Skip to content

Add admin console to labeler.yml. #2308

Add admin console to labeler.yml.

Add admin console to labeler.yml. #2308

Workflow file for this run

# Copyright (c) 2022 Sharezone UG (haftungsbeschränkt)
# Licensed under the EUPL-1.2-or-later.
#
# You may obtain a copy of the Licence at:
# https://joinup.ec.europa.eu/software/page/eupl
#
# SPDX-License-Identifier: EUPL-1.2
# This workflow handles the CI for the app.
#
# Therefore, it's only triggered on pull requests that make changes to the app.
# It only contains jobs that don't require any secrets. The jobs that require
# secrets are handled in the "unsafe_app_ci.yml" workflow.
name: safe-app-ci
concurrency:
group: safe-app-ci-${{ github.head_ref }}
# In order to conserve the use of GitHub Actions, we cancel the running action
# of the previous commit. This means that if you first commit "A" and then
# commit "B" to the pull request a few minutes later, the workflow for commit
# "A" will be cancelled.
cancel-in-progress: true
on:
# Triggers the workflow on pull request events
pull_request:
types:
- opened
- synchronize
- reopened
# It's important to trigger this workflow again when the pull is changing
# from a draft pull request to a ready for review pull request.
#
# Some jobs are skipped when the pull request is a draft. Therefore, we
# need to trigger these jobs again when the pull request is changing to
# ready for review.
- ready_for_review
merge_group:
types:
- checks_requested
env:
CI_CD_DART_SCRIPTS_PACKAGE_PATH: "tools/sz_repo_cli/"
# Set permissions to none.
#
# Using the broad default permissions is considered a bad security practice
# and would cause alerts from our scanning tools.
permissions: {}
# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# We can't use the official "paths" filter because it has no support for merge
# groups and we would need some kind of fallback CI when a check is required
# but ignored because of the path filter.
#
# See:
# * https://github.com/community/community/discussions/45899 (merge groups)
# * https://github.com/github/docs/commit/4364076e0fb56c2579ae90cd048939eaa2c18954
# (workaround for required checks with path filters)
changes:
runs-on: ubuntu-22.04
outputs:
changesFound: ${{ steps.filter.outputs.changesFound }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- uses: AurorNZ/paths-filter@3b1f3abc3371cca888d8eb03dfa70bc8a9867629
id: filter
with:
filters: |
changesFound:
# When we change the Flutter version, we need to trigger this workflow.
- ".fvm/fvm_config.json"
# We only build and deploy a new version, when a user relevant files
# changed.
- "app/**"
- "lib/**"
# We trigger also this workflow, if this workflow is changed, so that new
# changes will be applied.
- ".github/workflows/safe_app_ci.yml"
# The following paths are excluded from the above paths. It's important to
# list the paths at the end of the file, so that the exclude paths are
# applied.
#
# See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#example-including-and-excluding-paths.
- "!**/*.md"
- "!**/*.mdx"
- "!**/*.gitignore"
- "!**/firebase.json"
- "!**/.firebaserc"
- "!app/android/fastlane/**"
analyze:
needs: changes
runs-on: ubuntu-22.04
# In draft PRs we might use TODOs temporarily.
# In this case the analyze pipeline would fail, thus we won't run it.
if: ${{ github.event.pull_request.draft == false && needs.changes.outputs.changesFound == 'true' }}
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Set Flutter version from FVM config file to environment variables
id: fvm-config-action
uses: kuhnroyal/flutter-fvm-config-action@34c3905bc939a4ff9d9cb07d5a977493fa73b2aa
- uses: subosito/flutter-action@62f096cacda5168a3bd7b95793373be14fa4fbaf
with:
flutter-version: ${{ steps.fvm-config-action.outputs.FLUTTER_VERSION }}
channel: ${{ steps.fvm-config-action.outputs.FLUTTER_CHANNEL }}
- name: Activate sz_repo_cli package
run: flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH"
# So we can just use "sz COMMAND" instead of "dart ../path/to/script.dart ..."
- run: echo $(realpath ./bin) >> $GITHUB_PATH
