From 088d1cbd856d54cea7cd1dcdbe2b01136a9e1ebe Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Wed, 24 Sep 2025 13:25:54 +0200 Subject: [PATCH 01/14] Cleanup PR template --- .github/PULL_REQUEST_TEMPLATE.md | 63 ++++---------------------------- 1 file changed, 8 insertions(+), 55 deletions(-) diff --git a/.github/PULL_REQUEST_TEMPLATE.md b/.github/PULL_REQUEST_TEMPLATE.md index e2637cb..652c189 100644 --- a/.github/PULL_REQUEST_TEMPLATE.md +++ b/.github/PULL_REQUEST_TEMPLATE.md @@ -6,69 +6,22 @@ -- [ ] ๐Ÿ› Bug fix (non-breaking change which fixes an issue) -- [ ] โœจ New feature (non-breaking change which adds functionality) -- [ ] ๐Ÿ’ฅ Breaking change (fix or feature that would cause existing functionality to not work as expected) -- [ ] ๐Ÿ“š Documentation update -- [ ] ๐Ÿงน Code cleanup/refactoring -- [ ] ๐Ÿงช Test improvements -- [ ] ๐Ÿ”ง Build/CI improvements - -## Changes Made - - - -- -- -- - -## Testing - - - -- [ ] I have tested these changes locally -- [ ] I have added/updated unit tests -- [ ] I have tested on multiple platforms (if applicable) -- [ ] I have tested with verbose mode enabled (if applicable) - -### Platforms Tested - - - -- [ ] iOS -- [ ] iPadOS -- [ ] macOS -- [ ] tvOS -- [ ] watchOS -- [ ] visionOS +- [ ] Bug fix (non-breaking change which fixes an issue) +- [ ] New feature (non-breaking change which adds functionality) +- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) +- [ ] Documentation update +- [ ] Code cleanup/refactoring +- [ ] Test improvements +- [ ] Build/CI improvements ## Screenshots/Logs -``` - -``` - ## Checklist -- [ ] My code follows the existing code style -- [ ] I have performed a self-review of my own code -- [ ] I have commented my code, particularly in hard-to-understand areas -- [ ] I have made corresponding changes to the documentation (if applicable) -- [ ] My changes generate no new warnings - [ ] I have added tests that prove my fix is effective or that my feature works - [ ] New and existing unit tests pass locally with my changes -- [ ] I have updated the CHANGELOG.md (if applicable) - -## Related Issues - - - -- - -## Additional Notes - - +- [ ] I have updated the CHANGELOG.md (if applicable) \ No newline at end of file From 4136daa81ff2b0630fbcaff7feb4d8ad2010a1f0 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 13:49:47 +0200 Subject: [PATCH 02/14] wip --- .github/dependabot.yml | 29 +++++ .github/workflows/ci.yml | 195 ++++++++++++++++++++++++++++ .github/workflows/documentation.yml | 75 +++++++++++ .github/workflows/release.yml | 75 +++++++++++ .github/workflows/security.yml | 46 +++++++ CI_SETUP.md | 150 +++++++++++++++++++++ codecov.yml | 36 +++++ 7 files changed, 606 insertions(+) create mode 100644 .github/dependabot.yml create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/documentation.yml create mode 100644 .github/workflows/release.yml create mode 100644 .github/workflows/security.yml create mode 100644 CI_SETUP.md create mode 100644 codecov.yml diff --git a/.github/dependabot.yml b/.github/dependabot.yml new file mode 100644 index 0000000..23ab0c5 --- /dev/null +++ b/.github/dependabot.yml @@ -0,0 +1,29 @@ +version: 2 +updates: + - package-ecosystem: "swift" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 10 + labels: + - "dependencies" + - "swift" + commit-message: + prefix: "chore" + include: "scope" + + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "monday" + time: "09:00" + open-pull-requests-limit: 5 + labels: + - "github-actions" + - "dependencies" + commit-message: + prefix: "ci" + include: "scope" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 0000000..d226e24 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,195 @@ +name: CI + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + +concurrency: + group: ${{ github.workflow }}-${{ github.ref }} + cancel-in-progress: true + +jobs: + test: + name: Test + strategy: + matrix: + include: + # macOS + - os: macos-14 + platform: macos + swift: "6.0" + xcode: "16.1" + - os: macos-13 + platform: macos + swift: "5.9" + xcode: "15.4" + + # iOS Simulator + - os: macos-14 + platform: ios-simulator + swift: "6.0" + xcode: "16.1" + destination: "platform=iOS Simulator,name=iPhone 15,OS=18.1" + - os: macos-13 + platform: ios-simulator + swift: "5.9" + xcode: "15.4" + destination: "platform=iOS Simulator,name=iPhone 15,OS=17.5" + + # tvOS Simulator + - os: macos-14 + platform: tvos-simulator + swift: "6.0" + xcode: "16.1" + destination: "platform=tvOS Simulator,name=Apple TV,OS=18.1" + + # watchOS Simulator + - os: macos-14 + platform: watchos-simulator + swift: "6.0" + xcode: "16.1" + destination: "platform=watchOS Simulator,name=Apple Watch Series 10 (46mm),OS=11.1" + + # visionOS Simulator (only on newer Xcode versions) + - os: macos-14 + platform: visionos-simulator + swift: "6.0" + xcode: "16.1" + destination: "platform=visionOS Simulator,name=Apple Vision Pro,OS=2.1" + + runs-on: ${{ matrix.os }} + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Select Xcode Version + run: sudo xcode-select -s /Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer + + - name: Show Swift Version + run: swift --version + + - name: Show Xcode Version + run: xcodebuild -version + + - name: Cache Swift Package Manager + uses: actions/cache@v4 + with: + path: | + ~/Library/Caches/org.swift.swiftpm/ + ~/.cache/org.swift.swiftpm/ + key: ${{ runner.os }}-spm-${{ hashFiles('**/Package.resolved') }} + restore-keys: | + ${{ runner.os }}-spm- + + - name: Resolve Dependencies + run: swift package resolve + + - name: Build (macOS) + if: matrix.platform == 'macos' + run: swift build --verbose + + - name: Test (macOS) + if: matrix.platform == 'macos' + run: | + swift test --verbose --enable-code-coverage --parallel + env: + SWIFTUI_DEBUG_SCAN_VERBOSE: "1" + + - name: Build (iOS/tvOS/watchOS/visionOS Simulator) + if: matrix.platform != 'macos' + run: | + xcodebuild build \ + -scheme SwiftUIDebugScan \ + -destination "${{ matrix.destination }}" \ + -skipPackagePluginValidation \ + -skipMacroValidation \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO + + - name: Test (iOS/tvOS/watchOS/visionOS Simulator) + if: matrix.platform != 'macos' + run: | + xcodebuild test \ + -scheme SwiftUIDebugScan \ + -destination "${{ matrix.destination }}" \ + -skipPackagePluginValidation \ + -skipMacroValidation \ + -resultBundlePath TestResults \ + CODE_SIGNING_REQUIRED=NO \ + CODE_SIGNING_ALLOWED=NO \ + ENABLE_CODE_COVERAGE=YES + env: + SWIFTUI_DEBUG_SCAN_VERBOSE: "1" + + - name: Generate Code Coverage (macOS only) + if: matrix.platform == 'macos' && matrix.swift == '6.0' + run: | + xcrun llvm-cov export \ + .build/debug/swift-ui-debug-scanPackageTests.xctest/Contents/MacOS/swift-ui-debug-scanPackageTests \ + -instr-profile .build/debug/codecov/default.profdata \ + -format="lcov" > coverage.lcov + + - name: Upload Code Coverage + if: matrix.platform == 'macos' && matrix.swift == '6.0' + uses: codecov/codecov-action@v4 + with: + file: coverage.lcov + fail_ci_if_error: false + verbose: true + + lint: + name: Swift Format & Lint + runs-on: macos-14 + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Select Xcode Version + run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer + + - name: Check Swift Format + run: | + # Install swift-format if not available + if ! command -v swift-format &> /dev/null; then + echo "swift-format not found, installing..." + git clone https://github.com/apple/swift-format.git + cd swift-format + swift build -c release + sudo cp .build/release/swift-format /usr/local/bin/ + cd .. + rm -rf swift-format + fi + + # Check formatting (non-destructive) + swift-format --recursive Sources Tests --mode diff + + - name: Swift Package Validation + run: swift package diagnose + + documentation: + name: Documentation + runs-on: macos-14 + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Select Xcode Version + run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer + + - name: Build Documentation + run: | + swift package generate-documentation \ + --target SwiftUIDebugScan \ + --output-path ./docs \ + --hosting-base-path swift-ui-debug-scan + + - name: Upload Documentation Artifact + uses: actions/upload-artifact@v4 + with: + name: documentation + path: docs/ diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml new file mode 100644 index 0000000..94a07a7 --- /dev/null +++ b/.github/workflows/documentation.yml @@ -0,0 +1,75 @@ +name: Deploy Documentation + +on: + push: + branches: [ main ] + release: + types: [published] + workflow_dispatch: # Allow manual triggering + +permissions: + contents: read + pages: write + id-token: write + +concurrency: + group: "pages" + cancel-in-progress: false + +jobs: + build-docs: + name: Build Documentation + runs-on: macos-14 + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Select Xcode Version + run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer + + - name: Setup Pages + uses: actions/configure-pages@v4 + + - name: Cache Swift Package Manager + uses: actions/cache@v4 + with: + path: | + ~/Library/Caches/org.swift.swiftpm/ + ~/.cache/org.swift.swiftpm/ + key: ${{ runner.os }}-spm-docs-${{ hashFiles('**/Package.resolved') }} + restore-keys: | + ${{ runner.os }}-spm-docs- + ${{ runner.os }}-spm- + + - name: Resolve Dependencies + run: swift package resolve + + - name: Build Documentation + run: | + # Ensure target builds first + swift build --target SwiftUIDebugScan + + # Generate documentation + swift package generate-documentation \ + --target SwiftUIDebugScan \ + --output-path ./docs \ + --hosting-base-path swift-ui-debug-scan \ + --transform-for-static-hosting + + - name: Upload Documentation Artifact + uses: actions/upload-pages-artifact@v3 + with: + path: ./docs + + deploy: + name: Deploy to GitHub Pages + environment: + name: github-pages + url: ${{ steps.deployment.outputs.page_url }} + runs-on: ubuntu-latest + needs: build-docs + steps: + - name: Deploy to GitHub Pages + id: deployment + uses: actions/deploy-pages@v4 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000..e0072e5 --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,75 @@ +name: Release + +on: + push: + tags: + - '*' + +jobs: + release: + name: Create Release + runs-on: macos-14 + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Select Xcode Version + run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer + + - name: Validate Package + run: | + swift package resolve + swift build --configuration release + swift test --configuration release + + - name: Build Documentation + run: | + swift package generate-documentation \ + --target SwiftUIDebugScan \ + --output-path ./docs \ + --hosting-base-path swift-ui-debug-scan + + - name: Create Release Archive + run: | + # Create source archive + git archive --format=zip --prefix=swift-ui-debug-scan-${{ github.ref_name }}/ HEAD > swift-ui-debug-scan-${{ github.ref_name }}.zip + + # Create documentation archive + cd docs && zip -r ../swift-ui-debug-scan-docs-${{ github.ref_name }}.zip . && cd .. + + - name: Extract Release Notes + id: extract-release-notes + run: | + # Try to extract release notes from CHANGELOG.md if it exists + if [ -f CHANGELOG.md ]; then + # Extract content between the first two version headers + VERSION_LINE=$(grep -n "^## \[*${{ github.ref_name }}" CHANGELOG.md | head -1 | cut -d: -f1) + if [ ! -z "$VERSION_LINE" ]; then + NEXT_VERSION_LINE=$(tail -n +$((VERSION_LINE + 1)) CHANGELOG.md | grep -n "^## " | head -1 | cut -d: -f1) + if [ ! -z "$NEXT_VERSION_LINE" ]; then + NEXT_VERSION_LINE=$((VERSION_LINE + NEXT_VERSION_LINE)) + sed -n "${VERSION_LINE},${NEXT_VERSION_LINE}p" CHANGELOG.md | head -n -1 | tail -n +2 > release_notes.md + else + sed -n "${VERSION_LINE},$p" CHANGELOG.md | tail -n +2 > release_notes.md + fi + else + echo "Release ${{ github.ref_name }}" > release_notes.md + echo "See CHANGELOG.md for details." >> release_notes.md + fi + else + echo "Release ${{ github.ref_name }}" > release_notes.md + fi + + - name: Create