mirror of
https://github.com/ev-map/EVMap.git
synced 2025-12-23 23:27:46 -05:00
91 lines
2.9 KiB
YAML
91 lines
2.9 KiB
YAML
on:
|
|
pull_request:
|
|
push:
|
|
branches:
|
|
- '*'
|
|
|
|
name: Tests
|
|
|
|
jobs:
|
|
|
|
test:
|
|
name: Build and Test (${{ matrix.buildvariant }})
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
buildvariant: [ FossNormal, FossAutomotive, GoogleNormal, GoogleAutomotive ]
|
|
steps:
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Java environment
|
|
uses: actions/setup-java@v4
|
|
with:
|
|
java-version: 21
|
|
distribution: 'zulu'
|
|
cache: 'gradle'
|
|
|
|
- name: Copy apikeys.xml
|
|
run: cp _ci/apikeys-ci.xml app/src/main/res/values/apikeys.xml
|
|
|
|
- name: Build app
|
|
run: ./gradlew assemble${{ matrix.buildvariant }}Debug --no-daemon
|
|
- name: Run unit tests
|
|
run: ./gradlew test${{ matrix.buildvariant }}DebugUnitTest --no-daemon
|
|
- name: Run Android Lint
|
|
run: ./gradlew lint${{ matrix.buildvariant }}Debug --no-daemon
|
|
- name: Check licenses
|
|
run: ./gradlew exportLibraryDefinitions --no-daemon
|
|
|
|
apk_check:
|
|
name: Release APK checks (${{ matrix.buildvariant }})
|
|
runs-on: ubuntu-latest
|
|
strategy:
|
|
matrix:
|
|
buildvariant: [ FossNormal, FossAutomotive, GoogleNormal, GoogleAutomotive ]
|
|
|
|
steps:
|
|
- name: Install checksec
|
|
run: sudo apt install -y checksec
|
|
|
|
- name: Check out code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Set up Java environment
|
|
uses: actions/setup-java@v4
|
|
with:
|
|
java-version: 17
|
|
distribution: 'zulu'
|
|
cache: 'gradle'
|
|
|
|
- name: Copy apikeys.xml
|
|
run: cp _ci/apikeys-ci.xml app/src/main/res/values/apikeys.xml
|
|
|
|
- name: Build app
|
|
run: ./gradlew assemble${{ matrix.buildvariant }}Release --no-daemon
|
|
|
|
- name: Unpack native libraries from APK
|
|
run: |
|
|
VARIANT_FILENAME=$(echo ${{ matrix.buildvariant }} | sed -E 's/([a-z])([A-Z])/\1-\2/g' | tr 'A-Z' 'a-z')
|
|
VARIANT_FOLDER=$(echo ${{ matrix.buildvariant }} | sed -E 's/^([A-Z])/\L\1/')
|
|
APK_FILE="app/build/outputs/apk/$VARIANT_FOLDER/release/app-$VARIANT_FILENAME-release-unsigned.apk"
|
|
unzip $APK_FILE "lib/*"
|
|
|
|
- name: Run checksec on native libraries
|
|
run: |
|
|
checksec --output=json --dir=lib > checksec_output.json
|
|
jq --argjson exceptions '[
|
|
"lib/arm64-v8a/libc++_shared.so",
|
|
"lib/armeabi-v7a/libc++_shared.so",
|
|
"lib/x86/libc++_shared.so",
|
|
"lib/x86_64/libc++_shared.so"
|
|
]' '
|
|
to_entries
|
|
| map(select(.value.fortify_source == "no" and (.key as $lib | $exceptions | index($lib) | not)))
|
|
| if length > 0 then
|
|
error("The following libraries do not have fortify enabled (and are not in the exception list): " + (map(.key) | join(", ")))
|
|
else
|
|
"All libraries have fortify enabled or are in the exception list."
|
|
end
|
|
' checksec_output.json
|