- name: Run code analysis via "sz analyze" (formatting, issues, spacing ...)
run: sz analyze --max-concurrent-packages 3 --package-timeout-minutes 15
# We split the tests into two jobs, because we want to run the golden tests on
# a macOS runner, because the golden tests were generated on macOS. To reduce
# the time that macOS runner are used, we run the other tests on a Linux
# runner.
test-without-goldens:
needs: changes
if: ${{ needs.changes.outputs.changesFound == 'true' }}
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Set Flutter version from FVM config file to environment variables
id: fvm-config-action
uses: kuhnroyal/flutter-fvm-config-action@34c3905bc939a4ff9d9cb07d5a977493fa73b2aa
- uses: subosito/flutter-action@62f096cacda5168a3bd7b95793373be14fa4fbaf
with:
flutter-version: ${{ steps.fvm-config-action.outputs.FLUTTER_VERSION }}
channel: ${{ steps.fvm-config-action.outputs.FLUTTER_CHANNEL }}
- name: Activate sz_repo_cli package
run: flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH"
# So we can just use "sz COMMAND" instead of "dart ../path/to/script.dart ..."
- run: echo $(pwd)/bin >> $GITHUB_PATH
- name: Run tests via "sz test"
run: |
sz test \
-c 4 \
--package-timeout-minutes 15 \
--exclude-goldens
# We split the tests into two jobs, because we want to run the golden tests on
# a macOS runner, because the golden tests were generated on macOS. To reduce
# the time that macOS runner are used, we run the other tests on a Linux
# runner.
test-with-goldens:
needs: changes
if: ${{ needs.changes.outputs.changesFound == 'true' }}
# Due to https://github.com/flutter/flutter/issues/111739 our golden tests
# require macOS arm64. Therefore, we need to use macos-14.
runs-on: macos-14
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Set Flutter version from FVM config file to environment variables
id: fvm-config-action
uses: kuhnroyal/flutter-fvm-config-action@34c3905bc939a4ff9d9cb07d5a977493fa73b2aa
- uses: subosito/flutter-action@62f096cacda5168a3bd7b95793373be14fa4fbaf
with:
flutter-version: ${{ steps.fvm-config-action.outputs.FLUTTER_VERSION }}
channel: ${{ steps.fvm-config-action.outputs.FLUTTER_CHANNEL }}
- name: Install Sharezone CLI
run: |
flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH"
echo $(pwd)/bin >> $GITHUB_PATH
- name: Run tests via "sz test"
run: |
sz test \
-c 4 \
--package-timeout-minutes 15 \
--only-goldens
# Uploads the results of failed tests as .zip to GitHub.
#
# You can find the file under the "Summary" Tab on GitHub when all jobs of
# this workflows finished.
- name: Upload failed golden tests
if: failure()
uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3
with:
name: failed-golden-tests
# When golden test fail then the results are stored in "failures"
# folders. Since golden tests run in several different places (e.g. /app,
# or packages in /lib) the failures folder will be spread in different places.
path: "**/failures/*.png"
# Checks if the generated files are up to date.
check-code-generation:
needs: changes
if: ${{ needs.changes.outputs.changesFound == 'true' }}
runs-on: ubuntu-22.04
steps:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11
- name: Set Flutter version from FVM config file to environment variables
id: fvm-config-action
uses: kuhnroyal/flutter-fvm-config-action@34c3905bc939a4ff9d9cb07d5a977493fa73b2aa
- uses: subosito/flutter-action@62f096cacda5168a3bd7b95793373be14fa4fbaf
with:
flutter-version: ${{ steps.fvm-config-action.outputs.FLUTTER_VERSION }}
channel: ${{ steps.fvm-config-action.outputs.FLUTTER_CHANNEL }}
- name: Install Sharezone CLI
run: |
flutter pub global activate --source path "$CI_CD_DART_SCRIPTS_PACKAGE_PATH"
echo $(pwd)/bin >> $GITHUB_PATH
- name: Run code generation via "sz build_runner build"
run: |
sz build_runner build \
-c 4 \
--package-timeout-minutes 15
- name: Fail if generated files have changed
run: |
git diff --exit-code -- '**/*.mocks.dart' '**/*.g.dart'
# Print the Git diff with the file names and their status as a
# summary.
git diff --name-status -- '**/*.mocks.dart' '**/*.g.dart'