From 062f28387f5577d34b2c55f2d392565ff835fb0a Mon Sep 17 00:00:00 2001 From: oSumAtrIX Date: Thu, 10 Apr 2025 18:47:26 +0200 Subject: [PATCH] ci: Modernize workflows (#2473) Co-authored-by: Pun Butrach --- .github/workflows/build_pull_request.yml | 85 ++---------------------- .github/workflows/open_pull_request.yml | 3 +- .github/workflows/release.yml | 29 ++++---- 3 files changed, 23 insertions(+), 94 deletions(-) diff --git a/.github/workflows/build_pull_request.yml b/.github/workflows/build_pull_request.yml index 448d2a73..f4449c18 100644 --- a/.github/workflows/build_pull_request.yml +++ b/.github/workflows/build_pull_request.yml @@ -3,42 +3,18 @@ name: Build pull request on: workflow_dispatch: inputs: - # Select pull request pr-number: - description: PR number (Without hashtag) + description: PR number required: true - # Select app flavor app-flavor: description: App flavor - default: 'release' + default: release type: choice options: - release - debug - profile - # Flutter Configurations, - # it's recommended to be set when you have problem regarding with flutter itself - # For most part you do not need to change this. - - # Flutter version to use, note that the version had to exist in whether channel - # to grab - # Try using exact version or particular version on a specific branch instead of "any" - flutter-channel: - description: Flutter channel - default: 'stable' - type: choice - options: - - stable - - beta - - dev - - any - flutter-version: - description: Flutter version - default: '3.29.x' - -run-name: "Build pull request ${{ inputs.pr-number }}" - jobs: build: name: Build @@ -62,76 +38,27 @@ jobs: - name: Set up Flutter uses: subosito/flutter-action@v2 with: - channel: ${{ inputs.flutter-channel }} - flutter-version: ${{ inputs.flutter-version }} + channel: stable - name: Get dependencies - continue-on-error: true run: flutter pub get - name: Generate translations - continue-on-error: true run: dart run slang - name: Generate code files - continue-on-error: true run: dart run build_runner build --delete-conflicting-outputs - name: Build - continue-on-error: true id: flutter-build run: flutter build apk --${{ inputs.app-flavor }} env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - - name: Prepare comment - id: prepare-comment # This should work now? - run: | - echo "COMMIT_HASH=$(git rev-parse --short HEAD)" >> $GITHUB_ENV - if [[ "${{ steps.flutter-build.outcome }}" == "success" ]]; then - MESSAGE="โœ… Succeeded build on $COMMIT_HASH." - else - MESSAGE="๐Ÿšซ Failed build on $COMMIT_HASH." - fi - - - name: "Comment on pull request #${{ inputs.pr-number }}" - uses: thollander/actions-comment-pull-request@v3 - with: - github-token: ${{ github.token }} - pr-number: ${{ inputs.pr-number }} - mode: recreate - comment-tag: execution - message: | - ## โš’๏ธ Build status - - ๐Ÿงช Workflow triggered by: ${{ github.actor }} - - ${{ steps.prepare-comment.outputs.MESSAGE }} - - Details: [_Job execution **${{ github.run_id }}** / attempt **${{ github.run_attempt }}**_](https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }})! - - ### โš™๏ธ Workflow Steps - - | Step | Status | - | :------------------------ | :------------------------------------------------------- | - | **Get dependencies** | ${{ steps.get-dependencies.outcome || job.status }} | - | **Generate translations** | ${{ steps.generate-translations.outcome || job.status }} | - | **Generate code files** | ${{ steps.generate-code-files.outcome || job.status }} | - | **Build** | ${{ steps.flutter-build.outcome }} | - - ### โš™๏ธ Workflow Configuration - - | Parameter | Value | - | :--------------- | :--------------------------------------- | - | App flavor | ${{ inputs.app-flavor }} | - | Flutter version | ${{ inputs.flutter-version }} | - | Flutter channel | ${{ inputs.flutter-channel }} | - - - name: Upload Artifact + - name: Upload artifacts if: steps.flutter-build.outcome == 'success' uses: actions/upload-artifact@v4 with: - name: revanced-manager-(${{ env.COMMIT_HASH }}-${{ inputs.pr-number }}-${{ inputs.app-flavor }}-${{ inputs.flutter-version }}) + name: revanced-manager-(${{ env.COMMIT_HASH }} path: | - build/app/outputs/flutter-apk/app-${{ inputs.app-flavor }}.apk - build/app/outputs/flutter-apk/app-${{ inputs.app-flavor }}.apk.sha1 + build/app/outputs/flutter-apk/app-*.apk diff --git a/.github/workflows/open_pull_request.yml b/.github/workflows/open_pull_request.yml index 840020c3..03d40f7f 100644 --- a/.github/workflows/open_pull_request.yml +++ b/.github/workflows/open_pull_request.yml @@ -12,6 +12,8 @@ env: jobs: pull-request: name: Open pull request + permissions: + pull-requests: write runs-on: ubuntu-latest steps: - name: Checkout @@ -25,4 +27,3 @@ jobs: pr_body: | This pull request will ${{ env.MESSAGE }}. pr_draft: true - github_token: ${{ secrets.REPOSITORY_PUSH_ACCESS }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 969f1394..bd352888 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -6,19 +6,13 @@ on: branches: - main - dev - paths: - - ".github/workflows/release.yml" - - "android/**" - - "assets/**" - - "lib/**" - - "pubspec.yaml" jobs: release: name: Release permissions: - id-token: write contents: write + id-token: write attestations: write runs-on: ubuntu-latest steps: @@ -28,7 +22,10 @@ jobs: fetch-depth: 0 - name: Setup Java - run: echo "JAVA_HOME=$JAVA_HOME_17_X64" >> $GITHUB_ENV + uses: actions/setup-java@v4 + with: + distribution: 'temurin' + java-version: '17' - name: Setup Node.js uses: actions/setup-node@v4 @@ -40,6 +37,10 @@ jobs: uses: subosito/flutter-action@v2 with: channel: stable + cache: true + + - name: Cache Gradle + uses: burrunan/gradle-cache-action@v1 - name: Install dependencies run: npm ci @@ -57,17 +58,17 @@ jobs: run: | echo "${{ secrets.KEYSTORE }}" | base64 --decode > "android/app/keystore.jks" - - name: Release + - name: Semantic Release + uses: cycjimmy/semantic-release-action@v4 + id: semantic env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} KEYSTORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }} KEYSTORE_ENTRY_ALIAS: ${{ secrets.KEYSTORE_ENTRY_ALIAS }} KEYSTORE_ENTRY_PASSWORD: ${{ secrets.KEYSTORE_ENTRY_PASSWORD }} - run: | - npx semantic-release - - name: Generate artifact attestation - if: github.ref == 'refs/heads/main' - uses: actions/attest-build-provenance@v1 + - name: Attest + if: steps.semantic.outputs.new_release_published == 'true' + uses: actions/attest-build-provenance@v2 with: subject-path: build/app/outputs/apk/release/revanced-manager-*.apk