Refactor app startup code - extracting services #661
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: iOS - PR Checks | |
| on: | |
| push: | |
| branches: [ main, "release/**" ] | |
| pull_request: | |
| workflow_call: | |
| inputs: | |
| branch: | |
| description: "Branch name" | |
| required: false | |
| type: string | |
| skip-release: | |
| description: "Skip release build" | |
| required: false | |
| default: false | |
| type: boolean | |
| secrets: | |
| APPLE_API_KEY_BASE64: | |
| required: true | |
| APPLE_API_KEY_ID: | |
| required: true | |
| APPLE_API_KEY_ISSUER: | |
| required: true | |
| ASANA_ACCESS_TOKEN: | |
| required: true | |
| MATCH_PASSWORD: | |
| required: true | |
| SSH_PRIVATE_KEY_FASTLANE_MATCH: | |
| required: true | |
| jobs: | |
| swiftlint: | |
| name: SwiftLint | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out the code | |
| if: github.event_name == 'pull_request' || github.event_name == 'push' | |
| uses: actions/checkout@v4 | |
| - name: Check out the code | |
| if: github.event_name != 'pull_request' && github.event_name != 'push' | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ inputs.branch || github.ref_name }} | |
| - name: SwiftLint | |
| uses: docker://norionomura/swiftlint:0.54.0_swift-5.9.0 | |
| with: | |
| args: swiftlint --reporter github-actions-logging --strict | |
| shellcheck: | |
| name: ShellCheck | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Check out the code | |
| if: github.event_name == 'pull_request' || github.event_name == 'push' | |
| uses: actions/checkout@v4 | |
| - name: Check out the code | |
| if: github.event_name != 'pull_request' && github.event_name != 'push' | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ inputs.branch || github.ref_name }} | |
| - name: Run ShellCheck | |
| uses: ludeeus/action-shellcheck@master | |
| with: | |
| format: gcc | |
| scandir: scripts | |
| unit-tests: | |
| name: Unit Tests | |
| runs-on: macos-15 | |
| timeout-minutes: 60 # temporary (vs original 20) to fix the issue with GHA slowness | |
| outputs: | |
| commit_author: ${{ steps.fetch_commit_author.outputs.commit_author }} | |
| steps: | |
| - name: Check out the code | |
| if: github.event_name == 'pull_request' || github.event_name == 'push' | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| - name: Check out the code | |
| if: github.event_name != 'pull_request' && github.event_name != 'push' | |
| uses: actions/checkout@v4 | |
| with: | |
| submodules: recursive | |
| ref: ${{ inputs.branch || github.ref_name }} | |
| - name: Set cache key hash | |
| run: | | |
| has_only_tags=$(jq '[ .pins[].state | has("version") ] | all' DuckDuckGo-iOS.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved) | |
| if [[ "$has_only_tags" == "true" ]]; then | |
| echo "cache_key_hash=${{ hashFiles('DuckDuckGo-iOS.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved') }}" >> $GITHUB_ENV | |
| else | |
| echo "Package.resolved contains dependencies specified by branch or commit, skipping cache." | |
| fi | |
| - name: Cache SPM | |
| if: env.cache_key_hash | |
| uses: actions/cache@v4 | |
| with: | |
| path: DerivedData/SourcePackages | |
| key: ${{ runner.os }}-spm-${{ env.cache_key_hash }} | |
| restore-keys: | | |
| ${{ runner.os }}-spm- | |
| - name: Install xcbeautify | |
| run: brew install xcbeautify | |
| - name: Select Xcode | |
| run: sudo xcode-select -s /Applications/Xcode_$(<.xcode-version).app/Contents/Developer | |
| - name: Build and test | |
| run: | | |
| set -o pipefail && xcodebuild test \ | |
| -scheme "iOS Browser" \ | |
| -destination "platform=iOS Simulator,name=iPhone 16,OS=18.1" \ | |
| -derivedDataPath "DerivedData" \ | |
| -skipPackagePluginValidation \ | |
| -skipMacroValidation \ | |
| DDG_SLOW_COMPILE_CHECK_THRESHOLD=250 \ | |
| | tee xcodebuild.log \ | |
| | xcbeautify --report junit --report-path . --junit-report-filename unittests.xml | |
| - name: Upload logs if workflow failed | |
| uses: actions/upload-artifact@v4 | |
| if: failure() || cancelled() | |
| with: | |
| name: BuildLogs | |
| path: | | |
| xcodebuild.log | |
| DerivedData/Logs/Test/*.xcresult | |
| retention-days: 7 | |
| - name: Publish unit tests report | |
| uses: mikepenz/action-junit-report@v3 | |
| with: | |
| report_paths: unittests.xml | |
| - name: Update Asana with failed unit tests | |
| if: always() # always run even if the previous step fails | |
| env: | |
| ASANA_ACCESS_TOKEN: ${{ secrets.ASANA_ACCESS_TOKEN }} | |
| WORKFLOW_URL: https://github.com/${{ github.repository }}/actions/runs/${{ github.run_id }}/attempts/${{ github.run_attempt }} | |
| run: | | |
| # Extract failed tests from the junit report | |
| # Only keep failures unique by classname and name (column 1 and 2 of the yq output) | |
| yq < unittests.xml -p xml -o json -r \ | |
| $'[.testsuites.testsuite[].testcase] | flatten | map(select(.failure) | .+@classname + " " + .+@name + " \'" + .failure.+@message + "\' ${{ env.WORKFLOW_URL }}") | .[]' \ | |
| | sort -u -k 1,2 \ | |
| | xargs -L 1 ./scripts/report-failed-unit-test.sh -s ${{ vars.APPLE_CI_FAILING_TESTS_IOS_FAILED_TESTS_SECTION_ID }} | |
| - name: Fetch latest commit author | |
| if: always() && github.ref_name == 'main' | |
| id: fetch_commit_author | |
| env: | |
| GH_TOKEN: ${{ github.token }} | |
| run: | | |
| head_commit=$(git rev-parse HEAD) | |
| author=$(gh api https://api.github.com/repos/${{ github.repository }}/commits/${head_commit} --jq .author.login) | |
| echo "commit_author=${author}" >> $GITHUB_OUTPUT | |
| release-build: | |
| name: Make Release Build | |
| # Dependabot doesn't have access to all secrets, so we skip this job, also skip for releases | |
| if: github.actor != 'dependabot[bot]' && inputs.skip-release != true | |
| runs-on: macos-15 | |
| timeout-minutes: 60 # temporary (vs original 20) to fix the issue with GHA slowness | |
| steps: | |
| - name: Register SSH keys for access to certificates | |
| uses: webfactory/ssh-agent@v0.7.0 | |
| with: | |
| ssh-private-key: ${{ secrets.SSH_PRIVATE_KEY_FASTLANE_MATCH }} | |
| - name: Check out the code | |
| if: github.event_name == 'pull_request' || github.event_name == 'push' | |
| uses: actions/checkout@v4 | |
| - name: Check out the code | |
| if: github.event_name != 'pull_request' && github.event_name != 'push' | |
| uses: actions/checkout@v4 | |
| with: | |
| ref: ${{ inputs.branch || github.ref_name }} | |
| - name: Set cache key hash | |
| run: | | |
| has_only_tags=$(jq '[ .pins[].state | has("version") ] | all' DuckDuckGo-iOS.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved) | |
| if [[ "$has_only_tags" == "true" ]]; then | |
| echo "cache_key_hash=${{ hashFiles('DuckDuckGo-iOS.xcodeproj/project.xcworkspace/xcshareddata/swiftpm/Package.resolved') }}" >> $GITHUB_ENV | |
| else | |
| echo "Package.resolved contains dependencies specified by branch or commit, skipping cache." | |
| fi | |
| - name: Cache SPM | |
| if: env.cache_key_hash | |
| uses: actions/cache@v4 | |
| with: | |
| path: DerivedData/SourcePackages | |
| key: ${{ runner.os }}-spm-release-${{ env.cache_key_hash }} | |
| restore-keys: | | |
| ${{ runner.os }}-spm-release- | |
| - name: Install xcbeautify | |
| run: brew install xcbeautify | |
| - name: Select Xcode | |
| run: sudo xcode-select -s /Applications/Xcode_$(<.xcode-version).app/Contents/Developer | |
| - name: Prepare fastlane | |
| run: bundle install | |
| - name: Build the app | |
| env: | |
| APPLE_API_KEY_BASE64: ${{ secrets.APPLE_API_KEY_BASE64 }} | |
| APPLE_API_KEY_ID: ${{ secrets.APPLE_API_KEY_ID }} | |
| APPLE_API_KEY_ISSUER: ${{ secrets.APPLE_API_KEY_ISSUER }} | |
| MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} | |
| run: | | |
| bundle exec fastlane sync_signing | |
| set -o pipefail && xcodebuild \ | |
| -scheme "iOS Browser" \ | |
| -destination "platform=iOS Simulator,name=iPhone 16" \ | |
| -derivedDataPath "DerivedData" \ | |
| -configuration "Release" \ | |
| -skipPackagePluginValidation \ | |
| -skipMacroValidation \ | |
| | xcbeautify | |
| create-asana-task: | |
| name: Create Asana Task | |
| needs: [swiftlint, unit-tests, shellcheck, release-build] | |
| if: failure() && github.ref_name == 'main' && github.run_attempt == 1 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Create Asana Task | |
| uses: duckduckgo/BrowserServicesKit/.github/actions/asana-failed-pr-checks@main | |
| with: | |
| action: create-task | |
| asana-access-token: ${{ secrets.ASANA_ACCESS_TOKEN }} | |
| asana-section-id: ${{ vars.APPLE_CI_FAILING_TESTS_IOS_POST_MERGE_SECTION_ID }} | |
| commit-author: ${{ needs.unit-tests.outputs.commit_author }} | |
| close-asana-task: | |
| name: Close Asana Task | |
| needs: [swiftlint, unit-tests, shellcheck, release-build] | |
| if: success() && github.ref_name == 'main' && github.run_attempt > 1 | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Close Asana Task | |
| uses: duckduckgo/BrowserServicesKit/.github/actions/asana-failed-pr-checks@main | |
| with: | |
| action: close-task | |
| asana-access-token: ${{ secrets.ASANA_ACCESS_TOKEN }} | |
| asana-section-id: ${{ vars.APPLE_CI_FAILING_TESTS_IOS_POST_MERGE_SECTION_ID }} |