name: Reusable Android Check on: workflow_call: inputs: run_lint: type: boolean default: true run_unit_tests: type: boolean default: true run_instrumented_tests: type: boolean default: true run_coverage: type: boolean default: true api_levels: type: string default: '[35]' upload_artifacts: type: boolean default: true secrets: GRADLE_ENCRYPTION_KEY: required: false CODECOV_TOKEN: required: false DATADOG_APPLICATION_ID: required: false DATADOG_CLIENT_TOKEN: required: false GOOGLE_MAPS_API_KEY: required: false GRADLE_CACHE_URL: required: false GRADLE_CACHE_USERNAME: required: false GRADLE_CACHE_PASSWORD: required: false env: DATADOG_APPLICATION_ID: ${{ secrets.DATADOG_APPLICATION_ID }} DATADOG_CLIENT_TOKEN: ${{ secrets.DATADOG_CLIENT_TOKEN }} MAPS_API_KEY: ${{ secrets.GOOGLE_MAPS_API_KEY }} GITHUB_TOKEN: ${{ github.token }} GRADLE_CACHE_URL: ${{ secrets.GRADLE_CACHE_URL }} GRADLE_CACHE_USERNAME: ${{ secrets.GRADLE_CACHE_USERNAME }} GRADLE_CACHE_PASSWORD: ${{ secrets.GRADLE_CACHE_PASSWORD }} # Fallback VERSION_CODE for the lint-check job itself (which computes the real # value from git). Downstream jobs override this with the git-derived value. VERSION_CODE: ${{ github.run_number }} jobs: # ── Lint & Static Analysis ────────────────────────────────────────── lint-check: runs-on: ubuntu-24.04 permissions: contents: read timeout-minutes: 30 outputs: cache_read_only: ${{ steps.cache_config.outputs.cache_read_only }} version_code: ${{ steps.version_code.outputs.version_code }} steps: - name: Checkout code uses: actions/checkout@v6 with: fetch-depth: 0 filter: 'blob:none' submodules: true - name: Determine cache read-only setting id: cache_config shell: bash run: | if [[ "${{ github.ref }}" == "refs/heads/main" ]] || [[ "${{ github.event_name }}" == "merge_group" ]] || [[ "${{ github.ref }}" == gh-readonly-queue/* ]]; then echo "cache_read_only=false" >> "$GITHUB_OUTPUT" else echo "cache_read_only=true" >> "$GITHUB_OUTPUT" fi - name: Calculate version code from git commit count id: version_code shell: bash run: | COMMIT_COUNT=$(git rev-list --count HEAD) OFFSET=$(grep '^VERSION_CODE_OFFSET=' config.properties | cut -d'=' -f2 || echo 0) VERSION_CODE=$((COMMIT_COUNT + OFFSET)) echo "version_code=$VERSION_CODE" >> "$GITHUB_OUTPUT" - name: Gradle Setup uses: ./.github/actions/gradle-setup with: gradle_encryption_key: ${{ secrets.GRADLE_ENCRYPTION_KEY }} cache_read_only: ${{ steps.cache_config.outputs.cache_read_only }} - name: Lint, Analysis & KMP Smoke Compile if: inputs.run_lint == true run: ./gradlew spotlessCheck detekt app:lintFdroidDebug app:lintGoogleDebug core:barcode:lintFdroidDebug core:barcode:lintGoogleDebug core:api:lintDebug mesh_service_example:lintDebug kmpSmokeCompile -Pci=true --continue --scan - name: KMP Smoke Compile (lint skipped) if: inputs.run_lint == false run: ./gradlew kmpSmokeCompile -Pci=true --continue --scan # ── Sharded Unit Tests ────────────────────────────────────────────── # Tests are split into 3 shards that run in parallel: # shard-core: core:* KMP module tests (allTests) # shard-feature: feature:* KMP module tests (allTests) # shard-app: Pure-Android/JVM tests (app, desktop, core:barcode, etc.) test-shards: runs-on: ubuntu-24.04 permissions: contents: read timeout-minutes: 45 needs: lint-check if: inputs.run_unit_tests == true env: VERSION_CODE: ${{ needs.lint-check.outputs.version_code }} strategy: fail-fast: false matrix: shard: - name: shard-core tasks: >- :core:ble:allTests :core:common:allTests :core:data:allTests :core:database:allTests :core:domain:allTests :core:model:allTests :core:navigation:allTests :core:network:allTests :core:prefs:allTests :core:repository:allTests :core:service:allTests :core:takserver:allTests :core:testing:allTests :core:ui:allTests kover: >- :core:ble:koverXmlReport :core:common:koverXmlReport :core:data:koverXmlReport :core:database:koverXmlReport :core:domain:koverXmlReport :core:model:koverXmlReport :core:navigation:koverXmlReport :core:network:koverXmlReport :core:prefs:koverXmlReport :core:repository:koverXmlReport :core:service:koverXmlReport :core:takserver:koverXmlReport :core:testing:koverXmlReport :core:ui:koverXmlReport - name: shard-feature tasks: >- :feature:connections:allTests :feature:firmware:allTests :feature:intro:allTests :feature:map:allTests :feature:messaging:allTests :feature:node:allTests :feature:settings:allTests kover: >- :feature:connections:koverXmlReport :feature:firmware:koverXmlReport :feature:intro:koverXmlReport :feature:map:koverXmlReport :feature:messaging:koverXmlReport :feature:node:koverXmlReport :feature:settings:koverXmlReport - name: shard-app tasks: >- :app:testFdroidDebugUnitTest :app:testGoogleDebugUnitTest :desktop:test :core:barcode:testFdroidDebugUnitTest :core:barcode:testGoogleDebugUnitTest :mesh_service_example:test kover: >- :app:koverXmlReportFdroidDebug :app:koverXmlReportGoogleDebug :core:barcode:koverXmlReportFdroidDebug :core:barcode:koverXmlReportGoogleDebug :desktop:koverXmlReport :mesh_service_example:koverXmlReportDebug steps: - name: Checkout code uses: actions/checkout@v6 with: fetch-depth: 1 submodules: true - name: Gradle Setup uses: ./.github/actions/gradle-setup with: gradle_encryption_key: ${{ secrets.GRADLE_ENCRYPTION_KEY }} cache_read_only: ${{ needs.lint-check.outputs.cache_read_only }} - name: Run Tests & Coverage (${{ matrix.shard.name }}) run: | kover_tasks="" if [[ "${{ inputs.run_coverage }}" == "true" ]]; then kover_tasks="${{ matrix.shard.kover }}" fi ./gradlew ${{ matrix.shard.tasks }} $kover_tasks -Pci=true --continue --scan - name: Upload test results to Codecov if: ${{ !cancelled() }} uses: codecov/codecov-action@v6 with: token: ${{ secrets.CODECOV_TOKEN }} slug: meshtastic/Meshtastic-Android flags: ${{ matrix.shard.name }} fail_ci_if_error: false report_type: test_results files: "**/build/test-results/**/*.xml" - name: Upload coverage to Codecov if: ${{ !cancelled() }} uses: codecov/codecov-action@v6 with: token: ${{ secrets.CODECOV_TOKEN }} slug: meshtastic/Meshtastic-Android flags: ${{ matrix.shard.name }} fail_ci_if_error: false files: "**/build/reports/kover/report*.xml" - name: Upload shard reports if: ${{ always() && inputs.upload_artifacts }} uses: actions/upload-artifact@v7 with: name: reports-${{ matrix.shard.name }} path: | **/build/reports **/build/test-results retention-days: 7 # ── Android Build & Instrumented Tests ────────────────────────────── android-check: runs-on: ubuntu-24.04 permissions: contents: read timeout-minutes: 60 needs: lint-check env: VERSION_CODE: ${{ needs.lint-check.outputs.version_code }} strategy: fail-fast: true matrix: api_level: ${{ fromJson(inputs.api_levels) }} steps: - name: Checkout code uses: actions/checkout@v6 with: fetch-depth: 1 submodules: true - name: Gradle Setup uses: ./.github/actions/gradle-setup with: gradle_encryption_key: ${{ secrets.GRADLE_ENCRYPTION_KEY }} cache_read_only: ${{ needs.lint-check.outputs.cache_read_only }} - name: Determine matrix metadata id: matrix_meta shell: bash run: | first_api=$(python3 - <<'PY' import json print(json.loads('${{ inputs.api_levels }}')[0]) PY ) if [[ "${{ matrix.api_level }}" == "$first_api" ]]; then echo "is_first_api=true" >> "$GITHUB_OUTPUT" else echo "is_first_api=false" >> "$GITHUB_OUTPUT" fi - name: Determine Android tasks id: tasks shell: bash run: | tasks=( "app:assembleFdroidDebug" "app:assembleGoogleDebug" "mesh_service_example:assembleDebug" ) if [[ "${{ inputs.run_instrumented_tests }}" == "true" ]]; then tasks+=( "app:connectedFdroidDebugAndroidTest" "app:connectedGoogleDebugAndroidTest" "core:barcode:connectedFdroidDebugAndroidTest" "core:barcode:connectedGoogleDebugAndroidTest" ) fi printf 'tasks=%s\n' "${tasks[*]}" >> "$GITHUB_OUTPUT" - name: Enable KVM group perms if: inputs.run_instrumented_tests == true run: | echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules sudo udevadm control --reload-rules sudo udevadm trigger --name-match=kvm - name: Run Android Build & Instrumented Tests if: inputs.run_instrumented_tests == true uses: reactivecircus/android-emulator-runner@v2 with: api-level: ${{ matrix.api_level }} arch: x86_64 force-avd-creation: false emulator-options: -no-snapshot-save -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none disable-animations: true script: ./gradlew ${{ steps.tasks.outputs.tasks }} -Pci=true --parallel --configuration-cache --continue --scan - name: Run Android Build if: inputs.run_instrumented_tests == false run: ./gradlew ${{ steps.tasks.outputs.tasks }} -Pci=true --parallel --configuration-cache --continue --scan - name: Upload instrumented test results to Codecov if: ${{ !cancelled() && inputs.run_instrumented_tests && steps.matrix_meta.outputs.is_first_api == 'true' }} uses: codecov/codecov-action@v6 with: token: ${{ secrets.CODECOV_TOKEN }} slug: meshtastic/Meshtastic-Android flags: android-instrumented fail_ci_if_error: false report_type: test_results files: "**/build/outputs/androidTest-results/**/*.xml" - name: Upload debug artifact if: ${{ steps.matrix_meta.outputs.is_first_api == 'true' && inputs.upload_artifacts }} uses: actions/upload-artifact@v7 with: name: app-debug-apks path: app/build/outputs/apk/*/debug/*.apk retention-days: 14 - name: Report App Size if: ${{ always() && steps.matrix_meta.outputs.is_first_api == 'true' }} run: | echo "### App Size Report" >> $GITHUB_STEP_SUMMARY echo "| Artifact | Size |" >> $GITHUB_STEP_SUMMARY echo "| --- | --- |" >> $GITHUB_STEP_SUMMARY find app/build/outputs/apk -name "*.apk" -exec du -h {} + | awk '{print "| " $2 " | " $1 " |"}' >> $GITHUB_STEP_SUMMARY - name: Upload Android reports if: ${{ always() && inputs.upload_artifacts }} uses: actions/upload-artifact@v7 with: name: reports-android-api-${{ matrix.api_level }} path: | **/build/outputs/androidTest-results retention-days: 7 if-no-files-found: ignore # ── Desktop Build ─────────────────────────────────────────────────── build-desktop: name: Build Desktop Debug runs-on: ubuntu-24.04 permissions: contents: read timeout-minutes: 60 needs: lint-check env: VERSION_CODE: ${{ needs.lint-check.outputs.version_code }} steps: - name: Checkout code uses: actions/checkout@v6 with: fetch-depth: 1 submodules: true - name: Gradle Setup uses: ./.github/actions/gradle-setup with: gradle_encryption_key: ${{ secrets.GRADLE_ENCRYPTION_KEY }} cache_read_only: ${{ needs.lint-check.outputs.cache_read_only }} - name: Build Desktop run: ./gradlew :desktop:packageDistributionForCurrentOS -Pci=true --scan - name: Upload Desktop artifact if: ${{ inputs.upload_artifacts }} uses: actions/upload-artifact@v7 with: name: desktop-app path: desktop/build/compose/binaries/main/app/Meshtastic/bin/* retention-days: 7