diff --git a/.github/actions/notices_generation/action.yml b/.github/actions/notices_generation/action.yml index 913573bdde8..efc3be25b95 100644 --- a/.github/actions/notices_generation/action.yml +++ b/.github/actions/notices_generation/action.yml @@ -34,11 +34,16 @@ runs: cd "${{ github.action_path }}" bundle install if ${{ inputs.search-local-pod-version == 'true' }} ; then - ruby app.rb --pods ${{ inputs.pods }} --sources ${{ inputs.sources }} --min_ios_version ${{ inputs.min-ios-version }} --search_local_pod_version --notices_path ${{ inputs.notices-path }} + ruby app.rb --pods ${INPUTS_PODS} --sources ${INPUTS_SOURCES} --min_ios_version ${INPUTS_MIN_IOS_VERSION} --search_local_pod_version --notices_path ${INPUTS_NOTICES_PATH} else - ruby app.rb --pods ${{ inputs.pods }} --sources ${{ inputs.sources }} --min_ios_version ${{ inputs.min-ios-version }} --notices_path ${{ inputs.notices-path }} + ruby app.rb --pods ${INPUTS_PODS} --sources ${INPUTS_SOURCES} --min_ios_version ${INPUTS_MIN_IOS_VERSION} --notices_path ${INPUTS_NOTICES_PATH} fi shell: bash + env: + INPUTS_PODS: ${{ inputs.pods }} + INPUTS_SOURCES: ${{ inputs.sources }} + INPUTS_MIN_IOS_VERSION: ${{ inputs.min-ios-version }} + INPUTS_NOTICES_PATH: ${{ inputs.notices-path }} - name: Upload artifacts uses: actions/upload-artifact@v3 with: diff --git a/.github/workflows/health-metrics-presubmit.yml b/.github/workflows/health-metrics-presubmit.yml index fa0a15b4b66..c54a0692d35 100644 --- a/.github/workflows/health-metrics-presubmit.yml +++ b/.github/workflows/health-metrics-presubmit.yml @@ -50,7 +50,7 @@ jobs: env: pr_branch: ${{ github.event.pull_request.head.ref }} run: | - if [ ! -z "${{ env.METRICS_SERVICE_SECRET }}" ]; then + if [ ! -z "${METRICS_SERVICE_SECRET}" ]; then ./scripts/health_metrics/get_updated_files.sh fi @@ -75,32 +75,48 @@ jobs: # Activate the service account for Metrics Service. scripts/decrypt_gha_secret.sh scripts/gha-encrypted/metrics_service_access.json.gpg \ - metrics-access.json "${{ env.METRICS_SERVICE_SECRET }}" + metrics-access.json "${METRICS_SERVICE_SECRET}" gcloud auth activate-service-account --key-file metrics-access.json - name: Build and test run: | - FirebaseABTesting=${{ needs.check.outputs.abtesting_run_job }} \ - FirebaseAnalytics=${{ needs.check.outputs.analytics_run_job }} \ - FirebaseAppCheck=${{ needs.check.outputs.appcheck_run_job }} \ - FirebaseAppDistribution=${{ needs.check.outputs.appdistribution_run_job }} \ - FirebaseAuth=${{ needs.check.outputs.auth_run_job }} \ - FirebaseCrashlytics=${{ needs.check.outputs.crashlytics_run_job }} \ - FirebaseDatabase=${{ needs.check.outputs.database_run_job }} \ - FirebaseDynamicLinks=${{ needs.check.outputs.dynamiclinks_run_job }} \ - FirebaseFirestore=${{ needs.check.outputs.firestore_run_job }} \ - FirebaseFunctions=${{ needs.check.outputs.functions_run_job}} \ - FirebaseInAppMessaging=${{ needs.check.outputs.inappmessaging_run_job }} \ - FirebaseInstallations=${{ needs.check.outputs.installations_run_job }} \ - FirebaseMessaging=${{ needs.check.outputs.messaging_run_job}} \ - FirebasePerformance=${{ needs.check.outputs.performance_run_job }} \ - FirebaseRemoteConfig=${{ needs.check.outputs.remoteconfig_run_job }} \ - FirebaseStorage=${{ needs.check.outputs.storage_run_job }} \ + FirebaseABTesting=${NEEDS_CHECK_OUTPUTS_ABTESTING_RUN_JOB} \ + FirebaseAnalytics=${NEEDS_CHECK_OUTPUTS_ANALYTICS_RUN_JOB} \ + FirebaseAppCheck=${NEEDS_CHECK_OUTPUTS_APPCHECK_RUN_JOB} \ + FirebaseAppDistribution=${NEEDS_CHECK_OUTPUTS_APPDISTRIBUTION_RUN_JOB} \ + FirebaseAuth=${NEEDS_CHECK_OUTPUTS_AUTH_RUN_JOB} \ + FirebaseCrashlytics=${NEEDS_CHECK_OUTPUTS_CRASHLYTICS_RUN_JOB} \ + FirebaseDatabase=${NEEDS_CHECK_OUTPUTS_DATABASE_RUN_JOB} \ + FirebaseDynamicLinks=${NEEDS_CHECK_OUTPUTS_DYNAMICLINKS_RUN_JOB} \ + FirebaseFirestore=${NEEDS_CHECK_OUTPUTS_FIRESTORE_RUN_JOB} \ + FirebaseFunctions=${NEEDS_CHECK_OUTPUTS_FUNCTIONS_RUN_JOB} \ + FirebaseInAppMessaging=${NEEDS_CHECK_OUTPUTS_INAPPMESSAGING_RUN_JOB} \ + FirebaseInstallations=${NEEDS_CHECK_OUTPUTS_INSTALLATIONS_RUN_JOB} \ + FirebaseMessaging=${NEEDS_CHECK_OUTPUTS_MESSAGING_RUN_JOB} \ + FirebasePerformance=${NEEDS_CHECK_OUTPUTS_PERFORMANCE_RUN_JOB} \ + FirebaseRemoteConfig=${NEEDS_CHECK_OUTPUTS_REMOTECONFIG_RUN_JOB} \ + FirebaseStorage=${NEEDS_CHECK_OUTPUTS_STORAGE_RUN_JOB} \ ./scripts/health_metrics/create_binary_size_report.sh env: PULL_REQUEST_NUM: ${{ github.event.pull_request.number }} BASE_COMMIT: ${{ needs.check.outputs.target_branch_head }} POSTSUBMIT: ${{ github.event.pull_request.merged }} SOURCE_BRANCH: ${{ github.base_ref }} + NEEDS_CHECK_OUTPUTS_ABTESTING_RUN_JOB: ${{ needs.check.outputs.abtesting_run_job }} + NEEDS_CHECK_OUTPUTS_ANALYTICS_RUN_JOB: ${{ needs.check.outputs.analytics_run_job }} + NEEDS_CHECK_OUTPUTS_APPCHECK_RUN_JOB: ${{ needs.check.outputs.appcheck_run_job }} + NEEDS_CHECK_OUTPUTS_APPDISTRIBUTION_RUN_JOB: ${{ needs.check.outputs.appdistribution_run_job }} + NEEDS_CHECK_OUTPUTS_AUTH_RUN_JOB: ${{ needs.check.outputs.auth_run_job }} + NEEDS_CHECK_OUTPUTS_CRASHLYTICS_RUN_JOB: ${{ needs.check.outputs.crashlytics_run_job }} + NEEDS_CHECK_OUTPUTS_DATABASE_RUN_JOB: ${{ needs.check.outputs.database_run_job }} + NEEDS_CHECK_OUTPUTS_DYNAMICLINKS_RUN_JOB: ${{ needs.check.outputs.dynamiclinks_run_job }} + NEEDS_CHECK_OUTPUTS_FIRESTORE_RUN_JOB: ${{ needs.check.outputs.firestore_run_job }} + NEEDS_CHECK_OUTPUTS_FUNCTIONS_RUN_JOB: ${{ needs.check.outputs.functions_run_job}} + NEEDS_CHECK_OUTPUTS_INAPPMESSAGING_RUN_JOB: ${{ needs.check.outputs.inappmessaging_run_job }} + NEEDS_CHECK_OUTPUTS_INSTALLATIONS_RUN_JOB: ${{ needs.check.outputs.installations_run_job }} + NEEDS_CHECK_OUTPUTS_MESSAGING_RUN_JOB: ${{ needs.check.outputs.messaging_run_job}} + NEEDS_CHECK_OUTPUTS_PERFORMANCE_RUN_JOB: ${{ needs.check.outputs.performance_run_job }} + NEEDS_CHECK_OUTPUTS_REMOTECONFIG_RUN_JOB: ${{ needs.check.outputs.remoteconfig_run_job }} + NEEDS_CHECK_OUTPUTS_STORAGE_RUN_JOB: ${{ needs.check.outputs.storage_run_job }} pod-lib-lint-abtesting: needs: check @@ -375,7 +391,7 @@ jobs: # Activate the service account for Metrics Service. scripts/decrypt_gha_secret.sh scripts/gha-encrypted/metrics_service_access.json.gpg \ - metrics-access.json "${{ env.METRICS_SERVICE_SECRET }}" + metrics-access.json "${METRICS_SERVICE_SECRET}" gcloud auth activate-service-account --key-file metrics-access.json - uses: actions/download-artifact@v2 id: download @@ -385,9 +401,10 @@ jobs: if: github.event.pull_request.merged != true && github.event.action != 'closed' && github.event.pull_request.head.repo.full_name == github.repository && github.event.pull_request.base.ref == 'master' env: base_commit: ${{ needs.check.outputs.target_branch_head }} + STEPS_DOWNLOAD_OUTPUTS_DOWNLOAD_PATH: ${{steps.download.outputs.download-path}} run: | # Get Head commit of the branch, instead of a merge commit created by actions/checkout. - if [ -d "${{steps.download.outputs.download-path}}" ]; then + if [ -d "${STEPS_DOWNLOAD_OUTPUTS_DOWNLOAD_PATH}" ]; then cd scripts/health_metrics/generate_code_coverage_report swift run CoverageReportGenerator --presubmit "firebase/firebase-ios-sdk" --head-commit "${GITHUB_SHA}" --token $(gcloud auth print-identity-token) --xcresult-dir "/Users/runner/test/codecoverage" --log-link "https://github.com/firebase/firebase-ios-sdk/actions/runs/${GITHUB_RUN_ID}" --pull-request-num ${{github.event.pull_request.number}} --base-commit "$base_commit" fi @@ -420,7 +437,9 @@ jobs: - name: Update New Coverage Data if: github.event.pull_request.merged && github.event.pull_request.head.repo.full_name == github.repository run: | - if [ -d "${{steps.download.outputs.download-path}}" ]; then + if [ -d "${STEPS_DOWNLOAD_OUTPUTS_DOWNLOAD_PATH}" ]; then cd scripts/health_metrics/generate_code_coverage_report - swift run CoverageReportGenerator --merge "firebase/firebase-ios-sdk" --head-commit "${GITHUB_SHA}" --token $(gcloud auth print-identity-token) --xcresult-dir "/Users/runner/test/codecoverage" --log-link "https://github.com/firebase/firebase-ios-sdk/actions/runs/${GITHUB_RUN_ID}" --source-branch "${{ github.base_ref }}" + swift run CoverageReportGenerator --merge "firebase/firebase-ios-sdk" --head-commit "${GITHUB_SHA}" --token $(gcloud auth print-identity-token) --xcresult-dir "/Users/runner/test/codecoverage" --log-link "https://github.com/firebase/firebase-ios-sdk/actions/runs/${GITHUB_RUN_ID}" --source-branch "${GITHUB_BASE_REF}" fi + env: + STEPS_DOWNLOAD_OUTPUTS_DOWNLOAD_PATH: ${{steps.download.outputs.download-path}} diff --git a/.github/workflows/health-metrics-release.yml b/.github/workflows/health-metrics-release.yml index d8ebb9a8be0..2c64ef0dcf9 100644 --- a/.github/workflows/health-metrics-release.yml +++ b/.github/workflows/health-metrics-release.yml @@ -25,7 +25,7 @@ jobs: scripts/decrypt_gha_secret.sh \ scripts/gha-encrypted/metrics_service_access.json.gpg \ service_account.json \ - "${{ env.gpg_passphrase }}" + "${GPG_PASSPHRASE}" gcloud auth activate-service-account --key-file service_account.json - name: Produce health metric diff reports uses: FirebaseExtended/github-actions/health-metrics/release-diffing@master diff --git a/.github/workflows/installations.yml b/.github/workflows/installations.yml index e2b527aca2c..575e0e6184e 100644 --- a/.github/workflows/installations.yml +++ b/.github/workflows/installations.yml @@ -44,9 +44,11 @@ jobs: run: echo "::set-output name=val::$([[ -z $plist_secret ]] && echo "0" || echo "1")" - name: Build and test run: | - export FIS_INTEGRATION_TESTS_REQUIRED=${{ steps.secrets.outputs.val }} + export FIS_INTEGRATION_TESTS_REQUIRED=${STEPS_SECRETS_OUTPUTS_VAL} scripts/third_party/travis/retry.sh scripts/pod_lib_lint.rb FirebaseInstallations.podspec \ --platforms=${{ matrix.target }} + env: + STEPS_SECRETS_OUTPUTS_VAL: ${{ steps.secrets.outputs.val }} spm: # Don't run on private repo unless it is a PR. if: (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || github.event_name == 'pull_request' @@ -154,6 +156,8 @@ jobs: run: echo "::set-output name=val::$([[ -z $plist_secret ]] && echo "0" || echo "1")" - name: PodLibLint Installations Cron run: | - export FIS_INTEGRATION_TESTS_REQUIRED=${{ steps.secrets.outputs.val }} + export FIS_INTEGRATION_TESTS_REQUIRED=${STEPS_SECRETS_OUTPUTS_VAL} scripts/third_party/travis/retry.sh scripts/pod_lib_lint.rb FirebaseInstallations.podspec \ --platforms=${{ matrix.target }} ${{ matrix.flags }} \ + env: + STEPS_SECRETS_OUTPUTS_VAL: ${{ steps.secrets.outputs.val }} diff --git a/.github/workflows/prerelease.yml b/.github/workflows/prerelease.yml index 146e2d4b510..665151c4226 100644 --- a/.github/workflows/prerelease.yml +++ b/.github/workflows/prerelease.yml @@ -132,7 +132,7 @@ jobs: bot-access.txt "$bot_token_secret" - name: Update SpecsTesting repo run: | - [[ ${{ matrix.allowwarnings }} == true ]] && ALLOWWARNINGS=true + [[ ${MATRIX_ALLOWWARNINGS} == true ]] && ALLOWWARNINGS=true botaccess=`cat bot-access.txt` cd scripts/create_spec_repo/ swift build @@ -147,6 +147,8 @@ jobs: --pod-sources 'https://${BOT_TOKEN}@github.com/Firebase/SpecsTesting' "https://github.com/firebase/SpecsDev.git" "https://github.com/firebase/SpecsStaging.git" "https://github.com/CocoaPods/Specs.git" \ --include-pods "${targeted_pod}" \ --keep-repo ${ALLOWWARNINGS:+--allow-warnings} + env: + MATRIX_ALLOWWARNINGS: ${{ matrix.allowwarnings }} - name: Clean Artifacts if: ${{ always() }} run: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 28a236524d0..e068afbc315 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -134,7 +134,7 @@ jobs: bot-access.txt "$bot_token_secret" - name: Update SpecsTesting repo run: | - [[ ${{ matrix.allowwarnings }} == true ]] && ALLOWWARNINGS=true + [[ ${MATRIX_ALLOWWARNINGS} == true ]] && ALLOWWARNINGS=true botaccess=`cat bot-access.txt` cd scripts/create_spec_repo/ swift build @@ -147,6 +147,8 @@ jobs: --pod-sources 'https://${BOT_TOKEN}@github.com/FirebasePrivate/SpecsTesting' "https://github.com/firebase/SpecsStaging.git" "https://github.com/CocoaPods/Specs.git" \ --include-pods "${targeted_pod}" \ --keep-repo ${ALLOWWARNINGS:+--allow-warnings} + env: + MATRIX_ALLOWWARNINGS: ${{ matrix.allowwarnings }} - name: Clean Artifacts if: ${{ always() }} run: | diff --git a/.github/workflows/update-cpp-sdk-on-release.yml b/.github/workflows/update-cpp-sdk-on-release.yml index e4acadb70f8..f8e6e8fdde1 100644 --- a/.github/workflows/update-cpp-sdk-on-release.yml +++ b/.github/workflows/update-cpp-sdk-on-release.yml @@ -81,4 +81,6 @@ jobs: - name: Trigger firebase-cpp-sdk update run: | pip install -r scripts/gha/python_requirements.txt - python scripts/gha/trigger_workflow.py -t ${{ steps.generate-token.outputs.token }} -w update-dependencies.yml -p updateAndroid 0 -p updateiOS 1 -p comment "[Triggered]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID) by [firebase-ios-sdk $GITHUB_REF release]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/releases/tag/$GITHUB_REF)." -s 10 -A + python scripts/gha/trigger_workflow.py -t ${STEPS_GENERATE_TOKEN_OUTPUTS_TOKEN} -w update-dependencies.yml -p updateAndroid 0 -p updateiOS 1 -p comment "[Triggered]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/actions/runs/$GITHUB_RUN_ID) by [firebase-ios-sdk $GITHUB_REF release]($GITHUB_SERVER_URL/$GITHUB_REPOSITORY/releases/tag/$GITHUB_REF)." -s 10 -A + env: + STEPS_GENERATE_TOKEN_OUTPUTS_TOKEN: ${{ steps.generate-token.outputs.token }}