Skip to content

Update secure flag #1790

Update secure flag

Update secure flag #1790

Workflow file for this run

name: Code Quality Checks
on:
pull_request: { }
push:
branches: [ main, develop ]
# Enrich gradle.properties for CI/CD
env:
GRADLE_OPTS: -Dorg.gradle.jvmargs="-Xmx3072m -Dfile.encoding=UTF-8 -XX:+HeapDumpOnOutOfMemoryError" -XX:MaxPermSize=512m -Dkotlin.daemon.jvm.options="-Xmx2g" -Dkotlin.incremental=false
CI_GRADLE_ARG_PROPERTIES: --stacktrace -PpreDexEnable=false --max-workers 2 --no-daemon
jobs:
check:
name: Project Check Suite
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run code quality check suite
run: ./tools/check/check_code_quality.sh
# Knit for all the modules (https://github.com/Kotlin/kotlinx-knit)
knit:
name: Knit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Run knit
run: |
./gradlew knitCheck $CI_GRADLE_ARG_PROPERTIES
# Check the project: ktlint, detekt, lint
lint:
name: Android Linter
runs-on: ubuntu-latest
# Allow all jobs on main and develop. Just one per PR.
concurrency:
group: ${{ github.ref == 'refs/heads/main' && format('lint-main-{0}', github.sha) || github.ref == 'refs/heads/develop' && format('lint-develop-{0}', github.sha) || format('lint-{0}', github.ref) }}
cancel-in-progress: true
steps:
- name: Generate token
id: generate_token
uses: tibdex/github-app-token@v1
with:
app_id: ${{ secrets.APP_ID_DANGERBOT }}
private_key: ${{ secrets.APP_PEM_DANGERBOT }}
- uses: actions/checkout@v3
- name: Run ktlint
run: |
./gradlew ktlintCheck $CI_GRADLE_ARG_PROPERTIES --continue
- name: Run detekt
if: always()
run: |
./gradlew detekt $CI_GRADLE_ARG_PROPERTIES
- name: Run lint
# Not always, if ktlint or detekt fail, avoid running the long lint check.
run: |
./gradlew vector-app:lintGplayBtchapRustCryptoWithoutvoipWithpinningRelease $CI_GRADLE_ARG_PROPERTIES
./gradlew vector-app:lintFdroidBtchapRustCryptoWithoutvoipWithoutpinningRelease $CI_GRADLE_ARG_PROPERTIES
- name: Upload reports
if: always()
uses: actions/upload-artifact@v3
with:
name: linting-report
path: |
*/build/reports/**/*.*
- name: Prepare Danger
if: always()
run: |
npm install --save-dev @babel/core
npm install --save-dev @babel/plugin-transform-flow-strip-types
yarn add danger-plugin-lint-report --dev
# Tchap : disable Danger lint check
# - name: Danger lint
# if: always()
# uses: danger/[email protected]
# with:
# args: "--dangerfile ./tools/danger/dangerfile-lint.js"
# env:
# DANGER_GITHUB_API_TOKEN: ${{ steps.generate_token.outputs.token }}
# Gradle dependency analysis using https://github.com/autonomousapps/dependency-analysis-android-gradle-plugin
dependency-analysis:
name: Dependency analysis
runs-on: ubuntu-latest
# Allow all jobs on main and develop. Just one per PR.
concurrency:
group: ${{ github.ref == 'refs/heads/main' && format('dep-main-{0}', github.sha) || github.ref == 'refs/heads/develop' && format('dep-develop-{0}', github.sha) || format('dep-{0}', github.ref) }}
cancel-in-progress: true
steps:
- uses: actions/checkout@v3
- name: Dependency analysis
run: ./gradlew dependencyCheckAnalyze $CI_GRADLE_ARG_PROPERTIES
- name: Upload dependency analysis
if: always()
uses: actions/upload-artifact@v3
with:
name: dependency-analysis
path: build/reports/dependency-check-report.html