Skip to content

[Snyk] Security upgrade react-native from 0.72.3 to 0.73.0 #1628

[Snyk] Security upgrade react-native from 0.72.3 to 0.73.0

[Snyk] Security upgrade react-native from 0.72.3 to 0.73.0 #1628

name: Android build on Ubuntu
on:
push:
branches:
- develop
- upgrade/*
pull_request:
branches:
- develop
- main
jobs:
build:
runs-on: ubuntu-latest
timeout-minutes: 30
steps:
- name: Checkout branch
uses: actions/checkout@v2
- name: Upgrade npm to latest version
run: sudo npm i -g npm@latest
- name: Check versions
run: |
echo "Node version:"
node --version
echo "NPM version:"
npm --version
echo "Java version:"
java -version
echo "PATH:"
echo $PATH
echo "ANDROID_HOME:"
echo $ANDROID_HOME
echo "Bash version:"
bash -version
- name: Installing google-drive-upload script
env:
CLIENT_ID: ${{ secrets.GOOGLE_DRIVE_CLIENT_ID }}
CLIENT_SECRET: ${{ secrets.GOOGLE_DRIVE_CLIENT_SECRET }}
REFRESH_TOKEN: ${{ secrets.GOOGLE_DRIVE_REFRESH_TOKEN }}
ACCESS_TOKEN: ${{ secrets.GOOGLE_DRIVE_ACCESS_TOKEN }}
run: |
source ~/.bashrc
echo $PATH
curl --compressed -s https://raw.githubusercontent.com/labbots/google-drive-upload/v2.7/install.sh | bash -s -- -R v2.7
echo "CLIENT_ID=\"$CLIENT_ID\"" >> ~/.googledrive.conf
echo "CLIENT_SECRET=\"$CLIENT_SECRET\"" >> ~/.googledrive.conf
echo "REFRESH_TOKEN=\"$REFRESH_TOKEN\"" >> ~/.googledrive.conf
echo "ACCESS_TOKEN=\"$ACCESS_TOKEN\"" >> ~/.googledrive.conf
echo "ACCESS_TOKEN_EXPIRY=" >> ~/.googledrive.conf
echo "ROOT_FOLDER=\"1sO16rDuJA8McRA8-Q-I6R2OjMGcG4nEp\"" >> ~/.googledrive.conf
echo "ROOT_FOLDER_NAME=" >> ~/.googledrive.conf
- name: Caching node modules
uses: actions/cache@v1
with:
path: ~/.npm
key: ${{ runner.os }}-node-treemapper2-${{ hashFiles('package-lock.json') }}
restore-keys: |
${{ runner.os }}-node-treemapper2-
- name: Install npm
run: npm install --legacy-peer-deps
- name: Setting Environment Variables
env:
MAPBOXGL_ACCCESS_TOKEN: ${{ secrets.MAPBOXGL_ACCCESS_TOKEN }}
BUGSNAP_CLIENT_KEY: ${{ secrets.BUGSNAP_CLIENT_KEY }}
AUTH0_DOMAIN: ${{ secrets.AUTH0_DOMAIN }}
AUTH0_CLIENT_ID: ${{ secrets.AUTH0_CLIENT_ID }}
API_ENDPOINT: ${{ secrets.API_ENDPOINT }}
CDN_URL: ${{ secrets.CDN_URL }}
WEB_APP_URL: ${{ secrets.WEB_APP_URL }}
run: |
echo "MAPBOXGL_ACCCESS_TOKEN=$MAPBOXGL_ACCCESS_TOKEN" >> .env
echo "BUGSNAP_CLIENT_KEY=$BUGSNAP_CLIENT_KEY" >> .env
echo "AUTH0_DOMAIN=$AUTH0_DOMAIN" >> .env
echo "AUTH0_CLIENT_ID=$AUTH0_CLIENT_ID" >> .env
echo "API_ENDPOINT=$API_ENDPOINT" >> .env
echo "CDN_URL=$CDN_URL" >> .env
echo "WEB_APP_URL=$WEB_APP_URL" >> .env
cp .env .env.staging
- name: Preparing Android build
env:
android_release_password: ${{ secrets.ANDROID_RELEASE_PASSWORD }}
download_token: ${{ secrets.MAPBOXGL_DOWNLOAD_TOKEN }}
run: |
# prepare local.properties
echo "MYAPP_RELEASE_STORE_PASSWORD=$android_release_password" > android/local.properties
echo "MYAPP_RELEASE_KEY_PASSWORD=$android_release_password" >> android/local.properties
echo "MAPBOX_DOWNLOADS_TOKEN=$download_token" >> android/local.properties
- name: Fixes for Android Build
run: |
# fix problems with 'Error: ENOSPC: System limit for number of file watchers reached'
# echo fs.inotify.max_user_watches=524288 | sudo tee -a /etc/sysctl.conf && sudo sysctl -p
# fix for task ':app:stripDevelopReleaseDebugSymbols'
# (echo y; echo y; echo y;) | sudo $ANDROID_HOME/tools/bin/sdkmanager 'ndk;20.0.5594570'
- name: Caching Gradle dependencies
uses: actions/cache@v1
with:
path: ~/.gradle/caches
key: ${{ runner.os }}-gradle-treemapper2-${{ hashFiles('android/*.gradle') }}
restore-keys: |
${{ runner.os }}-gradle-treemapper2-
- name: Android Build
run: ./gradlew assembleStagingRelease --stacktrace --no-daemon
working-directory: ./android
# We only have 0.5GB space to store artifacts for GitHub actions
# - name: Upload Artifact
# uses: actions/upload-artifact@v1
# with:
# name: app-release.apk
# path: android/app/build/outputs/apk/release/
- name: Prepare Android APK for upload
run: |
upload_file=TreeMapper-`echo $GITHUB_REF | awk '{split($0,a,"/"); print a[3]}'`.apk
echo "upload_file=$upload_file" >> $GITHUB_ENV
mkdir -p uploads
mv android/app/build/outputs/apk/staging/release/app-staging-release.apk uploads/$upload_file
# depends on existence of upload file at uploads/$upload_file
- name: Upload Android APK to Browserstack
env:
BROWSERSTACK_ACCESS_KEY: ${{ secrets.BROWSERSTACK_ACCESS_KEY }}
run: |
curl -u "planetit1:$BROWSERSTACK_ACCESS_KEY" -X POST "https://api-cloud.browserstack.com/app-live/upload" -F "file=@uploads/$upload_file"
curl -u "planetit1:$BROWSERSTACK_ACCESS_KEY" -X POST "https://api-cloud.browserstack.com/app-automate/upload" -F "file=@uploads/$upload_file"
# depends on existence of upload file at uploads/$upload_file
- name: Upload Android APK to Google Drive
run: |
source ~/.bashrc
# this is a dirty hack as adding the path with source ~/.bashrc does not seem to work
source ~/.google-drive-upload/google-drive-upload.binpath
gupload -C TreeMapperApp uploads/$upload_file
- name: Slack notification
env:
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
run: |
payload="{\"channel\": \"#notifications-git\", \"username\": \"webhookbot\", \"text\": \"Finished GitHub action $GITHUB_WORKFLOW for $GITHUB_REF (TreeMapper)\"}"
curl -X POST --data-urlencode "payload=$payload" https://hooks.slack.com/services/$SLACK_WEBHOOK_URL