feat(MOSIP-29236): add reusable workflows (#897)

* feat(MOSIP-29236): add reusable workflows * feat(MOSIP-29236): add ios automation job * feat(INJI-000) Add reusable workflows Signed-off-by: adityankannan-tw <[email protected]> * feat(MOSIP-25631): Add reusable workflows Signed-off-by: adityankannan-tw <[email protected]> --------- Signed-off-by: adityankannan-tw <[email protected]>
mosip · Oct 18, 2023 · 662b07a · 662b07a
1 parent 7dfc807
commit 662b07a
Show file tree

Hide file tree

Showing 8 changed files with 362 additions and 35 deletions.
diff --git a/.github/workflows/android-beta-build.yml b/.github/workflows/android-beta-build.yml
@@ -1,7 +1,8 @@
 name: Android Beta Build
 
 env:
-  backendServiceDefaultUrl: https://api.sandbox.mosip.net
+  mimotoBackendServiceDefaultUrl: https://api.sandbox.mosip.net
+  esignetBackendServiceDefaultUrl: https://api.sandbox.mosip.net
 
 on:
   workflow_dispatch:
@@ -21,8 +22,13 @@ on:
         required: true
         default: False
         type: string
-      backendServiceUrl:
-        description: 'Backend service URL'
+      mimotoBackendServiceUrl:
+        description: 'Mimoto backend service URL'
+        required: true
+        default: 'https://api.sandbox.mosip.net'
+        type: string
+      esignetBackendServiceUrl:
+        description: 'Esignet backend service URL'
         required: true
         default: 'https://api.sandbox.mosip.net'
         type: string
@@ -133,7 +139,8 @@ jobs:
           cd android/scripts
           ./beta-build.sh
         env:
-          MIMOTO_HOST: ${{ github.event.inputs.backendServiceUrl }}
+          MIMOTO_HOST: ${{ github.event.inputs.mimotoBackendServiceUrl }}
+          ESIGNET_HOST: ${{ github.event.inputs.esignetBackendServiceUrl }}
           APPLICATION_THEME: ${{ github.event.inputs.theme }}
           RELEASE_KEYSTORE_ALIAS: androidreleasekey
           RELEASE_KEYSTORE_PASSWORD: '${{secrets.INJI_ANDROID_RELEASE_STOREPASS}}'

diff --git a/.github/workflows/android-internal-build.yml b/.github/workflows/android-internal-build.yml
@@ -1,13 +1,25 @@
 name: Android Internal Build
+run-name: ${{ github.event.inputs.buildname }}
 
 env:
-  backendServiceDefaultUrl: https://api.sandbox.mosip.net
+  mimotoBackendServiceDefaultUrl: https://api.sandbox.mosip.net
+  esignetBackendServiceDefaultUrl: https://api.sandbox.mosip.net
 
 on:
   workflow_dispatch:
     inputs:
-      backendServiceUrl:
-        description: 'Backend service URL'
+      buildname:
+        description: 'Build App For'
+        required: true
+        default: 'Sprint-x/Collab/release-x.x.x'
+        type: string
+      mimotoBackendServiceUrl:
+        description: 'Mimoto backend service URL'
+        required: true
+        default: 'https://api.sandbox.mosip.net'
+        type: string
+      esignetBackendServiceUrl:
+        description: 'Esignet backend service URL'
         required: true
         default: 'https://api.sandbox.mosip.net'
         type: string
@@ -41,7 +53,7 @@ jobs:
       - uses: actions/setup-node@v3
         with:
           node-version: '16.x'
-      
+
       - name: Cache local npm repository
         uses: actions/[email protected]
         with:
@@ -58,7 +70,7 @@ jobs:
 
       - name: Install npm dependencies
         run: |
-          npm ci
+          npm i
 
       - name: Create .env.local file
         run: |
@@ -68,7 +80,7 @@ jobs:
         run: |
           # Strip git ref prefix from version
           echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
-          echo "GPG_TTY=$(tty)" >> $GITHUB_ENV   
+          echo "GPG_TTY=$(tty)" >> $GITHUB_ENV
 
       - name: Setup branch and GPG public key
         run: |
@@ -99,26 +111,115 @@ jobs:
           cd android/app
           export RELEASE_KEYSTORE_ALIAS=androidreleasekey
           export RELEASE_KEYSTORE_PASSWORD=$RELEASE_KEYSTORE_PASSWORD
-        env: 
+        env:
           RELEASE_KEYSTORE_PASSWORD: '${{secrets.INJI_ANDROID_RELEASE_STOREPASS}}'
 
