-
Notifications
You must be signed in to change notification settings - Fork 195
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: [v1] Migrating testing and release workflows to GitHub Actions.
- Loading branch information
Showing
10 changed files
with
336 additions
and
511 deletions.
There are no files selected for viewing
This file was deleted.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
name: Build Test Amplify | ||
on: | ||
workflow_call: | ||
workflow_dispatch: | ||
push: | ||
branches-ignore: | ||
- v1 | ||
- release-v1 | ||
pull_request: | ||
branches: | ||
- v1 | ||
|
||
permissions: | ||
contents: read | ||
|
||
jobs: | ||
build-test-amplify: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
- name: Build Test Amplify | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: . | ||
workspace: Amplify.xcworkspace | ||
scheme: Amplify | ||
|
||
build-amplify-spm: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
- name: Build Amplify for SPM | ||
run: xcodebuild build-for-testing -scheme Amplify-Package -sdk iphonesimulator -destination 'platform=iOS Simulator,name=iPhone 13,OS=latest' | xcpretty |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,81 @@ | ||
name: Deploy Package | ||
on: | ||
workflow_call: | ||
inputs: | ||
type: | ||
description: 'The type of deployment. Valid values are unstable (default) and release' | ||
default: 'unstable' | ||
required: false | ||
type: string | ||
|
||
permissions: | ||
id-token: write | ||
contents: write | ||
|
||
jobs: | ||
build-and-test-amplify: | ||
name: Build and Test Amplify | ||
uses: ./.github/workflows/build_test_amplify.yml | ||
|
||
unit-tests: | ||
name: Run Plugins Unit Tests | ||
uses: ./.github/workflows/unit_test.yml | ||
|
||
integration-tests: | ||
name: Run Integration Tests | ||
uses: ./.github/workflows/integ_test.yml | ||
|
||
fortify: | ||
name: Run Fortify Scan | ||
uses: ./.github/workflows/fortify_scan.yml | ||
|
||
release: | ||
name: Release new ${{ inputs.type }} version | ||
environment: Release | ||
needs: [unit-tests, fortify, integration-tests] | ||
runs-on: macos-latest | ||
steps: | ||
- name: Configure AWS credentials | ||
uses: aws-actions/configure-aws-credentials@5fd3084fc36e372ff1fff382a39b10d03659f355 #v2 | ||
with: | ||
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
role-session-name: ${{ format('{0}.release', github.run_id) }} | ||
aws-region: ${{ secrets.AWS_REGION }} | ||
role-duration-seconds: 900 | ||
|
||
- id: retrieve-token | ||
name: Retrieve Deploy Token | ||
env: | ||
DEPLOY_SECRET_ARN: ${{ secrets.DEPLOY_SECRET_ARN }} | ||
run: | | ||
PAT=$(aws secretsmanager get-secret-value \ | ||
--secret-id "$DEPLOY_SECRET_ARN" \ | ||
| jq ".SecretString | fromjson | .Credential") | ||
echo "token=$PAT" >> $GITHUB_OUTPUT | ||
- name: Checkout repo | ||
uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0 | ||
with: | ||
fetch-depth: 10 | ||
token: ${{steps.retrieve-token.outputs.token}} | ||
|
||
- name: Restore Gems Cache | ||
uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1 | ||
with: | ||
path: vendor/bundle | ||
key: v2-gems-${{ hashFiles('**/Gemfile.lock') }} | ||
|
||
- name: Install Bundle | ||
env: | ||
BUNDLE_PATH: vendor/bundle | ||
run: | | ||
bundle config set --local path $BUNDLE_PATH | ||
bundle check || bundle install | ||
- name: Release Pods | ||
env: | ||
COCOAPODS_SECRET_ARN: ${{ secrets.COCOAPODS_SECRET_ARN }} | ||
WORKING_DIRECTORY: ${{ github.workspace }} | ||
GITHUB_EMAIL: [email protected] | ||
GITHUB_USER: aws-amplify-ops | ||
run: bundle exec fastlane ${{ inputs.type }} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
name: Build, Test and Release | Stable version | ||
on: | ||
push: | ||
branches: | ||
release-v1 | ||
|
||
permissions: | ||
id-token: write | ||
contents: write | ||
|
||
jobs: | ||
release-stable: | ||
uses: ./.github/workflows/deploy_package.yml | ||
with: | ||
type: release | ||
secrets: inherit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
name: Build, Test and Release | Unstable version | ||
on: | ||
push: | ||
branches: | ||
v1 | ||
|
||
permissions: | ||
id-token: write | ||
contents: write | ||
|
||
jobs: | ||
release-unstable: | ||
uses: ./.github/workflows/deploy_package.yml | ||
with: | ||
type: unstable | ||
secrets: inherit |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,56 @@ | ||
name: Fortify Scan | ||
on: | ||
workflow_dispatch: | ||
workflow_call: | ||
push: | ||
branches-ignore: | ||
- v1 | ||
- release-v1 | ||
|
||
permissions: | ||
id-token: write | ||
contents: read | ||
|
||
jobs: | ||
fortify-scan: | ||
runs-on: macos-latest | ||
environment: Fortify | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Make source directory | ||
run: | | ||
mkdir source | ||
cp -r Amplify source | ||
cp -r AmplifyPlugins source | ||
- name: Configure AWS credentials for fetching fortify resources | ||
uses: aws-actions/configure-aws-credentials@05b148adc31e091bafbaf404f745055d4d3bc9d2 # Pin to 1.6.1 | ||
with: | ||
role-to-assume: ${{ secrets.AWS_ROLE_TO_ASSUME }} | ||
aws-region: ${{ secrets.AWS_REGION }} | ||
role-session-name: GHAFortifySession | ||
role-duration-seconds: 900 | ||
|
||
- name: Download License | ||
run: | | ||
aws s3 cp s3://${{ secrets.AWS_S3_FORTIFY_BUCKET }}${{ vars.LICENSE_PATH }} fortify.license | ||
- name: Download Installer | ||
run: | | ||
aws s3 cp s3://${{ secrets.AWS_S3_FORTIFY_BUCKET }}${{ vars.INSTALLER_PATH }} Fortify_SCA_and_Apps_22.1.1_Mac.tar.gz | ||
tar -xvf Fortify_SCA_and_Apps_22.1.1_Mac.tar.gz | ||
unzip Fortify_SCA_and_Apps_22.1.1_osx_x64.app.zip | ||
- name: Download Scripts | ||
run: | | ||
aws s3 cp s3://${{ secrets.AWS_S3_FORTIFY_BUCKET }}${{ vars.SCRIPTS_PATH }} fortify_scan.sh | ||
- name: Run Installer | ||
run: | | ||
Fortify_SCA_and_Apps_22.1.1_osx_x64.app/Contents/MacOS/installbuilder.sh --mode unattended --installdir ~/amplify-swift/Fortify --InstallSamples 0 --fortify_license_path fortify.license --MigrateSCA 0 | ||
export PATH=~/amplify-swift/Fortify/bin:$PATH | ||
fortifyupdate -acceptKey | ||
sourceanalyzer -version | ||
- name: Run Scan | ||
run: | | ||
export PATH=~/amplify-swift/Fortify/bin:$PATH | ||
sh ./fortify_scan.sh source |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,7 +1,6 @@ | ||
name: Integration Tests | ||
on: | ||
push: | ||
branches: [v1] | ||
workflow_call: | ||
|
||
permissions: | ||
id-token: write | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,127 @@ | ||
name: Unit Tests | ||
on: | ||
workflow_call: | ||
workflow_dispatch: | ||
push: | ||
branches-ignore: | ||
- v1 | ||
- release-v1 | ||
pull_request: | ||
branches: | ||
- v1 | ||
|
||
permissions: | ||
contents: read | ||
|
||
jobs: | ||
unit-test-aws-plugins-core: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Unit Test AWSPluginsCore | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: . | ||
workspace: Amplify.xcworkspace | ||
scheme: AWSPluginsCore | ||
|
||
unit-test-analytics: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Unit Test Analytics | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: ./AmplifyPlugins/Analytics/ | ||
workspace: AnalyticsCategoryPlugin.xcworkspace | ||
scheme: AWSPinpointAnalyticsPlugin | ||
|
||
unit-test-api: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Unit Test API | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: ./AmplifyPlugins/API/ | ||
workspace: APICategoryPlugin.xcworkspace | ||
scheme: AWSAPICategoryPlugin | ||
|
||
unit-test-auth: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Unit Test Auth | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: ./AmplifyPlugins/Auth/ | ||
workspace: AWSCognitoAuthPlugin.xcworkspace | ||
scheme: AWSCognitoAuthPlugin | ||
|
||
unit-test-datastore: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Unit Test DataStore | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: ./AmplifyPlugins/DataStore/ | ||
workspace: DataStoreCategoryPlugin.xcworkspace | ||
scheme: AWSDataStoreCategoryPlugin | ||
|
||
unit-test-geo: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Unit Test Geo | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: ./AmplifyPlugins/Geo/ | ||
workspace: GeoCategoryPlugin.xcworkspace | ||
scheme: AWSLocationGeoPlugin | ||
|
||
unit-test-predictions: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Unit Test Predictions | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: ./AmplifyPlugins/Predictions/ | ||
workspace: PredictionsCategoryPlugin.xcworkspace | ||
scheme: CoreMLPredictionsPlugin | ||
|
||
unit-test-storage: | ||
runs-on: macos-latest | ||
steps: | ||
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b | ||
with: | ||
persist-credentials: false | ||
|
||
- name: Unit Test Auth | ||
uses: ./.github/composite_actions/run_xcodebuild_test | ||
with: | ||
project_path: ./AmplifyPlugins/Storage/ | ||
workspace: StoragePlugin.xcworkspace | ||
scheme: AWSS3StoragePlugin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters