From b7bf16c953b289da5c9ce666439e2c1bfd431fbd Mon Sep 17 00:00:00 2001 From: Theo Chatziperis Date: Mon, 27 May 2024 13:12:01 +0300 Subject: [PATCH] update ci --- .github/workflows/ci.yml | 101 ++++++++++++++++++-------- .github/workflows/dependencycheck.yml | 14 ++-- .github/workflows/gitleaks.yml | 8 +- .github/workflows/sonar.yml | 14 ++-- 4 files changed, 90 insertions(+), 47 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6082368..8597992 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -15,14 +15,17 @@ jobs: steps: - name: Checkout project sources uses: actions/checkout@v4 - - uses: actions/setup-java@v3 + + - uses: actions/setup-java@v4 with: distribution: 'temurin' java-version: '17' + - name: Validate Gradle Wrapper - uses: gradle/wrapper-validation-action@v1 - - name: Build with Gradle Wrapper - uses: gradle/gradle-build-action@v3.1.0 + uses: gradle/actions/wrapper-validation@v3 + + - name: Gradle Setup + uses: gradle/actions/setup-gradle@v3 with: gradle-version: wrapper arguments: build @@ -36,52 +39,87 @@ jobs: permissions: contents: read steps: - - name: Checkout project source code + - name: Checkout the code uses: actions/checkout@v4 - - name: set up JDK 17 - uses: actions/setup-java@v3 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 with: java-version: 17 distribution: "temurin" + - name: Validate Gradle Wrapper - uses: gradle/wrapper-validation-action@v1 - - name: Build with Gradle Wrapper - uses: gradle/gradle-build-action@v3.1.0 + uses: gradle/actions/wrapper-validation@v3 + + - name: Gradle Setup + uses: gradle/actions/setup-gradle@v3 with: arguments: test --full-stacktrace android-tests: - runs-on: macos-latest + runs-on: ubuntu-latest timeout-minutes: 35 needs: [ build-gradle, unit-tests ] strategy: matrix: - include: - - api-level: 28 - target: default - arch: x86 - - api-level: 33 - target: google_apis # emulator API 33 only exists with Google APIs - arch: x86_64 + api-level: [ 26,33 ] + target: [ google_apis ] + arch: [ x86_64 ] permissions: contents: read steps: + - name: Enable KVM + run: | + echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules + sudo udevadm control --reload-rules + sudo udevadm trigger --name-match=kvm + - name: Checkout the code uses: actions/checkout@v4 - - name: set up JDK 17 - uses: actions/setup-java@v3 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 with: java-version: 17 distribution: "temurin" + - name: Validate Gradle Wrapper - uses: gradle/wrapper-validation-action@v1 + uses: gradle/actions/wrapper-validation@v3 + + - name: Gradle Setup + uses: gradle/actions/setup-gradle@v3 + + - name: AVD cache + uses: actions/cache@v3 + id: avd-cache + with: + path: | + ~/.android/avd/* + ~/.android/adb* + key: avd-${{ matrix.api-level }}-${{ matrix.target }}-${{ matrix.arch }} + + - name: Create AVD and generate snapshot for caching + if: steps.avd-cache.outputs.cache-hit != 'true' + uses: reactivecircus/android-emulator-runner@v2 + with: + api-level: ${{ matrix.api-level }} + target: ${{ matrix.target }} + arch: ${{ matrix.arch }} + force-avd-creation: false + emulator-options: -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none + disable-animations: false + script: echo "Generated AVD snapshot for caching." + - name: Run android tests uses: reactivecircus/android-emulator-runner@v2 with: api-level: ${{ matrix.api-level }} target: ${{ matrix.target }} arch: ${{ matrix.arch }} - script: ./gradlew $GRADLE_OPTS connectedCheck --stacktrace + force-avd-creation: false + emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none + disable-animations: true + script: ./gradlew connectedCheck --stacktrace publish-to-snapshot: name: Publish SNAPSHOT to sonatype.org @@ -93,16 +131,21 @@ jobs: contents: read packages: write steps: - - name: Checkout project sources - uses: actions/checkout@v3 - - uses: actions/setup-java@v3 + + - name: Checkout the code + uses: actions/checkout@v4 + + - name: Set up JDK 17 + uses: actions/setup-java@v4 with: - distribution: 'temurin' - java-version: '17' + java-version: 17 + distribution: "temurin" + - name: Validate Gradle Wrapper - uses: gradle/wrapper-validation-action@v1 + uses: gradle/actions/wrapper-validation@v3 + - name: Publish with Gradle Wrapper - uses: gradle/gradle-build-action@v3.1.0 + uses: gradle/actions/setup-gradle@v3 with: arguments: publishAllPublicationsToMavenCentral --full-stacktrace env: diff --git a/.github/workflows/dependencycheck.yml b/.github/workflows/dependencycheck.yml index 1cc07e9..e318381 100644 --- a/.github/workflows/dependencycheck.yml +++ b/.github/workflows/dependencycheck.yml @@ -4,11 +4,11 @@ on: branches-ignore: - 'dependabot/**' workflow_dispatch: - + jobs: - SCA_caller: - uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sca_bt.yml@main - secrets: - NVD_API_KEY: ${{ secrets.NVD_API_KEY }} - DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }} - DOJO_URL: ${{ secrets.DOJO_URL }} \ No newline at end of file + SCA_caller: + uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sca_bt.yml@main + secrets: + NVD_API_KEY: ${{ secrets.NVD_API_KEY }} + DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }} + DOJO_URL: ${{ secrets.DOJO_URL }} diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index 1ea9941..4b179ec 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -7,7 +7,7 @@ on: jobs: Secret_Scanning_caller: - uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/secretscanning.yml@main - secrets: - DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }} - DOJO_URL: ${{ secrets.DOJO_URL }} \ No newline at end of file + uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/secretscanning.yml@main + secrets: + DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }} + DOJO_URL: ${{ secrets.DOJO_URL }} diff --git a/.github/workflows/sonar.yml b/.github/workflows/sonar.yml index a0e8654..7109927 100644 --- a/.github/workflows/sonar.yml +++ b/.github/workflows/sonar.yml @@ -7,10 +7,10 @@ on: workflow_dispatch: jobs: - SAST_caller: - uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sast_bt_testDebugUnitTestCoverage.yml@main - secrets: - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }} - DOJO_URL: ${{ secrets.DOJO_URL }} + SAST_caller: + uses: eu-digital-identity-wallet/eudi-infra-ci/.github/workflows/sast_bt_testDebugUnitTestCoverage.yml@main + secrets: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + DOJO_TOKEN: ${{ secrets.DOJO_TOKEN }} + DOJO_URL: ${{ secrets.DOJO_URL }}