Merge branch 'main' of https://github.com/bcgov/bc-wallet-mobile into… #254
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Native Build & Test | |
| env: | |
| cacheId: "3" # increment to expire the cache | |
| appBuildNumber: ${{ github.run_number }} | |
| appBuildVersion: "0.0.2" | |
| on: | |
| workflow_dispatch: | |
| push: | |
| branches: [main] | |
| paths: | |
| - app/** | |
| - bifold | |
| - .yarn/** | |
| - .github/workflows/** | |
| pull_request: | |
| branches: [main] | |
| paths: | |
| - app/** | |
| - bifold | |
| - .yarn/** | |
| - .github/workflows/** | |
| - .gitmodules | |
| - package.json | |
| - yarn.lock | |
| - .yarnrc.yml | |
| - .yarn/** | |
| jobs: | |
| check-android-secrets: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| isReleaseBuild: ${{ steps.isReleaseBuild.outputs.defined }} | |
| steps: | |
| - id: isReleaseBuild | |
| if: env.PLAY_STORE_JKS_BASE64 != null && env.PLAY_STORE_JKS_ALIAS != null && env.PLAY_STORE_JKS_PASSWD != null | |
| run: echo "::set-output name=defined::true" | |
| env: | |
| PLAY_STORE_JKS_BASE64: ${{ secrets.PLAY_STORE_JKS_BASE64 }} | |
| PLAY_STORE_JKS_ALIAS: ${{ secrets.PLAY_STORE_JKS_ALIAS }} | |
| PLAY_STORE_JKS_PASSWD: ${{ secrets.PLAY_STORE_JKS_PASSWD }} | |
| check-ios-secrets: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| isReleaseBuild: ${{ steps.isReleaseBuild.outputs.defined }} | |
| steps: | |
| - id: isReleaseBuild | |
| if: env.CERTIFICATE != null && env.KEYCHIAN_PASSWD != null && env.PROVISIONING_PROFILE != null | |
| run: echo "::set-output name=defined::true" | |
| env: | |
| CERTIFICATE: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| KEYCHIAN_PASSWD: ${{ secrets.KEYCHIAN_PASSWD }} | |
| PROVISIONING_PROFILE: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | |
| build-ios: | |
| needs: [check-ios-secrets] | |
| runs-on: macos-latest | |
| env: | |
| BUNDLE_GEMFILE: ${{ github.workspace }}/app/Gemfile | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - uses: actions/setup-python@v4 | |
| with: | |
| python-version: "3.11" | |
| - name: Setup NodeJS | |
| uses: ./.github/workflows/actions/setup-node | |
| - name: Configure ruby | |
| uses: ruby/setup-ruby@v1 | |
| with: | |
| working-directory: ./app | |
| - name: What XCode are we using? | |
| run: | | |
| xcode-select -p | |
| - name: Cached pip dependencies | |
| uses: actions/cache@v3 | |
| id: pip-cache | |
| with: | |
| path: ~/.cache/pip | |
| key: ${{ runner.os }}-pip | |
| restore-keys: | | |
| ${{ runner.os }}-pip- | |
| - name: Cache pod dependencies | |
| id: pod-cache | |
| uses: actions/cache@v3 | |
| with: | |
| path: | | |
| app/ios/Pods | |
| ~/Library/Caches/CocoaPods | |
| ~/.cocoapods | |
| key: ${{ runner.os }}-pods-${{ hashFiles('**/Podfile.lock') }} | |
| restore-keys: | | |
| ${{ runner.os }}-pods- | |
| - name: Restore cached derived data | |
| id: cache-dd-restore | |
| uses: actions/cache/restore@v3 | |
| with: | |
| path: app/ios/xbuild/Build | |
| key: ${{ runner.os }}-dd-xcode | |
| - name: Install dependencies | |
| working-directory: ./ | |
| run: | | |
| yarn install --immutable && \ | |
| git status | |
| - name: Install iOS dependencies | |
| # if: steps.pod-cache.outputs.cache-hit != 'true' || steps.npm-cache.outputs.cache-hit != 'true' | |
| working-directory: app/ios | |
| run: | | |
| bundle install --frozen --gemfile=${BUNDLE_GEMFILE} && \ | |
| pod install && \ | |
| git status && \ | |
| git diff Podfile.lock | |
| - name: Bump Build No. | |
| working-directory: app/ios | |
