvements (#1012)

2023-07-31 21:05:28 +02:00
parent 8fd71b4126
commit 89b1bba96e
7 changed files with 70 additions and 6 deletions
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -14,17 +14,19 @@ env:

 jobs:
  debug:
-    name: Build debug APKs
+    name: Build APKs
    runs-on: ubuntu-latest
+    # Skip for `main` and the merge queue if the branch is up to date with `develop`
    if: github.ref != 'refs/heads/main' && github.event.merge_group.base_ref != 'refs/heads/develop'
    strategy:
+      matrix:
+        variant: [debug, release, nightly, samples]
      fail-fast: false
    # Allow all jobs on develop. Just one per PR.
    concurrency:
-      group: ${{ github.ref == 'refs/heads/develop' && format('build-develop-{0}', github.sha) || format('build-debug-{0}', github.ref)  }}
+      group: ${{ github.ref == 'refs/heads/develop' && format('build-develop-{1}', github.sha) || format('build-{0}-{1}', matrix.variant, github.ref)  }}
      cancel-in-progress: true
    steps:
-      - run: echo ${{ github.event.merge_group.base_ref }}
      - uses: actions/checkout@v3
        with:
          # Ensure we are building the branch and not the branch after being merged on develop
@@ -40,12 +42,14 @@ jobs:
        with:
          cache-read-only: ${{ github.ref != 'refs/heads/develop' }}
      - name: Assemble debug APK
+        if: ${{ matrix.variant == 'debug' }}
        env:
          ELEMENT_ANDROID_MAPTILER_API_KEY: ${{ secrets.MAPTILER_KEY }}
          ELEMENT_ANDROID_MAPTILER_LIGHT_MAP_ID: ${{ secrets.MAPTILER_LIGHT_MAP_ID }}
          ELEMENT_ANDROID_MAPTILER_DARK_MAP_ID: ${{ secrets.MAPTILER_DARK_MAP_ID }}
        run: ./gradlew assembleDebug -PallWarningsAsErrors=true $CI_GRADLE_ARG_PROPERTIES
-      - name: Upload debug APKs
+      - name: Upload APK APKs
+        if: ${{ matrix.variant == 'debug' }}
        uses: actions/upload-artifact@v3
        with:
          name: elementx-debug
@@ -57,12 +61,12 @@ jobs:
        continue-on-error: true
        env:
          token: ${{ secrets.DIAWI_TOKEN }}
-        if: ${{ github.event_name == 'pull_request' && env.token != '' }}
+        if: ${{ matrix.variant == 'debug' && github.event_name == 'pull_request' && env.token != '' }}
        with:
          token: ${{ env.token }}
          file: app/build/outputs/apk/debug/app-arm64-v8a-debug.apk
      - name: Add or update PR comment with QR Code to download APK.
-        if: ${{ github.event_name == 'pull_request' && steps.diawi.conclusion == 'success' }}
+        if: ${{ matrix.variant == 'debug' && github.event_name == 'pull_request' && steps.diawi.conclusion == 'success' }}
        uses: NejcZdovc/comment-pr@v2
        with:
          message: |
@@ -74,8 +78,11 @@ jobs:
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: Compile release sources
+        if: ${{ matrix.variant == 'release' }}
        run: ./gradlew compileReleaseSources -PallWarningsAsErrors=true $CI_GRADLE_ARG_PROPERTIES
      - name: Compile nightly sources
+        if: ${{ matrix.variant == 'nightly' }}
        run: ./gradlew compileNightlySources -PallWarningsAsErrors=true $CI_GRADLE_ARG_PROPERTIES
      - name: Compile samples minimal
+        if: ${{ matrix.variant == 'samples' }}
        run: ./gradlew :samples:minimal:assemble $CI_GRADLE_ARG_PROPERTIES
--- a/.github/workflows/danger.yml
+++ b/.github/workflows/danger.yml
@@ -5,6 +5,7 @@ on: [pull_request, merge_group]
 jobs:
  build:
    runs-on: ubuntu-latest
+    # Don't run in the merge queue again if the branch is up to date with `develop`
    if: github.event.merge_group.base_ref != 'refs/heads/develop'
    name: Danger main check
    steps:
--- a/.github/workflows/gradle-wrapper-validation.yml
+++ b/.github/workflows/gradle-wrapper-validation.yml
@@ -8,6 +8,7 @@ on:
 jobs:
  validation:
    name: "Validation"
+    # Don't run in the merge queue again if the branch is up to date with `develop`
