CI/CD #330
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: CI/CD | |
on: | |
push: | |
branches: | |
- master | |
workflow_dispatch: | |
inputs: | |
environment: | |
description: "Environment" | |
required: true | |
default: "staging" | |
type: choice | |
options: | |
- staging | |
- production | |
- testnet | |
deployment: | |
description: "Deployment target" | |
required: true | |
default: "firebase" | |
type: choice | |
options: | |
- firebase | |
- store | |
version: | |
description: "App version" | |
default: "9.9.9" | |
required: true | |
env: | |
APP_ENV: ${{ inputs.environment || 'staging' }} | |
DEPLOYMENT_TYPE: ${{ inputs.deployment || 'firebase' }} | |
APP_VERSION: ${{ inputs.version || '9.9.9' }} | |
jobs: | |
flutter: | |
name: Flutter -- verify, build, test | |
runs-on: macOS-latest | |
steps: | |
- name: Checkout main repo | |
id: checkout-main-repo | |
uses: actions/checkout@v3 | |
with: | |
path: main-repo | |
- name: Checkout the target 'master' branch of 'flutter-app-secrets' | |
id: checkout-secrets | |
uses: actions/checkout@v3 | |
with: | |
repository: ${{ secrets.FLUTTER_APP_SECRETS_REPO }} | |
ref: master | |
token: ${{ secrets.ICE_CI_CD_BOT_GH_PAT }} | |
path: flutter-app-secrets | |
fetch-depth: 0 | |
- name: Configure APP environment (${{ env.APP_ENV }}) | |
id: setup-env | |
run: | | |
cd main-repo | |
scripts/configure_env.sh $APP_ENV | |
- name: Fetch coins data using ION_ORIGIN | |
run: | | |
cd main-repo | |
set -a | |
source ./.app.env | |
set +a | |
curl -X 'GET' \ | |
"${ION_ORIGIN}/v1/coins" \ | |
-H 'accept: application/json' \ | |
-H "X-API-Key: ${{ secrets.IDENTITY_IO_API_KEY }}" \ | |
-o ./assets/ion_identity/coins.json | |
- name: Mask APP environment and keys in logs | |
id: mask-secrets | |
run: | | |
cd main-repo | |
cat .env | awk '!/^\s*#/' | awk '!/^\s*$/' | while IFS='' read -r line; do | |
value=$(echo "$line" | cut -d '=' -f 2-) | |
echo "::add-mask::$value" | |
done | |
for file in ./fastlane/keys/*.json | |
do | |
node -pe 'Object.entries(JSON.parse(process.argv[1])).forEach(([_, val])=>(typeof val === "string" && val.split("\n").forEach((row) => row && console.log("::add-mask::"+row))))' "$(cat $file)" | |
done | |
- name: Set Flutter | |
id: set-flutter | |
uses: subosito/flutter-action@v2 | |
with: | |
channel: "stable" | |
flutter-version-file: main-repo/pubspec.yaml | |
cache: true | |
- run: flutter --version | |
- name: Bootstrap | |
id: bootstrap | |
run: | | |
cd main-repo | |
./scripts/bootstrap.sh | |
- name: Install dependencies | |
id: install-dependencies | |
run: | | |
cd main-repo | |
melos run pub_get | |
- name: Generate code | |
id: generate-code | |
run: | | |
cd main-repo | |
./scripts/generate_locales.sh | |
./scripts/generate_code.sh | |
- name: Analyze code | |
id: analyze-code | |
run: | | |
cd main-repo | |
melos run analyze | |
- name: Run tests | |
id: run-tests | |
run: | | |
cd main-repo | |
melos run test | |
- name: Check license | |
id: check-license | |
run: | | |
cd main-repo | |
./scripts/license_check.sh | |
- uses: actions/cache/save@v3 | |
id: cache_all | |
with: | |
path: | | |
~/.pub-cache | |
./* | |
key: ${{ github.sha }}_${{ github.run_number }} | |
- name: Slack Notification | |
if: ${{ success() == false}} | |
uses: act10ns/slack@v2 | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.FRONTEND_SLACK_WEBHOOK }} | |
SLACK_MESSAGE_TITLE: Flutter -- verify, build, test | |
with: | |
config: main-repo/.github/slack.yml | |
status: ${{ job.status }} | |
steps: ${{ '{}' }} | |
ios-cicd: | |
name: iOS -- build, deploy | |
needs: [flutter] | |
runs-on: macOS-latest | |
env: | |
FASTLANE_XCODEBUILD_SETTINGS_TIMEOUT: 180 | |
FASTLANE_XCODEBUILD_SETTINGS_RETRIES: 10 | |
steps: | |
- uses: actions/cache@v3 | |
id: cache_all | |
with: | |
path: | | |
~/.pub-cache | |
./* | |
key: ${{ github.sha }}_${{ github.run_number }} | |
- name: Mask APP environment and keys in logs | |
id: mask-secrets | |
run: | | |
cd main-repo | |
cat .env | awk '!/^\s*#/' | awk '!/^\s*$/' | while IFS='' read -r line; do | |
value=$(echo "$line" | cut -d '=' -f 2-) | |
echo "::add-mask::$value" | |
done | |
for file in ./fastlane/keys/*.json | |
do | |
node -pe 'Object.entries(JSON.parse(process.argv[1])).forEach(([_, val])=>(typeof val === "string" && val.split("\n").forEach((row) => row && console.log("::add-mask::"+row))))' "$(cat $file)" | |
done | |
- name: Setup Ruby version | |
id: setup-ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
working-directory: main-repo | |
ruby-version: "3.2.2" | |
bundler-cache: true | |
- name: Set Flutter | |
id: set-flutter | |
uses: subosito/flutter-action@v2 | |
with: | |
channel: "stable" | |
cache: true | |
- run: flutter --version | |
- name: Detect context and set APP environment variables | |
id: setup-env | |
env: | |
GITHUB_RUN_NUMBER: ${{ github.run_number }} | |
run: | | |
if [[ ${{ env.DEPLOYMENT_TYPE == 'firebase' }} == true ]] | |
then | |
echo "IOS_SIGN_TYPE=adhoc" >> $GITHUB_ENV | |
echo "DEPLOYMENT_TARGET=firebase" >> $GITHUB_ENV | |
echo "RELEASE_NOTES=${{ env.APP_ENV }}_${{ github.ref_name }}" >> $GITHUB_ENV | |
else | |
echo "IOS_SIGN_TYPE=appstore" >> $GITHUB_ENV | |
echo "DEPLOYMENT_TARGET=testflight" >> $GITHUB_ENV | |
fi | |
echo "BUILD_NUMBER=$(echo $((GITHUB_RUN_NUMBER)))" >> $GITHUB_ENV | |
- name: Fetch code signing identity (${{env.IOS_SIGN_TYPE}}) | |
id: fetch_code_identity | |
run: | | |
cd main-repo | |
bundle exec fastlane ios fetch_code_identity sign_type:$IOS_SIGN_TYPE | |
- name: Build iOS App (v${{ env.APP_VERSION }} build:${{ env.BUILD_NUMBER }}) | |
id: build-app | |
run: | | |
cd main-repo | |
set -a | |
source .env | |
set +a | |
./scripts/generate_ios_export_options.sh --signType $IOS_SIGN_TYPE --bundleId $APP_ID --outputPath ios/ExportOptions.plist | |
flutter build ipa --release --build-number=$BUILD_NUMBER --build-name=$APP_VERSION --export-options-plist=ios/ExportOptions.plist | |
- name: Deploy iOS App to ${{env.DEPLOYMENT_TARGET}} | |
id: deploy-app | |
run: | | |
cd main-repo | |
bundle exec fastlane ios deploy target:$DEPLOYMENT_TARGET release_notes:$RELEASE_NOTES | |
- name: Slack Notification | |
if: ${{ always() && github.event_name == 'push' }} | |
uses: act10ns/slack@v2 | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.FRONTEND_SLACK_WEBHOOK }} | |