| env: | |
| CURRENT_PROJECT_VERSION: ${{ env.appBuildNumber }} | |
| MARKETING_VERSION: ${{ env.appBuildVersion }} | |
| run: | | |
| agvtool new-version ${CURRENT_PROJECT_VERSION} && \ | |
| agvtool new-marketing-version ${MARKETING_VERSION} | |
| # Actual environment variables are not being picked up | |
| # by the build so they're put into an .env file. | |
| - name: Create environment settings | |
| if: env.CQEN_MEDIATOR_URL != null && env.OCA_URL != null && env.MCN_MEDIATOR_URL != null | |
| working-directory: app | |
| env: | |
| CQEN_MEDIATOR_URL: ${{ secrets.CQEN_MEDIATOR_URL }} | |
| MCN_MEDIATOR_URL: ${{ secrets.MCN_MEDIATOR_URL }} | |
| OCA_URL: ${{ vars.OCA_URL }} | |
| run: | | |
| echo "CQEN_MEDIATOR_URL=${CQEN_MEDIATOR_URL}" >.env | |
| echo "MCN_MEDIATOR_URL=${MCN_MEDIATOR_URL}" >>.env | |
| echo "OCA_URL=${OCA_URL}" >>.env | |
| - name: Set Push Notification Capability | |
| working-directory: app/ios/AriesBifold | |
| env: | |
| MEDIATOR_USE_PUSH_NOTIFICATIONS: false | |
| MEDIATOR_LABEL: Mediator | |
| run: | | |
| mv DEVELOPMENT.AriesBifold.entitlements AriesBifold.entitlements | |
| # https://docs.github.com/en/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development | |
| - name: Create Provisioning Profile | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| env: | |
| PROVISIONING_PROFILE: ${{ secrets.BUILD_PROVISION_PROFILE_BASE64 }} | |
| run: | | |
| scripts/makepp.sh | |
| # https://docs.github.com/en/actions/deployment/deploying-xcode-applications/installing-an-apple-certificate-on-macos-runners-for-xcode-development | |
| - name: Build Keychain | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| env: | |
| CERTIFICATE: ${{ secrets.BUILD_CERTIFICATE_BASE64 }} | |
| run: | | |
| scripts/makekc.sh ${{ secrets.KEYCHIAN_PASSWD }} | |
| - name: Release build | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: app/ios | |
| run: | | |
| xcodebuild \ | |
| -workspace AriesBifold.xcworkspace \ | |
| -scheme AriesBifold \ | |
| -configuration Release \ | |
| -derivedDataPath xbuild \ | |
| -xcconfig ../../release.xcconfig \ | |
| -archivePath AriesBifold.xcarchive \ | |
| -sdk iphoneos \ | |
| -verbose \ | |
| archive | |
| - name: Save cache for derived data | |
| id: cache-dd-save | |
| uses: actions/cache/save@v3 | |
| with: | |
| path: app/ios/xbuild/Build | |
| key: ${{ steps.cache-dd-restore.outputs.cache-primary-key }} | |
| - name: Archive & Sign | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: app/ios | |
| run: | | |
| xcodebuild \ | |
| -exportArchive \ | |
| -archivePath AriesBifold.xcarchive \ | |
| -exportPath export \ | |
| -exportOptionsPlist ../../options.plist \ | |
| -verbose | |
| # https://blog.codemagic.io/app-store-connect-api-codemagic-cli-tools/ | |
| - name: Install Codemagic CLI Tools | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| run: | | |
| pip3 install codemagic-cli-tools | |
| - name: Ship to iTunes | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: app/ios | |
| env: | |
| APP_STORE_CONNECT_ISSUER_ID: ${{ secrets.APP_STORE_CONNECT_ISSUER_ID }} | |
| APP_STORE_CONNECT_KEY_IDENTIFIER: ${{ secrets.APP_STORE_CONNECT_KEY_IDENTIFIER }} | |
| APP_STORE_CONNECT_PRIVATE_KEY: ${{ secrets.APP_STORE_CONNECT_PRIVATE_KEY_95 }} | |
| VERSION_CODE: ${{ env.appBuildNumber }} | |
| VERSION_NAME: ${{ env.appBuildVersion }} | |
| run: | | |
| export PATH=$PATH:/Library/Frameworks/Python.framework/Versions/3.11/bin | |
| app-store-connect publish \ | |