       - name: Create Google Play Config file
-        run : |
+        run: |
           cd android
           echo "$INJI_ANDROID_PLAY_STORE_CONFIG_JSON" > play_config.json.b64
           base64 -d -i play_config.json.b64 > play_config.json
         env:
           INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }}
 
       - name: Run Build
-        run: | 
+        run: |
           cd android/scripts
           ./internal-build.sh
         env:
-          MIMOTO_HOST: ${{ github.event.inputs.backendServiceUrl }}
-          APPLICATION_THEME: ${{ github.event.inputs.theme }} 
+          MIMOTO_HOST: ${{ github.event.inputs.mimotoBackendServiceUrl }}
+          ESIGNET_HOST: ${{ github.event.inputs.esignetBackendServiceUrl }}
+          APPLICATION_THEME: ${{ github.event.inputs.theme }}
           RELEASE_KEYSTORE_ALIAS: androidreleasekey
           RELEASE_KEYSTORE_PASSWORD: '${{secrets.INJI_ANDROID_RELEASE_STOREPASS}}'
           SLACK_URL: '${{ secrets.SLACK_WEBHOOK_DEVOPS }}'
           PLAY_CONSOLE_RELEASE_DESCRIPTION: ${{ github.event.inputs.buildDescription }}
-          CREDENTIAL_REGISTRY_EDIT: ${{ github.event.inputs.registry_edit }}
+          CREDENTIAL_REGISTRY_EDIT: ${{ github.event.inputs.registry_edit }}
+
+  upload-to-actions:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/[email protected]
+      - uses: actions/setup-node@v3
+        with:
+          node-version: '16.x'
+
+      - name: Cache local npm repository
+        uses: actions/[email protected]
+        with:
+          key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }}
+          path: ~/.npm
+
+      - name: Cache local gradle repository
+        uses: actions/[email protected]
+        with:
+          key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }}
+          path: |
+            ~/.gradle/caches
+            ~/.gradle/wrapper
+
+      - name: Install npm dependencies
+        run: |
+          npm i
+
+      - name: Create .env.local file
+        run: |
+          echo "${{ secrets.ENV_FILE }}" > .env.local > android/local.properties
+
+      - name: Setup branch and env
+        run: |
+          # Strip git ref prefix from version
+          echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV
+          echo "GPG_TTY=$(tty)" >> $GITHUB_ENV
+
+      - name: Setup branch and GPG public key
+        run: |
+          # Strip git ref prefix from version
+          echo ${{ env.BRANCH_NAME }}
+          echo ${{ env.GPG_TTY }}
+
+          sudo apt-get --yes install gnupg2
+          gpg2 --import ./.github/keys/mosipgpgkey_pub.gpg 
+          gpg2 --quiet --batch --passphrase=${{secrets.gpg_secret}}  --allow-secret-key-import --import ./.github/keys/mosipgpgkey_sec.gpg
+
+      - name: Setup Firebase
+        run: |
+          cd android
+          if [ ! -z "$FIREBASE_SECRET" ] && [ -f app/google-services.json.gpg ];then rm -f app/google-services.json;gpg2 --quiet --batch --passphrase=$FIREBASE_SECRET --pinentry-mode loopback --decrypt --output app/google-services.json app/mosip-google-services.json.gpg;fi
+        env:
+          FIREBASE_SECRET: ${{ secrets.GPG_SECRET }}
+
+      - name: Generate keystore
+        run: |
+          echo "$ANDROID_KEYSTORE_FILE" > release.keystore.b64
+          base64 -d -i release.keystore.b64 > android/app/release.keystore
+        env:
+          ANDROID_KEYSTORE_FILE: ${{ secrets.INJI_ANDROID_RELEASE_KEYSTORE }}
+
+      - name: Create Google Play Config file
+        run: |
+          cd android
+          echo "$INJI_ANDROID_PLAY_STORE_CONFIG_JSON" > play_config.json.b64
+          base64 -d -i play_config.json.b64 > play_config.json
+        env:
+          INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }}
+
+      - name: Run Build for upload
+        run: |
+          npx jetify
+          cd android
+          ./gradlew :app:assembleMosipRelease
+        env:
+          MIMOTO_HOST: ${{ github.event.inputs.mimotoBackendServiceUrl }}
+          ESIGNET_HOST: ${{ github.event.inputs.esignetBackendServiceUrl }}
+          APPLICATION_THEME: ${{ github.event.inputs.theme }}
+          RELEASE_KEYSTORE_ALIAS: androidreleasekey
+          RELEASE_KEYSTORE_PASSWORD: '${{secrets.INJI_ANDROID_RELEASE_STOREPASS}}'
+          CREDENTIAL_REGISTRY_EDIT: ${{ github.event.inputs.registry_edit }}
+
+      - name: Upload Artifact
+        uses: actions/[email protected]
+        with:
+          name: ${{ github.event.inputs.buildname }}
+          path: android/app/build/outputs/apk/mosip/release/
+          retention-days: 10
diff --git a/.github/workflows/clear_artifacts.yml b/.github/workflows/clear_artifacts.yml
@@ -1,12 +1,10 @@
-name: 'Delete old artifacts'
+name: "Delete old artifacts"
 on:
   workflow_dispatch:
 
