image: registry.gitlab.com/fdroid/fdroidserver:buildserver-bullseye stages: - lint - test - deploy # only create a pipeline if it is a merge request, not for plain # branches, unless that branch is master. workflow: rules: - if: '$CI_PIPELINE_SOURCE == "merge_request_event"' - if: '$CI_PIPELINE_SOURCE == "web"' - if: '$CI_PIPELINE_SOURCE == "webide"' - if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH' .base: tags: - saas-linux-xlarge-amd64 variables: JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 before_script: - echo "org.gradle.caching=true" >> gradle.properties - test -e /etc/apt/sources.list.d/bullseye-backports.list || echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/sources.list - apt update - apt-get -qy install -t bullseye-backports --no-install-recommends git sdkmanager openjdk-17-jdk-headless - test -n "$ANDROID_HOME" || source /etc/profile.d/bsenv.sh - export cmdline_tools_latest="$ANDROID_HOME/cmdline-tools/latest/bin" - test -e $cmdline_tools_latest && export PATH="$cmdline_tools_latest:$PATH" - export GRADLE_USER_HOME=$PWD/.gradle - export ANDROID_COMPILE_SDK=`sed -n 's,.*compileSdk\s*\([0-9][0-9]*\).*,\1,p' app/build.gradle` - echo y | sdkmanager "platforms;android-${ANDROID_COMPILE_SDK}" > /dev/null # index-v1.jar tests need SHA1 support still, TODO use apksig to validate JAR sigs - sed -i 's,SHA1 denyAfter 20[0-9][0-9],SHA1 denyAfter 2026,' /usr/lib/jvm/java-17-openjdk-amd64/conf/security/java.security after_script: # this file changes every time but should not be cached - rm -f $GRADLE_USER_HOME/caches/modules-2/modules-2.lock - rm -fr $GRADLE_USER_HOME/caches/*/plugin-resolution/ cache: key: '${CI_PROJECT_PATH}_${CI_COMMIT_REF_NAME}_${CI_COMMIT_SHA}' paths: - .gradle/wrapper - .gradle/caches .test-template: &test-template extends: .base stage: test artifacts: name: "${CI_PROJECT_PATH}_${CI_JOB_STAGE}_${CI_COMMIT_REF_NAME}_${CI_COMMIT_SHA}" paths: - kernel.log - logcat.txt - app/core* - app/*.log - app/build/reports - app/build/outputs/*ml - app/build/outputs/apk - libs/*/build/reports - build/reports reports: junit: - app/build/**/TEST-*.xml - libs/*/build/**/TEST-*.xml expire_in: 1 week when: on_failure after_script: - echo "Download debug artifacts from https://gitlab.com/${CI_PROJECT_PATH}/-/jobs" # this file changes every time but should not be cached - rm -f $GRADLE_USER_HOME/caches/modules-2/modules-2.lock - rm -fr $GRADLE_USER_HOME/caches/*/plugin-resolution/ .always-on-these-changes: &always-on-these-changes changes: - .gitlab-ci.yml - build.gradle app assembleFullRelease test: <<: *test-template rules: - <<: *always-on-these-changes - changes: - app/**/* - libs/**/* script: - ./gradlew :app:assembleFullRelease :app:testFullDebugUnitTest artifacts: name: "${CI_PROJECT_PATH}_${CI_JOB_STAGE}_${CI_COMMIT_REF_NAME}_${CI_COMMIT_SHA}" paths: - app/build/reports - app/build/outputs/apk - libs/*/build/reports reports: junit: - app/build/test-results/*/TEST-*.xml expire_in: 1 week when: always libs db test: <<: *test-template rules: - <<: *always-on-these-changes - changes: - libs/database/**/* script: - ./gradlew :libs:database:testDebugUnitTest libs download test: <<: *test-template rules: - <<: *always-on-these-changes - changes: - libs/download/**/* script: - ./gradlew :libs:download:testDebugUnitTest libs index test: <<: *test-template rules: - <<: *always-on-these-changes - changes: - libs/index/**/* script: - ./gradlew :libs:index:testDebugUnitTest app lint pmd checkstyle: <<: *test-template stage: lint rules: - <<: *always-on-these-changes - changes: - app/**/* script: # always report on lint errors to the build log - sed -i -e 's,textReport .*,textReport true,' app/build.gradle # the tasks "lint", "test", etc don't always include everything - ./gradlew :app:lint :app:pmd :app:checkstyle :app:ktlintCheck libs lint ktlintCheck: <<: *test-template stage: lint rules: - <<: *always-on-these-changes - changes: - libs/**/* script: # always report on lint errors to the build log - sed -i -e 's,textReport .*,textReport true,' app/build.gradle - ./gradlew :libs:database:lint :libs:download:lint :libs:index:lint ktlintCheck app tools scripts: stage: lint image: debian:bullseye-slim rules: - <<: *always-on-these-changes - changes: - app/**/* script: - apt-get update - apt-get -qy install --no-install-recommends git python3 - ./tools/check-format-strings.py - ./tools/check-fastlane-whitespace.py - ./tools/remove-unused-and-blank-translations.py - echo "These are unused or blank translations that should be removed:" - git --no-pager diff --ignore-all-space --name-only --exit-code app/src/*/res/values*/strings.xml app weblate merge conflict: stage: lint image: debian:bookworm-slim rules: - changes: - .gitlab-ci.yml - app/src/*/res/values*/strings.xml - metadata/ script: - apt-get update - apt-get -qy install --no-install-recommends ca-certificates git - git config user.name "$CI_PIPELINE_ID/$CI_JOB_ID" - git config user.email $CI_PROJECT_PATH@f-droid.org - git fetch https://hosted.weblate.org/git/f-droid/f-droid - git checkout -B weblate FETCH_HEAD - export EXITVALUE=0 - if ! git rebase $CI_COMMIT_SHA; then export EXITVALUE=1; set -x; while git rebase --skip; do echo; done; set +x; fi - git diff --exit-code - exit $EXITVALUE app errorprone: extends: .base stage: lint rules: - <<: *always-on-these-changes - changes: - app/**/* script: - sed -i "s@plugins {@plugins{\nid 'net.ltgt.errorprone' version '3.1.0'@" app/build.gradle - cat config/errorprone.gradle >> app/build.gradle - ./gradlew -Dorg.gradle.dependency.verification=lenient assembleDebug libs database schema: stage: lint image: debian:bullseye-backports rules: - <<: *always-on-these-changes - changes: - libs/database/**/* variables: JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 script: - apt-get update - apt-get -qy --no-install-recommends install openjdk-17-jdk-headless git sdkmanager - export ANDROID_HOME=/opt/android-sdk - export ANDROID_COMPILE_SDK=`sed -n 's,.*compileSdk\s*\([0-9][0-9]*\).*,\1,p' app/build.gradle` - sdkmanager "platforms;android-$ANDROID_COMPILE_SDK" "build-tools;34.0.0" - ./gradlew :libs:database:kaptDebugKotlin - git --no-pager diff --exit-code # Run the tests in the emulator. Each step is broken out to run on # its own since the CI runner can have limited RAM, and the emulator # can take a while to start. # # once these prove stable, the task should be switched to # connectedCheck to test all the build flavors .connected-template: &connected-template extends: .base script: - ./gradlew assembleFullDebug - export AVD_SDK=`echo $CI_JOB_NAME | awk '{print $2}'` - export AVD_TAG=`echo $CI_JOB_NAME | awk '{print $3}'` - export AVD_ARCH=`echo $CI_JOB_NAME | awk '{print $4}'` - export AVD_PACKAGE="system-images;android-${AVD_SDK};${AVD_TAG};${AVD_ARCH}" - echo $AVD_PACKAGE - ls -l ~/.android - adb start-server - start-emulator - wait-for-emulator - adb devices - adb shell input keyevent 82 & - ./gradlew installFullDebug - adb shell am start -n org.fdroid.fdroid.debug/org.fdroid.fdroid.views.main.MainActivity - if [ $AVD_SDK -lt 29 ] || ! emulator -accel-check; then export FLAG=-Pandroid.testInstrumentationRunnerArguments.notAnnotation=androidx.test.filters.LargeTest; fi - ./gradlew connectedFullDebugAndroidTest $FLAG .kvm-connected-template: &kvm-connected-template extends: .base image: briar/ci-image-android-emulator:latest