| --enable-package-validation \ | |
| --max-build-processing-wait 25 \ | |
| --testflight \ | |
| --beta-group "The Team" "IDIM Team" \ | |
| --whats-new "Release ${VERSION_NAME}-${GITHUB_RUN_NUMBER}" | |
| - name: Upload iOS artifact | |
| if: github.ref_name == 'main' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: ios-artifact | |
| path: app/ios/export/AriesBifold.ipa | |
| if-no-files-found: error | |
| retention-days: 7 | |
| build-android: | |
| needs: [check-android-secrets] | |
| runs-on: ubuntu-22.04 | |
| permissions: | |
| contents: read | |
| packages: write | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: Pull & update submodules recursively | |
| run: | | |
| git submodule update --init --recursive | |
| - name: Setup NodeJS | |
| uses: ./.github/workflows/actions/setup-node | |
| - name: Setup Java | |
| uses: actions/setup-java@v3 | |
| with: | |
| distribution: "zulu" | |
| java-version: 11 | |
| cache: "gradle" | |
| server-id: github | |
| settings-path: ${{ github.workspace }} | |
| - name: Install dependencies | |
| working-directory: ./ | |
| run: | | |
| yarn install --immutable && \ | |
| git status | |
| # Actual environment variables are not being picked up | |
| # by the build so they're put into an .env file. | |
| - name: Create environment settings | |
| if: env.CQEN_MEDIATOR_URL != null && env.OCA_URL != null && env.MCN_MEDIATOR_URL != null | |
| working-directory: app | |
| env: | |
| CQEN_MEDIATOR_URL: ${{ secrets.CQEN_MEDIATOR_URL }} | |
| MCN_MEDIATOR_URL: ${{ secrets.MCN_MEDIATOR_URL }} | |
| OCA_URL: ${{ vars.OCA_URL }} | |
| run: | | |
| echo "CQEN_MEDIATOR_URL=${CQEN_MEDIATOR_URL}" >.env | |
| echo "MCN_MEDIATOR_URL=${MCN_MEDIATOR_URL}" >>.env | |
| echo "OCA_URL=${OCA_URL}" >>.env | |
| - name: Create release keystore | |
| #if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: app/android/app | |
| env: | |
| PLAY_STORE_JKS_BASE64: ${{ secrets.PLAY_STORE_JKS_BASE64 }} | |
| PLAY_STORE_JKS_ALIAS: ${{ secrets.PLAY_STORE_JKS_ALIAS }} | |
| PLAY_STORE_JKS_PASSWD: ${{ secrets.PLAY_STORE_JKS_PASSWD }} | |
| run: | | |
| echo "${PLAY_STORE_JKS_BASE64}" | base64 -d >release.keystore && \ | |
| keytool -list -v -keystore release.keystore -alias ${PLAY_STORE_JKS_ALIAS} -storepass:env PLAY_STORE_JKS_PASSWD | \ | |
| grep "SHA1" | |
| # - name: Android debug build | |
| # if: github.ref_name != 'main' || needs.check-android-secrets.outputs.isReleaseBuild != 'true' | |
| # working-directory: app/android | |
| # env: | |
| # VERSION_CODE: ${{ env.appBuildNumber }} | |
| # VERSION_NAME: ${{ env.appBuildVersion }} | |
| # run: | | |
| # ./gradlew --no-daemon bundleRelease | |
| - name: Android release build | |
| #if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: app/android | |
| env: | |
| PLAY_STORE_JKS_ALIAS: ${{ secrets.PLAY_STORE_JKS_ALIAS }} | |
| PLAY_STORE_JKS_PASSWD: ${{ secrets.PLAY_STORE_JKS_PASSWD }} | |
| VERSION_CODE: ${{ env.appBuildNumber }} | |
| VERSION_NAME: ${{ env.appBuildVersion }} | |
| run: | | |
| ( cd ../ && npx react-native bundle --platform android --dev false --entry-file index.js --bundle-output android/app/src/main/assets/index.android.bundle --verbose ) && \ | |
| ./gradlew bundleRelease && \ | |
| ./gradlew assembleRelease && \ | |
| find . -type f -name '*.apk' | |
| # - name: Publish to GitHub Packages Registry | |