 jobs:
   delete-artifacts:
-    runs-on: ubuntu-latest
-    steps:
-      - uses: kolpav/purge-artifacts-action@v1
-        with:
-          token: ${{ secrets. access_token }}
-          expire-in: 2days # Setting this to 0 will delete all artifacts
+    uses: mosip/kattu/.github/workflows/clear-artifacts.yml@master
+    secrets:
+      ACCESS_TOKEN: ${{ secrets.ACTION_PAT }}
+      SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}
diff --git a/.github/workflows/internal-build.yml b/.github/workflows/internal-build.yml
@@ -0,0 +1,135 @@
+name: Internal Build [Android & IOS]
+run-name: ${{ inputs.buildname }}
+
+on:
+  workflow_dispatch:
+    inputs:
+      beta-release:
+        description: 'Beta release?'
+        required: true
+        default: 'No'
+        type: choice
+        options:
+          - Yes
+          - No
+      buildname:
+        description: 'Build App For'
+        required: true
+        default: 'Sprint-x/Collab/release-x.x.x'
+        type: string
+      mimotoBackendServiceUrl:
+        description: 'Mimoto backend service URL'
+        required: true
+        default: 'https://api.sandbox.mosip.net'
+        type: string
+      esignetBackendServiceUrl:
+        description: 'Esignet backend service URL'
+        required: true
+        default: 'https://api.sandbox.mosip.net'
+        type: string
+      internal-testers:
+        description: 'Internal Testers Group'
+        required: true
+        default: 'QA-Triple'
+        type: choice
+        options:
+          - Dev-testing
+          - MEC
+          - QA
+          - MOSIP-Collab
+          - MOSIP-Dev-testing
+      theme:
+        description: 'Application Theme'
+        required: true
+        default: 'orange'
+        type: choice
+        options:
+          - orange
+          - purple
+      buildDescription:
+        description: 'What to test'
+        required: true
+        default: 'QA-Triple environment'
+        type: string
+      allow_env_edit:
+        description: 'Edit ENV'
+        required: true
+        default: 'true'
+        type: choice
+        options:
+          - false
+          - true
+
+jobs:
+  build-android:
+    uses: mosip/kattu/.github/workflows/android-publish.yml@master
+    with:
+      NODE_VERSION: '16.x'
+      RELEASE_KEYSTORE_ALIAS: androidreleasekey
+      MIMOTO_HOST: ${{ inputs.mimotoBackendServiceUrl }}
+      ESIGNET_HOST: ${{ inputs.esignetBackendServiceUrl }}
+      APPLICATION_THEME: ${{ inputs.theme }}
+      BUILD_DESCRIPTION: ${{ inputs.buildDescription }}
+      ALLOW_ENV_EDIT: ${{ inputs.allow_env_edit }}
+      BUILD_NAME: ${{ inputs.buildname }}
+    secrets:
+      ANDROID_KEYSTORE_FILE: ${{ secrets.INJI_ANDROID_RELEASE_KEYSTORE }}
+      RELEASE_KEYSTORE_PASSWORD: '${{ secrets.INJI_ANDROID_RELEASE_STOREPASS }}'
+      INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }}
+      ENV_FILE: ${{ secrets.ENV_FILE }}
+      SLACK_URL: '${{ secrets.SLACK_WEBHOOK }}'
+
+  build-android-beta:
+    if: ${{ inputs.beta-release == 'Yes' }}
