This document describes how to manage SDK dependencies in the Gleec Wallet project.
The Gleec Wallet relies on several SDK packages maintained in the komodo-defi-sdk-flutter repository. These packages include:
komodo_cex_market_datakomodo_defi_sdkkomodo_defi_typeskomodo_ui- and others
We have an automated process to update these SDK dependencies using a GitHub Actions workflow. This workflow runs:
- Daily at midnight
- When code is pushed to the
devbranch - Manually through the GitHub Actions UI
To manually trigger the SDK roll workflow:
- Go to the GitHub Actions tab
- Select the "Roll SDK Packages" workflow
- Click "Run workflow"
- Configure options:
- Upgrade all packages: Set to
trueto upgrade all dependencies, not just SDK packages - Target branch: Specify which branch the pull request should target (defaults to
dev)
- Upgrade all packages: Set to
- Click "Run workflow"
For development or testing purposes, you can run the SDK roll script manually on your local machine.
- Flutter development environment set up
- Git configured
- Access to the repository
-
Clone the repository if you haven't already:
git clone https://github.com/GLEECBTC/gleec-wallet.git cd komodo-wallet -
Make the script executable:
chmod +x .github/scripts/roll_sdk_packages.sh
-
Run the script with the desired parameters:
To update only SDK packages (default):
UPGRADE_ALL_PACKAGES=false TARGET_BRANCH=dev .github/scripts/roll_sdk_packages.sh
To update all packages:
UPGRADE_ALL_PACKAGES=true TARGET_BRANCH=dev .github/scripts/roll_sdk_packages.sh
-
Review the changes:
- The script will create a file called
SDK_CHANGELOG.mdwith details of all packages that were updated - Check the changes in the
pubspec.yamlandpubspec.lockfiles
- The script will create a file called
-
If you want to commit these changes:
git add **/pubspec.yaml **/pubspec.lock git commit -m "chore: roll SDK packages" git push
The script accepts the following environment variables:
UPGRADE_ALL_PACKAGES: Set totrueto upgrade all packages, not just SDK packages. Defaults tofalse.TARGET_BRANCH: The target branch for the changelog information. Defaults todev.
If the script exits with a message "No rolls needed", it means that either:
- All SDK packages are already at their latest versions
- The script couldn't find any SDK packages in your project
You can check by examining your pubspec.yaml files to ensure they contain references to the SDK packages.
The script uses the following exit codes:
0: Success - SDK packages were rolled successfully100: No updates needed - the script ran correctly but no packages needed updating- Any other code: An error occurred during the execution
If you encounter permission issues:
chmod +x .github/scripts/roll_sdk_packages.shIf Flutter commands fail, ensure your Flutter environment is properly set up:
flutter doctorThe script identifies SDK packages by looking for packages with names matching those in the SDK_PACKAGES array in the script. These refer to external packages from the GLEECBTC SDK repository and can be declared in your pubspec.yaml files in two ways:
- Git dependency (Option 2): declared with a
git:section pointing to theGLEECBTC/komodo-defi-sdk-flutterrepository - Hosted dependency (Option 3): declared as a standard hosted package on pub.dev with a version constraint (for example,
^0.3.0)
Local packages that are part of this repository (like komodo_ui_kit and komodo_persistence_layer) are not considered external SDK packages and will not be updated by this script unless they themselves depend on SDK packages.
When running in SDK-only mode (UPGRADE_ALL_PACKAGES=false):
- Hosted SDK dependencies are bumped to the latest available version on pub.dev by executing
flutter pub add <package>, which updates the version constraint inpubspec.yamland refreshes the lockfile. - Git-based SDK dependencies are refreshed with
flutter pub upgrade --unlock-transitive <packages>to update the lockfile according to the configuredref.
The SDK roll script and GitHub Actions workflow are designed with robust error handling to ensure reliable operation. Here's what you should know:
- The script uses
set -eto exit immediately if any command fails - It includes a cleanup function that runs on exit to handle any temporary files
- Specific handling for package upgrade failures allows the script to continue even if individual package upgrades fail
- Clear logging with different levels (info, warning, error) to help diagnose issues
- 0: Success - changes were made and applied
- 100: No changes needed - everything ran correctly, but no packages needed updating (this is not an error)
- Any other code: An actual error occurred during execution
The GitHub Actions workflow has additional safeguards:
- Proper detection of the roll script's exit codes to differentiate between "no updates needed" and actual errors
- Error handling for git operations, including branch deletion and pushing
- Fallback mechanisms for GitHub CLI operations
- Warning and error annotations in the workflow logs to make issues more visible
-
Access Permission Issues:
- The GitHub token might not have sufficient permissions
- Solution: Check repository permissions for the GitHub token
-
Branch Protection Rules:
- If the target branch has protection rules, the workflow might fail to push changes
- Solution: Adjust branch protection rules or use a different target branch
-
Flutter Environment Issues:
- Mismatched Flutter versions can cause package incompatibilities
- Solution: Ensure the Flutter version specified in the workflow matches what's used in development
-
Network or GitHub API Issues:
- Temporary GitHub API issues can cause the workflow to fail
- Solution: Re-run the workflow after a delay