tags: - kvm script: - ./gradlew assembleFullDebug - export AVD_SDK=`echo $CI_JOB_NAME | awk '{print $2}'` - export AVD_TAG=`echo $CI_JOB_NAME | awk '{print $3}'` - export AVD_ARCH=`echo $CI_JOB_NAME | awk '{print $4}'` - export AVD_PACKAGE="system-images;android-${AVD_SDK};${AVD_TAG};${AVD_ARCH}" - echo $AVD_PACKAGE - $ANDROID_HOME/cmdline-tools/latest/bin/avdmanager --verbose delete avd --name "$NAME_AVD" - export AVD="$AVD_PACKAGE" - echo y | $ANDROID_HOME/cmdline-tools/latest/bin/sdkmanager --install "$AVD" - echo no | $ANDROID_HOME/cmdline-tools/latest/bin/avdmanager --verbose create avd --name "$NAME_AVD" --package "$AVD" --device "pixel" - start-emulator.sh - ./gradlew installFullDebug - adb shell am start -n org.fdroid.fdroid.debug/org.fdroid.fdroid.views.main.MainActivity - if [ $AVD_SDK -lt 29 ] || ! emulator -accel-check; then export FLAG=-Pandroid.testInstrumentationRunnerArguments.notAnnotation=androidx.test.filters.LargeTest; fi - ./gradlew :app:connectedFullDebugAndroidTest :libs:database:connectedCheck :libs:download:connectedCheck :libs:index:connectedCheck $FLAG # Since jobs that require KVM need special runners, these jobs are # opt-in. To set up your fork to run KVM jobs, go to Settings -> # CI/CD -> Variables, and add a variable called RUN_KVM_JOBS with a # value of "1". For example, this is for the canonical repo: # # https://gitlab.com/fdroid/fdroidclient/-/settings/ci_cd#js-cicd-variables-settings .kvm-template: &kvm-template tags: - fdroid - kvm rules: - if: $RUN_KVM_JOBS <<: *test-template <<: *kvm-connected-template kvm jobs skipped: rules: - if: '$RUN_KVM_JOBS == null || $RUN_KVM_JOBS == "" || $RUN_KVM_JOBS == "0"' image: alpine # this only needs printf, so it should be as small as possible variables: GIT_DEPTH: 1 script: - printf '\x1b[33mJobs that require KVM need special runners, these jobs are opt-in. To set up your fork to run KVM jobs, go to Settings -> CI/CD -> Variables, and add a variable called RUN_KVM_JOBS with a value of "1". This link should take you there:\n' - printf "\x1b[32m${CI_SERVER_URL}/$CI_PROJECT_PATH/-/settings/ci_cd#js-cicd-variables-settings\n" kvm 23 default x86: <<: *test-template <<: *kvm-template pages: extends: .base stage: deploy only: - master script: - ./gradlew :libs:download:dokkaHtml :libs:index:dokkaHtml :libs:database:dokkaHtml - mkdir -p public/libs - touch public/index.html public/libs/index.html - cp -r libs/download/build/dokka/html public/libs/download - cp -r libs/index/build/dokka/html public/libs/index - cp -r libs/database/build/dokka/html public/libs/database artifacts: paths: - public deploy_nightly: extends: .base stage: deploy only: - master variables: JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64 script: - test -z "$DEBUG_KEYSTORE" && exit 0 - apt-get install -t bullseye-backports openjdk-17-jdk-headless fdroidserver - sed -i 's,.*,F-Nightly,' app/src/main/res/values*/strings.xml # add this nightly repo as a enabled repo - sed -i -e '/<\/string-array>/d' -e '/<\/resources>/d' app/src/main/res/values/default_repos.xml - echo "${CI_PROJECT_PATH}-nightly" >> app/src/main/res/values/default_repos.xml - echo "${CI_PROJECT_URL}-nightly/-/raw/master/fdroid/repo" >> app/src/main/res/values/default_repos.xml - cat config/nightly-repo/repo.xml >> app/src/main/res/values/default_repos.xml - export DB=`sed -n 's,.*version *= *\([0-9][0-9]*\).*,\1,p' libs/database/src/main/java/org/fdroid/database/FDroidDatabase.kt` - export versionCode=`printf '%d%05d' $DB $(date '+%s'| cut -b1-8)` - sed -i "s,^\(\s*versionCode\) *[0-9].*,\1 $versionCode," app/build.gradle # build the APKs! - ./gradlew assembleDebug - fdroid nightly -v