    if: github.event.merge_group.base_ref != 'refs/heads/develop'
    runs-on: ubuntu-latest
    # No concurrency required, this is a prerequisite to other actions and should run every time.
--- a/.github/workflows/quality.yml
+++ b/.github/workflows/quality.yml
@@ -16,6 +16,7 @@ jobs:
  checkScript:
    name: Search for forbidden patterns
    runs-on: ubuntu-latest
+    # Don't run in the merge queue again if the branch is up to date with `develop`
    if: github.event.merge_group.base_ref != 'refs/heads/develop'
    steps:
      - uses: actions/checkout@v3
@@ -25,6 +26,7 @@ jobs:
  check:
    name: Project Check Suite
    runs-on: ubuntu-latest
+    # Don't run in the merge queue again if the branch is up to date with `develop`
    if: github.event.merge_group.base_ref != 'refs/heads/develop'
    # Allow all jobs on main and develop. Just one per PR.
    concurrency:
--- a/.github/workflows/sonar.yml
+++ b/.github/workflows/sonar.yml
@@ -0,0 +1,51 @@
+name: Code Quality Checks
+
+on:
+  workflow_dispatch:
+  pull_request:
+  merge_group:
+  push:
+    branches: [ main, develop ]
+
+# Enrich gradle.properties for CI/CD
+env:
+  GRADLE_OPTS: -Dorg.gradle.jvmargs="-Xmx3072m -Dfile.encoding=UTF-8 -XX:+HeapDumpOnOutOfMemoryError" -XX:MaxMetaspaceSize=512m -Dkotlin.daemon.jvm.options="-Xmx2g" -Dkotlin.incremental=false
+  CI_GRADLE_ARG_PROPERTIES: --stacktrace -PpreDexEnable=false --max-workers 2 --no-daemon --warn
+
+jobs:
+  sonar:
+    name: Project Check Suite
+    runs-on: ubuntu-latest
+    # Don't run in the merge queue again if the branch is up to date with `develop`
+    if: github.event.merge_group.base_ref != 'refs/heads/develop'
+    # Allow all jobs on main and develop. Just one per PR.
+    concurrency:
+      group: ${{ github.ref == 'refs/heads/main' && format('sonar-main-{0}', github.sha) || github.ref == 'refs/heads/develop' && format('sonar-develop-{0}', github.sha) || format('sonar-{0}', github.ref) }}
+      cancel-in-progress: true
+    steps:
+      - uses: actions/checkout@v3
+        with:
+          # Ensure we are building the branch and not the branch after being merged on develop
+          # https://github.com/actions/checkout/issues/881
+          ref: ${{ github.event_name == 'pull_request' && github.event.pull_request.head.sha || github.ref }}
+      - name: Use JDK 17
+        uses: actions/setup-java@v3
+        with:
+          distribution: 'temurin' # See 'Supported distributions' for available options
+          java-version: '17'
+      - name: Configure gradle
+        uses: gradle/gradle-build-action@v2.7.0
+        with:
+          cache-read-only: ${{ github.ref != 'refs/heads/develop' }}
+      - name: 🔊 Publish results to Sonar
+        env:
+          SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+          ORG_GRADLE_PROJECT_SONAR_LOGIN: ${{ secrets.SONAR_TOKEN }}
+        if: ${{ always() && env.SONAR_TOKEN != '' && env.ORG_GRADLE_PROJECT_SONAR_LOGIN != '' }}
+        run: ./gradlew sonar $CI_GRADLE_ARG_PROPERTIES
+      - name: Prepare Danger
+        if: always()
+        run: |
+          npm install --save-dev @babel/core
+          npm install --save-dev @babel/plugin-transform-flow-strip-types
+          yarn add danger-plugin-lint-report --dev
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -16,6 +16,7 @@ jobs:
  tests:
    name: Runs unit tests
    runs-on: ubuntu-latest
+    # Don't run in the merge queue again if the branch is up to date with `develop`
    if: github.event.merge_group.base_ref != 'refs/heads/develop'

    # Allow all jobs on main and develop. Just one per PR.
--- a/.github/workflows/validate-lfs.yml
+++ b/.github/workflows/validate-lfs.yml
@@ -5,6 +5,7 @@ on: [pull_request, merge_group]
 jobs:
  build:
    runs-on: ubuntu-latest
+    # Don't run in the merge queue again if the branch is up to date with `develop`
    if: github.event.merge_group.base_ref != 'refs/heads/develop'
    name: Validate
    steps: