chore: [v1] Migrating testing and release workflows to GitHub Actions.

.github/workflows/build_test_amplify.yml

@@ -0,0 +1,37 @@
+name: Build Test Amplify
+on:
+ workflow_call:
+ workflow_dispatch:
+ push:
+ branches-ignore:
+ - v1
+ - release-v1
+ pull_request:
+ branches:
+ - v1
+
+permissions:
+ contents: read
+
+jobs:
+ build-test-amplify:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+ - name: Build Test Amplify
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: .
+ workspace: Amplify.xcworkspace
+ scheme: Amplify
+
+ build-amplify-spm:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+ - name: Build Amplify for SPM
+ run: xcodebuild build-for-testing -scheme Amplify-Package -sdk iphonesimulator -destination 'platform=iOS Simulator,name=iPhone 13,OS=latest' | xcpretty

.github/workflows/deploy_package.yml

@@ -0,0 +1,81 @@
+name: Deploy Package
+on:
+ workflow_call:
+ inputs:
+ type:
+ description: 'The type of deployment. Valid values are unstable (default) and release'
+ default: 'unstable'
+ required: false
+ type: string
+
+permissions:
+ id-token: write
+ contents: write
+
+jobs:
+ build-and-test-amplify:
+ name: Build and Test Amplify
+ uses: ./.github/workflows/build_test_amplify.yml
+
+ unit-tests:
+ name: Run Plugins Unit Tests
+ uses: ./.github/workflows/unit_test.yml
+
+ integration-tests:
+ name: Run Integration Tests
+ uses: ./.github/workflows/integ_test.yml
+
+ fortify:
+ name: Run Fortify Scan
+ uses: ./.github/workflows/fortify_scan.yml
+
+ release:
+ name: Release new ${{ inputs.type }} version
+ environment: Release
+ needs: [unit-tests, fortify, integration-tests]
+ runs-on: macos-latest
+ steps:
+ - name: Configure AWS credentials
+ uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 #v2
+ with:
+ role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+ role-session-name: ${{ format('{0}.release', github.run_id) }}
+ aws-region: ${{ secrets.AWS_REGION }}
+ role-duration-seconds: 900
+
+ - id: retrieve-token
+ name: Retrieve Deploy Token
+ env:
+ DEPLOY_SECRET_ARN: ${{ secrets.DEPLOY_SECRET_ARN }}
+ run: |
+ PAT=$(aws secretsmanager get-secret-value \
+ --secret-id "$DEPLOY_SECRET_ARN" \
+ | jq ".SecretString | fromjson | .Credential")
+ echo "token=$PAT" >> $GITHUB_OUTPUT
+
+ - name: Checkout repo
+ uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
+ with:
+ fetch-depth: 10
+ token: ${{steps.retrieve-token.outputs.token}}
+
+ - name: Restore Gems Cache
+ uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
+ with:
+ path: vendor/bundle
+ key: v2-gems-${{ hashFiles('**/Gemfile.lock') }}
+
+ - name: Install Bundle
+ env:
+ BUNDLE_PATH: vendor/bundle
+ run: |
+ bundle config set --local path $BUNDLE_PATH
+ bundle check || bundle install
+
+ - name: Release Pods
+ env:
+ COCOAPODS_SECRET_ARN: ${{ secrets.COCOAPODS_SECRET_ARN }}
+ WORKING_DIRECTORY: ${{ github.workspace }}
+ GITHUB_EMAIL: [email protected]
+ GITHUB_USER: aws-amplify-ops
+ run: bundle exec fastlane ${{ inputs.type }}

.github/workflows/deploy_release.yml

@@ -0,0 +1,16 @@
+name: Build, Test and Release | Stable version
+on:
+ push:
+ branches:
+ release-v1
+
+permissions:
+ id-token: write
+ contents: write
+
+jobs:
+ release-stable:
+ uses: ./.github/workflows/deploy_package.yml
+ with:
+ type: release
+ secrets: inherit

.github/workflows/deploy_unstable.yml

@@ -0,0 +1,16 @@
+name: Build, Test and Release | Unstable version
+on:
+ push:
+ branches:
+ v1
+
+permissions:
+ id-token: write
+ contents: write
+
+jobs:
+ release-unstable:
+ uses: ./.github/workflows/deploy_package.yml
+ with:
+ type: unstable
+ secrets: inherit