| # run: mvn deploy:deploy-file -s $GITHUB_WORKSPACE/settings.xml -DgroupId=com.github.bcgov -DartifactId=bc-wallet -Dclassifier=android -DrepositoryId=github -Durl=https://maven.pkg.github.com/$GITHUB_REPOSITORY -Dversion=${{ env.appBuildVersion }}.${{ env.appBuildNumber }} -DgeneratePom=false -Dpackaging=aab -Dfile=app/android/app/build/outputs/bundle/release/app-release.aab | |
| # env: | |
| # GITHUB_TOKEN: ${{ github.token }} | |
| - name: List Artifacts | |
| #if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| run: | | |
| find . -type f -name '*.apk' | |
| - name: Upload artifact | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: android | |
| path: | | |
| app/android/app/build/outputs/bundle/release/app-release.aab | |
| app/android/app/build/outputs/apk/release/app-release.apk | |
| - name: Upload Android artifact | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: android-artifact | |
| path: app/android/app/build/outputs/bundle/release/app-release.aab | |
| if-no-files-found: error | |
| retention-days: 7 | |
| - name: Ship to Google Play | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| working-directory: app/ | |
| env: | |
| GOOGLE_API_CREDENTIALS_BASE64: ${{ secrets.GOOGLE_API_CREDENTIALS_BASE64 }} | |
| GOOGLE_API_CREDENTIALS: "api_keys.json" | |
| ANDROID_PACKAGE_NAME: "ca.qc.gouv.portefeuillemobileqc" | |
| ANDROID_BUNDLE_PATH: "./android/app/build/outputs/bundle/release/app-release.aab" | |
| VERSION_CODE: ${{ env.appBuildNumber }} | |
| VERSION_NAME: ${{ env.appBuildVersion }} | |
| run: | | |
| # when we updated to yarn we started getting an error with paths | |
| # and had to add `/android` to the path. | |
| # when we updated to yarn we started getting an error with paths | |
| # and had to add `/android` to the path. | |
| echo "${GOOGLE_API_CREDENTIALS_BASE64}" | base64 -d >${GOOGLE_API_CREDENTIALS} && \ | |
| node ./deploy-to-playstore.js | |
| - name: Upload Android artifact | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' | |
| uses: actions/upload-artifact@v3 | |
| with: | |
| name: android-artifact | |
| path: app/android/app/build/outputs/bundle/release/app-release.aab | |
| if-no-files-found: error | |
| retention-days: 7 | |
| release: | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| needs: [build-ios, build-android] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v2 | |
| - name: Create release | |
| uses: actions/[email protected] | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| with: | |
| tag_name: v${{ env.appBuildVersion }}-${{ env.appBuildNumber }} | |
| release_name: Version ${{ env.appBuildVersion }}-${{ env.appBuildNumber }} | |
| body: | | |
| Dev Release. | |
| ship-to-lambdatest: | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| needs: [build-ios, build-android] | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| IOS_APP_URL: ${{ steps.upload-app-ios.outputs.IOS_APP_URL }} | |
| ANDROID_APP_URL: ${{ steps.upload-app-android.outputs.ANDROID_APP_URL }} | |
| steps: | |
| - name: Download iOS artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: ios-artifact | |
| - name: Download Android artifact | |
| uses: actions/download-artifact@v3 | |
| with: | |
| name: android-artifact | |
| - name: Ship iOS to LambdaTest | |
| env: | |
| LAMBDA_USERNAME: ${{ secrets.LAMBDA_USERNAME }} | |
| LAMBDA_ACCESS_KEY: ${{ secrets.LAMBDA_ACCESS_KEY }} | |
| id: upload-app-ios | |
| run: | | |
| curl \ | |
| -u "$LAMBDA_USERNAME:$LAMBDA_ACCESS_KEY" \ | |
| --location --request POST 'https://manual-api.lambdatest.com/app/upload/realDevice' \ | |
| --form 'appFile=@"AriesBifold.ipa"' \ | |
| --form "name=QCWallet-$GITHUB_RUN_NUMBER.ipa" > $HOME/lt_ios_resp.json | |
