diff --git a/.github/actions/sdk-tests/action.yml b/.github/actions/sdk-tests/action.yml new file mode 100644 index 0000000000..e419fec6de --- /dev/null +++ b/.github/actions/sdk-tests/action.yml @@ -0,0 +1,71 @@ +name: 'Run SDK tests' +description: 'Test the SDK using SPM' +inputs: + ssh-private-key: + description: SSH private key + required: true + known-hosts: + description: Known Hosts + required: true + match-password: + description: Match password + required: true + match-git-private-key: + description: Match git private key + required: true + fastlane-password: + description: Fastlane password + required: true + fastlane-session: + description: Fastlane session + required: true + match-keychain-name: + description: Match keychain name + required: true + match-keychain-password: + description: Match keychain password + required: true + source-branch: + description: Source branch + required: true +runs: + using: "composite" + steps: + - name: Select Xcode Version + uses: maxim-lobanov/setup-xcode@60606e260d2fc5762a71e64e74b2174e8ea3c8bd # v1.6.0 + with: + xcode-version: '15.2' + - name: Install SSH key + uses: shimataro/ssh-key-action@d4fffb50872869abe2d9a9098a6d9c5aa7d16be4 #v2.7.0 + with: + key: ${{ inputs.ssh-private-key }} + name: id_rsa_github_actions + known_hosts: ${{ inputs.known-hosts }} + - uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0 + with: + ssh-private-key: ${{ inputs.ssh-private-key }} + - uses: ruby/setup-ruby@d4526a55538b775af234ba4af27118ed6f8f6677 # v1.172.0 + with: + ruby-version: "3.2" + bundler-cache: true + - name: Build SPM App + shell: bash + run: | + bundle exec fastlane test_spm + env: + MATCH_PASSWORD: ${{ inputs.match-password }} + MATCH_GIT_PRIVATE_KEY: ${{ inputs.ssh-private-key }} + FASTLANE_PASSWORD: ${{ inputs.fastlane-password }} + FASTLANE_SESSION: ${{ inputs.fastlane-session }} + MATCH_KEYCHAIN_NAME: ${{ inputs.match-keychain-name }} + MATCH_KEYCHAIN_PASSWORD: ${{ inputs.match-password }} + SOURCE_BRANCH: ${{ inputs.source-branch }} + - name: Prepare coverage reports + shell: bash + run: | + bash Scripts/xccov-to-sonarqube-generic.sh fastlane/test_output/PrimerSDKTests.xcresult/ > coverage.xml + sed "s#$PWD/##g" coverage.xml > coverage_cleaned.xml + - uses: actions/upload-artifact@master + with: + name: coverage-file + path: coverage_cleaned.xml diff --git a/.github/actions/sonar/action.yml b/.github/actions/sonar/action.yml new file mode 100644 index 0000000000..de4a62afda --- /dev/null +++ b/.github/actions/sonar/action.yml @@ -0,0 +1,38 @@ +name: 'Run Sonar tests' +description: 'Upload code quality scans to Sonar' +inputs: + github-token: + description: GitHub token + required: true + sonar-token: + description: Sonar token + required: true + sonar-host + description: Sonar host URL + required: true +runs: + using: "composite" + steps: + - uses: actions/download-artifact@master + with: + name: coverage-file + - name: Update sonar-project.properties + shell: bash + run: | + echo "sonar.pullrequest.key=${{github.event.pull_request.number}}" >> sonar-project.properties + echo "sonar.pullrequest.branch=${{github.head_ref}}" >> sonar-project.properties + echo "sonar.pullrequest.base=${{github.base_ref}}" >> sonar-project.properties + echo "sonar.scm.revision=${{ github.event.pull_request.head.sha }}" >> sonar-project.properties + - name: SonarCloud Scan + uses: sonarsource/sonarqube-scan-action@master + env: + GITHUB_TOKEN: ${{ inputs.github-token }} # Needed to get PR information, if any + SONAR_TOKEN: ${{ inputs.sonar-token }} + SONAR_HOST_URL: ${{ inputs.sonar-host }} + - name: SonarQube Quality Gate check + id: sonarqube-quality-gate-check + uses: sonarsource/sonarqube-quality-gate-action@master + timeout-minutes: 5 + env: + SONAR_TOKEN: ${{ inputs.sonar-token }} + SONAR_HOST_URL: ${{ inputs.sonar-host }} diff --git a/.github/workflows/build_test_upload.yml b/.github/workflows/build-test-upload.yml similarity index 73% rename from .github/workflows/build_test_upload.yml rename to .github/workflows/build-test-upload.yml index a116e5f7fc..dd410b1b79 100644 --- a/.github/workflows/build_test_upload.yml +++ b/.github/workflows/build-test-upload.yml @@ -62,46 +62,44 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: ref: ${{ github.ref }} - - name: Select Xcode Version - uses: maxim-lobanov/setup-xcode@60606e260d2fc5762a71e64e74b2174e8ea3c8bd # v1.6.0 - with: - xcode-version: '15.2' - - name: Install SSH key - uses: shimataro/ssh-key-action@d4fffb50872869abe2d9a9098a6d9c5aa7d16be4 #v2.7.0 - with: - key: ${{ secrets.SSH_KEY }} - name: id_rsa_github_actions - known_hosts: ${{ secrets.KNOWN_HOSTS }} - - uses: webfactory/ssh-agent@dc588b651fe13675774614f8e6a936a468676387 # v0.9.0 + - name: Run SDK tests + uses: ./.github/actions/sdk-tests with: + github-token: ${{ secrets.GITHUB_TOKEN }} ssh-private-key: ${{ secrets.SSH_KEY }} - - uses: ruby/setup-ruby@d4526a55538b775af234ba4af27118ed6f8f6677 # v1.172.0 + known-hosts: ${{ secrets.KNOWN_HOSTS }} + match-password: ${{ secrets.MATCH_PASSWORD }} + match-git-private-key: ${{ secrets.FASTLANE_PASSWORD }} + fastlane-session: ${{ secrets.FASTLANE_SESSION }} + fastlane-password: ${{ secrets.FASTLANE_PASSWORD }} + match-keychain-name: ${{ secrets.MATCH_KEYCHAIN_NAME }} + match-keychain-password: ${{ secrets.MATCH_KEYCHAIN_PASSWORD }} + + sonarcloud: + needs: + - sdk-unit-tests + name: SonarCloud + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 with: - ruby-version: "3.2" - bundler-cache: true - - name: Build SPM App - run: | - bundle exec fastlane test_spm - env: - MATCH_PASSWORD: ${{ secrets.MATCH_PASSWORD }} - MATCH_GIT_PRIVATE_KEY: ${{ secrets.SSH_KEY }} - FASTLANE_PASSWORD: ${{ secrets.FASTLANE_PASSWORD }} - FASTLANE_SESSION: ${{ secrets.FASTLANE_SESSION }} - MATCH_KEYCHAIN_NAME: ${{ secrets.MATCH_KEYCHAIN_NAME }} - MATCH_KEYCHAIN_PASSWORD: ${{ secrets.MATCH_KEYCHAIN_PASSWORD }} - SOURCE_BRANCH: ${{ github.head_ref }} - - name: Prepare coverage reports - run: | - bash Scripts/xccov-to-sonarqube-generic.sh fastlane/test_output/PrimerSDKTests.xcresult/ > coverage.xml - - name: Install Sonar-Scanner - run: | - brew install sonar-scanner - - name: Run Sonar scanner + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - uses: actions/download-artifact@master + with: + name: coverage-file + - name: Update sonar-project.properties run: | - git fetch --unshallow --no-tags - sonar-scanner -Dsonar.token=${{ secrets.SONAR_TOKEN }} -Dsonar.coverageReportPaths=coverage.xml -Dsonar.verbose=true - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + echo "sonar.pullrequest.key=${{github.event.pull_request.number}}" >> sonar-project.properties + echo "sonar.pullrequest.branch=${{github.head_ref}}" >> sonar-project.properties + echo "sonar.pullrequest.base=${{github.base_ref}}" >> sonar-project.properties + echo "sonar.scm.revision=${{ github.event.pull_request.head.sha }}" >> sonar-project.properties + - name: SonarCloud Scan + uses: ./.github/actions/sonar + with: + github-token: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + sonar-token: ${{ secrets.SONAR_TOKEN }} + sonar-host: https://sonarcloud.io./ + build-and-upload-to-appetize: needs: - debug-app-unit-tests diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml deleted file mode 100644 index a15ca24884..0000000000 --- a/.github/workflows/sonarcloud.yml +++ /dev/null @@ -1,23 +0,0 @@ -name: Sonarcloud - -on: - push: - branches: - - master - pull_request: - types: [opened, synchronize, reopened] - -jobs: - sonarcloud: - name: SonarCloud - runs-on: ubuntu-latest - if: false - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - - name: SonarCloud Scan - uses: SonarSource/sonarcloud-github-action@master - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any - SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/.github/workflows/test-and-code-quality.yml b/.github/workflows/test-and-code-quality.yml new file mode 100644 index 0000000000..1dd417bf55 --- /dev/null +++ b/.github/workflows/test-and-code-quality.yml @@ -0,0 +1,62 @@ +name: Test SDK and upload Code Quality metrics + +on: + push: + branch: + - master + +concurrency: + group: ${{ github.ref }}-tests + cancel-in-progress: true + +jobs: + sdk-unit-tests: + runs-on: macos-13-large + timeout-minutes: 20 + name: "SDK - Unit Tests" + steps: + - name: Cancel previous jobs + uses: styfle/cancel-workflow-action@85880fa0301c86cca9da44039ee3bb12d3bedbfa # v0.12.1 + with: + access_token: ${{ github.token }} + - name: Git - Checkout + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + ref: ${{ github.ref }} + - name: Run SDK tests + uses: ./.github/actions/sdk-tests + with: + github-token: ${{ secrets.GITHUB_TOKEN }} + ssh-private-key: ${{ secrets.SSH_KEY }} + known-hosts: ${{ secrets.KNOWN_HOSTS }} + match-password: ${{ secrets.MATCH_PASSWORD }} + match-git-private-key: ${{ secrets.FASTLANE_PASSWORD }} + fastlane-session: ${{ secrets.FASTLANE_SESSION }} + fastlane-password: ${{ secrets.FASTLANE_PASSWORD }} + match-keychain-name: ${{ secrets.MATCH_KEYCHAIN_NAME }} + match-keychain-password: ${{ secrets.MATCH_KEYCHAIN_PASSWORD }} + + sonarcloud: + needs: + - sdk-unit-tests + name: SonarCloud + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + with: + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + - uses: actions/download-artifact@master + with: + name: coverage-file + - name: Update sonar-project.properties + run: | + echo "sonar.pullrequest.key=${{github.event.pull_request.number}}" >> sonar-project.properties + echo "sonar.pullrequest.branch=${{github.head_ref}}" >> sonar-project.properties + echo "sonar.pullrequest.base=${{github.base_ref}}" >> sonar-project.properties + echo "sonar.scm.revision=${{ github.event.pull_request.head.sha }}" >> sonar-project.properties + - name: SonarCloud Scan + uses: ./.github/actions/sonar + with: + github-token: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + sonar-token: ${{ secrets.SONAR_TOKEN }} + sonar-host: https://sonarcloud.io./ diff --git a/Sources/PrimerSDK/Classes/Core/3DS/3DSService.swift b/Sources/PrimerSDK/Classes/Core/3DS/3DSService.swift index 334899f399..61f6cac1e0 100644 --- a/Sources/PrimerSDK/Classes/Core/3DS/3DSService.swift +++ b/Sources/PrimerSDK/Classes/Core/3DS/3DSService.swift @@ -283,7 +283,7 @@ class ThreeDSService: ThreeDSServiceProtocol, LogReporter { // ⚠️ Property version doesn't exist on version before 1.1.0, so PrimerSDK won't build // if Primer3DS is not equal or above 1.1.0 if Primer3DS.hardcodedVersion.compareWithVersion("1.1.1") == .orderedDescending || - Primer3DS.hardcodedVersion.compareWithVersion("1.1.2") == .orderedSame { + Primer3DS.hardcodedVersion.compareWithVersion("1.1.1") == .orderedSame { do { primer3DS.is3DSSanityCheckEnabled = PrimerSettings.current.debugOptions.is3DSSanityCheckEnabled try primer3DS.initializeSDK(apiKey: apiKey, certificates: certs) diff --git a/sonar-project.properties b/sonar-project.properties index ad3956c5fa..4354ee4a0f 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -12,12 +12,12 @@ sonar.cpp.file.suffixes=- sonar.objc.file.suffixes=- # Source settings -sonar.tests=Tests/ - -sonar.qualitygate.wait=true - +sonar.sources=Sources +sonar.tests=Tests # GitHub sonar.pullrequest.provider=GitHub sonar.github.repository=primer-io/primer-sdk-ios +# Coverage +sonar.coverageReportPaths=coverage_cleaned.xml