.github/workflows/fortify_scan.yml

@@ -0,0 +1,56 @@
+name: Fortify Scan
+on:
+ workflow_dispatch:
+ workflow_call:
+ push:
+ branches-ignore:
+ - v1
+ - release-v1
+
+permissions:
+ id-token: write
+ contents: read
+
+jobs:
+ fortify-scan:
+ runs-on: macos-latest
+ environment: Fortify
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Make source directory
+ run: |
+ mkdir source
+ cp -r Amplify source
+ cp -r AmplifyPlugins source
+ - name: Configure AWS credentials for fetching fortify resources
+ uses: aws-actions/configure-aws-credentials@05b148adc31e091bafbaf404f745055d4d3bc9d2 # Pin to 1.6.1
+ with:
+ role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }}
+ aws-region: ${{ secrets.AWS_REGION }}
+ role-session-name: GHAFortifySession
+ role-duration-seconds: 900
+
+ - name: Download License
+ run: |
+ aws s3 cp s3://${{ secrets.AWS_S3_FORTIFY_BUCKET }}${{ vars.LICENSE_PATH }} fortify.license
+ - name: Download Installer
+ run: |
+ aws s3 cp s3://${{ secrets.AWS_S3_FORTIFY_BUCKET }}${{ vars.INSTALLER_PATH }} Fortify_SCA_and_Apps_22.1.1_Mac.tar.gz
+ tar -xvf Fortify_SCA_and_Apps_22.1.1_Mac.tar.gz
+ unzip Fortify_SCA_and_Apps_22.1.1_osx_x64.app.zip
+ - name: Download Scripts
+ run: |
+ aws s3 cp s3://${{ secrets.AWS_S3_FORTIFY_BUCKET }}${{ vars.SCRIPTS_PATH }} fortify_scan.sh
+ - name: Run Installer
+ run: |
+ Fortify_SCA_and_Apps_22.1.1_osx_x64.app/Contents/MacOS/installbuilder.sh --mode unattended --installdir ~/amplify-swift/Fortify --InstallSamples 0 --fortify_license_path fortify.license --MigrateSCA 0
+ export PATH=~/amplify-swift/Fortify/bin:$PATH
+ fortifyupdate -acceptKey
+ sourceanalyzer -version
+ - name: Run Scan
+ run: |
+ export PATH=~/amplify-swift/Fortify/bin:$PATH
+ sh ./fortify_scan.sh source

.github/workflows/integ_test.yml

@@ -1,7 +1,6 @@
 name: Integration Tests
 on:
- push:
- branches: [v1]
+ workflow_call:
 
 permissions:
  id-token: write

.github/workflows/release_kickoff.yml

@@ -1,4 +1,4 @@
-# Creates a PR to push main to release branch to kick-off the CircleCI release workflow
+# Creates a PR to push main to release branch to kick-off the release workflow
 name: Release Amplify iOS V1+
 
 on:

.github/workflows/unit_test.yml

@@ -0,0 +1,127 @@
+name: Unit Tests
+on:
+ workflow_call:
+ workflow_dispatch:
+ push:
+ branches-ignore:
+ - v1
+ - release-v1
+ pull_request:
+ branches:
+ - v1
+
+permissions:
+ contents: read
+
+jobs:
+ unit-test-aws-plugins-core:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Unit Test AWSPluginsCore
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: .
+ workspace: Amplify.xcworkspace
+ scheme: AWSPluginsCore
+
+ unit-test-analytics:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Unit Test Analytics
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: ./AmplifyPlugins/Analytics/
+ workspace: AnalyticsCategoryPlugin.xcworkspace
+ scheme: AWSPinpointAnalyticsPlugin
+
+ unit-test-api:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Unit Test API
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: ./AmplifyPlugins/API/
+ workspace: APICategoryPlugin.xcworkspace
+ scheme: AWSAPICategoryPlugin
+
+ unit-test-auth:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Unit Test Auth
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: ./AmplifyPlugins/Auth/
+ workspace: AWSCognitoAuthPlugin.xcworkspace
+ scheme: AWSCognitoAuthPlugin
+
+ unit-test-datastore:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Unit Test DataStore
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: ./AmplifyPlugins/DataStore/
+ workspace: DataStoreCategoryPlugin.xcworkspace
+ scheme: AWSDataStoreCategoryPlugin
+
+ unit-test-geo:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Unit Test Geo
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: ./AmplifyPlugins/Geo/
+ workspace: GeoCategoryPlugin.xcworkspace
+ scheme: AWSLocationGeoPlugin
+
+ unit-test-predictions:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Unit Test Predictions
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: ./AmplifyPlugins/Predictions/
+ workspace: PredictionsCategoryPlugin.xcworkspace
+ scheme: CoreMLPredictionsPlugin
+
+ unit-test-storage:
+ runs-on: macos-latest
+ steps:
+ - uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b
+ with:
+ persist-credentials: false
+
+ - name: Unit Test Auth
+ uses: ./.github/composite_actions/run_xcodebuild_test
+ with:
+ project_path: ./AmplifyPlugins/Storage/
+ workspace: StoragePlugin.xcworkspace
+ scheme: AWSS3StoragePlugin

fastlane/Fastfile

@@ -145,7 +145,7 @@ platform :ios do
  version = options[:version].to_s
  changelog = options[:changelog]
  tag = "#{version}"
- plugin_root = File.expand_path("#{ENV['CIRCLE_WORKING_DIRECTORY']}/AmplifyPlugins")
+ plugin_root = File.expand_path("#{ENV['WORKING_DIRECTORY']}/AmplifyPlugins")
 
  sh('bundle', 'exec', 'swift', 'package', 'update')