diff --git a/.github/workflows/android-actions.yml b/.github/workflows/android-actions.yml index d8964e656..5cb58aa05 100644 --- a/.github/workflows/android-actions.yml +++ b/.github/workflows/android-actions.yml @@ -11,6 +11,10 @@ on: default: mapbox required: false type: string + REF_FORK: + description: "If build from fork repo or not" + required: false + type: string NEW_ARCH: description: "If build with new architecture or not" default: false @@ -24,10 +28,18 @@ on: jobs: build_example: + name: Android Example Build ${{ inputs.NEW_ARCH && 'Fabric' || 'Paper' }} ${{ inputs.MAP_IMPL }} runs-on: ubuntu-latest steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 + if: ${{ github.event.inputs.REF_FORK == false }} + + - name: Checkout fork + uses: actions/checkout@v4 + if: ${{ github.event.inputs.REF_FORK == true }} + with: + ref: ${{ github.event.pull_request.head.sha }} - name: Setup node ${{ inputs.NVMRC }} uses: actions/setup-node@v3.5.1 diff --git a/.github/workflows/ci-for-fored-repos.yml b/.github/workflows/ci-for-fored-repos.yml new file mode 100644 index 000000000..1f3fb6fc2 --- /dev/null +++ b/.github/workflows/ci-for-fored-repos.yml @@ -0,0 +1,23 @@ +on: + pull_request_target: + branches: [ main ] + +jobs: + approve: + runs-on: ubuntu-latest + steps: + - name: Approve + run: echo For security reasons, all pull requests need to be approved first before running any automated CI. + + call_ci_requiring_tokens: + name: "CI requiring tokens" + enivoronment: + name: CI with Mapbox Tokens + needs: [approve] + uses: ./.github/workflows/ci-requiring-tokens.yml + with: + NVMRC: v18.18.0 + secrets: + MAPBOX_ACCESS_TOKEN: ${{ secrets.ENV_MAPBOX_ACCESS_TOKEN }} + MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.ENV_MAPBOX_DOWNLOAD_TOKEN }} + diff --git a/.github/workflows/ci-requiring-tokens.yml b/.github/workflows/ci-requiring-tokens.yml new file mode 100644 index 000000000..b55a5c068 --- /dev/null +++ b/.github/workflows/ci-requiring-tokens.yml @@ -0,0 +1,81 @@ +name: CI Builds requiring mapbox tokens + +on: + workflow_call: + inputs: + NVMRC: + required: true + type: string + secrets: + MAPBOX_ACCESS_TOKEN: + required: true + MAPBOX_DOWNLOAD_TOKEN: + required: true + +concurrency: + group: ${{ github.head_ref || github.run_id }}-ci-with-tokens + cancel-in-progress: true + +jobs: + call_android_workflow: + name: "Android/Mapbox" + uses: ./.github/workflows/android-actions.yml + with: + NVMRC: ${{ inputs.NVMRC }} + MAP_IMPL: mapbox + secrets: + MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} + MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} + + call_android_workflow_fabric: + name: "Android/Mapbox/Fabric" + uses: ./.github/workflows/android-actions.yml + with: + NVMRC: ${{ inputs.NVMRC }} + MAP_IMPL: mapbox + NEW_ARCH: true + secrets: + MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} + MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} + + + call_android_workflow_11: + name: "Android/Mapbox11" + uses: ./.github/workflows/android-actions.yml + with: + NVMRC: ${{ inputs.NVMRC }} + MAP_IMPL: mapbox11 + secrets: + MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} + MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} + + call_ios_workflow: + name: "iOS/Mapbox" + uses: ./.github/workflows/ios-actions.yml + with: + NVMRC: ${{ inputs.NVMRC }} + MAP_IMPL: mapbox + secrets: + MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} + MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} + + call_ios_workflow_fabric: + name: "iOS/Mapbox/Fabric" + uses: ./.github/workflows/ios-actions.yml + with: + NVMRC: ${{ inputs.NVMRC }} + MAP_IMPL: mapbox + NEW_ARCH: true + secrets: + MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} + MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} + + call_ios_workflow_11: + name: "iOS/Mapbox11" + uses: ./.github/workflows/ios-actions.yml + with: + NVMRC: ${{ inputs.NVMRC }} + MAP_IMPL: mapbox11 + secrets: + MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} + MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} \ No newline at end of file diff --git a/.github/workflows/ios-actions.yml b/.github/workflows/ios-actions.yml index ca671a75e..a6a1dce2b 100644 --- a/.github/workflows/ios-actions.yml +++ b/.github/workflows/ios-actions.yml @@ -24,6 +24,7 @@ on: jobs: build: + name: iOS Example Build ${{ inputs.NEW_ARCH && 'Fabric' || 'Paper' }} ${{ inputs.MAP_IMPL }} runs-on: macos-12 timeout-minutes: 55 @@ -33,7 +34,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v3 + uses: actions/checkout@v4 - name: Access Token run: echo $MAPBOX_ACCESS_TOKEN > ./accesstoken diff --git a/.github/workflows/on-push.yml b/.github/workflows/on-push.yml index 0aeafd5ef..d6e504fc4 100644 --- a/.github/workflows/on-push.yml +++ b/.github/workflows/on-push.yml @@ -65,80 +65,16 @@ jobs: if: "${{ env.MAPBOX_ACCESS_TOKEN != '' }}" run: echo "::set-output name=defined::true" - call_android_workflow: - name: "Android/Mapbox" + call_ci_requiring_tokens: + name: "CI requiring tokens" needs: [lint_test_generate,has_mapbox_token] - uses: ./.github/workflows/android-actions.yml + uses: ./.github/workflows/ci-requiring-tokens.yml with: NVMRC: ${{ needs.lint_test_generate.outputs.NVMRC }} - MAP_IMPL: mapbox if: needs.has_mapbox_token.outputs.has-mapbox-token == 'true' secrets: MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} - MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} - - call_android_workflow_fabric: - name: "Android/Mapbox/Fabric" - needs: [lint_test_generate,has_mapbox_token] - uses: ./.github/workflows/android-actions.yml - with: - NVMRC: ${{ needs.lint_test_generate.outputs.NVMRC }} - MAP_IMPL: mapbox - NEW_ARCH: true - if: needs.has_mapbox_token.outputs.has-mapbox-token == 'true' - secrets: - MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} - MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} - - - call_android_workflow_11: - name: "Android/Mapbox11" - needs: [lint_test_generate,has_mapbox_token] - uses: ./.github/workflows/android-actions.yml - with: - NVMRC: ${{ needs.lint_test_generate.outputs.NVMRC }} - MAP_IMPL: mapbox11 - if: needs.has_mapbox_token.outputs.has-mapbox-token == 'true' - secrets: - MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} - MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} - - call_ios_workflow: - name: "iOS/Mapbox" - needs: [lint_test_generate,has_mapbox_token] - uses: ./.github/workflows/ios-actions.yml - if: needs.has_mapbox_token.outputs.has-mapbox-token == 'true' - with: - NVMRC: ${{ needs.lint_test_generate.outputs.NVMRC }} - MAP_IMPL: mapbox - secrets: - MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} - MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} - - call_ios_workflow_fabric: - name: "iOS/Mapbox/Fabric" - needs: [lint_test_generate,has_mapbox_token] - uses: ./.github/workflows/ios-actions.yml - if: needs.has_mapbox_token.outputs.has-mapbox-token == 'true' - with: - NVMRC: ${{ needs.lint_test_generate.outputs.NVMRC }} - MAP_IMPL: mapbox - NEW_ARCH: true - secrets: - MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} - MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} - - call_ios_workflow_11: - name: "iOS/Mapbox11" - needs: [lint_test_generate,has_mapbox_token] - uses: ./.github/workflows/ios-actions.yml - if: needs.has_mapbox_token.outputs.has-mapbox-token == 'true' - with: - NVMRC: ${{ needs.lint_test_generate.outputs.NVMRC }} - MAP_IMPL: mapbox11 - secrets: - MAPBOX_ACCESS_TOKEN: ${{ secrets.MAPBOX_ACCESS_TOKEN }} - MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} + MAPBOX_DOWNLOAD_TOKEN: ${{ secrets.MAPBOX_DOWNLOAD_TOKEN }} publish: if: startsWith(github.ref, 'refs/tags/') && (github.event_name == 'push')