SLACK_MESSAGE_TITLE: iOS -- build, deploy | |
with: | |
config: main-repo/.github/slack.yml | |
status: ${{ job.status }} | |
steps: ${{ '{}' }} | |
android-cicd: | |
name: Android -- build, deploy | |
needs: [flutter] | |
runs-on: macOS-latest | |
steps: | |
- uses: actions/cache@v3 | |
id: cache_all | |
with: | |
path: | | |
~/.pub-cache | |
./* | |
key: ${{ github.sha }}_${{ github.run_number }} | |
- name: Mask APP environment and keys in logs | |
id: mask-secrets | |
run: | | |
cd main-repo | |
cat .env | awk '!/^\s*#/' | awk '!/^\s*$/' | while IFS='' read -r line; do | |
value=$(echo "$line" | cut -d '=' -f 2-) | |
echo "::add-mask::$value" | |
done | |
for file in ./fastlane/keys/*.json | |
do | |
node -pe 'Object.entries(JSON.parse(process.argv[1])).forEach(([_, val])=>(typeof val === "string" && val.split("\n").forEach((row) => row && console.log("::add-mask::"+row))))' "$(cat $file)" | |
done | |
- name: Setup Java | |
id: setup-java | |
uses: actions/setup-java@v3 | |
with: | |
distribution: "adopt" | |
java-version: "17" | |
check-latest: true | |
- name: Setup Ruby version | |
id: setup-ruby | |
uses: ruby/setup-ruby@v1 | |
with: | |
working-directory: main-repo | |
ruby-version: "3.2.2" | |
bundler-cache: true | |
- name: Set Flutter | |
id: set-flutter | |
uses: subosito/flutter-action@v2 | |
with: | |
channel: "stable" | |
cache: true | |
- run: flutter --version | |
- name: Detect context and set APP environment variables | |
id: setup-env | |
env: | |
GITHUB_RUN_NUMBER: ${{ github.run_number }} | |
run: | | |
if [[ ${{ env.DEPLOYMENT_TYPE == 'firebase' }} == true ]] | |
then | |
echo "ANDROID_ARCHIVE_TYPE=apk" >> $GITHUB_ENV | |
echo "DEPLOYMENT_TARGET=firebase" >> $GITHUB_ENV | |
echo "RELEASE_NOTES=${{ env.APP_ENV }}_${{ github.ref_name }}" >> $GITHUB_ENV | |
else | |
echo "ANDROID_ARCHIVE_TYPE=appbundle" >> $GITHUB_ENV | |
echo "DEPLOYMENT_TARGET=playstore" >> $GITHUB_ENV | |
fi | |
if [[ ${{ env.APP_ENV == 'production' }} == true ]] | |
then | |
echo "APP_FLAVOR=production" >> $GITHUB_ENV | |
else | |
echo "APP_FLAVOR=staging" >> $GITHUB_ENV | |
fi | |
echo "RELEASE_STATUS=draft" >> $GITHUB_ENV | |
echo "BUILD_NUMBER=$(echo $((GITHUB_RUN_NUMBER)))" >> $GITHUB_ENV | |
- name: Build Android App (${{env.ANDROID_ARCHIVE_TYPE}} v${{ env.APP_VERSION }} build:${{ env.BUILD_NUMBER }}) | |
id: build-app | |
run: | | |
cd main-repo | |
flutter build $ANDROID_ARCHIVE_TYPE --release --flavor=$APP_FLAVOR --build-number=$BUILD_NUMBER --build-name=$APP_VERSION | |
- name: Deploy Android App to ${{env.DEPLOYMENT_TARGET}} | |
id: deploy-app | |
run: | | |
cd main-repo | |
bundle exec fastlane android deploy target:$DEPLOYMENT_TARGET release_status:$RELEASE_STATUS release_notes:$RELEASE_NOTES | |
- name: Slack Notification | |
if: ${{ always() && github.event_name == 'push' }} | |
uses: act10ns/slack@v2 | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.FRONTEND_SLACK_WEBHOOK }} | |
SLACK_MESSAGE_TITLE: Android -- build, deploy | |
with: | |
config: main-repo/.github/slack.yml | |
status: ${{ job.status }} | |
steps: ${{ '{}' }} |