diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 00000000..e3181f81 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,14 @@ +# To get started with Dependabot version updates, you'll need to specify which +# package ecosystems to update and where the package manifests are located. +# Please see the documentation for all configuration options: +# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates + +version: 2 +updates: + - package-ecosystem: "gradle" + directory: "/" + schedule: + interval: "daily" + + commit-message: + prefix: "[Android]" diff --git a/.github/workflows/android.yaml b/.github/workflows/android.yaml new file mode 100644 index 00000000..14b613a4 --- /dev/null +++ b/.github/workflows/android.yaml @@ -0,0 +1,43 @@ +name: Android CI + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + + +jobs: + build: + + runs-on: ubuntu-latest + + steps: + - uses: actions/checkout@v1 + + - name: ๐Ÿงฑ Set Up JDK + uses: actions/setup-java@v1 + with: + java-version: 11 + + - name: Grant Gradlew rights + run: chmod +x gradlew + + - name: ๐Ÿงช Run Tests + run: ./gradlew test + + - name: ๐Ÿ›  Build Project with Spotless Check + run: ./gradlew spotlessCheck + + - name: โณ Build with Gradle + run: ./gradlew build + + - name: ๐Ÿ— Build APK + run: bash ./gradlew assembleProductionDebug --stacktrace + + - name: ๐Ÿš€ Upload APK ๐Ÿ“ฑ + uses: actions/upload-artifact@v2 + with: + name: app + path: app/build/outputs/apk/production/debug/*.apk + retention-days: 3 diff --git a/.github/workflows/detekt-analysis.yml b/.github/workflows/detekt-analysis.yml new file mode 100644 index 00000000..994634a5 --- /dev/null +++ b/.github/workflows/detekt-analysis.yml @@ -0,0 +1,103 @@ +# This workflow performs a static analysis of your Kotlin source code using +# Detekt. +# +# Scans are triggered: +# 1. On every push to default and protected branches +# 2. On every Pull Request targeting the default branch +# 3. On a weekly schedule +# 4. Manually, on demand, via the "workflow_dispatch" event +# +# The workflow should work with no modifications, but you might like to use a +# later version of the Detekt CLI by modifing the $DETEKT_RELEASE_TAG +# environment variable. +name: Scan with Detekt + +on: + # Triggers the workflow on push or pull request events but only for default and protected branches + push: + branches: [ master ] + pull_request: + branches: [ master ] + schedule: + - cron: '19 0 * * 2' + + # Allows you to run this workflow manually from the Actions tab + workflow_dispatch: + +env: + # Release tag associated with version of Detekt to be installed + # SARIF support (required for this workflow) was introduced in Detekt v1.15.0 + DETEKT_RELEASE_TAG: v1.15.0 + +# A workflow run is made up of one or more jobs that can run sequentially or in parallel +jobs: + # This workflow contains a single job called "scan" + scan: + name: Scan + # The type of runner that the job will run on + runs-on: ubuntu-latest + + # Steps represent a sequence of tasks that will be executed as part of the job + steps: + # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it + - uses: actions/checkout@v2 + + # Gets the download URL associated with the $DETEKT_RELEASE_TAG + - name: Get Detekt download URL + id: detekt_info + env: + GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + DETEKT_DOWNLOAD_URL=$( gh api graphql --field tagName=$DETEKT_RELEASE_TAG --raw-field query=' + query getReleaseAssetDownloadUrl($tagName: String!) { + repository(name: "detekt", owner: "detekt") { + release(tagName: $tagName) { + releaseAssets(name: "detekt", first: 1) { + nodes { + downloadUrl + } + } + } + } + } + ' | \ + jq --raw-output '.data.repository.release.releaseAssets.nodes[0].downloadUrl' ) + echo "::set-output name=download_url::$DETEKT_DOWNLOAD_URL" + + # Sets up the detekt cli + - name: Setup Detekt + run: | + dest=$( mktemp -d ) + curl --request GET \ + --url ${{ steps.detekt_info.outputs.download_url }} \ + --silent \ + --location \ + --output $dest/detekt + chmod a+x $dest/detekt + echo $dest >> $GITHUB_PATH + + # Performs static analysis using Detekt + - name: Run Detekt + continue-on-error: true + run: | + detekt --input ${{ github.workspace }} --report sarif:${{ github.workspace }}/detekt.sarif.json + + # Modifies the SARIF output produced by Detekt so that absolute URIs are relative + # This is so we can easily map results onto their source files + # This can be removed once relative URI support lands in Detekt: https://git.io/JLBbA + - name: Make artifact location URIs relative + continue-on-error: true + run: | + echo "$( + jq \ + --arg github_workspace ${{ github.workspace }} \ + '. | ( .runs[].results[].locations[].physicalLocation.artifactLocation.uri |= if test($github_workspace) then .[($github_workspace | length | . + 1):] else . end )' \ + ${{ github.workspace }}/detekt.sarif.json + )" > ${{ github.workspace }}/detekt.sarif.json + + # Uploads results to GitHub repository using the upload-sarif action + - uses: github/codeql-action/upload-sarif@v1 + with: + # Path to SARIF file relative to the root of the repository + sarif_file: ${{ github.workspace }}/detekt.sarif.json + checkout_path: ${{ github.workspace }} diff --git a/.idea/gradle.xml b/.idea/gradle.xml index c6e0331b..e522106a 100644 --- a/.idea/gradle.xml +++ b/.idea/gradle.xml @@ -12,6 +12,8 @@