Running static code analysis and unit tests #68
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR checks | |
| run-name: Running static code analysis and unit tests | |
| on: | |
| pull_request: | |
| branches: | |
| - "dev" | |
| - "releases/**" | |
| jobs: | |
| static-analysis-check: | |
| name: Static code analysis | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: "Set up JDK 17" | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: "17" | |
| distribution: "temurin" | |
| cache: gradle | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v3 | |
| - name: "Run static analysis" | |
| run: ./gradlew detektAll lintReportDebug mergeLintSarif | |
| continue-on-error: false | |
| - name: "Upload Detkt sarif results" | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: build/reports/detekt/detekt.sarif | |
| category: detekt | |
| - name: "Upload Lint sarif results" | |
| uses: github/codeql-action/upload-sarif@v3 | |
| with: | |
| sarif_file: build/reports/lint-merged.sarif | |
| category: lint | |
| run-unit-tests: | |
| name: Run unit tests | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: "Set up JDK 17" | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: "17" | |
| distribution: "temurin" | |
| cache: gradle | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v3 | |
| - name: Run unit tests | |
| run: ./gradlew testDebugUnitTest --continue | |
| - name: Publish Test Report | |
| uses: mikepenz/action-junit-report@v4 | |
| if: always() | |
| with: | |
| report_paths: '**/build/test-results/**/TEST-*.xml' | |
| dependency-guard-check: | |
| name: Dependency Guard Check | |
| runs-on: ubuntu-latest | |
| permissions: | |
| pull-requests: write | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: "Set up JDK 17" | |
| uses: actions/setup-java@v4 | |
| with: | |
| java-version: "17" | |
| distribution: "temurin" | |
| cache: gradle | |
| - name: Setup Gradle | |
| uses: gradle/actions/setup-gradle@v3 | |
| - name: Run Dependency Guard | |
| id: dependency-guard | |
| run: | | |
| if ./gradlew modo-compose:dependencyGuard; then | |
| echo "result=success" >> $GITHUB_OUTPUT | |
| else | |
| echo "result=failure" >> $GITHUB_OUTPUT | |
| exit 1 | |
| fi | |
| continue-on-error: true | |
| - name: Comment on PR if Dependency Guard fails | |
| if: steps.dependency-guard.outputs.result == 'failure' | |
| uses: marocchino/sticky-pull-request-comment@v2 | |
| with: | |
| header: dependency-guard | |
| recreate: true | |
| message: | | |
| ## 🚨 Dependency Guard Check Failed | |
| The dependency guard check has detected changes in your dependencies that need review. | |
| ### What to do: | |
| 1. **Review the dependency changes**: Check what dependencies were added, updated, or removed | |
| 2. **Check release notes**: For any updated dependencies, review their release notes for breaking changes, security fixes, or important updates | |
| 3. **Test thoroughly**: Ensure the dependency changes don't break existing functionality | |
| 4. **Update the baseline**: If the dependency changes are intentional and safe, update the dependency guard baseline by running: | |
| ```bash | |
| ./gradlew modo-compose:dependencyGuardBaseline | |
| ``` | |
| ### More information: | |
| - View the full dependency guard report in the workflow logs | |
| - The dependency guard plugin helps prevent unintended dependency changes | |
| - Always review dependency updates for security and compatibility implications | |
| Please address these issues before merging this PR. | |
| - name: Remove dependency guard comment if check passes | |
| if: steps.dependency-guard.outputs.result == 'success' | |
| uses: marocchino/sticky-pull-request-comment@v2 | |
| with: | |
| header: dependency-guard | |
| delete: true | |
| - name: Fail job if Dependency Guard failed | |
| if: steps.dependency-guard.outputs.result == 'failure' | |
| run: exit 1 |