image: registry.gitlab.com/fdroid/fdroidserver:buildserver-bullseye
stages:
- lint
- test
- deploy
# only create a pipeline if it is a merge request, not for plain
# branches, unless that branch is master.
workflow:
rules:
- if: '$CI_PIPELINE_SOURCE == "merge_request_event"'
- if: '$CI_PIPELINE_SOURCE == "web"'
- if: '$CI_PIPELINE_SOURCE == "webide"'
- if: '$CI_COMMIT_BRANCH == $CI_DEFAULT_BRANCH'
.base:
tags:
- saas-linux-xlarge-amd64
variables:
JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64
before_script:
- echo "org.gradle.caching=true" >> gradle.properties
- test -e /etc/apt/sources.list.d/bullseye-backports.list
|| echo "deb http://deb.debian.org/debian bullseye-backports main" >> /etc/apt/sources.list
- apt update
- apt-get -qy install -t bullseye-backports --no-install-recommends git sdkmanager openjdk-17-jdk-headless
- test -n "$ANDROID_HOME" || source /etc/profile.d/bsenv.sh
- export cmdline_tools_latest="$ANDROID_HOME/cmdline-tools/latest/bin"
- test -e $cmdline_tools_latest && export PATH="$cmdline_tools_latest:$PATH"
- export GRADLE_USER_HOME=$PWD/.gradle
- export ANDROID_COMPILE_SDK=`sed -n 's,.*compileSdk\s*\([0-9][0-9]*\).*,\1,p' app/build.gradle`
- echo y | sdkmanager "platforms;android-${ANDROID_COMPILE_SDK}" > /dev/null
# index-v1.jar tests need SHA1 support still, TODO use apksig to validate JAR sigs
- sed -i 's,SHA1 denyAfter 20[0-9][0-9],SHA1 denyAfter 2026,'
/usr/lib/jvm/java-17-openjdk-amd64/conf/security/java.security
after_script:
# this file changes every time but should not be cached
- rm -f $GRADLE_USER_HOME/caches/modules-2/modules-2.lock
- rm -fr $GRADLE_USER_HOME/caches/*/plugin-resolution/
cache:
key: '${CI_PROJECT_PATH}_${CI_COMMIT_REF_NAME}_${CI_COMMIT_SHA}'
paths:
- .gradle/wrapper
- .gradle/caches
.test-template: &test-template
extends: .base
stage: test
artifacts:
name: "${CI_PROJECT_PATH}_${CI_JOB_STAGE}_${CI_COMMIT_REF_NAME}_${CI_COMMIT_SHA}"
paths:
- kernel.log
- logcat.txt
- app/core*
- app/*.log
- app/build/reports
- app/build/outputs/*ml
- app/build/outputs/apk
- libs/*/build/reports
- build/reports
reports:
junit:
- app/build/**/TEST-*.xml
- libs/*/build/**/TEST-*.xml
expire_in: 1 week
when: on_failure
after_script:
- echo "Download debug artifacts from https://gitlab.com/${CI_PROJECT_PATH}/-/jobs"
# this file changes every time but should not be cached
- rm -f $GRADLE_USER_HOME/caches/modules-2/modules-2.lock
- rm -fr $GRADLE_USER_HOME/caches/*/plugin-resolution/
.always-on-these-changes: &always-on-these-changes
changes:
- .gitlab-ci.yml
- build.gradle
app assembleFullRelease test:
<<: *test-template
rules:
- <<: *always-on-these-changes
- changes:
- app/**/*
- libs/**/*
script:
- ./gradlew :app:assembleFullRelease :app:testFullDebugUnitTest
artifacts:
name: "${CI_PROJECT_PATH}_${CI_JOB_STAGE}_${CI_COMMIT_REF_NAME}_${CI_COMMIT_SHA}"
paths:
- app/build/reports
- app/build/outputs/apk
- libs/*/build/reports
reports:
junit:
- app/build/test-results/*/TEST-*.xml
expire_in: 1 week
when: always
libs db test:
<<: *test-template
rules:
- <<: *always-on-these-changes
- changes:
- libs/database/**/*
script:
- ./gradlew :libs:database:testDebugUnitTest
libs download test:
<<: *test-template
rules:
- <<: *always-on-these-changes
- changes:
- libs/download/**/*
script:
- ./gradlew :libs:download:testDebugUnitTest
libs index test:
<<: *test-template
rules:
- <<: *always-on-these-changes
- changes:
- libs/index/**/*
script:
- ./gradlew :libs:index:testDebugUnitTest
app lint pmd checkstyle:
<<: *test-template
stage: lint
rules:
- <<: *always-on-these-changes
- changes:
- app/**/*
script:
# always report on lint errors to the build log
- sed -i -e 's,textReport .*,textReport true,' app/build.gradle
# the tasks "lint", "test", etc don't always include everything
- ./gradlew :app:lint :app:pmd :app:checkstyle :app:ktlintCheck
libs lint ktlintCheck:
<<: *test-template
stage: lint
rules:
- <<: *always-on-these-changes
- changes:
- libs/**/*
script:
# always report on lint errors to the build log
- sed -i -e 's,textReport .*,textReport true,' app/build.gradle
- ./gradlew :libs:database:lint :libs:download:lint :libs:index:lint ktlintCheck
app tools scripts:
stage: lint
image: debian:bullseye-slim
rules:
- <<: *always-on-these-changes
- changes:
- app/**/*
script:
- apt-get update
- apt-get -qy install --no-install-recommends git python3
- ./tools/check-format-strings.py
- ./tools/check-fastlane-whitespace.py
- ./tools/remove-unused-and-blank-translations.py
- echo "These are unused or blank translations that should be removed:"
- git --no-pager diff --ignore-all-space --name-only --exit-code app/src/*/res/values*/strings.xml
app weblate merge conflict:
stage: lint
image: debian:bookworm-slim
rules:
- changes:
- .gitlab-ci.yml
- app/src/*/res/values*/strings.xml
- metadata/
script:
- apt-get update
- apt-get -qy install --no-install-recommends ca-certificates git
- git config user.name "$CI_PIPELINE_ID/$CI_JOB_ID"
- git config user.email $CI_PROJECT_PATH@f-droid.org
- git fetch https://hosted.weblate.org/git/f-droid/f-droid
- git checkout -B weblate FETCH_HEAD
- export EXITVALUE=0
- if ! git rebase $CI_COMMIT_SHA; then
export EXITVALUE=1;
set -x;
while git rebase --skip; do echo; done;
set +x;
fi
- git diff --exit-code
- exit $EXITVALUE
app errorprone:
extends: .base
stage: lint
rules:
- <<: *always-on-these-changes
- changes:
- app/**/*
script:
- sed -i "s@plugins {@plugins{\nid 'net.ltgt.errorprone' version '3.1.0'@" app/build.gradle
- cat config/errorprone.gradle >> app/build.gradle
- ./gradlew -Dorg.gradle.dependency.verification=lenient assembleDebug
libs database schema:
stage: lint
image: debian:bullseye-backports
rules:
- <<: *always-on-these-changes
- changes:
- libs/database/**/*
variables:
JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64
script:
- apt-get update
- apt-get -qy --no-install-recommends install openjdk-17-jdk-headless git sdkmanager
- export ANDROID_HOME=/opt/android-sdk
- export ANDROID_COMPILE_SDK=`sed -n 's,.*compileSdk\s*\([0-9][0-9]*\).*,\1,p' app/build.gradle`
- sdkmanager "platforms;android-$ANDROID_COMPILE_SDK" "build-tools;34.0.0"
- ./gradlew :libs:database:kaptDebugKotlin
- git --no-pager diff --exit-code
# Run the tests in the emulator. Each step is broken out to run on
# its own since the CI runner can have limited RAM, and the emulator
# can take a while to start.
#
# once these prove stable, the task should be switched to
# connectedCheck to test all the build flavors
.connected-template: &connected-template
extends: .base
script:
- ./gradlew assembleFullDebug
- export AVD_SDK=`echo $CI_JOB_NAME | awk '{print $2}'`
- export AVD_TAG=`echo $CI_JOB_NAME | awk '{print $3}'`
- export AVD_ARCH=`echo $CI_JOB_NAME | awk '{print $4}'`
- export AVD_PACKAGE="system-images;android-${AVD_SDK};${AVD_TAG};${AVD_ARCH}"
- echo $AVD_PACKAGE
- ls -l ~/.android
- adb start-server
- start-emulator
- wait-for-emulator
- adb devices
- adb shell input keyevent 82 &
- ./gradlew installFullDebug
- adb shell am start -n org.fdroid.fdroid.debug/org.fdroid.fdroid.views.main.MainActivity
- if [ $AVD_SDK -lt 29 ] || ! emulator -accel-check; then
export FLAG=-Pandroid.testInstrumentationRunnerArguments.notAnnotation=androidx.test.filters.LargeTest;
fi
- ./gradlew connectedFullDebugAndroidTest $FLAG
.kvm-connected-template: &kvm-connected-template
extends: .base
image: briar/ci-image-android-emulator:latest
tags:
- kvm
script:
- ./gradlew assembleFullDebug
- export AVD_SDK=`echo $CI_JOB_NAME | awk '{print $2}'`
- export AVD_TAG=`echo $CI_JOB_NAME | awk '{print $3}'`
- export AVD_ARCH=`echo $CI_JOB_NAME | awk '{print $4}'`
- export AVD_PACKAGE="system-images;android-${AVD_SDK};${AVD_TAG};${AVD_ARCH}"
- echo $AVD_PACKAGE
- $ANDROID_HOME/cmdline-tools/latest/bin/avdmanager --verbose delete avd --name "$NAME_AVD"
- export AVD="$AVD_PACKAGE"
- echo y | $ANDROID_HOME/cmdline-tools/latest/bin/sdkmanager --install "$AVD"
- echo no | $ANDROID_HOME/cmdline-tools/latest/bin/avdmanager --verbose create avd --name "$NAME_AVD" --package "$AVD" --device "pixel"
- start-emulator.sh
- ./gradlew installFullDebug
- adb shell am start -n org.fdroid.fdroid.debug/org.fdroid.fdroid.views.main.MainActivity
- if [ $AVD_SDK -lt 29 ] || ! emulator -accel-check; then
export FLAG=-Pandroid.testInstrumentationRunnerArguments.notAnnotation=androidx.test.filters.LargeTest;
fi
- ./gradlew :app:connectedFullDebugAndroidTest :libs:database:connectedCheck :libs:download:connectedCheck :libs:index:connectedCheck $FLAG
# Since jobs that require KVM need special runners, these jobs are
# opt-in. To set up your fork to run KVM jobs, go to Settings ->
# CI/CD -> Variables, and add a variable called RUN_KVM_JOBS with a
# value of "1". For example, this is for the canonical repo:
#
# https://gitlab.com/fdroid/fdroidclient/-/settings/ci_cd#js-cicd-variables-settings
.kvm-template: &kvm-template
tags:
- fdroid
- kvm
rules:
- if: $RUN_KVM_JOBS
<<: *test-template
<<: *kvm-connected-template
kvm jobs skipped:
rules:
- if: '$RUN_KVM_JOBS == null || $RUN_KVM_JOBS == "" || $RUN_KVM_JOBS == "0"'
image: alpine # this only needs printf, so it should be as small as possible
variables:
GIT_DEPTH: 1
script:
- printf '\x1b[33mJobs that require KVM need special runners, these jobs are opt-in. To set up your fork to run KVM jobs, go to Settings -> CI/CD -> Variables, and add a variable called RUN_KVM_JOBS with a value of "1". This link should take you there:\n'
- printf "\x1b[32m${CI_SERVER_URL}/$CI_PROJECT_PATH/-/settings/ci_cd#js-cicd-variables-settings\n"
kvm 23 default x86:
<<: *test-template
<<: *kvm-template
pages:
extends: .base
stage: deploy
only:
- master
script:
- ./gradlew :libs:download:dokkaHtml :libs:index:dokkaHtml :libs:database:dokkaHtml
- mkdir -p public/libs
- touch public/index.html public/libs/index.html
- cp -r libs/download/build/dokka/html public/libs/download
- cp -r libs/index/build/dokka/html public/libs/index
- cp -r libs/database/build/dokka/html public/libs/database
artifacts:
paths:
- public
deploy_nightly:
extends: .base
stage: deploy
only:
- master
variables:
JAVA_HOME: /usr/lib/jvm/java-17-openjdk-amd64
script:
- test -z "$DEBUG_KEYSTORE" && exit 0
- apt-get install -t bullseye-backports openjdk-17-jdk-headless fdroidserver
- sed -i
's,.*,F-Nightly,'
app/src/main/res/values*/strings.xml
# add this nightly repo as a enabled repo
- sed -i -e '/<\/string-array>/d' -e '/<\/resources>/d' app/src/main/res/values/default_repos.xml
- echo "- ${CI_PROJECT_PATH}-nightly
" >> app/src/main/res/values/default_repos.xml
- echo "- ${CI_PROJECT_URL}-nightly/-/raw/master/fdroid/repo
" >> app/src/main/res/values/default_repos.xml
- cat config/nightly-repo/repo.xml >> app/src/main/res/values/default_repos.xml
- export DB=`sed -n 's,.*version *= *\([0-9][0-9]*\).*,\1,p' libs/database/src/main/java/org/fdroid/database/FDroidDatabase.kt`
- export versionCode=`printf '%d%05d' $DB $(date '+%s'| cut -b1-8)`
- sed -i "s,^\(\s*versionCode\) *[0-9].*,\1 $versionCode," app/build.gradle
# build the APKs!
- ./gradlew assembleDebug
- fdroid nightly -v