This directory contains GitHub Actions workflows for automating various aspects of the Flutter Wallet Card project.
Triggers:
- Push to
masterordevelopbranches - Pull requests to
masterordevelopbranches - Manual dispatch
Jobs:
- test: Runs tests on Ubuntu with coverage reporting
- test-ios: Tests on macOS for iOS compatibility
- test-android: Tests on Ubuntu for Android compatibility
- package-analysis: Analyzes package quality and dependencies
- security-scan: Scans for security vulnerabilities
- documentation: Validates API documentation
- example-app: Builds and tests the example application
- compatibility-check: Tests against multiple Flutter versions
Features:
- Code formatting validation
- Static analysis with
dart analyze - Test coverage reporting to Codecov
- Multi-platform testing (iOS, Android)
- Package quality analysis with
pana - Security vulnerability scanning
- Basic file checks (README, CHANGELOG)
- Example app building and artifact upload
- Flutter version compatibility testing
Triggers:
- Manual dispatch with version options
Jobs:
-
create-release: Creates a new release with version bumping
-
notify-release: Sends notifications about release status
-
cleanup-on-failure: Cleans up on failure
Features:
- Automatic version bumping (patch, minor, major)
- Custom version support
- Automatic CHANGELOG.md updates
- Release notes generation
- Package validation
- Example app building
- Automatic cleanup on failure
- Integration with publish workflow
Triggers:
- Push to version tags (e.g.,
v1.0.0) - Manual dispatch
Jobs:
- test: Runs comprehensive tests before publishing
- publish: Publishes package to pub.dev
- create-release: Creates GitHub release
Features:
- Pre-publish testing and validation
- Automatic pub.dev publishing
- GitHub release creation with changelog
- Artifact generation
Add these secrets to your GitHub repository:
PUB_DEV_PUBLISH_ACCESS_TOKEN
PUB_DEV_PUBLISH_REFRESH_TOKEN
PUB_DEV_PUBLISH_TOKEN_ENDPOINT
PUB_DEV_PUBLISH_EXPIRATION
How to get pub.dev credentials:
- Run
dart pub token add https://pub.devlocally - Follow the authentication flow
- Extract credentials from
~/.pub-cache/credentials.json - Add each field as a GitHub secret
GITHUB_TOKEN # Usually provided automatically
- Go to repository Settings → Pages
- Set source to "GitHub Actions"
- The documentation will be available at
https://username.github.io/repository-name
- Go to repository Settings → Branches
- Add protection rules for
masterbranch:- Require status checks to pass
- Require branches to be up to date
- Include administrators
- Sign up at codecov.io
- Connect your GitHub repository
- No additional secrets needed for public repositories
-
Manual Release:
- Go to Actions → "Create Release"
- Click "Run workflow"
- Choose version type (patch/minor/major) or enter custom version
- Optionally mark as prerelease or draft
- Click "Run workflow"
-
Automatic Release:
- Push a version tag:
git tag v1.0.0 && git push origin v1.0.0 - The publish workflow will trigger automatically
- Push a version tag:
-
Automatic (Recommended):
- Create a release using the release workflow
- Publishing happens automatically for non-draft, non-prerelease versions
-
Manual:
- Go to Actions → "Publish to pub.dev"
- Click "Run workflow"
- Enter version to publish
- Click "Run workflow"
- Automatic: CI runs on every push and pull request
- Manual: Go to Actions → "CI" → "Run workflow"
Update the Flutter version in all workflows:
- name: Setup Flutter
uses: subosito/flutter-action@v2
with:
flutter-version: '3.32.0' # Change this version
channel: 'stable'
cache: trueAdd new jobs to ci.yml:
test-web:
runs-on: ubuntu-latest
name: Test on Web
steps:
# ... setup steps ...
- name: Run web tests
run: flutter test --platform chromeAdd security scanning tools to ci.yml:
- name: Run additional security scan
run: |
# Add your security scanning commands
dart pub global activate security_scanner
dart pub global run security_scanner-
Publishing Fails:
- Check pub.dev credentials in secrets
- Verify package version is unique
- Ensure all tests pass
-
Documentation Not Updating:
- Check GitHub Pages settings
- Verify Jekyll build logs
- Ensure
_config.ymlis valid
-
CI Failures:
- Check Flutter version compatibility
- Verify all dependencies are available
- Review test failures in logs
-
Release Creation Fails:
- Check version format (semantic versioning)
- Verify CHANGELOG.md format
- Ensure no uncommitted changes
-
Check Workflow Logs:
- Go to Actions tab
- Click on failed workflow
- Review step-by-step logs
-
Test Locally:
# Run the same commands locally flutter pub get dart format --output=none --set-exit-if-changed . dart analyze --fatal-infos flutter test dart pub publish --dry-run
-
Validate Configuration:
# Check workflow syntax yamllint .github/workflows/*.yml
-
Version Management:
- Use semantic versioning (MAJOR.MINOR.PATCH)
- Update CHANGELOG.md for each release
- Test thoroughly before releasing
-
Testing:
- Maintain high test coverage
- Test on multiple platforms
- Include integration tests
-
Security:
- Regularly update dependencies
- Scan for vulnerabilities
- Use minimal required permissions
-
Workflow Maintenance:
- Keep actions up to date
- Monitor workflow performance
- Review and optimize regularly
When modifying workflows:
- Test changes in a fork first
- Update this documentation
- Follow existing patterns and conventions
- Add appropriate error handling
- Include validation steps
For questions or issues with workflows, please open an issue in the repository.