From 662b07affa963bc67a7822b6fabe274acb5b8b88 Mon Sep 17 00:00:00 2001 From: adityankannan-tw <109274996+adityankannan-tw@users.noreply.github.com> Date: Wed, 18 Oct 2023 17:49:01 +0530 Subject: [PATCH] feat(MOSIP-29236): add reusable workflows (#897) * feat(MOSIP-29236): add reusable workflows * feat(MOSIP-29236): add ios automation job * feat(INJI-000) Add reusable workflows Signed-off-by: adityankannan-tw * feat(MOSIP-25631): Add reusable workflows Signed-off-by: adityankannan-tw --------- Signed-off-by: adityankannan-tw --- .github/workflows/android-beta-build.yml | 15 ++- .github/workflows/android-internal-build.yml | 125 +++++++++++++++-- .github/workflows/clear_artifacts.yml | 12 +- .github/workflows/internal-build.yml | 135 +++++++++++++++++++ .github/workflows/ios-automation-build.yml | 2 +- .github/workflows/ios-build.yml | 35 +++-- .github/workflows/push-triggers.yml | 38 ++++++ .github/workflows/tag.yml | 35 +++++ 8 files changed, 362 insertions(+), 35 deletions(-) create mode 100644 .github/workflows/internal-build.yml create mode 100644 .github/workflows/push-triggers.yml create mode 100644 .github/workflows/tag.yml diff --git a/.github/workflows/android-beta-build.yml b/.github/workflows/android-beta-build.yml index 4747fcd60c..21844566c1 100644 --- a/.github/workflows/android-beta-build.yml +++ b/.github/workflows/android-beta-build.yml @@ -1,7 +1,8 @@ name: Android Beta Build env: - backendServiceDefaultUrl: https://api.sandbox.mosip.net + mimotoBackendServiceDefaultUrl: https://api.sandbox.mosip.net + esignetBackendServiceDefaultUrl: https://api.sandbox.mosip.net on: workflow_dispatch: @@ -21,8 +22,13 @@ on: required: true default: False type: string - backendServiceUrl: - description: 'Backend service URL' + mimotoBackendServiceUrl: + description: 'Mimoto backend service URL' + required: true + default: 'https://api.sandbox.mosip.net' + type: string + esignetBackendServiceUrl: + description: 'Esignet backend service URL' required: true default: 'https://api.sandbox.mosip.net' type: string @@ -133,7 +139,8 @@ jobs: cd android/scripts ./beta-build.sh env: - MIMOTO_HOST: ${{ github.event.inputs.backendServiceUrl }} + MIMOTO_HOST: ${{ github.event.inputs.mimotoBackendServiceUrl }} + ESIGNET_HOST: ${{ github.event.inputs.esignetBackendServiceUrl }} APPLICATION_THEME: ${{ github.event.inputs.theme }} RELEASE_KEYSTORE_ALIAS: androidreleasekey RELEASE_KEYSTORE_PASSWORD: '${{secrets.INJI_ANDROID_RELEASE_STOREPASS}}' diff --git a/.github/workflows/android-internal-build.yml b/.github/workflows/android-internal-build.yml index 9e0622e86d..2926b6f37d 100644 --- a/.github/workflows/android-internal-build.yml +++ b/.github/workflows/android-internal-build.yml @@ -1,13 +1,25 @@ name: Android Internal Build +run-name: ${{ github.event.inputs.buildname }} env: - backendServiceDefaultUrl: https://api.sandbox.mosip.net + mimotoBackendServiceDefaultUrl: https://api.sandbox.mosip.net + esignetBackendServiceDefaultUrl: https://api.sandbox.mosip.net on: workflow_dispatch: inputs: - backendServiceUrl: - description: 'Backend service URL' + buildname: + description: 'Build App For' + required: true + default: 'Sprint-x/Collab/release-x.x.x' + type: string + mimotoBackendServiceUrl: + description: 'Mimoto backend service URL' + required: true + default: 'https://api.sandbox.mosip.net' + type: string + esignetBackendServiceUrl: + description: 'Esignet backend service URL' required: true default: 'https://api.sandbox.mosip.net' type: string @@ -41,7 +53,7 @@ jobs: - uses: actions/setup-node@v3 with: node-version: '16.x' - + - name: Cache