Mike/Kordant
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
Kordant/.github/workflows/ci.yml
Michael Freno e33ddf3002 feat: complete Tasks 21-28 — backend integration, security hardening, UI tests & CI 
- Add Apple Sign-In backend (JWKS verification, account linking, session management)
- Implement push notification deep linking with NotificationDeepLinkRouter
- Add jailbreak detection, runtime integrity monitoring, secure enclave service
- Implement OAuth social login, token refresh, and secure logout flows
- Add image caching (memory/disk), optimizer, upload queue, async semaphore
- Implement notification analytics, type preferences, and category setup
- Expand UI test suite with UITestBase, accessibility, auth flow, performance tests
- Add CI pipeline for iOS UI tests (3 device sizes) and performance benchmarks
- Restructure Xcode project to manual groups with KordantWidgets target
- Add SwiftLint, Swift Collections/Algorithms/GoogleSignIn dependencies
- Update project.yml for XcodeGen with new targets and configurations
2026-06-02 15:01:38 -04:00

279 lines
8.0 KiB
YAML
Raw Permalink Blame History

name: CI
on:
push:
branches: [main]
pull_request:
branches: [main]
concurrency:
group: ${{ github.workflow }}-${{ github.ref }}
cancel-in-progress: true
jobs:
lint-typecheck:
name: Lint & TypeCheck
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: 9
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Web lint
run: pnpm --filter web lint
- name: Extension lint
run: pnpm --filter browser-ext lint
test:
name: Test
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: 9
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Web tests
run: pnpm --filter web test
- name: Extension tests
run: pnpm --filter browser-ext test
build:
name: Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: 9
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Build web
run: pnpm --filter web build
- name: Build extension
run: pnpm --filter browser-ext build
- name: Upload web artifact
uses: actions/upload-artifact@v4
with:
name: web-build
path: web/.output
retention-days: 7
security:
name: Security Audit
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- uses: pnpm/action-setup@v4
with:
version: 9
- uses: actions/setup-node@v4
with:
node-version: 22
cache: pnpm
- run: pnpm install --frozen-lockfile
- name: Audit dependencies
run: pnpm audit --audit-level=high || true
- name: Check for secrets
run: |
if grep -r "sk_live_" web/.env* 2>/dev/null | grep -v "^\s*#" | grep -v '""'; then
echo "::error::Potential secret found in env files"
exit 1
fi
ios-ui-tests:
name: iOS UI Tests
runs-on: macos-14
needs: [lint-typecheck]
steps:
- uses: actions/checkout@v4
- name: Select Xcode
run: |
sudo xcode-select -s /Applications/Xcode.app/Contents/Developer
xcodebuild -version
xcrun simctl list devices
- name: Install xcpretty
run: gem install xcpretty --no-document || true
- name: Build for UI Testing
run: |
cd iOS
xcodebuild build-for-testing \
-project Kordant.xcodeproj \
-scheme Kordant \
-sdk iphonesimulator \
-destination 'platform=iOS Simulator,name=iPhone 15 Pro Max,OS=latest' \
CODE_SIGNING_ALLOWED=NO 2>&1 | xcpretty -c && exit ${PIPESTATUS[0]}
- name: Run UI Tests on iPhone 15 Pro Max
run: |
cd iOS
xcodebuild test-without-building \
-project Kordant.xcodeproj \
-scheme Kordant \
-destination 'platform=iOS Simulator,name=iPhone 15 Pro Max,OS=latest' \
-resultBundlePath TestResults/iPhone15ProMax.xcresult \
CODE_SIGNING_ALLOWED=NO 2>&1 | xcpretty -c && exit ${PIPESTATUS[0]}
- name: Run UI Tests on iPhone 14
run: |
cd iOS