+    uses: mosip/kattu/.github/workflows/android-publish.yml@master
+    with:
+      BETA_RELEASE: ${{ inputs.beta-release }}
+      NODE_VERSION: '16.x'
+      RELEASE_KEYSTORE_ALIAS: androidreleasekey
+      MIMOTO_HOST: ${{ inputs.mimotoBackendServiceUrl }}
+      ESIGNET_HOST: ${{ inputs.esignetBackendServiceUrl }}
+      APPLICATION_THEME: ${{ inputs.theme }}
+      BUILD_DESCRIPTION: ${{ inputs.buildDescription }}
+      ALLOW_ENV_EDIT: ${{ inputs.allow_env_edit }}
+      BUILD_NAME: ${{ inputs.buildname }}
+    secrets:
+      ANDROID_KEYSTORE_FILE: ${{ secrets.INJI_ANDROID_RELEASE_KEYSTORE }}
+      RELEASE_KEYSTORE_PASSWORD: '${{ secrets.INJI_ANDROID_RELEASE_STOREPASS }}'
+      INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }}
+      ENV_FILE: ${{ secrets.ENV_FILE }}
+      SLACK_URL: '${{ secrets.SLACK_WEBHOOK }}'
+
+  build-ios:
+    uses: mosip/kattu/.github/workflows/ios-publish.yml@master
+    with:
+      NODE_VERSION: '18.x'
+      MIMOTO_HOST: ${{ inputs.mimotoBackendServiceUrl }}
+      ESIGNET_HOST: ${{ inputs.esignetBackendServiceUrl }}
+      APPLICATION_THEME: ${{ inputs.theme }}
+      TESTFLIGHT_BETA_APP_DESCRIPTION: ${{ inputs.buildDescription }}
+      ALLOW_ENV_EDIT: ${{ inputs.allow_env_edit }}
+      TESTFLIGHT_INTERNAL_TESTERS_GROUP: ${{ inputs.internal-testers }}
+    secrets:
+      APP_STORE_CONNECT_TEAM_ID: '${{ secrets.APP_STORE_CONNECT_TEAM_ID }}'
+      DEVELOPER_APP_ID: '${{ secrets.IOS_INJI_DEVELOPER_APP_ID }}'
+      INJI_IOS_DEVELOPER_APP_IDENTIFIER: '${{ secrets.INJI_IOS_DEVELOPER_APP_IDENTIFIER }}'
+      INJI_IOS_DEVELOPER_PORTAL_TEAM_ID: '${{ secrets.INJI_IOS_DEVELOPER_PORTAL_TEAM_ID }}'
+      INJI_IOS_FASTLANE_APPLE_ID: '${{ secrets.INJI_IOS_FASTLANE_APPLE_ID }}'
+      INJI_IOS_FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD: '${{ secrets.INJI_IOS_FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD }}'
+      GIT_AUTHORIZATION: '${{ secrets.GIT_AUTHORIZATION }}'
+      INJI_IOS_PROVISIONING_PROFILE_SPECIFIER: '${{ secrets.INJI_IOS_PROVISIONING_PROFILE_SPECIFIER }}'
+      INJI_IOS_TEMP_KEYCHAIN_PASSWORD: '${{ secrets.INJI_IOS_TEMP_KEYCHAIN_PASSWORD }}'
+      INJI_IOS_TEMP_KEYCHAIN_USER: '${{ secrets.INJI_IOS_TEMP_KEYCHAIN_USER }}'
+      APPLE_KEY_ID: '${{ secrets.APPLE_KEY_ID }}'
+      APPLE_ISSUER_ID: '${{ secrets.APPLE_ISSUER_ID }}'
+      APPLE_KEY_CONTENT: '${{ secrets.APPLE_KEY_CONTENT }}'
+      MATCH_PASSWORD: '${{ secrets.INJI_IOS_MATCH_PASSWORD }}'
+      SLACK_URL: '${{ secrets.SLACK_WEBHOOK }}'
+
+  sonar-check:
+    uses: mosip/kattu/.github/workflows/sonar.yml@master
+    secrets:
+      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+      SONAR_HOST_URL: https://sonarcloud.io
+      SONAR_ORGANIZATION: ${{ secrets.ORG_KEY }}
+
diff --git a/.github/workflows/ios-automation-build.yml b/.github/workflows/ios-automation-build.yml
@@ -33,7 +33,7 @@ on:
 jobs:
   build_ios:
     name: Deploying to Testflight
-    runs-on: macos-13
+    runs-on: macos-12
 
     steps:
       - uses: actions/[email protected]