local npm repository uses: actions/cache@v3.0.11 with: @@ -58,7 +70,7 @@ jobs: - name: Install npm dependencies run: | - npm ci + npm i - name: Create .env.local file run: | @@ -68,7 +80,7 @@ jobs: run: | # Strip git ref prefix from version echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV - echo "GPG_TTY=$(tty)" >> $GITHUB_ENV + echo "GPG_TTY=$(tty)" >> $GITHUB_ENV - name: Setup branch and GPG public key run: | @@ -99,11 +111,11 @@ jobs: cd android/app export RELEASE_KEYSTORE_ALIAS=androidreleasekey export RELEASE_KEYSTORE_PASSWORD=$RELEASE_KEYSTORE_PASSWORD - env: + env: RELEASE_KEYSTORE_PASSWORD: '${{secrets.INJI_ANDROID_RELEASE_STOREPASS}}' - name: Create Google Play Config file - run : | + run: | cd android echo "$INJI_ANDROID_PLAY_STORE_CONFIG_JSON" > play_config.json.b64 base64 -d -i play_config.json.b64 > play_config.json @@ -111,14 +123,103 @@ jobs: INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }} - name: Run Build - run: | + run: | cd android/scripts ./internal-build.sh env: - MIMOTO_HOST: ${{ github.event.inputs.backendServiceUrl }} - APPLICATION_THEME: ${{ github.event.inputs.theme }} + MIMOTO_HOST: ${{ github.event.inputs.mimotoBackendServiceUrl }} + ESIGNET_HOST: ${{ github.event.inputs.esignetBackendServiceUrl }} + APPLICATION_THEME: ${{ github.event.inputs.theme }} RELEASE_KEYSTORE_ALIAS: androidreleasekey RELEASE_KEYSTORE_PASSWORD: '${{secrets.INJI_ANDROID_RELEASE_STOREPASS}}' SLACK_URL: '${{ secrets.SLACK_WEBHOOK_DEVOPS }}' PLAY_CONSOLE_RELEASE_DESCRIPTION: ${{ github.event.inputs.buildDescription }} - CREDENTIAL_REGISTRY_EDIT: ${{ github.event.inputs.registry_edit }} \ No newline at end of file + CREDENTIAL_REGISTRY_EDIT: ${{ github.event.inputs.registry_edit }} + + upload-to-actions: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v3.1.0 + - uses: actions/setup-node@v3 + with: + node-version: '16.x' + + - name: Cache local npm repository + uses: actions/cache@v3.0.11 + with: + key: ${{ runner.os }}-node-${{ hashFiles('**/package-lock.json') }} + path: ~/.npm + + - name: Cache local gradle repository + uses: actions/cache@v3.0.11 + with: + key: ${{ runner.os }}-gradle-${{ hashFiles('**/*.gradle*', '**/gradle-wrapper.properties') }} + path: | + ~/.gradle/caches + ~/.gradle/wrapper + + - name: Install npm dependencies + run: | + npm i + + - name: Create .env.local file + run: | + echo "${{ secrets.ENV_FILE }}" > .env.local > android/local.properties + + - name: Setup branch and env + run: | + # Strip git ref prefix from version + echo "BRANCH_NAME=$(echo ${{ github.ref }} | sed -e 's,.*/\(.*\),\1,')" >> $GITHUB_ENV + echo "GPG_TTY=$(tty)" >> $GITHUB_ENV + + - name: Setup branch and GPG public key + run: | + # Strip git ref prefix from version + echo ${{ env.BRANCH_NAME }} + echo ${{ env.GPG_TTY }} + + sudo apt-get --yes install gnupg2 + gpg2 --import ./.github/keys/mosipgpgkey_pub.gpg + gpg2 --quiet --batch --passphrase=${{secrets.gpg_secret}} --allow-secret-key-import --import ./.github/keys/mosipgpgkey_sec.gpg + + - name: Setup Firebase + run: | + cd android + if [ ! -z "$FIREBASE_SECRET" ] && [ -f app/google-services.json.gpg ];then rm -f app/google-services.json;gpg2 --quiet --batch --passphrase=$FIREBASE_SECRET --pinentry-mode loopback --decrypt --output app/google-services.json app/mosip-google-services.json.gpg;fi + env: + FIREBASE_SECRET: ${{ secrets.GPG_SECRET }} + + - name: Generate keystore + run: | + echo "$ANDROID_KEYSTORE_FILE" > release.keystore.b64 + base64 -d -i release.keystore.b64 > android/app/release.keystore + env: + ANDROID_KEYSTORE_FILE: ${{ secrets.INJI_ANDROID_RELEASE_KEYSTORE }} + + - name: Create Google Play Config file + run: | + cd android + echo "$INJI_ANDROID_PLAY_STORE_CONFIG_JSON" > play_config.json.b64 + base64 -d -i play_config.json.b64 > play_config.json + env: + INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }} + + - name: Run Build for upload + run: | + npx jetify + cd android + ./gradlew :app:assembleMosipRelease + env: + MIMOTO_HOST: ${{ github.event.inputs.mimotoBackendServiceUrl }} + ESIGNET_HOST: ${{ github.event.inputs.esignetBackendServiceUrl }} + APPLICATION_THEME: ${{ github.event.inputs.theme }} + RELEASE_KEYSTORE_ALIAS: androidreleasekey + RELEASE_KEYSTORE_PASSWORD: '${{secrets.INJI_ANDROID_RELEASE_STOREPASS}}' + CREDENTIAL_REGISTRY_EDIT: ${{ github.event.inputs.registry_edit }} + + - name: Upload Artifact + uses: actions/upload-artifact@v3.1.1 + with: + name: ${{ github.event.inputs.buildname }} + path: android/app/build/outputs/apk/mosip/release/ + retention-days: 10 diff --git a/.github/workflows/clear_artifacts.yml b/.github/workflows/clear_artifacts.yml index 0af8038ec8..97e0818e8d 100644 --- a/.github/workflows/clear_artifacts.yml +++ b/.github/workflows/clear_artifacts.yml @@ -1,12 +1,10 @@ -name: 'Delete old artifacts' +name: "Delete old artifacts" on: workflow_dispatch: jobs: delete-artifacts: - runs-on: ubuntu-latest - steps: - - uses: kolpav/purge-artifacts-action@v1 - with: - token: ${{ secrets. access_token }} - expire-in: 2days # Setting this to 0 will delete all artifacts \ No newline at end of file + uses: mosip/kattu/.github/workflows/clear-artifacts.yml@master + secrets: + ACCESS_TOKEN: ${{ secrets.ACTION_PAT }} + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }} diff --git a/.github/workflows/internal-build.yml b/.github/workflows/internal-build.yml new file mode 100644 index 0000000000..4faf3a7c39 --- /dev/null +++ b/.github/workflows/internal-build.yml @@ -0,0 +1,135 @@ +name: Internal Build [Android & IOS] +run-name: ${{ inputs.buildname }} + +on: + workflow_dispatch: + inputs: + beta-release: + description: 'Beta release?' + required: true + default: 'No' + type: choice + options: + - Yes + - No + buildname: + description: 'Build App For' + required: true + default: 'Sprint-x/Collab/release-x.x.x' + type: string + mimotoBackendServiceUrl: + description: 'Mimoto backend service URL' + required: true + default: 'https://api.sandbox.mosip.net' + type: string + esignetBackendServiceUrl: + description: 'Esignet backend service URL' + required: true + default: 'https://api.sandbox.mosip.net' + type: string + internal-testers: + description: 'Internal Testers Group' + required: true + default: 'QA-Triple' + type: choice + options: + - Dev-testing + - MEC + - QA + - MOSIP-Collab + - MOSIP-Dev-testing + theme: + description: 'Application Theme' + required: true + default: 'orange' + type: choice + options: + - orange + - purple + buildDescription: + description: 'What to test' + required: true + default: 'QA-Triple environment' + type: string + allow_env_edit: + description: 'Edit ENV' + required: true + default: 'true' + type: choice + options: + - false + - true + +jobs: + build-android: + uses: mosip/kattu/.github/workflows/android-publish.yml@master + with: + NODE_VERSION: '16.x' + RELEASE_KEYSTORE_ALIAS: androidreleasekey + MIMOTO_HOST: ${{ inputs.mimotoBackendServiceUrl }} + ESIGNET_HOST: ${{ inputs.esignetBackendServiceUrl }} + APPLICATION_THEME: ${{ inputs.theme }} + BUILD_DESCRIPTION: ${{ inputs.buildDescription }} + ALLOW_ENV_EDIT: ${{ inputs.allow_env_edit }} + BUILD_NAME: ${{ inputs.buildname }} + secrets: + ANDROID_KEYSTORE_FILE: ${{ secrets.INJI_ANDROID_RELEASE_KEYSTORE }} + RELEASE_KEYSTORE_PASSWORD: '${{ secrets.INJI_ANDROID_RELEASE_STOREPASS }}' + INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }} + ENV_FILE: ${{ secrets.ENV_FILE }} + SLACK_URL: '${{ secrets.SLACK_WEBHOOK }}' + + build-android-beta: + if: ${{ inputs.beta-release == 'Yes' }} + uses: mosip/kattu/.github/workflows/android-publish.yml@master + with: + BETA_RELEASE: ${{ inputs.beta-release }} + NODE_VERSION: '16.x' + RELEASE_KEYSTORE_ALIAS: androidreleasekey + MIMOTO_HOST: ${{ inputs.mimotoBackendServiceUrl }} + ESIGNET_HOST: ${{ inputs.esignetBackendServiceUrl }} + APPLICATION_THEME: ${{ inputs.theme }} + BUILD_DESCRIPTION: ${{ inputs.buildDescription }} + ALLOW_ENV_EDIT: ${{ inputs.allow_env_edit }} + BUILD_NAME: ${{ inputs.buildname }} + secrets: + ANDROID_KEYSTORE_FILE: ${{ secrets.INJI_ANDROID_RELEASE_KEYSTORE }} + RELEASE_KEYSTORE_PASSWORD: '${{ secrets.INJI_ANDROID_RELEASE_STOREPASS }}' + INJI_ANDROID_PLAY_STORE_CONFIG_JSON: ${{ secrets.INJI_ANDROID_PLAY_STORE_CONFIG_JSON }} + ENV_FILE: ${{ secrets.ENV_FILE }} + SLACK_URL: '${{ secrets.SLACK_WEBHOOK }}' + + build-ios: + uses: mosip/kattu/.github/workflows/ios-publish.yml@master + with: + NODE_VERSION: '18.x' + MIMOTO_HOST: ${{ inputs.mimotoBackendServiceUrl }} + ESIGNET_HOST: ${{ inputs.esignetBackendServiceUrl }} + APPLICATION_THEME: ${{ inputs.theme }} + TESTFLIGHT_BETA_APP_DESCRIPTION: ${{ inputs.buildDescription }} + ALLOW_ENV_EDIT: ${{ inputs.allow_env_edit }} + TESTFLIGHT_INTERNAL_TESTERS_GROUP: ${{ inputs.internal-testers }} + secrets: + APP_STORE_CONNECT_TEAM_ID: '${{ secrets.APP_STORE_CONNECT_TEAM_ID }}' + DEVELOPER_APP_ID: '${{ secrets.IOS_INJI_DEVELOPER_APP_ID }}' + INJI_IOS_DEVELOPER_APP_IDENTIFIER: '${{ secrets.INJI_IOS_DEVELOPER_APP_IDENTIFIER }}' + INJI_IOS_DEVELOPER_PORTAL_TEAM_ID: '${{ secrets.INJI_IOS_DEVELOPER_PORTAL_TEAM_ID }}' + INJI_IOS_FASTLANE_APPLE_ID: '${{ secrets.INJI_IOS_FASTLANE_APPLE_ID }}' + INJI_IOS_FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD: '${{ secrets.INJI_IOS_FASTLANE_APPLE_APPLICATION_SPECIFIC_PASSWORD }}' + GIT_AUTHORIZATION: '${{ secrets.GIT_AUTHORIZATION }}' + INJI_IOS_PROVISIONING_PROFILE_SPECIFIER: '${{ secrets.INJI_IOS_PROVISIONING_PROFILE_SPECIFIER }}' + INJI_IOS_TEMP_KEYCHAIN_PASSWORD: '${{ secrets.INJI_IOS_TEMP_KEYCHAIN_PASSWORD }}' + INJI_IOS_TEMP_KEYCHAIN_USER: '${{ secrets.INJI_IOS_TEMP_KEYCHAIN_USER }}' + APPLE_KEY_ID: '${{ secrets.APPLE_KEY_ID }}' + APPLE_ISSUER_ID: '${{ secrets.APPLE_ISSUER_ID }}' + APPLE_KEY_CONTENT: '${{ secrets.APPLE_KEY_CONTENT }}' + MATCH_PASSWORD: '${{ secrets.INJI_IOS_MATCH_PASSWORD }}' + SLACK_URL: '${{ secrets.SLACK_WEBHOOK }}' + + sonar-check: + uses: mosip/kattu/.github/workflows/sonar.yml@master + secrets: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: https://sonarcloud.io + SONAR_ORGANIZATION: ${{ secrets.ORG_KEY }} + \ No newline at end of file diff --git a/.github/workflows/ios-automation-build.yml b/.github/workflows/ios-automation-build.yml index 4558da34f1..d4221d6374 100644 --- a/.github/workflows/ios-automation-build.yml +++ b/.github/workflows/ios-automation-build.yml @@ -33,7 +33,7 @@ on: jobs: build_ios: name: Deploying to Testflight - runs-on: macos-13 + runs-on: macos-12 steps: - uses: actions/checkout@v3.1.0 diff --git a/.github/workflows/ios-build.yml b/.github/workflows/ios-build.yml index 1391568cb5..e86b7e23b5 100644 --- a/.github/workflows/ios-build.yml +++ b/.github/workflows/ios-build.yml @@ -1,10 +1,15 @@ name: Inji iOS build -on: +on: workflow_dispatch: inputs: - backendServiceUrl: - description: 'Backend