feat: Add CI/CD workflows for automated build, test, and release proc⦠#2
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: π CI - Build & Test | |
| on: | |
| push: | |
| branches: [ main, develop, staging ] | |
| pull_request: | |
| branches: [ main, develop ] | |
| workflow_dispatch: # Allow manual triggering | |
| env: | |
| APP_NAME: "ClickIt" | |
| BUNDLE_ID: "com.jsonify.clickit" | |
| jobs: | |
| build-test: | |
| name: π¨ Build & Test on Xcode | |
| runs-on: macos-latest | |
| strategy: | |
| matrix: | |
| build_mode: [debug, release] | |
| build_system: [xcode, spm] | |
| steps: | |
| - name: π₯ Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: π Setup Xcode | |
| uses: maxim-lobanov/setup-xcode@v1 | |
| with: | |
| xcode-version: latest-stable | |
| - name: π Environment Info | |
| run: | | |
| echo "π₯οΈ Runner: macOS $(sw_vers -productVersion)" | |
| echo "π¨ Xcode: $(xcodebuild -version | head -1)" | |
| echo "π Swift: $(swift --version | head -1)" | |
| echo "ποΈ Build Mode: ${{ matrix.build_mode }}" | |
| echo "π¦ Build System: ${{ matrix.build_system }}" | |
| - name: π§ͺ Run Swift Tests | |
| if: matrix.build_system == 'spm' | |
| run: | | |
| echo "π§ͺ Running Swift Package Manager tests..." | |
| swift test --verbose | |
| - name: π§ͺ Run Xcode Tests | |
| if: matrix.build_system == 'xcode' | |
| run: | | |
| echo "π§ͺ Running Xcode tests..." | |
| xcodebuild test -project ClickIt.xcodeproj -scheme ClickIt -destination 'platform=macOS' || echo "β οΈ No tests configured in Xcode project" | |
| - name: ποΈ Build App Bundle | |
| run: | | |
| echo "π¨ Building ${{ env.APP_NAME }} (${{ matrix.build_mode }} mode, ${{ matrix.build_system }} system)..." | |
| ./build_app_unified.sh ${{ matrix.build_mode }} ${{ matrix.build_system }} | |
| echo "π Build completed!" | |
| ls -la dist/ | |
| - name: π Verify Build Output | |
| run: | | |
| echo "π Verifying build output..." | |
| if [ -d "dist/${{ env.APP_NAME }}.app" ]; then | |
| echo "β App bundle created successfully" | |
| # Check app bundle structure | |
| echo "π App bundle contents:" | |
| find "dist/${{ env.APP_NAME }}.app" -type f | head -10 | |
| # Check binary architecture | |
| BINARY_PATH="dist/${{ env.APP_NAME }}.app/Contents/MacOS/${{ env.APP_NAME }}" | |
| if [ -f "$BINARY_PATH" ]; then | |
| echo "π± Binary info:" | |
| file "$BINARY_PATH" | |
| echo "ποΈ Architecture:" | |
| lipo -info "$BINARY_PATH" 2>/dev/null || echo "Single architecture binary" | |
| else | |
| echo "β Binary not found at $BINARY_PATH" | |
| exit 1 | |
| fi | |
| # Check code signing status | |
| echo "π Code signing status:" | |
| codesign -dv "dist/${{ env.APP_NAME }}.app" 2>&1 || echo "β οΈ Not code signed" | |
| else | |
| echo "β App bundle not found!" | |
| exit 1 | |
| fi | |
| - name: π¦ Upload Build Artifacts | |
| if: matrix.build_mode == 'release' | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: "${{ env.APP_NAME }}-${{ matrix.build_system }}-${{ github.sha }}" | |
| path: | | |
| dist/${{ env.APP_NAME }}.app | |
| dist/build-info.txt | |
| retention-days: 7 | |
| lint-and-quality: | |
| name: π Code Quality & Linting | |
| runs-on: macos-latest | |
| steps: | |
| - name: π₯ Checkout Code | |
| uses: actions/checkout@v4 | |
| - name: π Setup Xcode | |
| uses: maxim-lobanov/setup-xcode@v1 | |
| with: | |
| xcode-version: latest-stable | |
| - name: π§Ή Install SwiftLint | |
| run: | | |
| if ! which swiftlint > /dev/null 2>&1; then | |
| echo "π¦ Installing SwiftLint..." | |
| brew install swiftlint | |
| else | |
| echo "β SwiftLint already installed" | |
| fi | |
| swiftlint version | |
| - name: π Run SwiftLint | |
| run: | | |
| echo "π Running SwiftLint..." | |
| # Run without --strict to avoid blocking CI on warnings | |
| swiftlint lint --reporter github-actions-logging | |
| - name: π Swift Package Dependencies | |
| run: | | |
| echo "π Checking Swift Package dependencies..." | |
| swift package show-dependencies || echo "β οΈ No Package.swift or dependencies found" | |
| - name: π Security Check (Basic) | |
| run: | | |
| echo "π Basic security checks..." | |
| echo "π Checking for hardcoded secrets..." | |
| # Check for common secret patterns (basic check) | |
| if grep -r -i "password\|secret\|token\|key" --include="*.swift" Sources/ || true; then | |
| echo "β οΈ Found potential secrets - please review manually" | |
| else | |
| echo "β No obvious secrets found in Swift source" | |
| fi | |
| echo "π Checking for insecure HTTP URLs..." | |
| if grep -r "http://" --include="*.swift" Sources/ || true; then | |
| echo "β οΈ Found HTTP URLs - consider using HTTPS" | |
| else | |
| echo "β No insecure HTTP URLs found" | |
| fi | |
| summary: | |
| name: π CI Summary | |
| runs-on: ubuntu-latest | |
| needs: [build-test, lint-and-quality] | |
| if: always() | |
| steps: | |
| - name: π CI Results Summary | |
| run: | | |
| echo "## π CI Pipeline Results" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "| Check | Status |" >> $GITHUB_STEP_SUMMARY | |
| echo "|-------|--------|" >> $GITHUB_STEP_SUMMARY | |
| echo "| Build & Test | ${{ needs.build-test.result == 'success' && 'β Passed' || 'β Failed' }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "| Code Quality | ${{ needs.lint-and-quality.result == 'success' && 'β Passed' || 'β Failed' }} |" >> $GITHUB_STEP_SUMMARY | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| if [ "${{ needs.build-test.result }}" = "success" ] && [ "${{ needs.lint-and-quality.result }}" = "success" ]; then | |
| echo "π **All checks passed!** The code is ready for release." >> $GITHUB_STEP_SUMMARY | |
| else | |
| echo "β οΈ **Some checks failed.** Please review the results above." >> $GITHUB_STEP_SUMMARY | |
| fi | |
| echo "" >> $GITHUB_STEP_SUMMARY | |
| echo "### π Next Steps" >> $GITHUB_STEP_SUMMARY | |
| echo "- **For Release**: Create a version tag (e.g., \`git tag v1.3.0 && git push origin v1.3.0\`)" >> $GITHUB_STEP_SUMMARY | |
| echo "- **For Development**: Merge to main branch when ready" >> $GITHUB_STEP_SUMMARY |