Skip to content

ACCESS_GRANTED check for the JWT #285

ACCESS_GRANTED check for the JWT

ACCESS_GRANTED check for the JWT #285

Workflow file for this run

### Continuous Integration & Deployment
#
# This file is inspired by
# https://www.raywenderlich.com/19407406-continuous-delivery-for-android-using-github-actions
name: CI/CD
on: [ pull_request, push ]
jobs:
## Run generic tests on source code
test:
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: REUSE Compliance Check
uses: fsfe/reuse-action@v1
## Build the app and run unit tests
unit_tests:
runs-on: ubuntu-22.04
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Java setup
uses: actions/setup-java@v3
with:
distribution: 'temurin' # See 'Supported distributions' for available options
java-version: '17'
- name: Inject google-services.json
env:
GOOGLE_SERVICES_JSON: ${{ secrets.GOOGLE_SERVICES_JSON }}
run: echo "$GOOGLE_SERVICES_JSON" > app/google-services.json
- name: Test the app
# If you want to test a specific variant, use one of the following:
# testDevelopmentDebugUnitTest - Run unit tests for the developmentDebug build.
# testDevelopmentReleaseUnitTest - Run unit tests for the developmentRelease build.
# testProductionDebugUnitTest - Run unit tests for the productionDebug build.
# testProductionReleaseUnitTest - Run unit tests for the productionRelease build.
run: ./gradlew test
## Run tests on an Android Simulator
## We use macos as it has hardware acceleration for that
android_tests:
runs-on: macos-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Java setup
uses: actions/setup-java@v3
with:
distribution: 'temurin' # See 'Supported distributions' for available options
java-version: '17'
- name: Inject google-services.json
env:
GOOGLE_SERVICES_JSON: ${{ secrets.GOOGLE_SERVICES_JSON }}
run: echo "$GOOGLE_SERVICES_JSON" > app/google-services.json
- name: Instrumentation Tests
uses: reactivecircus/android-emulator-runner@v2
with:
api-level: 33
arch: x86_64
# If you want to test only a specific variant, use one of the following:
# connectedDevelopmentDebugAndroidTest - Installs and runs the tests for developmentDebug on connected devices.
# connectedProductionDebugAndroidTest - Installs and runs the tests for productionDebug on connected devices.
script: ./gradlew connectedAndroidTest
## Build and sign the app, and upload it as Github Artifact
build_and_deploy_to_play_store:
needs: [ test, unit_tests, android_tests ]
if: github.ref == 'refs/heads/main'
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v3
- name: Inject google-services.json
env:
GOOGLE_SERVICES_JSON: ${{ secrets.GOOGLE_SERVICES_JSON }}
run: echo "$GOOGLE_SERVICES_JSON" > app/google-services.json
- name: Increment build number
run: |
set -eo pipefail
BUILD_NUMBER=$(date "+%s")
echo "VERSION_CODE=$BUILD_NUMBER" > app/version.properties
cat app/version.properties
- name: Generate Release AAB
run: ./gradlew bundleProductionRelease
# For TESTING USE --> run: ./gradlew bundleDevelopmentRelease
- name: Sign AAB
uses: r0adkll/sign-android-release@v1
# ID used to access action output
id: sign_app
with:
releaseDirectory: app/build/outputs/bundle/productionRelease
# For TESTING USE --> releaseDirectory: app/build/outputs/bundle/developmentRelease
signingKeyBase64: ${{ secrets.KEYSTORE_SIGNING_KEY }}
alias: ${{ secrets.KEYSTORE_ALIAS }}
keyStorePassword: ${{ secrets.KEYSTORE_PASSWORD }}
keyPassword: ${{ secrets.KEYSTORE_PASSWORD_FOR_KEY }}
- name: Publish to Play Store closed alpha track
uses: r0adkll/upload-google-play@v1
with:
serviceAccountJsonPlainText: ${{ secrets.SERVICE_ACCOUNT_JSON }}
packageName: it.bz.noi.community
releaseFiles: ${{ steps.sign_app.outputs.signedReleaseFile }}
track: alpha
status: completed