| echo "IOS_APP_URL=lt://$(jq -r '.app_id' $HOME/lt_ios_resp.json)" >> "$GITHUB_OUTPUT" | |
| - name: Ship Android to LambdaTest | |
| env: | |
| LAMBDA_USERNAME: ${{ secrets.LAMBDA_USERNAME }} | |
| LAMBDA_ACCESS_KEY: ${{ secrets.LAMBDA_ACCESS_KEY }} | |
| id: upload-app-android | |
| run: | | |
| curl \ | |
| -u "$LAMBDA_USERNAME:$LAMBDA_ACCESS_KEY" \ | |
| --location --request POST 'https://manual-api.lambdatest.com/app/upload/realDevice' \ | |
| --form 'appFile=@"app-release.aab"' \ | |
| --form "name=QCWallet-$GITHUB_RUN_NUMBER.aab" > $HOME/lt_android_resp.json | |
| echo "ANDROID_APP_URL=lt://$(jq -r '.app_id' $HOME/lt_android_resp.json)" >> "$GITHUB_OUTPUT" | |
| run-on-device-tests: | |
| if: github.ref_name == 'main' && needs.check-android-secrets.outputs.isReleaseBuild == 'true' && needs.check-ios-secrets.outputs.isReleaseBuild == 'true' | |
| needs: [ship-to-lambdatest] | |
| runs-on: ubuntu-22.04 | |
| strategy: | |
| max-parallel: 1 | |
| fail-fast: false | |
| matrix: | |
| include: | |
| - mobile-platform: "-p Android" | |
| app-file-name: "-a ${{ needs.ship-to-lambdatest.outputs.ANDROID_APP_URL }}" | |
| build-name: "-b QCWallet-${{ github.run_number }}-Android" | |
| report-project: "android-multi-device-full" | |
| - mobile-platform: "-p iOS" | |
| app-file-name: "-a ${{ needs.ship-to-lambdatest.outputs.IOS_APP_URL }}" | |
| build-name: "-b QCWallet-${{ github.run_number }}-iOS" | |
| report-project: "ios-multi-device-full" | |
| timeout-minutes: 60 | |
| steps: | |
| - uses: actions/checkout@v2 | |
| - name: run-aath-agents | |
| if: ${{ matrix.mobile-platform=='-p iOS' }} | |
| uses: ./.github/workflows/actions/run-aath-agents | |
| with: | |
| USE_NGROK: "" | |
| - name: run-aath-agents-ngrok | |
| if: ${{ matrix.mobile-platform=='-p Android' }} | |
| uses: ./.github/workflows/actions/run-aath-agents | |
| with: | |
| USE_NGROK: "-n" | |
| # - name: run-lambdatest-connect-tunnel | |
| # if: ${{ matrix.mobile-platform=='-p iOS' }} | |
| # uses: LambdaTest/LambdaTest-tunnel-action@v1 | |
| # with: | |
| # user: ${{ secrets.LAMBDA_USERNAME }} | |
| # accessKey: ${{ secrets.LAMBDA_ACCESS_KEY }} | |
| # tunnelName: "PortefeuilleQC-Tunnel-${{ github.run_number }}" | |
| - name: Fetch mobile test harness repo | |
| uses: actions/checkout@v2 | |
| with: | |
| repository: MCN-ING/aries-mobile-test-harness | |
| path: aries-mobile-test-harness | |
| ref: main | |
| - name: Run LambdaTest all tests | |
| uses: ./.github/workflows/actions/run-test-harness | |
| env: | |
| LEDGER_URL_CONFIG: "http://test.bcovrin.vonx.io" | |
| REGION: "us-west-1" | |
| with: | |
| MOBILE_WALLET: "-w qc_wallet" | |
| ISSUER_AGENT: '-i "AATH;http://0.0.0.0:9020"' | |
| VERIFIER_AGENT: '-v "AATH;http://0.0.0.0:9030"' | |
| DEVICE_CLOUD: "-d LambdaTest" | |
| DEVICE_CLOUD_USER: "-u ${{ secrets.LAMBDA_USERNAME }}" | |
| DEVICE_CLOUD_KEY: "-k ${{ secrets.LAMBDA_ACCESS_KEY }}" | |
| MOBILE_PLATFORM: ${{ matrix.mobile-platform }} | |
| APP_FILE_NAME: ${{ matrix.app-file-name }} | |
| BUILD_NAME: ${{ matrix.build-name }} | |
| TEST_SCOPE: "-t @qc_wallet -t ~@wip -t ~@qc_wallet_not" | |
| REPORT_PROJECT: ${{ matrix.report-project }} | |
| # - name: Upload smoke-test results to Allure | |
| # if: ${{ always() }} | |
| # uses: ./.github/workflows/actions/run-send-gen-test-results-secure | |
| # with: | |
| # REPORT_PROJECT: ${{ matrix.report-project }} | |
| # ADMIN_USER: ${{ secrets.ALLURE_USERNAME }} | |
| # ADMIN_PW: ${{ secrets.ALLURE_PASSWD }} |