GitHub Release + uses: softprops/action-gh-release@v2 + with: + name: ${{ github.ref_name }} + body_path: release_notes.md + files: | + swift-ui-debug-scan-${{ github.ref_name }}.zip + swift-ui-debug-scan-docs-${{ github.ref_name }}.zip + draft: false + prerelease: ${{ contains(github.ref_name, 'alpha') || contains(github.ref_name, 'beta') || contains(github.ref_name, 'rc') }} + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..927c3cf --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,46 @@ +name: Security + +on: + push: + branches: [ main ] + pull_request: + branches: [ main ] + schedule: + # Run weekly security scans + - cron: '0 2 * * 1' + +jobs: + codeql: + name: CodeQL Analysis + runs-on: macos-14 + permissions: + actions: read + contents: read + security-events: write + + strategy: + fail-fast: false + matrix: + language: [ 'swift' ] + + steps: + - name: Checkout + uses: actions/checkout@v4 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + + - name: Select Xcode Version + run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer + + - name: Build for CodeQL + run: | + swift package resolve + swift build --configuration release + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/CI_SETUP.md b/CI_SETUP.md new file mode 100644 index 0000000..e0fd0e6 --- /dev/null +++ b/CI_SETUP.md @@ -0,0 +1,150 @@ +# CI/CD Setup Documentation + +This document explains the Continuous Integration and Continuous Deployment setup for the swift-ui-debug-scan project. + +## Workflows + +### 1. Main CI Workflow (`.github/workflows/ci.yml`) + +**Triggers**: Pull requests and pushes to main branch +**Purpose**: Run tests and build validation across multiple platforms + +**Test Matrix**: +- **macOS**: Tests on macOS 13 (Xcode 15.4/Swift 5.9) and macOS 14 (Xcode 16.1/Swift 6.0) +- **iOS Simulator**: iPhone 15 on iOS 17.5 and 18.1 +- **tvOS Simulator**: Apple TV on tvOS 18.1 +- **watchOS Simulator**: Apple Watch Series 10 on watchOS 11.1 +- **visionOS Simulator**: Apple Vision Pro on visionOS 2.1 + +**Features**: +- Swift Package Manager caching for faster builds +- Code coverage collection (macOS only) with lcov export +- Parallel testing where supported +- Upload to Codecov for coverage reporting +- Verbose testing with `SWIFTUI_DEBUG_SCAN_VERBOSE=1` + +### 2. Code Quality Workflow (`.github/workflows/ci.yml` - lint job) + +**Purpose**: Maintain code quality and standards + +**Checks**: +- Swift Format validation (non-destructive) +- Swift Package validation with diagnostics +- Dependency auditing + +### 3. Release Workflow (`.github/workflows/release.yml`) + +**Triggers**: Git tags (any tag pattern) +**Purpose**: Automated releases when tags are pushed + +**Features**: +- Full validation (build + test) before release +- Documentation generation and packaging +- Source archive creation +- Release notes extraction from CHANGELOG.md +- GitHub release creation with artifacts +- Prerelease detection (alpha, beta, rc tags) + +### 4. Documentation Workflow (`.github/workflows/documentation.yml`) + +**Triggers**: Main branch pushes, releases, and manual dispatch +**Purpose**: Generate and deploy documentation to GitHub Pages + +**Features**: +- Swift DocC documentation generation +- GitHub Pages deployment +- Static hosting transformation +- Swift Package Manager caching + +### 5. Security Workflows (`.github/workflows/security.yml`) + +**Triggers**: PRs, main branch pushes, and weekly schedule +**Purpose**: Security scanning and vulnerability detection + +**Features**: +- Dependency security auditing +- CodeQL static analysis for Swift code +- SARIF results upload +- Weekly automated security scans + +## Configuration Files + +### Dependabot (`.github/dependabot.yml`) + +**Purpose**: Automated dependency updates +**Features**: +- Weekly Swift package updates +- Weekly GitHub Actions updates +- Proper labeling and commit message formatting +- Controlled PR limits + +### Code Coverage (`codecov.yml`) + +**Purpose**: Coverage reporting configuration +**Features**: +- Project coverage target: 80% +- Patch coverage target: 80% +- Test files excluded from coverage +- Branch detection for conditionals and loops + +## Key Features Inspired by member-ios-app + +1. **Comprehensive Platform Testing**: Tests on all supported Apple platforms +2. **Matrix Strategy**: Multiple Swift/Xcode version combinations +3. **Caching**: Aggressive SPM caching for performance +4. **Security**: Weekly security scans and dependency auditing +5. **Documentation**: Automated doc generation and deployment +6. **Release Automation**: Comprehensive release process with artifacts + +## Environment Variables Used + +- `SWIFTUI_DEBUG_SCAN_VERBOSE`: Enables verbose test logging +- `GITHUB_TOKEN`: For GitHub API access (automatic) +- Various Codecov and security scanning tokens (configured via secrets) + +## Differences from Private Repository Patterns + +Since this is an open-source project, several adaptations were made: + +1. **No Private Dependencies**: No access to private certificate repos or internal tools +2. **Simplified Release Process**: Using GitHub Releases instead of internal distribution +3. **Public Security Scanning**: Using GitHub's built-in security features +4. **Community Standards**: Following open-source contribution patterns + +## Usage + +### Running Tests Locally +```bash +swift test --verbose +SWIFTUI_DEBUG_SCAN_VERBOSE=1 swift test +``` + +### Building Release Version +```bash +swift build --configuration release +``` + +### Creating a Release +1. Update CHANGELOG.md with release notes +2. Create and push a git tag: + ```bash + git tag v1.0.0 + git push origin v1.0.0 + ``` +3. GitHub Actions will automatically create the release + +### Manual Documentation Build +```bash +swift package generate-documentation \ + --target SwiftUIDebugScan \ + --output-path ./docs \ + --hosting-base-path swift-ui-debug-scan +``` + +## Monitoring and Maintenance + +- **CI Status**: Monitor via GitHub Actions tab +- **Coverage**: Check Codecov reports on PRs +- **Security**: Review weekly security scan results +- **Dependencies**: Dependabot will create PRs for updates +- **Documentation**: Auto-updated on main branch changes \ No newline at end of file diff --git a/codecov.yml b/codecov.yml new file mode 100644 index 0000000..8113c07 --- /dev/null +++ b/codecov.yml @@ -0,0 +1,36 @@ +codecov: + require_ci_to_pass: true + notify: + wait_for_ci: true + +coverage: + precision: 2 + round: down + status: + project: + default: + target: 80% + threshold: 5% + informational: false + patch: + default: + target: 80% + threshold: 10% + informational: false + +parsers: + gcov: + branch_detection: + conditional: yes + loop: yes + method: no + macro: no + +comment: + layout: "reach,diff,flags,tree" + behavior: default + require_changes: false + +ignore: + - "Tests/**/*" # Ignore test files from coverage + - "**/*.generated.swift" # Ignore generated files From 16b9d7a407e5fa5e488088a3dc194463567cd86b Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 13:55:29 +0200 Subject: [PATCH 03/14] Add badges to readme --- README.md | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/README.md b/README.md index af79d53..381fe2f 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,12 @@ # swift-ui-debug-scan +[![CI](https://github.com/ConsultingMD/swift-ui-debug-scan/workflows/CI/badge.svg)](https://github.com/ConsultingMD/swift-ui-debug-scan/actions/workflows/ci.yml) +[![Release](https://img.shields.io/github/v/release/ConsultingMD/swift-ui-debug-scan)](https://github.com/ConsultingMD/swift-ui-debug-scan/releases) +[![codecov](https://codecov.io/gh/ConsultingMD/swift-ui-debug-scan/branch/main/graph/badge.svg)](https://codecov.io/gh/ConsultingMD/swift-ui-debug-scan) +[![Documentation](https://img.shields.io/badge/docs-available-brightgreen)](https://consultingmd.github.io/swift-ui-debug-scan/) +[![Swift Package Manager](https://img.shields.io/badge/Swift%20Package%20Manager-compatible-brightgreen.svg)](https://github.com/apple/swift-package-manager) +[![Platforms](https://img.shields.io/badge/platforms-iOS%20%7C%20macOS%20%7C%20tvOS%20%7C%20watchOS%20%7C%20visionOS-lightgrey.svg)](https://github.com/ConsultingMD/swift-ui-debug-scan) + A Swift package designed to enhance your debugging experience with SwiftUI views by providing detailed and structured debug logging. From ca6efc3677ef9abf9431a8da322b8e4f8980acd9 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 14:10:06 +0200 Subject: [PATCH 04/14] Remove doc generating and leave that for later --- .github/workflows/ci.yml | 24 --------- .github/workflows/documentation.yml | 75 ----------------------------- .github/workflows/release.yml | 11 ----- CI_SETUP.md | 28 ++--------- README.md | 1 - 5 files changed, 3 insertions(+), 136 deletions(-) delete mode 100644 .github/workflows/documentation.yml diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index d226e24..ba289e5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -169,27 +169,3 @@ jobs: - name: Swift Package Validation run: swift package diagnose - - documentation: - name: Documentation - runs-on: macos-14 - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Select Xcode Version - run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer - - - name: Build Documentation - run: | - swift package generate-documentation \ - --target SwiftUIDebugScan \ - --output-path ./docs \ - --hosting-base-path swift-ui-debug-scan - - - name: Upload Documentation Artifact - uses: actions/upload-artifact@v4 - with: - name: documentation - path: docs/ diff --git a/.github/workflows/documentation.yml b/.github/workflows/documentation.yml deleted file mode 100644 index 94a07a7..0000000 --- a/.github/workflows/documentation.yml +++ /dev/null @@ -1,75 +0,0 @@ -name: Deploy Documentation - -on: - push: - branches: [ main ] - release: - types: [published] - workflow_dispatch: # Allow manual triggering - -permissions: - contents: read - pages: write - id-token: write - -concurrency: - group: "pages" - cancel-in-progress: false - -jobs: - build-docs: - name: Build Documentation - runs-on: macos-14 - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Select Xcode Version - run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer - - - name: Setup Pages - uses: actions/configure-pages@v4 - - - name: Cache Swift Package Manager - uses: actions/cache@v4 - with: - path: | - ~/Library/Caches/org.swift.swiftpm/ - ~/.cache/org.swift.swiftpm/ - key: ${{ runner.os }}-spm-docs-${{ hashFiles('**/Package.resolved') }} - restore-keys: | - ${{ runner.os }}-spm-docs- - ${{ runner.os }}-spm- - - - name: Resolve Dependencies - run: swift package resolve - - - name: Build Documentation - run: | - # Ensure target builds first - swift build --target SwiftUIDebugScan - - # Generate documentation - swift package generate-documentation \ - --target SwiftUIDebugScan \ - --output-path ./docs \ - --hosting-base-path swift-ui-debug-scan \ - --transform-for-static-hosting - - - name: Upload Documentation Artifact - uses: actions/upload-pages-artifact@v3 - with: - path: ./docs - - deploy: - name: Deploy to GitHub Pages - environment: - name: github-pages - url: ${{ steps.deployment.outputs.page_url }} - runs-on: ubuntu-latest - needs: build-docs - steps: - - name: Deploy to GitHub Pages - id: deployment - uses: actions/deploy-pages@v4 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e0072e5..8b276ea 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -23,21 +23,11 @@ jobs: swift build --configuration release swift test --configuration release - - name: Build Documentation - run: | - swift package generate-documentation \ - --target SwiftUIDebugScan \ - --output-path ./docs \ - --hosting-base-path swift-ui-debug-scan - - name: Create Release Archive run: | # Create source archive git archive --format=zip --prefix=swift-ui-debug-scan-${{ github.ref_name }}/ HEAD > swift-ui-debug-scan-${{ github.ref_name }}.zip - # Create documentation archive - cd docs && zip -r ../swift-ui-debug-scan-docs-${{ github.ref_name }}.zip . && cd .. - - name: Extract Release Notes id: extract-release-notes run: | @@ -68,7 +58,6 @@ jobs: body_path: release_notes.md files: | swift-ui-debug-scan-${{ github.ref_name }}.zip - swift-ui-debug-scan-docs-${{ github.ref_name }}.zip draft: false prerelease: ${{ contains(github.ref_name, 'alpha') || contains(github.ref_name, 'beta') || contains(github.ref_name, 'rc') }} env: diff --git a/CI_SETUP.md b/CI_SETUP.md index e0fd0e6..11750b7 100644 --- a/CI_SETUP.md +++ b/CI_SETUP.md @@ -39,24 +39,12 @@ This document explains the Continuous Integration and Continuous Deployment setu **Features**: - Full validation (build + test) before release -- Documentation generation and packaging - Source archive creation - Release notes extraction from CHANGELOG.md - GitHub release creation with artifacts - Prerelease detection (alpha, beta, rc tags) -### 4. Documentation Workflow (`.github/workflows/documentation.yml`) - -**Triggers**: Main branch pushes, releases, and manual dispatch -**Purpose**: Generate and deploy documentation to GitHub Pages - -**Features**: -- Swift DocC documentation generation -- GitHub Pages deployment -- Static hosting transformation -- Swift Package Manager caching - -### 5. Security Workflows (`.github/workflows/security.yml`) +### 4. Security Workflows (`.github/workflows/security.yml`) **Triggers**: PRs, main branch pushes, and weekly schedule **Purpose**: Security scanning and vulnerability detection @@ -93,8 +81,7 @@ This document explains the Continuous Integration and Continuous Deployment setu 2. **Matrix Strategy**: Multiple Swift/Xcode version combinations 3. **Caching**: Aggressive SPM caching for performance 4. **Security**: Weekly security scans and dependency auditing -5. **Documentation**: Automated doc generation and deployment -6. **Release Automation**: Comprehensive release process with artifacts +5. **Release Automation**: Comprehensive release process with artifacts ## Environment Variables Used @@ -133,18 +120,9 @@ swift build --configuration release ``` 3. GitHub Actions will automatically create the release -### Manual Documentation Build -```bash -swift package generate-documentation \ - --target SwiftUIDebugScan \ - --output-path ./docs \ - --hosting-base-path swift-ui-debug-scan -``` - ## Monitoring and Maintenance - **CI Status**: Monitor via GitHub Actions tab - **Coverage**: Check Codecov reports on PRs - **Security**: Review weekly security scan results -- **Dependencies**: Dependabot will create PRs for updates -- **Documentation**: Auto-updated on main branch changes \ No newline at end of file +- **Dependencies**: Dependabot will create PRs for updates \ No newline at end of file diff --git a/README.md b/README.md index 381fe2f..03d1cc8 100644 --- a/README.md +++ b/README.md @@ -3,7 +3,6 @@ [![CI](https://github.com/ConsultingMD/swift-ui-debug-scan/workflows/CI/badge.svg)](https://github.com/ConsultingMD/swift-ui-debug-scan/actions/workflows/ci.yml) [![Release](https://img.shields.io/github/v/release/ConsultingMD/swift-ui-debug-scan)](https://github.com/ConsultingMD/swift-ui-debug-scan/releases) [![codecov](https://codecov.io/gh/ConsultingMD/swift-ui-debug-scan/branch/main/graph/badge.svg)](https://codecov.io/gh/ConsultingMD/swift-ui-debug-scan) -[![Documentation](https://img.shields.io/badge/docs-available-brightgreen)](https://consultingmd.github.io/swift-ui-debug-scan/) [![Swift Package Manager](https://img.shields.io/badge/Swift%20Package%20Manager-compatible-brightgreen.svg)](https://github.com/apple/swift-package-manager) [![Platforms](https://img.shields.io/badge/platforms-iOS%20%7C%20macOS%20%7C%20tvOS%20%7C%20watchOS%20%7C%20visionOS-lightgrey.svg)](https://github.com/ConsultingMD/swift-ui-debug-scan) From c9583e791607c71de91e0e06cced2316439a772d Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 14:18:11 +0200 Subject: [PATCH 05/14] Downgrade xcode so its available on the runners --- .github/workflows/ci.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ba289e5..828e23e 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -24,7 +24,7 @@ jobs: - os: macos-13 platform: macos swift: "5.9" - xcode: "15.4" + xcode: "15.2" # iOS Simulator - os: macos-14 @@ -35,7 +35,7 @@ jobs: - os: macos-13 platform: ios-simulator swift: "5.9" - xcode: "15.4" + xcode: "15.2" destination: "platform=iOS Simulator,name=iPhone 15,OS=17.5" # tvOS Simulator From 2c4acd09d77956d19905ed0975c4162770995b41 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 14:22:26 +0200 Subject: [PATCH 06/14] wip --- .github/workflows/ci.yml | 9 --------- 1 file changed, 9 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 828e23e..5ebd1c7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -21,10 +21,6 @@ jobs: platform: macos swift: "6.0" xcode: "16.1" - - os: macos-13 - platform: macos - swift: "5.9" - xcode: "15.2" # iOS Simulator - os: macos-14 @@ -32,11 +28,6 @@ jobs: swift: "6.0" xcode: "16.1" destination: "platform=iOS Simulator,name=iPhone 15,OS=18.1" - - os: macos-13 - platform: ios-simulator - swift: "5.9" - xcode: "15.2" - destination: "platform=iOS Simulator,name=iPhone 15,OS=17.5" # tvOS Simulator - os: macos-14 From d1a32c7bd1cc49b9756faf1484006ec1d130ca01 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 14:27:43 +0200 Subject: [PATCH 07/14] wip --- .github/workflows/ci.yml | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5ebd1c7..4c82e97 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -78,6 +78,12 @@ jobs: - name: Resolve Dependencies run: swift package resolve + - name: List Available Schemes (Debug) + if: matrix.platform != 'macos' + run: | + echo "=== Available schemes ===" + xcodebuild -list || echo "Could not list schemes" + - name: Build (macOS) if: matrix.platform == 'macos' run: swift build --verbose @@ -93,7 +99,7 @@ jobs: if: matrix.platform != 'macos' run: | xcodebuild build \ - -scheme SwiftUIDebugScan \ + -scheme swift-ui-debug-scan \ -destination "${{ matrix.destination }}" \ -skipPackagePluginValidation \ -skipMacroValidation \ @@ -104,7 +110,7 @@ jobs: if: matrix.platform != 'macos' run: | xcodebuild test \ - -scheme SwiftUIDebugScan \ + -scheme swift-ui-debug-scan \ -destination "${{ matrix.destination }}" \ -skipPackagePluginValidation \ -skipMacroValidation \ From f21d7a3aaac99cfccb1c2cfccdffcf462b7da17a Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 14:35:38 +0200 Subject: [PATCH 08/14] wip --- .github/workflows/ci.yml | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 4c82e97..7f84a75 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,28 +27,21 @@ jobs: platform: ios-simulator swift: "6.0" xcode: "16.1" - destination: "platform=iOS Simulator,name=iPhone 15,OS=18.1" + destination: "platform=iOS Simulator,name=iPhone 15,OS=latest" # tvOS Simulator - os: macos-14 platform: tvos-simulator swift: "6.0" xcode: "16.1" - destination: "platform=tvOS Simulator,name=Apple TV,OS=18.1" - - # watchOS Simulator - - os: macos-14 - platform: watchos-simulator - swift: "6.0" - xcode: "16.1" - destination: "platform=watchOS Simulator,name=Apple Watch Series 10 (46mm),OS=11.1" + destination: "platform=tvOS Simulator,name=Apple TV,OS=latest" # visionOS Simulator (only on newer Xcode versions) - os: macos-14 platform: visionos-simulator swift: "6.0" xcode: "16.1" - destination: "platform=visionOS Simulator,name=Apple Vision Pro,OS=2.1" + destination: "platform=visionOS Simulator,name=Apple Vision Pro,OS=latest" runs-on: ${{ matrix.os }} @@ -78,12 +71,6 @@ jobs: - name: Resolve Dependencies run: swift package resolve - - name: List Available Schemes (Debug) - if: matrix.platform != 'macos' - run: | - echo "=== Available schemes ===" - xcodebuild -list || echo "Could not list schemes" - - name: Build (macOS) if: matrix.platform == 'macos' run: swift build --verbose From b80b006a14315508f6ec78660a12d55a81902844 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 14:40:09 +0200 Subject: [PATCH 09/14] wip --- .github/workflows/ci.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7f84a75..f1fbbdd 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -27,21 +27,21 @@ jobs: platform: ios-simulator swift: "6.0" xcode: "16.1" - destination: "platform=iOS Simulator,name=iPhone 15,OS=latest" + destination: "platform=iOS Simulator,name=Any iOS Simulator Device" # tvOS Simulator - os: macos-14 platform: tvos-simulator swift: "6.0" xcode: "16.1" - destination: "platform=tvOS Simulator,name=Apple TV,OS=latest" + destination: "platform=tvOS Simulator,name=Any tvOS Simulator Device" - # visionOS Simulator (only on newer Xcode versions) + # visionOS Simulator - os: macos-14 platform: visionos-simulator swift: "6.0" xcode: "16.1" - destination: "platform=visionOS Simulator,name=Apple Vision Pro,OS=latest" + destination: "platform=visionOS Simulator,name=Any visionOS Simulator Device" runs-on: ${{ matrix.os }} From af4f31b4a56308a821e288d309a764b3fc05c53e Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 14:48:14 +0200 Subject: [PATCH 10/14] Simplify test jobs --- .github/workflows/ci.yml | 73 ++++------------------------------------ 1 file changed, 6 insertions(+), 67 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f1fbbdd..c14fef7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -13,44 +13,14 @@ concurrency: jobs: test: name: Test - strategy: - matrix: - include: - # macOS - - os: macos-14 - platform: macos - swift: "6.0" - xcode: "16.1" - - # iOS Simulator - - os: macos-14 - platform: ios-simulator - swift: "6.0" - xcode: "16.1" - destination: "platform=iOS Simulator,name=Any iOS Simulator Device" - - # tvOS Simulator - - os: macos-14 - platform: tvos-simulator - swift: "6.0" - xcode: "16.1" - destination: "platform=tvOS Simulator,name=Any tvOS Simulator Device" - - # visionOS Simulator - - os: macos-14 - platform: visionos-simulator - swift: "6.0" - xcode: "16.1" - destination: "platform=visionOS Simulator,name=Any visionOS Simulator Device" - - runs-on: ${{ matrix.os }} + runs-on: macos-14 steps: - name: Checkout uses: actions/checkout@v4 - name: Select Xcode Version - run: sudo xcode-select -s /Applications/Xcode_${{ matrix.xcode }}.app/Contents/Developer + run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer - name: Show Swift Version run: swift --version @@ -71,45 +41,15 @@ jobs: - name: Resolve Dependencies run: swift package resolve - - name: Build (macOS) - if: matrix.platform == 'macos' + - name: Build run: swift build --verbose - - name: Test (macOS) - if: matrix.platform == 'macos' - run: | - swift test --verbose --enable-code-coverage --parallel - env: - SWIFTUI_DEBUG_SCAN_VERBOSE: "1" - - - name: Build (iOS/tvOS/watchOS/visionOS Simulator) - if: matrix.platform != 'macos' - run: | - xcodebuild build \ - -scheme swift-ui-debug-scan \ - -destination "${{ matrix.destination }}" \ - -skipPackagePluginValidation \ - -skipMacroValidation \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO - - - name: Test (iOS/tvOS/watchOS/visionOS Simulator) - if: matrix.platform != 'macos' - run: | - xcodebuild test \ - -scheme swift-ui-debug-scan \ - -destination "${{ matrix.destination }}" \ - -skipPackagePluginValidation \ - -skipMacroValidation \ - -resultBundlePath TestResults \ - CODE_SIGNING_REQUIRED=NO \ - CODE_SIGNING_ALLOWED=NO \ - ENABLE_CODE_COVERAGE=YES + - name: Test + run: swift test --verbose --enable-code-coverage --parallel env: SWIFTUI_DEBUG_SCAN_VERBOSE: "1" - - name: Generate Code Coverage (macOS only) - if: matrix.platform == 'macos' && matrix.swift == '6.0' + - name: Generate Code Coverage run: | xcrun llvm-cov export \ .build/debug/swift-ui-debug-scanPackageTests.xctest/Contents/MacOS/swift-ui-debug-scanPackageTests \ @@ -117,7 +57,6 @@ jobs: -format="lcov" > coverage.lcov - name: Upload Code Coverage - if: matrix.platform == 'macos' && matrix.swift == '6.0' uses: codecov/codecov-action@v4 with: file: coverage.lcov From 50857142cbd8856b94b7926af425217961048cd1 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 14:57:53 +0200 