diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml index e4a06c0..b1556b5 100644 --- a/.github/workflows/pull-request.yml +++ b/.github/workflows/pull-request.yml @@ -1,4 +1,4 @@ -name: "Build and Test" +name: 'Build and Test' on: pull_request: @@ -15,11 +15,24 @@ permissions: id-token: write jobs: - js-tests: - name: "JS Tests" - runs-on: ubuntu-latest - steps: - - name: "Checkout" + trunk-check: + name: 'Trunk Check' + runs-on: ubuntu-latest + permissions: + checks: write + contents: read + pull-requests: read + steps: + - name: Checkout + uses: actions/checkout@v6 + - name: Trunk Check + uses: trunk-io/trunk-action@v1 + + js-tests: + name: 'JS Tests' + runs-on: ubuntu-latest + steps: + - name: 'Checkout' uses: actions/checkout@v6 - uses: actions/setup-node@v6.2.0 with: @@ -27,147 +40,148 @@ jobs: cache: yarn cache-dependency-path: yarn.lock - - name: "Install node modules" + - name: 'Install node modules' run: | yarn install - - - name: "Run test" + + - name: 'Run test' run: | yarn test - android-unit-tests: - name: "Android Unit Tests" - runs-on: ubuntu-latest - steps: - - name: "Checkout" - uses: actions/checkout@v6 - - name: "Run Android Unit Tests" - working-directory: android - run: ./gradlew test - - android-lint: - name: "Android Lint" - runs-on: ubuntu-latest - steps: - - name: "Checkout" - uses: actions/checkout@v6 - - name: "Run Android lint" - working-directory: android - run: ./gradlew lint - - android-kotlin-lint: - name: "Android kotlin lint" - runs-on: ubuntu-latest - steps: - - name: "Checkout" - uses: actions/checkout@v6 - - name: "Run Android kotlin lint" - working-directory: android - run: ./gradlew ktlintCheck - - android-sample-app: - name: Android Sample App - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v6 - - uses: actions/setup-node@v6.2.0 - with: - node-version: 24 - cache: yarn - cache-dependency-path: yarn.lock - - - name: Install node modules - run: yarn install - - - name: Build package - run: yarn dev:pack - - - name: Install sample app dependencies - working-directory: sample - run: | - rm -f yarn.lock - yarn install - - - name: Run Android sample app - working-directory: sample/android - run: ./gradlew assembleDebug - - ios-sample-app: - name: iOS Sample App - runs-on: macos-15 - steps: - - name: Checkout - uses: actions/checkout@v6 - - uses: actions/setup-node@v6.2.0 - with: - node-version: 24 - cache: yarn - cache-dependency-path: yarn.lock - - - name: Set up Xcode - uses: maxim-lobanov/setup-xcode@v1.6.0 - with: - xcode-version: latest-stable - - - name: Set Xcode Toolchain - run: echo "TOOLCHAINS=com.apple.dt.toolchain.XcodeDefault" >> $GITHUB_ENV - - - name: Setup iOS Simulator - uses: futureware-tech/simulator-action@v5 - id: simulator - with: - model: iPhone 16 - os: iOS - os_version: ">=18.0" - wait_for_boot: true - shutdown_after_job: true - - - name: Install node modules - run: yarn install - - - name: Build package - run: yarn dev:pack - - - name: Install sample app dependencies - working-directory: sample - run: | - rm -f yarn.lock - yarn install - - - name: Install Ruby dependencies - working-directory: sample - run: bundle install - - - name: Build iOS sample app - working-directory: sample/ios - run: | - bundle exec pod install - set -o pipefail && xcodebuild -workspace MParticleSample.xcworkspace \ - -configuration Debug \ - -scheme MParticleSample \ - -destination 'id=${{ steps.simulator.outputs.udid }}' \ - -derivedDataPath ios/build \ - -UseModernBuildSystem=YES \ - build | bundle exec xcpretty -k - - pr-notify: - if: > - github.event_name == 'pull_request' && - github.event.pull_request.draft == false - needs: - - android-unit-tests - - android-lint - - android-kotlin-lint - - android-sample-app - - ios-sample-app - - js-tests - name: Notify GChat - uses: ROKT/rokt-workflows/.github/workflows/oss_pr_opened_notification.yml@main - secrets: - gchat_webhook: ${{ secrets.GCHAT_PRS_WEBHOOK }} - - automerge-dependabot: - name: "Save PR Number for Dependabot Automerge" - needs: [ js-tests, android-unit-tests, android-lint, android-kotlin-lint ] - uses: mParticle/mparticle-workflows/.github/workflows/dependabot-save-pr-number.yml@main + android-unit-tests: + name: 'Android Unit Tests' + runs-on: ubuntu-latest + steps: + - name: 'Checkout' + uses: actions/checkout@v6 + - name: 'Run Android Unit Tests' + working-directory: android + run: ./gradlew test + + android-lint: + name: 'Android Lint' + runs-on: ubuntu-latest + steps: + - name: 'Checkout' + uses: actions/checkout@v6 + - name: 'Run Android lint' + working-directory: android + run: ./gradlew lint + + android-kotlin-lint: + name: 'Android kotlin lint' + runs-on: ubuntu-latest + steps: + - name: 'Checkout' + uses: actions/checkout@v6 + - name: 'Run Android kotlin lint' + working-directory: android + run: ./gradlew ktlintCheck + + android-sample-app: + name: Android Sample App + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v6 + - uses: actions/setup-node@v6.2.0 + with: + node-version: 24 + cache: yarn + cache-dependency-path: yarn.lock + + - name: Install node modules + run: yarn install + + - name: Build package + run: yarn dev:pack + + - name: Install sample app dependencies + working-directory: sample + run: | + rm -f yarn.lock + yarn install + + - name: Run Android sample app + working-directory: sample/android + run: ./gradlew assembleDebug + + ios-sample-app: + name: iOS Sample App + runs-on: macos-15 + steps: + - name: Checkout + uses: actions/checkout@v6 + - uses: actions/setup-node@v6.2.0 + with: + node-version: 24 + cache: yarn + cache-dependency-path: yarn.lock + + - name: Set up Xcode + uses: maxim-lobanov/setup-xcode@v1.6.0 + with: + xcode-version: latest-stable + + - name: Set Xcode Toolchain + run: echo "TOOLCHAINS=com.apple.dt.toolchain.XcodeDefault" >> $GITHUB_ENV + + - name: Setup iOS Simulator + uses: futureware-tech/simulator-action@v5 + id: simulator + with: + model: iPhone 16 + os: iOS + os_version: '>=18.0' + wait_for_boot: true + shutdown_after_job: true + + - name: Install node modules + run: yarn install + + - name: Build package + run: yarn dev:pack + + - name: Install sample app dependencies + working-directory: sample + run: | + rm -f yarn.lock + yarn install + + - name: Install Ruby dependencies + working-directory: sample + run: bundle install + + - name: Build iOS sample app + working-directory: sample/ios + run: | + bundle exec pod install + set -o pipefail && xcodebuild -workspace MParticleSample.xcworkspace \ + -configuration Debug \ + -scheme MParticleSample \ + -destination 'id=${{ steps.simulator.outputs.udid }}' \ + -derivedDataPath ios/build \ + -UseModernBuildSystem=YES \ + build | bundle exec xcpretty -k + + pr-notify: + if: > + github.event_name == 'pull_request' && + github.event.pull_request.draft == false + needs: + - trunk-check + - android-unit-tests + - android-lint + - android-kotlin-lint + - android-sample-app + - ios-sample-app + - js-tests + name: Notify GChat + uses: ROKT/rokt-workflows/.github/workflows/oss_pr_opened_notification.yml@main + secrets: + gchat_webhook: ${{ secrets.GCHAT_PRS_WEBHOOK }} + + automerge-dependabot: + name: 'Save PR Number for Dependabot Automerge' + needs: [js-tests, android-unit-tests, android-lint, android-kotlin-lint] + uses: mParticle/mparticle-workflows/.github/workflows/dependabot-save-pr-number.yml@main diff --git a/.github/workflows/trunk-upgrade.yml b/.github/workflows/trunk-upgrade.yml new file mode 100644 index 0000000..82dd0fd --- /dev/null +++ b/.github/workflows/trunk-upgrade.yml @@ -0,0 +1,34 @@ +name: Run trunk upgrade + +on: + workflow_call: + schedule: + - cron: 0 0 1 * * + workflow_dispatch: + +permissions: + contents: write + pull-requests: write + +jobs: + generate-and-call-upgrade: + runs-on: ubuntu-latest + outputs: + generated-token: ${{ steps.generate-token.outputs.token }} + steps: + - name: Generate a token + id: generate-token + uses: actions/create-github-app-token@29824e69f54612133e76f7eaac726eef6c875baf # v2.2.1 + with: + app-id: ${{ secrets.SDK_RELEASE_GITHUB_APP_ID }} # trunk-ignore(actionlint/expression) + private-key: ${{ secrets.SDK_RELEASE_GITHUB_APP_PRIVATE_KEY }} # trunk-ignore(actionlint/expression) + owner: ${{ github.repository_owner }} + repositories: | + react-native-mparticle + + trunk-upgrade: + needs: generate-and-call-upgrade + name: Run trunk upgrade + uses: ROKT/rokt-workflows/.github/workflows/trunk-upgrade.yml@main # trunk-ignore(actionlint/workflow-call) + with: + token: ${{ needs.generate-and-call-upgrade.outputs.generated-token }} diff --git a/.trunk/.gitignore b/.trunk/.gitignore new file mode 100644 index 0000000..15966d0 --- /dev/null +++ b/.trunk/.gitignore @@ -0,0 +1,9 @@ +*out +*logs +*actions +*notifications +*tools +plugins +user_trunk.yaml +user.yaml +tmp diff --git a/.trunk/configs/.markdownlint.yaml b/.trunk/configs/.markdownlint.yaml new file mode 100644 index 0000000..fb94039 --- /dev/null +++ b/.trunk/configs/.markdownlint.yaml @@ -0,0 +1,10 @@ +# Autoformatter friendly markdownlint config (all formatting rules disabled) +default: true +blank_lines: false +bullet: false +html: false +indentation: false +line_length: false +spaces: false +url: false +whitespace: false diff --git a/.trunk/configs/.shellcheckrc b/.trunk/configs/.shellcheckrc new file mode 100644 index 0000000..8c7b1ad --- /dev/null +++ b/.trunk/configs/.shellcheckrc @@ -0,0 +1,7 @@ +enable=all +source-path=SCRIPTDIR +disable=SC2154 + +# If you're having issues with shellcheck following source, disable the errors via: +# disable=SC1090 +# disable=SC1091 diff --git a/.trunk/configs/.yamllint.yaml b/.trunk/configs/.yamllint.yaml new file mode 100644 index 0000000..03deb40 --- /dev/null +++ b/.trunk/configs/.yamllint.yaml @@ -0,0 +1,10 @@ +rules: + quoted-strings: + required: only-when-needed + extra-allowed: ['{|}'] + empty-values: + forbid-in-block-mappings: true + forbid-in-flow-mappings: true + key-duplicates: {} + octal-values: + forbid-implicit-octal: true diff --git a/.trunk/trunk.yaml b/.trunk/trunk.yaml new file mode 100644 index 0000000..8d28e2a --- /dev/null +++ b/.trunk/trunk.yaml @@ -0,0 +1,73 @@ +# This file controls the behavior of Trunk: https://docs.trunk.io/cli +# To learn more about the format of this file, see https://docs.trunk.io/reference/trunk-yaml +version: 0.1 +cli: + version: 1.25.0 +# Many linters and tools depend on runtimes - configure them here. (https://docs.trunk.io/runtimes) +runtimes: + enabled: + - go@1.19.5 + - java@13.0.11 + - node@18.12.1 + - python@3.10.8 +# This is the section where you manage your linters. (https://docs.trunk.io/check/configuration) +lint: + definitions: + - name: mparticle-api-key-check + files: [ALL] + commands: + - name: check-mparticle-keys + output: pass_fail + # ────────────────────────────────────────────────────────────────────── + # Matches: + # us2-[32 hex chars] + # us1-... + # us-... + # eu1-... + # Any two lowercase letters + optional digits + hyphen + exactly 32 hex chars + # ────────────────────────────────────────────────────────────────────── + run: >- + sh -c ' + if grep -E "(?i)[a-z]{2}[0-9]*-[0-9a-f]{32}" "${target}"; then + echo "ERROR: Possible mParticle API key detected in ${target}" + echo " Format: xx...-[32 hex chars] (e.g. us2-, eu1-, us-, au4-, etc.)" + echo "API keys should never be committed to version control!" + exit 1 + fi + ' + success_codes: [0, 1] + enabled: + - actionlint@1.6.9 + - checkov@3.2.507 + - dotenv-linter@3.3.0 + - eslint@10.0.2 + - git-diff-check + - ktlint@0.43.2 + - markdownlint@0.48.0 + - mparticle-api-key-check + - osv-scanner@1.3.6 + - oxipng@7.0.0 + - prettier@3.8.1 + - shellcheck@0.8.0 + - shfmt@3.6.0 + - trivy@0.69.2 + - trufflehog@3.31.3 + disabled: + - yamllint + ignore: + - linters: [ALL] + paths: + - Example/Pods + - Example/Podfile.lock + - RNExample/Gemfile.lock + - RNExample/Gemfile + - linters: [markdownlint] + paths: + - CHANGELOG.md # Standard changelog format violates MD001, MD024, MD025 +actions: + enabled: + - trunk-announce + - trunk-check-pre-push + - trunk-check-pre-push-always + - trunk-fmt-pre-commit + - trunk-upgrade-available