xcodebuild test-without-building \
-project Kordant.xcodeproj \
-scheme Kordant \
-destination 'platform=iOS Simulator,name=iPhone 14,OS=latest' \
-resultBundlePath TestResults/iPhone14.xcresult \
CODE_SIGNING_ALLOWED=NO 2>&1 | xcpretty -c && exit ${PIPESTATUS[0]}
- name: Run UI Tests on iPhone SE (3rd gen)
run: |
cd iOS
xcodebuild test-without-building \
-project Kordant.xcodeproj \
-scheme Kordant \
-destination 'platform=iOS Simulator,name=iPhone SE (3rd generation),OS=latest' \
-resultBundlePath TestResults/iPhoneSE.xcresult \
CODE_SIGNING_ALLOWED=NO 2>&1 | xcpretty -c && exit ${PIPESTATUS[0]}
- name: Upload Test Results
if: always()
uses: actions/upload-artifact@v4
with:
name: ios-ui-test-results
path: iOS/TestResults/
retention-days: 14
- name: Upload Screenshots on Failure
if: failure()
uses: actions/upload-artifact@v4
with:
name: ios-ui-test-screenshots
path: |
~/Library/Developer/Xcode/DerivedData/**/Logs/Test/*.png
iOS/TestResults/**/*.xcresult
retention-days: 7
ios-performance-tests:
name: iOS Performance Tests
runs-on: macos-14
needs: [lint-typecheck]
steps:
- uses: actions/checkout@v4
- name: Select Xcode
run: |
sudo xcode-select -s /Applications/Xcode.app/Contents/Developer
xcodebuild -version
- name: Install xcpretty
run: gem install xcpretty --no-document || true
- name: Build for Performance Testing
run: |
cd iOS
xcodebuild build-for-testing \
-project Kordant.xcodeproj \
-scheme Kordant \
-testPlan PerformanceTests \
-sdk iphonesimulator \
-destination 'platform=iOS Simulator,name=iPhone 15 Pro,OS=latest' \
CODE_SIGNING_ALLOWED=NO 2>&1 | xcpretty -c && exit ${PIPESTATUS[0]}
- name: Run Unit Performance Tests
run: |
cd iOS
xcodebuild test-without-building \
-project Kordant.xcodeproj \
-scheme Kordant \
-testPlan PerformanceTests \
-destination 'platform=iOS Simulator,name=iPhone 15 Pro,OS=latest' \
-only-testing:KordantTests/XCTMetricPerformanceTests \
-resultBundlePath TestResults/UnitPerformance.xcresult \
CODE_SIGNING_ALLOWED=NO 2>&1 | xcpretty -c && exit ${PIPESTATUS[0]}
- name: Run UI Performance Tests (simulator — indicative only)
run: |
cd iOS
xcodebuild test-without-building \
-project Kordant.xcodeproj \
-scheme Kordant \
-testPlan PerformanceTests \
-destination 'platform=iOS Simulator,name=iPhone 15 Pro,OS=latest' \
-only-testing:KordantUITests/LaunchPerformanceTests \
-only-testing:KordantUITests/ScrollPerformanceTests \
-only-testing:KordantUITests/NavigationPerformanceTests \
-only-testing:KordantUITests/MemoryPerformanceTests \
-only-testing:KordantUITests/DataLoadingPerformanceTests \
-resultBundlePath TestResults/UIPerformance.xcresult \
CODE_SIGNING_ALLOWED=NO 2>&1 | xcpretty -c && exit ${PIPESTATUS[0]}
- name: Upload Performance Test Results
if: always()
uses: actions/upload-artifact@v4
with:
name: ios-performance-test-results
path: iOS/TestResults/
retention-days: 30
- name: Post Performance Report
if: always()
run: |
echo "## iOS Performance Test Results" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "⚠️ **Note:** UI performance tests run on simulators for regression detection only." >> $GITHUB_STEP_SUMMARY
echo "Final performance baselines must be validated on physical devices." >> $GITHUB_STEP_SUMMARY
docker:
name: Docker Build
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v4
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
- name: Build web image
uses: docker/build-push-action@v5
with:
context: .
file: web/Dockerfile
push: false
tags: kordant-web:test
cache-from: type=gha
cache-to: type=gha,mode=max
Reference in New Issue View Git Blame Copy Permalink