Subject: [PATCH 11/14] Address AI bot remarks --- .github/workflows/ci.yml | 18 +++++++++++++++++- .github/workflows/release.yml | 2 +- 2 files changed, 18 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c14fef7..2ad2c74 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -51,12 +51,28 @@ jobs: - name: Generate Code Coverage run: | + # Find the actual test executable (SPM naming can vary) + TEST_EXECUTABLE=$(find .build/debug -name "*PackageTests.xctest" -type d | head -1) + if [ -z "$TEST_EXECUTABLE" ]; then + echo "No test executable found, skipping coverage" + exit 0 + fi + + EXECUTABLE_NAME=$(basename "$TEST_EXECUTABLE" .xctest) + EXECUTABLE_PATH="$TEST_EXECUTABLE/Contents/MacOS/$EXECUTABLE_NAME" + + if [ ! -f "$EXECUTABLE_PATH" ]; then + echo "Test executable not found at $EXECUTABLE_PATH, skipping coverage" + exit 0 + fi + xcrun llvm-cov export \ - .build/debug/swift-ui-debug-scanPackageTests.xctest/Contents/MacOS/swift-ui-debug-scanPackageTests \ + "$EXECUTABLE_PATH" \ -instr-profile .build/debug/codecov/default.profdata \ -format="lcov" > coverage.lcov - name: Upload Code Coverage + if: hashFiles('coverage.lcov') != '' uses: codecov/codecov-action@v4 with: file: coverage.lcov diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 8b276ea..e8af898 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,7 +34,7 @@ jobs: # Try to extract release notes from CHANGELOG.md if it exists if [ -f CHANGELOG.md ]; then # Extract content between the first two version headers - VERSION_LINE=$(grep -n "^## \[*${{ github.ref_name }}" CHANGELOG.md | head -1 | cut -d: -f1) + VERSION_LINE=$(grep -n "^## \[?${{ github.ref_name }}\]?" CHANGELOG.md | head -1 | cut -d: -f1) if [ ! -z "$VERSION_LINE" ]; then NEXT_VERSION_LINE=$(tail -n +$((VERSION_LINE + 1)) CHANGELOG.md | grep -n "^## " | head -1 | cut -d: -f1) if [ ! -z "$NEXT_VERSION_LINE" ]; then From da1ffcede0e773202b00f9ab15dcb4d8c2bd96a0 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 15:28:10 +0200 Subject: [PATCH 12/14] wip --- .github/workflows/ci.yml | 18 +----- .github/workflows/security.yml | 101 +++++++++++++++++++-------------- CI_SETUP.md | 25 ++++---- 3 files changed, 71 insertions(+), 73 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2ad2c74..19c4f04 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -80,7 +80,7 @@ jobs: verbose: true lint: - name: Swift Format & Lint + name: Swift Package Lint runs-on: macos-14 steps: @@ -90,21 +90,5 @@ jobs: - name: Select Xcode Version run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer - - name: Check Swift Format - run: | - # Install swift-format if not available - if ! command -v swift-format &> /dev/null; then - echo "swift-format not found, installing..." - git clone https://github.com/apple/swift-format.git - cd swift-format - swift build -c release - sudo cp .build/release/swift-format /usr/local/bin/ - cd .. - rm -rf swift-format - fi - - # Check formatting (non-destructive) - swift-format --recursive Sources Tests --mode diff - - name: Swift Package Validation run: swift package diagnose diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 927c3cf..3c61bb5 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -1,46 +1,59 @@ -name: Security +# Security Workflow - CURRENTLY DISABLED +# +# This workflow is commented out because it requires Code Security/Code Scanning +# to be enabled in the repository settings. +# +# To enable this workflow: +# 1. Go to your repository Settings > Security & analysis +# 2. Enable "Code scanning" +# 3. Uncomment this entire file +# 4. The workflow provides automated security scanning with CodeQL +# +# For more information: https://docs.github.com/en/code-security/code-scanning -on: - push: - branches: [ main ] - pull_request: - branches: [ main ] - schedule: - # Run weekly security scans - - cron: '0 2 * * 1' +# name: Security -jobs: - codeql: - name: CodeQL Analysis - runs-on: macos-14 - permissions: - actions: read - contents: read - security-events: write - - strategy: - fail-fast: false - matrix: - language: [ 'swift' ] - - steps: - - name: Checkout - uses: actions/checkout@v4 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - - - name: Select Xcode Version - run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer - - - name: Build for CodeQL - run: | - swift package resolve - swift build --configuration release - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" +# on: +# push: +# branches: [ main ] +# pull_request: +# branches: [ main ] +# schedule: +# # Run weekly security scans +# - cron: '0 2 * * 1' + +# jobs: +# codeql: +# name: CodeQL Analysis +# runs-on: macos-14 +# permissions: +# actions: read +# contents: read +# security-events: write +# +# strategy: +# fail-fast: false +# matrix: +# language: [ 'swift' ] +# +# steps: +# - name: Checkout +# uses: actions/checkout@v4 +# +# - name: Initialize CodeQL +# uses: github/codeql-action/init@v3 +# with: +# languages: ${{ matrix.language }} +# +# - name: Select Xcode Version +# run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer +# +# - name: Build for CodeQL +# run: | +# swift package resolve +# swift build --configuration release +# +# - name: Perform CodeQL Analysis +# uses: github/codeql-action/analyze@v3 +# with: +# category: "/language:${{matrix.language}}" diff --git a/CI_SETUP.md b/CI_SETUP.md index 11750b7..c1588ee 100644 --- a/CI_SETUP.md +++ b/CI_SETUP.md @@ -28,9 +28,7 @@ This document explains the Continuous Integration and Continuous Deployment setu **Purpose**: Maintain code quality and standards **Checks**: -- Swift Format validation (non-destructive) - Swift Package validation with diagnostics -- Dependency auditing ### 3. Release Workflow (`.github/workflows/release.yml`) @@ -44,16 +42,19 @@ This document explains the Continuous Integration and Continuous Deployment setu - GitHub release creation with artifacts - Prerelease detection (alpha, beta, rc tags) -### 4. Security Workflows (`.github/workflows/security.yml`) +### 4. Security Workflows (`.github/workflows/security.yml`) - CURRENTLY DISABLED -**Triggers**: PRs, main branch pushes, and weekly schedule +**Status**: Commented out - requires Code Security/Code Scanning to be enabled +**Triggers**: PRs, main branch pushes, and weekly schedule (when enabled) **Purpose**: Security scanning and vulnerability detection -**Features**: -- Dependency security auditing -- CodeQL static analysis for Swift code -- SARIF results upload +**Features (when enabled)**: +- CodeQL static analysis for Swift code security - Weekly automated security scans +- Integration with GitHub Security tab +- SARIF output format for security findings + +**To enable**: Uncomment the workflow after enabling Code Scanning in repository settings ## Configuration Files @@ -77,10 +78,10 @@ This document explains the Continuous Integration and Continuous Deployment setu ## Key Features Inspired by member-ios-app -1. **Comprehensive Platform Testing**: Tests on all supported Apple platforms -2. **Matrix Strategy**: Multiple Swift/Xcode version combinations +1. **Comprehensive Testing**: Native macOS Swift testing with code coverage +2. **Code Quality**: Swift package validation and diagnostics 3. **Caching**: Aggressive SPM caching for performance -4. **Security**: Weekly security scans and dependency auditing +4. **Security**: CodeQL security scanning (currently disabled - enable Code Scanning in repo settings) 5. **Release Automation**: Comprehensive release process with artifacts ## Environment Variables Used @@ -124,5 +125,5 @@ swift build --configuration release - **CI Status**: Monitor via GitHub Actions tab - **Coverage**: Check Codecov reports on PRs -- **Security**: Review weekly security scan results +- **Security**: Currently disabled (enable Code Scanning to activate) - **Dependencies**: Dependabot will create PRs for updates \ No newline at end of file From c418cdad791cae9418bddf1e7afb56977abc3962 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 15:32:04 +0200 Subject: [PATCH 13/14] wip --- .github/workflows/ci.yml | 15 ++++++++++++++- CI_SETUP.md | 7 +++++-- 2 files changed, 19 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 19c4f04..01031cc 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -91,4 +91,17 @@ jobs: run: sudo xcode-select -s /Applications/Xcode_16.1.app/Contents/Developer - name: Swift Package Validation - run: swift package diagnose + run: | + echo "=== Validating Package.swift syntax ===" + swift package dump-package > /dev/null + + echo "=== Resolving dependencies ===" + swift package resolve + + echo "=== Showing dependency tree ===" + swift package show-dependencies + + echo "=== Validating build configuration ===" + swift build --dry-run + + echo "โœ… Package validation completed successfully" diff --git a/CI_SETUP.md b/CI_SETUP.md index c1588ee..21343e2 100644 --- a/CI_SETUP.md +++ b/CI_SETUP.md @@ -28,7 +28,10 @@ This document explains the Continuous Integration and Continuous Deployment setu **Purpose**: Maintain code quality and standards **Checks**: -- Swift Package validation with diagnostics +- Package.swift syntax validation +- Dependency resolution verification +- Dependency tree analysis +- Build configuration validation (dry run) ### 3. Release Workflow (`.github/workflows/release.yml`) @@ -79,7 +82,7 @@ This document explains the Continuous Integration and Continuous Deployment setu ## Key Features Inspired by member-ios-app 1. **Comprehensive Testing**: Native macOS Swift testing with code coverage -2. **Code Quality**: Swift package validation and diagnostics +2. **Code Quality**: Swift package validation and dependency analysis 3. **Caching**: Aggressive SPM caching for performance 4. **Security**: CodeQL security scanning (currently disabled - enable Code Scanning in repo settings) 5. **Release Automation**: Comprehensive release process with artifacts From 2b5cb93b7002afef735d7faf095b59a5b983de78 Mon Sep 17 00:00:00 2001 From: Nikola Stojanovic Date: Fri, 26 Sep 2025 15:35:33 +0200 Subject: [PATCH 14/14] wip --- .github/workflows/ci.yml | 7 ++----- CI_SETUP.md | 9 ++++----- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 01031cc..a8587a8 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -79,8 +79,8 @@ jobs: fail_ci_if_error: false verbose: true - lint: - name: Swift Package Lint + validate: + name: Package Validation runs-on: macos-14 steps: @@ -101,7 +101,4 @@ jobs: echo "=== Showing dependency tree ===" swift package show-dependencies - echo "=== Validating build configuration ===" - swift build --dry-run - echo "โœ… Package validation completed successfully" diff --git a/CI_SETUP.md b/CI_SETUP.md index 21343e2..06cbd8d 100644 --- a/CI_SETUP.md +++ b/CI_SETUP.md @@ -23,15 +23,14 @@ This document explains the Continuous Integration and Continuous Deployment setu - Upload to Codecov for coverage reporting - Verbose testing with `SWIFTUI_DEBUG_SCAN_VERBOSE=1` -### 2. Code Quality Workflow (`.github/workflows/ci.yml` - lint job) +### 2. Package Validation Workflow (`.github/workflows/ci.yml` - validate job) -**Purpose**: Maintain code quality and standards +**Purpose**: Validate Swift package structure and dependencies **Checks**: - Package.swift syntax validation - Dependency resolution verification -- Dependency tree analysis -- Build configuration validation (dry run) +- Dependency tree analysis ### 3. Release Workflow (`.github/workflows/release.yml`) @@ -82,7 +81,7 @@ This document explains the Continuous Integration and Continuous Deployment setu ## Key Features Inspired by member-ios-app 1. **Comprehensive Testing**: Native macOS Swift testing with code coverage -2. **Code Quality**: Swift package validation and dependency analysis +2. **Package Validation**: Swift package structure and dependency analysis 3. **Caching**: Aggressive SPM caching for performance 4. **Security**: CodeQL security scanning (currently disabled - enable Code Scanning in repo settings) 5. **Release Automation**: Comprehensive release process with artifacts