service URL' + mimotoBackendServiceUrl: + description: 'Mimoto backend service URL' + required: true + default: 'https://api.sandbox.mosip.net' + type: string + esignetBackendServiceUrl: + description: 'Esignet backend service URL' required: true default: 'https://api.sandbox.mosip.net' type: string @@ -43,24 +48,26 @@ on: jobs: build_ios: + if: ${{ github.event.inputs.app_file_upload == 'Push to TestFlight' || github.event.inputs.app_file_upload == 'Push and Upload'}} name: Deploying to Testflight runs-on: macos-13 - + steps: - uses: actions/checkout@v3.1.0 - uses: actions/setup-node@v3 with: - node-version: '16.x' - + node-version: '18.x' + - name: Install npm dependencies run: | npm install - + - name: Install Pod run: | cd ios pod install - + pod install + - name: Deploy iOS Beta to TestFlight run: | cd ios @@ -82,7 +89,13 @@ jobs: SLACK_URL: '${{ secrets.SLACK_WEBHOOK_DEVOPS }}' MATCH_PASSWORD: '${{ secrets.INJI_IOS_MATCH_PASSWORD }}' APPLICATION_THEME: ${{ github.event.inputs.theme }} - CREDENTIAL_REGISTRY_EDIT: ${{ github.event.inputs.registry_edit }} - MIMOTO_HOST: ${{ github.event.inputs.backendServiceUrl }} TESTFLIGHT_INTERNAL_TESTERS_GROUP: ${{ github.event.inputs.internal-testers }} - TESTFLIGHT_BETA_APP_DESCRIPTION: ${{ github.event.inputs.buildDescription }} \ No newline at end of file + TESTFLIGHT_BETA_APP_DESCRIPTION: ${{ github.event.inputs.buildDescription }} + + - name: Upload Runner Log on Failure + if: failure() # Only run this step if the previous steps failed + uses: actions/upload-artifact@v3.1.1 + with: + name: runner-log + path: /Users/runner/Library/Logs/gym/ + retention-days: 1 \ No newline at end of file diff --git a/.github/workflows/push-triggers.yml b/.github/workflows/push-triggers.yml new file mode 100644 index 0000000000..d944cc13e3 --- /dev/null +++ b/.github/workflows/push-triggers.yml @@ -0,0 +1,38 @@ +name: Push-Triggers + +.anchor-branches-tags: &branches-tags + branches: + - main + - develop + - qa-develop + - "release-**" + tags: + - "*" + +on: + push: + <<: *branches-tags + pull_request: + types: [opened, synchronize] + <<: *branches-tags + +jobs: + build-android: + uses: mosip/kattu/.github/workflows/android-build.yml@master + with: + NODE_VERSION: "16.x" + DEBUG_KEYSTORE_ALIAS: androiddebugkey + DEBUG_KEYSTORE_PASSWORD: "dummypassword" + + build-ios: + uses: mosip/kattu/.github/workflows/ios-build.yml@master + with: + NODE_VERSION: "16.x" + + sonar-check: + if: ${{ github.event_name == 'push' }} + uses: mosip/kattu/.github/workflows/sonar.yml@master + secrets: + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + SONAR_HOST_URL: https://sonarcloud.io + SONAR_ORGANIZATION: ${{ secrets.ORG_KEY }} diff --git a/.github/workflows/tag.yml b/.github/workflows/tag.yml new file mode 100644 index 0000000000..cfb9045071 --- /dev/null +++ b/.github/workflows/tag.yml @@ -0,0 +1,35 @@ +name: Tagging of repos + +on: + workflow_dispatch: + inputs: + TAG: + description: "Tag to be published" + required: true + type: string + BODY: + description: "Release body message" + required: true + default: "Changes in this Release" + type: string + PRE_RELEASE: + description: "Pre-release? True/False" + required: true + default: False + type: string + DRAFT: + description: "Draft? True/False" + required: false + default: False + type: string + +jobs: + tag-branch: + uses: mosip/kattu/.github/workflows/tag.yml@master + with: + TAG: ${{ inputs.TAG }} + BODY: ${{ inputs.BODY }} + PRE_RELEASE: ${{ inputs.PRE_RELEASE }} + DRAFT: ${{ inputs.DRAFT }} + secrets: + SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK }}