cleanup workflow stuff (might revert this) · jeanmachine.dev/witchsky.app@5170bfe

-68

.github/workflows/build-and-push-bskyweb-aws.yaml

··· 1 - name: build-and-push-bskyweb-aws 2 - on: 3 - workflow_dispatch: 4 - push: 5 - branches: 6 - - main 7 - 8 - env: 9 - REGISTRY: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_REGISTRY }} 10 - USERNAME: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_USERNAME }} 11 - PASSWORD: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_PASSWORD }} 12 - IMAGE_NAME: bskyweb 13 - 14 - jobs: 15 - bskyweb-container-aws: 16 - if: github.repository == 'bluesky-social/social-app' 17 - runs-on: ubuntu-latest 18 - permissions: 19 - contents: read 20 - packages: write 21 - id-token: write 22 - 23 - steps: 24 - - name: Checkout repository 25 - uses: actions/checkout@v3 26 - 27 - - name: Setup Docker buildx 28 - uses: docker/setup-buildx-action@v1 29 - 30 - - name: Log into registry ${{ env.REGISTRY }} 31 - uses: docker/login-action@v2 32 - with: 33 - registry: ${{ env.REGISTRY }} 34 - username: ${{ env.USERNAME}} 35 - password: ${{ env.PASSWORD }} 36 - 37 - - name: Extract Docker metadata 38 - id: meta 39 - uses: docker/metadata-action@v4 40 - with: 41 - images: | 42 - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} 43 - tags: | 44 - type=sha,enable=true,priority=100,prefix=,suffix=,format=long 45 - 46 - - name: Env 47 - id: env 48 - run: | 49 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> $GITHUB_OUTPUT 50 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 51 - 52 - - name: Build and push Docker image 53 - id: build-and-push 54 - uses: docker/build-push-action@v4 55 - with: 56 - context: . 57 - push: ${{ github.event_name != 'pull_request' }} 58 - file: ./Dockerfile 59 - tags: ${{ steps.meta.outputs.tags }} 60 - labels: ${{ steps.meta.outputs.labels }} 61 - cache-from: type=gha 62 - cache-to: type=gha,mode=max 63 - build-args: | 64 - EXPO_PUBLIC_ENV=production 65 - EXPO_PUBLIC_RELEASE_VERSION=${{ steps.env.outputs.EXPO_PUBLIC_RELEASE_VERSION }} 66 - EXPO_PUBLIC_BUNDLE_IDENTIFIER=${{ steps.env.outputs.EXPO_PUBLIC_BUNDLE_IDENTIFIER }} 67 - EXPO_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }} 68 - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }}

-57

.github/workflows/build-and-push-bskyweb-ghcr.yaml

··· 1 - name: build-and-push-bskyweb-ghcr 2 - on: 3 - push: 4 - branches: 5 - - main 6 - - jake/bskyweb-additions 7 - env: 8 - REGISTRY: ghcr.io 9 - USERNAME: ${{ github.actor }} 10 - PASSWORD: ${{ secrets.GITHUB_TOKEN }} 11 - 12 - # github.repository as <account>/<repo> 13 - IMAGE_NAME: ${{ github.repository }} 14 - 15 - jobs: 16 - bskyweb-container-ghcr: 17 - if: github.repository == 'bluesky-social/social-app' 18 - runs-on: ubuntu-latest 19 - permissions: 20 - contents: read 21 - packages: write 22 - id-token: write 23 - 24 - steps: 25 - - name: Checkout repository 26 - uses: actions/checkout@v3 27 - 28 - - name: Setup Docker buildx 29 - uses: docker/setup-buildx-action@v1 30 - 31 - - name: Log into registry ${{ env.REGISTRY }} 32 - uses: docker/login-action@v2 33 - with: 34 - registry: ${{ env.REGISTRY }} 35 - username: ${{ env.USERNAME }} 36 - password: ${{ env.PASSWORD }} 37 - 38 - - name: Extract Docker metadata 39 - id: meta 40 - uses: docker/metadata-action@v4 41 - with: 42 - images: | 43 - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} 44 - tags: | 45 - type=sha,enable=true,priority=100,prefix=bskyweb:,suffix=,format=long 46 - 47 - - name: Build and push Docker image 48 - id: build-and-push 49 - uses: docker/build-push-action@v4 50 - with: 51 - context: . 52 - push: ${{ github.event_name != 'pull_request' }} 53 - file: ./Dockerfile 54 - tags: ${{ steps.meta.outputs.tags }} 55 - labels: ${{ steps.meta.outputs.labels }} 56 - cache-from: type=gha 57 - cache-to: type=gha,mode=max

-56

.github/workflows/build-and-push-embedr-aws.yaml

··· 1 - name: build-and-push-embedr-aws 2 - on: 3 - push: 4 - branches: 5 - - main 6 - - echoprom_fix 7 - 8 - env: 9 - REGISTRY: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_REGISTRY }} 10 - USERNAME: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_USERNAME }} 11 - PASSWORD: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_PASSWORD }} 12 - IMAGE_NAME: embed 13 - 14 - jobs: 15 - embedr-container-aws: 16 - if: github.repository == 'bluesky-social/social-app' 17 - runs-on: ubuntu-latest 18 - permissions: 19 - contents: read 20 - packages: write 21 - id-token: write 22 - 23 - steps: 24 - - name: Checkout repository 25 - uses: actions/checkout@v3 26 - 27 - - name: Setup Docker buildx 28 - uses: docker/setup-buildx-action@v1 29 - 30 - - name: Log into registry ${{ env.REGISTRY }} 31 - uses: docker/login-action@v2 32 - with: 33 - registry: ${{ env.REGISTRY }} 34 - username: ${{ env.USERNAME}} 35 - password: ${{ env.PASSWORD }} 36 - 37 - - name: Extract Docker metadata 38 - id: meta 39 - uses: docker/metadata-action@v4 40 - with: 41 - images: | 42 - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} 43 - tags: | 44 - type=sha,enable=true,priority=100,prefix=,suffix=,format=long 45 - 46 - - name: Build and push Docker image 47 - id: build-and-push 48 - uses: docker/build-push-action@v4 49 - with: 50 - context: . 51 - push: ${{ github.event_name != 'pull_request' }} 52 - file: ./Dockerfile.embedr 53 - tags: ${{ steps.meta.outputs.tags }} 54 - labels: ${{ steps.meta.outputs.labels }} 55 - cache-from: type=gha 56 - cache-to: type=gha,mode=max

-53

.github/workflows/build-and-push-link-aws.yaml

··· 1 - name: build-and-push-link-aws 2 - on: 3 - workflow_dispatch: 4 - 5 - env: 6 - REGISTRY: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_REGISTRY }} 7 - USERNAME: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_USERNAME }} 8 - PASSWORD: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_PASSWORD }} 9 - IMAGE_NAME: bskylink 10 - 11 - jobs: 12 - link-container-aws: 13 - if: github.repository == 'bluesky-social/social-app' 14 - runs-on: ubuntu-latest 15 - permissions: 16 - contents: read 17 - packages: write 18 - id-token: write 19 - 20 - steps: 21 - - name: Checkout repository 22 - uses: actions/checkout@v3 23 - 24 - - name: Setup Docker buildx 25 - uses: docker/setup-buildx-action@v1 26 - 27 - - name: Log into registry ${{ env.REGISTRY }} 28 - uses: docker/login-action@v2 29 - with: 30 - registry: ${{ env.REGISTRY }} 31 - username: ${{ env.USERNAME}} 32 - password: ${{ env.PASSWORD }} 33 - 34 - - name: Extract Docker metadata 35 - id: meta 36 - uses: docker/metadata-action@v4 37 - with: 38 - images: | 39 - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} 40 - tags: | 41 - type=sha,enable=true,priority=100,prefix=,suffix=,format=long 42 - 43 - - name: Build and push Docker image 44 - id: build-and-push 45 - uses: docker/build-push-action@v4 46 - with: 47 - context: . 48 - push: ${{ github.event_name != 'pull_request' }} 49 - file: ./Dockerfile.bskylink 50 - tags: ${{ steps.meta.outputs.tags }} 51 - labels: ${{ steps.meta.outputs.labels }} 52 - cache-from: type=gha 53 - cache-to: type=gha,mode=max

-53

.github/workflows/build-and-push-ogcard-aws.yaml

··· 1 - name: build-and-push-ogcard-aws 2 - on: 3 - workflow_dispatch: 4 - 5 - env: 6 - REGISTRY: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_REGISTRY }} 7 - USERNAME: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_USERNAME }} 8 - PASSWORD: ${{ secrets.AWS_ECR_REGISTRY_USEAST2_PACKAGES_PASSWORD }} 9 - IMAGE_NAME: bskyogcard 10 - 11 - jobs: 12 - ogcard-container-aws: 13 - if: github.repository == 'bluesky-social/social-app' 14 - runs-on: ubuntu-latest 15 - permissions: 16 - contents: read 17 - packages: write 18 - id-token: write 19 - 20 - steps: 21 - - name: Checkout repository 22 - uses: actions/checkout@v3 23 - 24 - - name: Setup Docker buildx 25 - uses: docker/setup-buildx-action@v1 26 - 27 - - name: Log into registry ${{ env.REGISTRY }} 28 - uses: docker/login-action@v2 29 - with: 30 - registry: ${{ env.REGISTRY }} 31 - username: ${{ env.USERNAME}} 32 - password: ${{ env.PASSWORD }} 33 - 34 - - name: Extract Docker metadata 35 - id: meta 36 - uses: docker/metadata-action@v4 37 - with: 38 - images: | 39 - ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }} 40 - tags: | 41 - type=sha,enable=true,priority=100,prefix=,suffix=,format=long 42 - 43 - - name: Build and push Docker image 44 - id: build-and-push 45 - uses: docker/build-push-action@v4 46 - with: 47 - context: . 48 - push: ${{ github.event_name != 'pull_request' }} 49 - file: ./Dockerfile.bskyogcard 50 - tags: ${{ steps.meta.outputs.tags }} 51 - labels: ${{ steps.meta.outputs.labels }} 52 - cache-from: type=gha 53 - cache-to: type=gha,mode=max

-192

.github/workflows/build-submit-android.yml

··· 1 - --- 2 - name: Build and Submit Android 3 - 4 - on: 5 - workflow_dispatch: 6 - inputs: 7 - profile: 8 - type: choice 9 - description: Build profile to use 10 - options: 11 - - testflight-android 12 - - production 13 - 14 - jobs: 15 - build: 16 - if: github.repository == 'bluesky-social/social-app' 17 - name: Build and Submit Android 18 - runs-on: ubuntu-latest 19 - steps: 20 - - name: Check for EXPO_TOKEN 21 - run: > 22 - if [ -z "${{ secrets.EXPO_TOKEN }}" ]; then 23 - echo "You must provide an EXPO_TOKEN secret linked to this project's Expo account in this repo's secrets. Learn more: https://docs.expo.dev/eas-update/github-actions" 24 - exit 1 25 - fi 26 - 27 - - name: ⬇️ Checkout 28 - uses: actions/checkout@v4 29 - with: 30 - fetch-depth: 5 31 - 32 - - name: 🔧 Setup Node 33 - uses: actions/setup-node@v4 34 - with: 35 - node-version-file: .nvmrc 36 - cache: yarn 37 - 38 - - name: 🪛 Setup jq 39 - uses: dcarbone/install-jq-action@v2 40 - 41 - - name: 🔨 Setup EAS 42 - uses: expo/expo-github-action@v8 43 - with: 44 - expo-version: latest 45 - eas-version: latest 46 - token: ${{ secrets.EXPO_TOKEN }} 47 - 48 - - name: ⛏️ Setup EAS local builds 49 - run: yarn global add eas-cli-local-build-plugin 50 - 51 - - uses: actions/setup-java@v4 52 - with: 53 - distribution: 'temurin' 54 - java-version: '17' 55 - 56 - - name: ⚙️ Install dependencies 57 - run: yarn install 58 - 59 - - name: 🔤 Compile translations 60 - run: yarn intl:build 2>&1 | tee i18n.log 61 - 62 - - name: Check for i18n compilation errors 63 - run: if grep -q "invalid syntax" "i18n.log"; then echo "\n\nFound compilation errors!\n\n" && exit 1; else echo "\n\nNo compilation errors!\n\n"; fi 64 - 65 - # EXPO_PUBLIC_ENV is handled in eas.json 66 - - name: Env 67 - id: env 68 - run: | 69 - export json='${{ secrets.GOOGLE_SERVICES_TOKEN }}' 70 - echo "${{ secrets.ENV_TOKEN }}" > .env 71 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> .env 72 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> $GITHUB_OUTPUT 73 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> .env 74 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 75 - echo "EXPO_PUBLIC_BUNDLE_DATE=$(date -u +"%y%m%d%H")" >> .env 76 - echo "EXPO_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }}" >> .env 77 - echo "EXPO_PUBLIC_BITDRIFT_API_KEY=${{ secrets.BITDRIFT_API_KEY }}" >> .env 78 - echo "EXPO_PUBLIC_GCP_PROJECT_ID=${{ secrets.EXPO_PUBLIC_GCP_PROJECT_ID }}" >> .env 79 - echo "$json" > google-services.json 80 - 81 - - name: 🏗️ EAS Build 82 - run: > 83 - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} 84 - SENTRY_RELEASE=${{ steps.env.outputs.EXPO_PUBLIC_RELEASE_VERSION }} 85 - SENTRY_DIST=${{ steps.env.outputs.EXPO_PUBLIC_BUNDLE_IDENTIFIER }} 86 - yarn use-build-number-with-bump 87 - eas build -p android 88 - --profile ${{ inputs.profile || 'testflight-android' }} 89 - --local --output build.aab --non-interactive 90 - 91 - - name: ✍️ Rename Testflight bundle 92 - if: ${{ inputs.profile != 'production' }} 93 - run: mv build.aab build.apk 94 - 95 - - name: ⏰ Get a timestamp 96 - id: timestamp 97 - uses: nanzm/get-time-action@master 98 - with: 99 - format: 'MM-DD-HH-mm-ss' 100 - 101 - - name: 🚀 Upload Production Artifact 102 - id: upload-artifact-production 103 - if: ${{ inputs.profile == 'production' }} 104 - uses: actions/upload-artifact@v4 105 - with: 106 - retention-days: 30 107 - compression-level: 6 108 - name: build-${{ steps.timestamp.outputs.time }}.aab 109 - path: build.aab 110 - 111 - - name: 🚀 Upload Testflight Artifact 112 - id: upload-artifact-testflight 113 - if: ${{ inputs.profile != 'production' }} 114 - uses: actions/upload-artifact@v4 115 - with: 116 - retention-days: 30 117 - compression-level: 6 118 - name: build-${{ steps.timestamp.outputs.time }}.apk 119 - path: build.apk 120 - 121 - - name: 📚 Get version from package.json 122 - id: get-build-info 123 - run: bash scripts/setGitHubOutput.sh 124 - 125 - - name: 🔔 Notify Slack of Production Build 126 - if: ${{ inputs.profile == 'production' }} 127 - uses: slackapi/slack-github-action@v1.25.0 128 - with: 129 - payload: | 130 - { 131 - "text": "Android production build for Google Play Store submission is ready!\n```Artifact: ${{ steps.upload-artifact-production.outputs.artifact-url }}\nVersion Number: ${{ steps.get-build-info.outputs.PACKAGE_VERSION }}\nBuild Number: ${{ steps.get-build-info.outputs.BSKY_ANDROID_VERSION_CODE }}```" 132 - } 133 - env: 134 - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_CLIENT_ALERT_WEBHOOK }} 135 - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK 136 - 137 - - name: 🔔 Notify Slack of Testflight Build 138 - if: ${{ inputs.profile != 'production' }} 139 - uses: slackapi/slack-github-action@v1.25.0 140 - with: 141 - payload: | 142 - { 143 - "text": "Android build is ready for testing. Download the artifact here: ${{ steps.upload-artifact-testflight.outputs.artifact-url }}" 144 - } 145 - env: 146 - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_CLIENT_ALERT_WEBHOOK }} 147 - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK 148 - 149 - - name: 🏗️ Build Production APK 150 - if: ${{ inputs.profile == 'production' }} 151 - run: > 152 - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} 153 - SENTRY_RELEASE=${{ steps.env.outputs.EXPO_PUBLIC_RELEASE_VERSION }} 154 - SENTRY_DIST=${{ steps.env.outputs.EXPO_PUBLIC_BUNDLE_IDENTIFIER }} 155 - yarn use-build-number-with-bump 156 - eas build -p android 157 - --profile production-apk 158 - --local --output build.apk --non-interactive 159 - 160 - - name: 🚀 Upload Production APK Artifact 161 - id: upload-artifact-production-apk 162 - if: ${{ inputs.profile == 'production' }} 163 - uses: actions/upload-artifact@v4 164 - with: 165 - retention-days: 30 166 - compression-level: 6 167 - name: build-${{ steps.timestamp.outputs.time }}.apk 168 - path: build.apk 169 - 170 - - name: 🔔 Notify Slack of Production APK Build 171 - if: ${{ inputs.profile == 'production' }} 172 - uses: slackapi/slack-github-action@v1.25.0 173 - with: 174 - payload: | 175 - { 176 - "text": "Android production build for GitHub/Obtanium is ready!\n```Artifact: ${{ steps.upload-artifact-production-apk.outputs.artifact-url }}\nVersion Number: ${{ steps.get-build-info.outputs.PACKAGE_VERSION }}\nBuild Number: ${{ steps.get-build-info.outputs.BSKY_ANDROID_VERSION_CODE }}```" 177 - } 178 - env: 179 - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_CLIENT_ALERT_WEBHOOK }} 180 - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK 181 - 182 - - name: ⬇️ Restore Cache 183 - id: get-base-commit 184 - uses: actions/cache@v4 185 - if: ${{ inputs.profile == 'testflight' }} 186 - with: 187 - path: most-recent-testflight-commit.txt 188 - key: most-recent-testflight-commit 189 - 190 - - name: ✏️ Write commit hash to cache 191 - if: ${{ inputs.profile == 'testflight' }} 192 - run: echo ${{ github.sha }} > most-recent-testflight-commit.txt

-132

.github/workflows/build-submit-ios.yml

··· 1 - --- 2 - name: Build and Submit iOS 3 - 4 - on: 5 - workflow_dispatch: 6 - inputs: 7 - profile: 8 - type: choice 9 - description: Build profile to use 10 - options: 11 - - testflight 12 - - production 13 - 14 - jobs: 15 - build: 16 - if: github.repository == 'bluesky-social/social-app' 17 - name: Build and Submit iOS 18 - runs-on: macos-15 19 - steps: 20 - - name: Check for EXPO_TOKEN 21 - run: > 22 - if [ -z "${{ secrets.EXPO_TOKEN }}" ]; then 23 - echo "You must provide an EXPO_TOKEN secret linked to this project's Expo account in this repo's secrets. Learn more: https://docs.expo.dev/eas-update/github-actions" 24 - exit 1 25 - fi 26 - 27 - - name: ⬇️ Checkout 28 - uses: actions/checkout@v4 29 - with: 30 - fetch-depth: 5 31 - 32 - - name: 🔧 Setup Node 33 - uses: actions/setup-node@v4 34 - with: 35 - node-version-file: .nvmrc 36 - cache: yarn 37 - 38 - - name: 🪛 Setup jq 39 - uses: dcarbone/install-jq-action@v2 40 - 41 - - name: 🔨 Setup EAS 42 - uses: expo/expo-github-action@v8 43 - with: 44 - expo-version: latest 45 - eas-version: latest 46 - token: ${{ secrets.EXPO_TOKEN }} 47 - 48 - - name: ⛏️ Setup EAS local builds 49 - run: yarn global add eas-cli-local-build-plugin 50 - 51 - - name: ⚙️ Install dependencies 52 - run: yarn install 53 - 54 - - uses: maxim-lobanov/setup-xcode@v1 55 - with: 56 - xcode-version: '16.4' 57 - 58 - - name: ☕️ Setup Cocoapods 59 - uses: maxim-lobanov/setup-cocoapods@v1 60 - with: 61 - version: 1.14.3 62 - 63 - - name: 💾 Cache Pods 64 - uses: actions/cache@v3 65 - id: pods-cache 66 - with: 67 - path: ./ios/Pods 68 - # We'll use the yarn.lock for our hash since we don't yet have a Podfile.lock. Pod versions will not 69 - # change unless the yarn version changes as well. 70 - key: ${{ runner.os }}-pods-${{ hashFiles('yarn.lock') }} 71 - 72 - - name: 🔤 Compile translations 73 - run: yarn intl:build 2>&1 | tee i18n.log 74 - 75 - - name: Check for i18n compilation errors 76 - run: if grep -q "invalid syntax" "i18n.log"; then echo "\n\nFound compilation errors!\n\n" && exit 1; else echo "\n\nNo compilation errors!\n\n"; fi 77 - 78 - # EXPO_PUBLIC_ENV is handled in eas.json 79 - - name: ✏️ Write environment variables 80 - id: env 81 - run: | 82 - echo "${{ secrets.ENV_TOKEN }}" > .env 83 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> .env 84 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> $GITHUB_OUTPUT 85 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> .env 86 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 87 - echo "EXPO_PUBLIC_BUNDLE_DATE=$(date -u +"%y%m%d%H")" >> .env 88 - echo "EXPO_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }}" >> .env 89 - echo "EXPO_PUBLIC_BITDRIFT_API_KEY=${{ secrets.BITDRIFT_API_KEY }}" >> .env 90 - echo "EXPO_PUBLIC_GCP_PROJECT_ID=${{ secrets.EXPO_PUBLIC_GCP_PROJECT_ID }}" >> .env 91 - echo "${{ secrets.GOOGLE_SERVICES_TOKEN }}" > google-services.json 92 - 93 - - name: 🏗️ EAS Build 94 - run: > 95 - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} 96 - SENTRY_RELEASE=${{ steps.env.outputs.EXPO_PUBLIC_RELEASE_VERSION }} 97 - SENTRY_DIST=${{ steps.env.outputs.EXPO_PUBLIC_BUNDLE_IDENTIFIER }} 98 - yarn use-build-number-with-bump 99 - eas build -p ios 100 - --profile ${{ inputs.profile || 'testflight' }} 101 - --local --output build.ipa --non-interactive 102 - 103 - - name: 🚀 Deploy 104 - run: eas submit -p ios --non-interactive --path build.ipa 105 - 106 - - name: 📚 Get version from package.json 107 - id: get-build-info 108 - run: bash scripts/setGitHubOutput.sh 109 - 110 - - name: 🔔 Notify Slack of Production Build 111 - if: ${{ inputs.profile == 'production' }} 112 - uses: slackapi/slack-github-action@v1.25.0 113 - with: 114 - payload: | 115 - { 116 - "text": "iOS production build for App Store submission is ready!\n```Artifact: Check TestFlight to know when it is available\nVersion Number: ${{ steps.get-build-info.outputs.PACKAGE_VERSION }}\nBuild Number: ${{ steps.get-build-info.outputs.BSKY_IOS_BUILD_NUMBER }}```" 117 - } 118 - env: 119 - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_CLIENT_ALERT_WEBHOOK }} 120 - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK 121 - 122 - - name: ⬇️ Restore Cache 123 - id: get-base-commit 124 - uses: actions/cache@v4 125 - if: ${{ inputs.profile == 'testflight' }} 126 - with: 127 - path: most-recent-testflight-commit.txt 128 - key: most-recent-testflight-commit 129 - 130 - - name: ✏️ Write commit hash to cache 131 - if: ${{ inputs.profile == 'testflight' }} 132 - run: echo ${{ github.sha }} > most-recent-testflight-commit.txt

-367

.github/workflows/bundle-deploy-eas-update.yml

··· 1 - --- 2 - name: Bundle and Deploy EAS Update 3 - 4 - on: 5 - push: 6 - branches: 7 - - main 8 - workflow_dispatch: 9 - inputs: 10 - channel: 11 - type: choice 12 - description: Deployment channel to use 13 - options: 14 - - testflight 15 - - production 16 - runtimeVersion: 17 - type: string 18 - description: Runtime version (in x.x.x format) that this update is for 19 - required: true 20 - 21 - jobs: 22 - bundleDeploy: 23 - if: github.repository == 'bluesky-social/social-app' 24 - name: Bundle and Deploy EAS Update 25 - runs-on: ubuntu-latest 26 - concurrency: 27 - group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }}-deploy 28 - cancel-in-progress: true 29 - outputs: 30 - changes-detected: ${{ steps.fingerprint.outputs.includes-changes }} 31 - 32 - steps: 33 - - name: Check for EXPO_TOKEN 34 - run: > 35 - if [ -z "${{ secrets.EXPO_TOKEN }}" ]; then 36 - echo "You must provide an EXPO_TOKEN secret linked to this project's Expo account in this repo's secrets. Learn more: https://docs.expo.dev/eas-update/github-actions" 37 - exit 1 38 - fi 39 - 40 - # Validate the version if one is supplied. This should generally happen if the update is for a production client 41 - - name: 🧐 Validate version 42 - if: ${{ inputs.runtimeVersion }} 43 - run: | 44 - if [ -z "${{ inputs.runtimeVersion }}" ]; then 45 - [[ "${{ inputs.runtimeVersion }}" =~ ^[0-9]+\.[0-9]+\.[0-9]+$ ]] && echo "Version is valid" || exit 1 46 - fi 47 - 48 - - name: ⬇️ Checkout 49 - uses: actions/checkout@v4 50 - with: 51 - fetch-depth: 0 52 - 53 - - name: ⬇️ Fetch commits from base branch 54 - if: ${{ github.ref != 'refs/heads/main' }} 55 - run: git fetch origin main:main --depth 100 56 - 57 - - name: 🔧 Setup Node 58 - uses: actions/setup-node@v4 59 - with: 60 - node-version-file: .nvmrc 61 - cache: yarn 62 - 63 - - name: 📷 Check fingerprint and install dependencies 64 - id: fingerprint 65 - uses: bluesky-social/github-actions/fingerprint-native@main 66 - with: 67 - profile: ${{ inputs.channel || 'testflight' }} 68 - previous-commit-tag: ${{ inputs.runtimeVersion }} 69 - 70 - - name: Lint check 71 - run: yarn lint 72 - 73 - - name: Lint lockfile 74 - run: yarn lockfile-lint 75 - 76 - - name: Prettier check 77 - run: yarn prettier --check . 78 - 79 - - name: 🔤 Compile translations 80 - run: yarn intl:build 2>&1 | tee i18n.log 81 - 82 - - name: Check for i18n compilation errors 83 - run: if grep -q "invalid syntax" "i18n.log"; then echo "\n\nFound compilation errors!\n\n" && exit 1; else echo "\n\nNo compilation errors!\n\n"; fi 84 - 85 - - name: Type check 86 - run: yarn typecheck 87 - 88 - - name: 🔨 Setup EAS 89 - uses: expo/expo-github-action@v8 90 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 91 - with: 92 - expo-version: latest 93 - eas-version: latest 94 - token: ${{ secrets.EXPO_TOKEN }} 95 - 96 - - name: ⛏️ Setup Expo 97 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 98 - run: yarn global add eas-cli-local-build-plugin 99 - 100 - - name: 🪛 Setup jq 101 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 102 - uses: dcarbone/install-jq-action@v2 103 - 104 - # eas.json not used here, set EXPO_PUBLIC_ENV 105 - - name: Env 106 - id: env 107 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 108 - run: | 109 - export json='${{ secrets.GOOGLE_SERVICES_TOKEN }}' 110 - echo "${{ secrets.ENV_TOKEN }}" > .env 111 - echo "EXPO_PUBLIC_ENV=${{ inputs.channel || 'testflight' }}" >> .env 112 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> .env 113 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> $GITHUB_OUTPUT 114 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> .env 115 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 116 - echo "EXPO_PUBLIC_BUNDLE_DATE=$(date -u +"%y%m%d%H")" >> .env 117 - echo "EXPO_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }}" >> .env 118 - echo "EXPO_PUBLIC_BITDRIFT_API_KEY=${{ secrets.BITDRIFT_API_KEY }}" >> .env 119 - echo "EXPO_PUBLIC_GCP_PROJECT_ID=${{ secrets.EXPO_PUBLIC_GCP_PROJECT_ID }}" >> .env 120 - echo "$json" > google-services.json 121 - 122 - - name: 🏗️ Create Bundle 123 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 124 - run: > 125 - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} 126 - SENTRY_RELEASE=${{ steps.env.outputs.EXPO_PUBLIC_RELEASE_VERSION }} 127 - SENTRY_DIST=${{ steps.env.outputs.EXPO_PUBLIC_BUNDLE_IDENTIFIER }} 128 - yarn export 129 - 130 - - name: 📦 Package Bundle and 🚀 Deploy 131 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 132 - run: yarn use-build-number bash scripts/bundleUpdate.sh 133 - env: 134 - DENIS_API_KEY: ${{ secrets.DENIS_API_KEY }} 135 - RUNTIME_VERSION: ${{ inputs.runtimeVersion }} 136 - CHANNEL_NAME: ${{ inputs.channel || 'testflight' }} 137 - 138 - - name: ⬇️ Restore Cache 139 - id: get-base-commit 140 - uses: actions/cache@v4 141 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 142 - with: 143 - path: most-recent-testflight-commit.txt 144 - key: most-recent-testflight-commit 145 - 146 - - name: ✏️ Write commit hash to cache 147 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 148 - run: echo ${{ github.sha }} > most-recent-testflight-commit.txt 149 - 150 - # GitHub actions are horrible so let's just copy paste this in 151 - buildIfNecessaryIOS: 152 - name: Build and Submit iOS 153 - runs-on: macos-15 154 - concurrency: 155 - group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }}-build-ios 156 - cancel-in-progress: true 157 - needs: [bundleDeploy] 158 - # Gotta check if its NOT '[]' because any md5 hash in the outputs is detected as a possible secret and won't be 159 - # available here 160 - if: ${{ inputs.channel != 'production' && needs.bundleDeploy.outputs.changes-detected && github.repository == 'bluesky-social/social-app' }} 161 - steps: 162 - - name: Check for EXPO_TOKEN 163 - run: > 164 - if [ -z "${{ secrets.EXPO_TOKEN }}" ]; then 165 - echo "You must provide an EXPO_TOKEN secret linked to this project's Expo account in this repo's secrets. Learn more: https://docs.expo.dev/eas-update/github-actions" 166 - exit 1 167 - fi 168 - 169 - - name: ⬇️ Checkout 170 - uses: actions/checkout@v4 171 - with: 172 - fetch-depth: 5 173 - 174 - - name: 🔧 Setup Node 175 - uses: actions/setup-node@v4 176 - with: 177 - node-version-file: .nvmrc 178 - cache: yarn 179 - 180 - - name: 🔨 Setup EAS 181 - uses: expo/expo-github-action@v8 182 - with: 183 - expo-version: latest 184 - eas-version: latest 185 - token: ${{ secrets.EXPO_TOKEN }} 186 - 187 - - name: ⛏️ Setup EAS local builds 188 - run: yarn global add eas-cli-local-build-plugin 189 - 190 - - name: ⚙️ Install dependencies 191 - run: yarn install 192 - 193 - - uses: maxim-lobanov/setup-xcode@v1 194 - with: 195 - xcode-version: '16.2' 196 - 197 - - name: ☕️ Setup Cocoapods 198 - uses: maxim-lobanov/setup-cocoapods@v1 199 - with: 200 - version: 1.14.3 201 - 202 - - name: 💾 Cache Pods 203 - uses: actions/cache@v3 204 - id: pods-cache 205 - with: 206 - path: ./ios/Pods 207 - # We'll use the yarn.lock for our hash since we don't yet have a Podfile.lock. Pod versions will not 208 - # change unless the yarn version changes as well. 209 - key: ${{ runner.os }}-pods-${{ hashFiles('yarn.lock') }} 210 - 211 - - name: 🔤 Compile translations 212 - run: yarn intl:build 213 - 214 - # EXPO_PUBLIC_ENV is handled in eas.json 215 - - name: Env 216 - id: env 217 - run: | 218 - echo "${{ secrets.ENV_TOKEN }}" > .env 219 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> .env 220 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> $GITHUB_OUTPUT 221 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> .env 222 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 223 - echo "EXPO_PUBLIC_BUNDLE_DATE=$(date -u +"%y%m%d%H")" >> .env 224 - echo "EXPO_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }}" >> .env 225 - echo "EXPO_PUBLIC_BITDRIFT_API_KEY=${{ secrets.BITDRIFT_API_KEY }}" >> .env 226 - echo "EXPO_PUBLIC_GCP_PROJECT_ID=${{ secrets.EXPO_PUBLIC_GCP_PROJECT_ID }}" >> .env 227 - echo "${{ secrets.GOOGLE_SERVICES_TOKEN }}" > google-services.json 228 - 229 - - name: 🏗️ EAS Build 230 - run: > 231 - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} 232 - SENTRY_RELEASE=${{ steps.env.outputs.EXPO_PUBLIC_RELEASE_VERSION }} 233 - SENTRY_DIST=${{ steps.env.outputs.EXPO_PUBLIC_BUNDLE_IDENTIFIER }} 234 - yarn use-build-number-with-bump 235 - eas build -p ios 236 - --profile testflight 237 - --local --output build.ipa --non-interactive 238 - 239 - - name: 🚀 Deploy 240 - run: eas submit -p ios --non-interactive --path build.ipa 241 - 242 - - name: ⬇️ Restore Cache 243 - id: get-base-commit 244 - uses: actions/cache@v4 245 - if: ${{ inputs.channel == 'testflight' }} 246 - with: 247 - path: most-recent-testflight-commit.txt 248 - key: most-recent-testflight-commit 249 - 250 - - name: ✏️ Write commit hash to cache 251 - if: ${{ inputs.channel == 'testflight' }} 252 - run: echo ${{ github.sha }} > most-recent-testflight-commit.txt 253 - 254 - buildIfNecessaryAndroid: 255 - name: Build and Submit Android 256 - runs-on: ubuntu-latest 257 - concurrency: 258 - group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }}-build-android 259 - cancel-in-progress: false 260 - needs: [bundleDeploy] 261 - # Gotta check if its NOT '[]' because any md5 hash in the outputs is detected as a possible secret and won't be 262 - # available here 263 - if: ${{ inputs.channel != 'production' && needs.bundleDeploy.outputs.changes-detected && github.repository == 'bluesky-social/social-app'}} 264 - 265 - steps: 266 - - name: Check for EXPO_TOKEN 267 - run: > 268 - if [ -z "${{ secrets.EXPO_TOKEN }}" ]; then 269 - echo "You must provide an EXPO_TOKEN secret linked to this project's Expo account in this repo's secrets. Learn more: https://docs.expo.dev/eas-update/github-actions" 270 - exit 1 271 - fi 272 - 273 - - name: ⬇️ Checkout 274 - uses: actions/checkout@v4 275 - with: 276 - fetch-depth: 5 277 - 278 - - name: 🔧 Setup Node 279 - uses: actions/setup-node@v4 280 - with: 281 - node-version-file: .nvmrc 282 - cache: yarn 283 - 284 - - name: 🔨 Setup EAS 285 - uses: expo/expo-github-action@v8 286 - with: 287 - expo-version: latest 288 - eas-version: latest 289 - token: ${{ secrets.EXPO_TOKEN }} 290 - 291 - - name: ⛏️ Setup EAS local builds 292 - run: yarn global add eas-cli-local-build-plugin 293 - 294 - - uses: actions/setup-java@v4 295 - with: 296 - distribution: 'temurin' 297 - java-version: '17' 298 - 299 - - name: ⚙️ Install dependencies 300 - run: yarn install 301 - 302 - - name: 🔤 Compile translations 303 - run: yarn intl:build 304 - 305 - # EXPO_PUBLIC_ENV is handled in eas.json 306 - - name: Env 307 - id: env 308 - run: | 309 - export json='${{ secrets.GOOGLE_SERVICES_TOKEN }}' 310 - echo "${{ secrets.ENV_TOKEN }}" > .env 311 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> .env 312 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> $GITHUB_OUTPUT 313 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> .env 314 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 315 - echo "EXPO_PUBLIC_BUNDLE_DATE=$(date -u +"%y%m%d%H")" >> .env 316 - echo "EXPO_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }}" >> .env 317 - echo "EXPO_PUBLIC_BITDRIFT_API_KEY=${{ secrets.BITDRIFT_API_KEY }}" >> .env 318 - echo "EXPO_PUBLIC_GCP_PROJECT_ID=${{ secrets.EXPO_PUBLIC_GCP_PROJECT_ID }}" >> .env 319 - echo "$json" > google-services.json 320 - 321 - - name: 🏗️ EAS Build 322 - run: > 323 - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} 324 - SENTRY_RELEASE=${{ steps.env.outputs.EXPO_PUBLIC_RELEASE_VERSION }} 325 - SENTRY_DIST=${{ steps.env.outputs.EXPO_PUBLIC_BUNDLE_IDENTIFIER }} 326 - yarn use-build-number-with-bump 327 - eas build -p android 328 - --profile testflight-android 329 - --local --output build.apk --non-interactive 330 - 331 - - name: ⏰ Get a timestamp 332 - id: timestamp 333 - uses: nanzm/get-time-action@master 334 - with: 335 - format: 'MM-DD-HH-mm-ss' 336 - 337 - - name: 🚀 Upload Artifact 338 - id: upload-artifact 339 - uses: actions/upload-artifact@v4 340 - with: 341 - retention-days: 30 342 - compression-level: 0 343 - name: build-${{ steps.timestamp.outputs.time }}.apk 344 - path: build.apk 345 - 346 - - name: 🔔 Notify Slack 347 - uses: slackapi/slack-github-action@v1.25.0 348 - with: 349 - payload: | 350 - { 351 - "text": "Android build is ready for testing. Download the artifact here: ${{ steps.upload-artifact.outputs.artifact-url }}" 352 - } 353 - env: 354 - SLACK_WEBHOOK_URL: ${{ secrets.SLACK_CLIENT_ALERT_WEBHOOK }} 355 - SLACK_WEBHOOK_TYPE: INCOMING_WEBHOOK 356 - 357 - - name: ⬇️ Restore Cache 358 - id: get-base-commit 359 - uses: actions/cache@v4 360 - if: ${{ inputs.channel != 'testflight' && inputs.channel != 'production' }} 361 - with: 362 - path: most-recent-testflight-commit.txt 363 - key: most-recent-testflight-commit 364 - 365 - - name: ✏️ Write commit hash to cache 366 - if: ${{ inputs.channel != 'testflight' && inputs.channel != 'production' }} 367 - run: echo ${{ github.sha }} > most-recent-testflight-commit.txt

-43

.github/workflows/golang-test-lint.yml

··· 1 - name: golang 2 - 3 - on: 4 - pull_request: 5 - push: 6 - branches: 7 - - main 8 - 9 - concurrency: 10 - group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}' 11 - cancel-in-progress: true 12 - 13 - jobs: 14 - build-and-test: 15 - runs-on: ubuntu-latest 16 - steps: 17 - - name: Git Checkout 18 - uses: actions/checkout@v3 19 - - name: Set up Go tooling 20 - uses: actions/setup-go@v3 21 - with: 22 - go-version: '1.23' 23 - - name: Dummy Static Files 24 - run: touch bskyweb/static/js/blah.js && touch bskyweb/static/css/blah.txt && touch bskyweb/static/media/blah.txt 25 - - name: Check 26 - run: cd bskyweb/ && make check 27 - - name: Build (binary) 28 - run: cd bskyweb/ && make build 29 - - name: Test 30 - run: cd bskyweb/ && make test 31 - lint: 32 - runs-on: ubuntu-latest 33 - steps: 34 - - name: Git Checkout 35 - uses: actions/checkout@v3 36 - - name: Set up Go tooling 37 - uses: actions/setup-go@v3 38 - with: 39 - go-version: '1.23' 40 - - name: Dummy Static Files 41 - run: touch bskyweb/static/js/blah.js && touch bskyweb/static/css/blah.txt && touch bskyweb/static/media/blah.txt 42 - - name: Lint 43 - run: cd bskyweb/ && make lint

-59

.github/workflows/lint.yml

··· 1 - name: Lint 2 - 3 - on: 4 - pull_request: 5 - push: 6 - branches: 7 - - main 8 - concurrency: 9 - group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}' 10 - cancel-in-progress: true 11 - 12 - jobs: 13 - linting: 14 - name: Run linters 15 - runs-on: ubuntu-latest 16 - steps: 17 - - name: Check out Git repository 18 - uses: actions/checkout@v3 19 - - name: Install node 20 - uses: actions/setup-node@v4 21 - with: 22 - node-version-file: .nvmrc 23 - - name: Yarn install 24 - uses: Wandalen/wretry.action@master 25 - with: 26 - command: yarn --frozen-lockfile 27 - attempt_limit: 3 28 - attempt_delay: 2000 29 - - name: Lint check 30 - run: yarn lint 31 - - name: Lint lockfile 32 - run: yarn lockfile-lint 33 - - name: Prettier check 34 - run: yarn prettier --check . 35 - - name: Check & compile i18n 36 - run: yarn intl:build 37 - - name: Type check 38 - run: yarn typecheck 39 - testing: 40 - name: Run tests 41 - runs-on: ubuntu-latest 42 - steps: 43 - - name: Check out Git repository 44 - uses: actions/checkout@v3 45 - - name: Install node 46 - uses: actions/setup-node@v4 47 - with: 48 - node-version-file: .nvmrc 49 - - name: Yarn install 50 - uses: Wandalen/wretry.action@master 51 - with: 52 - command: yarn --frozen-lockfile 53 - attempt_limit: 3 54 - attempt_delay: 2000 55 - - name: Check & compile i18n 56 - run: yarn intl:build 57 - - name: Run tests 58 - run: | 59 - NODE_ENV=test yarn test --forceExit

-49

.github/workflows/nightly-update-source-languages.yaml

··· 1 - name: Nightly Update Source Languages 2 - on: 3 - schedule: 4 - - cron: '0 2 * * *' # run at 2 AM UTC 5 - workflow_dispatch: 6 - 7 - jobs: 8 - extract-languages: 9 - name: Nightly Update Source Languages 10 - runs-on: ubuntu-latest 11 - 12 - permissions: 13 - # Give the default GITHUB_TOKEN write permission to commit and push the 14 - # added or changed files to the repository. 15 - contents: write 16 - 17 - steps: 18 - - name: Check out Git repository 19 - uses: actions/checkout@v3 20 - with: 21 - ssh-key: ${{secrets.GH_ACTION_DEPLOY_KEY}} 22 - - name: Install node 23 - uses: actions/setup-node@v4 24 - with: 25 - node-version-file: .nvmrc 26 - - name: Yarn install 27 - uses: Wandalen/wretry.action@master 28 - with: 29 - command: yarn --frozen-lockfile 30 - attempt_limit: 3 31 - attempt_delay: 2000 32 - - name: Extract language strings 33 - run: yarn intl:extract 34 - - name: Create commit 35 - uses: stefanzweifel/git-auto-commit-action@v5 36 - with: 37 - commit_message: Nightly source-language update 38 - file_pattern: ./src/locale/locales/en/messages.po 39 - - name: Push source lang to Crowdin 40 - uses: crowdin/github-action@v2 41 - with: 42 - upload_sources: true 43 - upload_sources_args: "-b main" 44 - upload_translations: false 45 - push_translations: false 46 - push_sources: false 47 - create_pull_request: false 48 - env: 49 - CROWDIN_PERSONAL_TOKEN: ${{ secrets.CROWDIN_PERSONAL_TOKEN }}

-209

.github/workflows/pull-request-comment.yml

··· 1 - --- 2 - name: PR Comment Trigger 3 - 4 - on: 5 - issue_comment: 6 - types: [created] 7 - 8 - # Permissiosn to make comments in the pull request 9 - permissions: 10 - pull-requests: write 11 - actions: write 12 - contents: read 13 - 14 - jobs: 15 - handle-comment: 16 - if: github.event.issue.pull_request 17 - runs-on: ubuntu-latest 18 - outputs: 19 - should-deploy: ${{ steps.check-org.outputs.result }} 20 - 21 - steps: 22 - - name: Check if bot is mentioned 23 - id: check-mention 24 - env: 25 - COMMENT: ${{ github.event.comment.body }} 26 - run: | 27 - if [[ "$COMMENT" == *"@github-actions"* ]] || \ 28 - [[ "$COMMENT" == *"github-actions[bot]"* ]]; then 29 - bot_mentioned=true 30 - else 31 - bot_mentioned=false 32 - fi 33 - 34 - 35 - if [[ "${{ github.event.comment.body }}" == *"ota"* ]]; then 36 - has_ota=true 37 - else 38 - has_ota=false 39 - fi 40 - 41 - 42 - if [[ "$bot_mentioned" == "true" ]] && [[ "$has_ota" == "true" ]]; then 43 - echo "mentioned=true" >> $GITHUB_OUTPUT 44 - else 45 - echo "mentioned=false" >> $GITHUB_OUTPUT 46 - fi 47 - 48 - - name: Check organization membership 49 - if: steps.check-mention.outputs.mentioned == 'true' 50 - id: check-org 51 - uses: actions/github-script@v7 52 - with: 53 - script: | 54 - try { 55 - const { data: perm } = await github.rest.repos.getCollaboratorPermissionLevel({ 56 - owner: context.repo.owner, 57 - repo: context.repo.repo, 58 - username: context.payload.comment.user.login 59 - }); 60 - 61 - const hasAccess = ['admin', 'write'].includes(perm.permission); 62 - console.log(`User has ${perm.permission} access`); 63 - 64 - return hasAccess; 65 - } catch(error) { 66 - console.log('User has no repository access'); 67 - return false; 68 - } 69 - 70 - bundle-deploy: 71 - name: Bundle and Deploy EAS Update 72 - runs-on: ubuntu-latest 73 - needs: [handle-comment] 74 - if: needs.handle-comment.outputs.should-deploy == 'true' 75 - 76 - steps: 77 - - name: Get PR HEAD SHA 78 - id: pr-info 79 - uses: actions/github-script@v7 80 - with: 81 - script: | 82 - const pr = await github.rest.pulls.get({ 83 - owner: context.repo.owner, 84 - repo: context.repo.repo, 85 - pull_number: ${{ github.event.issue.number }} 86 - }); 87 - 88 - console.log(`PR HEAD SHA: ${pr.data.head.sha}`); 89 - console.log(`PR HEAD REF: ${pr.data.head.ref}`); 90 - 91 - core.setOutput('head-sha', pr.data.head.sha); 92 - core.setOutput('head-ref', pr.data.head.ref); 93 - 94 - - name: 💬 Drop a comment 95 - uses: marocchino/sticky-pull-request-comment@v2 96 - with: 97 - header: pull-request-eas-build-${{ steps.pr-info.outputs.head-sha }} 98 - number: ${{ github.event.issue.number }} 99 - message: | 100 - An OTA deployment has been requested and is now running for `${{ steps.pr-info.outputs.head-sha }}`. 101 - 102 - [Here is some music to listen to while you wait...](https://www.youtube.com/watch?v=VBlFHuCzPgY) 103 - --- 104 - *Generated by [PR labeler](https://github.com/expo/expo/actions/workflows/pr-labeler.yml) 🤖* 105 - 106 - - name: Check for EXPO_TOKEN 107 - run: > 108 - if [ -z "${{ secrets.EXPO_TOKEN }}" ]; then 109 - echo "You must provide an EXPO_TOKEN secret linked to this project's Expo account in this repo's secrets. Learn more: https://docs.expo.dev/eas-update/github-actions" 110 - exit 1 111 - fi 112 - 113 - - name: ⬇️ Checkout 114 - uses: actions/checkout@v4 115 - with: 116 - ref: ${{ steps.pr-info.outputs.head-sha }} 117 - 118 - - name: 🔧 Setup Node 119 - uses: actions/setup-node@v4 120 - with: 121 - node-version-file: .nvmrc 122 - cache: yarn 123 - 124 - - name: Install dependencies 125 - run: yarn install --frozen-lockfile 126 - 127 - - name: Lint check 128 - run: yarn lint 129 - 130 - - name: Lint lockfile 131 - run: yarn lockfile-lint 132 - 133 - - name: 🔤 Compile translations 134 - run: yarn intl:build 2>&1 | tee i18n.log 135 - 136 - - name: Check for i18n compilation errors 137 - run: if grep -q "invalid syntax" "i18n.log"; then echo "\n\nFound compilation errors!\n\n" && exit 1; else echo "\n\nNo compilation errors!\n\n"; fi 138 - 139 - - name: Type check 140 - run: yarn typecheck 141 - 142 - - name: 🔨 Setup EAS 143 - uses: expo/expo-github-action@v8 144 - with: 145 - expo-version: latest 146 - eas-version: latest 147 - token: ${{ secrets.EXPO_TOKEN }} 148 - 149 - - name: ⛏️ Setup Expo 150 - run: yarn global add eas-cli-local-build-plugin 151 - 152 - - name: 🪛 Setup jq 153 - uses: dcarbone/install-jq-action@v2 154 - 155 - - name: Env 156 - id: env 157 - run: | 158 - export json='${{ secrets.GOOGLE_SERVICES_TOKEN }}' 159 - echo "${{ secrets.ENV_TOKEN }}" > .env 160 - echo "EXPO_PUBLIC_ENV=testflight" >> .env 161 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> .env 162 - echo "EXPO_PUBLIC_RELEASE_VERSION=$(jq -r '.version' package.json)" >> $GITHUB_OUTPUT 163 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> .env 164 - echo "EXPO_PUBLIC_BUNDLE_IDENTIFIER=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT 165 - echo "EXPO_PUBLIC_BUNDLE_DATE=$(date -u +"%y%m%d%H")" >> .env 166 - echo "EXPO_PUBLIC_SENTRY_DSN=${{ secrets.SENTRY_DSN }}" >> .env 167 - echo "EXPO_PUBLIC_BITDRIFT_API_KEY=${{ secrets.BITDRIFT_API_KEY }}" >> .env 168 - echo "EXPO_PUBLIC_GCP_PROJECT_ID=${{ secrets.EXPO_PUBLIC_GCP_PROJECT_ID }}" >> .env 169 - echo "$json" > google-services.json 170 - 171 - - name: 🏗️ Create Bundle 172 - run: > 173 - SENTRY_AUTH_TOKEN=${{ secrets.SENTRY_AUTH_TOKEN }} 174 - SENTRY_RELEASE=${{ steps.env.outputs.EXPO_PUBLIC_RELEASE_VERSION }} 175 - SENTRY_DIST=${{ steps.env.outputs.EXPO_PUBLIC_BUNDLE_IDENTIFIER }} 176 - yarn export 177 - 178 - - name: 📦 Package Bundle and 🚀 Deploy 179 - run: yarn use-build-number bash scripts/bundleUpdate.sh 180 - env: 181 - DENIS_API_KEY: ${{ secrets.DENIS_API_KEY }} 182 - CHANNEL_NAME: pull-request-${{ github.event.issue.number }} 183 - RUNTIME_VERSION: 184 - 185 - - name: 💬 Drop a comment 186 - uses: marocchino/sticky-pull-request-comment@v2 187 - with: 188 - header: pull-request-eas-build-${{ steps.pr-info.outputs.head-sha }} 189 - number: ${{ github.event.issue.number }} 190 - message: | 191 - Your requested OTA deployment was successful! You may now apply it by either scanning the QR code or opening the deep link below in your browser: 192 - 193 - <img src="https://bsky-qr.vercel.app?channel=pull-request-${{ github.event.issue.number }}" width=300 height=300> 194 - 195 - `bluesky://intent/apply-ota?channel=pull-request-${{ github.event.issue.number }}` 196 - --- 197 - 198 - *Generated by [PR labeler](https://github.com/expo/expo/actions/workflows/pr-labeler.yml) 🤖* 199 - 200 - - name: 💬 Drop a comment 201 - uses: marocchino/sticky-pull-request-comment@v2 202 - if: failure() 203 - with: 204 - header: pull-request-eas-build-${{ steps.pr-info.outputs.head-sha }} 205 - number: ${{ github.event.issue.number }} 206 - message: | 207 - Your requested OTA deployment was unsuccessful. See action logs for more details. 208 - --- 209 - *Generated by [PR labeler](https://github.com/expo/expo/actions/workflows/pr-labeler.yml) 🤖*

-147

.github/workflows/pull-request-commit.yml

··· 1 - # Credit for fingerprint action https://github.com/expo/expo 2 - # https://github.com/expo/expo/blob/main/.github/workflows/pr-labeler.yml 3 - --- 4 - name: PR Tests 5 - 6 - on: 7 - push: 8 - branches: [main] 9 - pull_request: 10 - types: [opened, synchronize] 11 - 12 - concurrency: 13 - group: ${{ github.workflow }}-${{ github.event_name }}-${{ github.ref }} 14 - cancel-in-progress: true 15 - 16 - permissions: 17 - pull-requests: write 18 - actions: write 19 - contents: read 20 - 21 - jobs: 22 - webpack-analyzer: 23 - runs-on: ubuntu-22.04 24 - if: ${{ github.event.pull_request.head.repo.full_name == github.repository && github.event_name == 'pull_request'}} 25 - steps: 26 - - name: ⬇️ Checkout 27 - uses: actions/checkout@v4 28 - with: 29 - fetch-depth: 0 30 - 31 - - name: 🔧 Setup Node 32 - uses: actions/setup-node@v4 33 - with: 34 - node-version-file: .nvmrc 35 - cache: yarn 36 - 37 - - name: Ensure tracking relevant branches and checkout base 38 - run: | 39 - git checkout ${{ github.head_ref }} 40 - git checkout ${{ github.base_ref }} 41 - 42 - - name: Get the base commit 43 - id: base-commit 44 - run: echo base-commit=$(git log -n 1 ${{ github.base_ref }} --pretty=format:'%H') >> "$GITHUB_OUTPUT" 45 - 46 - - name: Merge PR commit 47 - run: | 48 - # Have to set a git config for the merge to work 49 - git config --global user.email "github-actions[bot]@users.noreply.github.com" 50 - git config --global user.name "github-actions[bot]" 51 - git merge --no-edit ${{ github.head_ref }} 52 - yarn install 53 - yarn intl:build 54 - 55 - - name: 🔦 Generate stats file for PR 56 - run: | 57 - yarn generate-webpack-stats-file 58 - mv stats.json ../stats-new.json 59 - 60 - - name: ⬇️ Get base stats from cache 61 - id: get-base-stats 62 - uses: actions/cache@v4 63 - with: 64 - path: stats-base.json 65 - key: stats-base-${{ steps.base-commit.outputs.base-commit }} 66 - 67 - - name: Restore to base commit 68 - if: ${{ !steps.get-base-stats.outputs.cache-hit }} 69 - run: | 70 - git reset HEAD~ 71 - git restore . 72 - 73 - - name: 🔦 Generate stats file from base commit 74 - if: ${{ !steps.get-base-stats.outputs.cache-hit }} 75 - run: | 76 - yarn install 77 - yarn intl:build 78 - yarn generate-webpack-stats-file 79 - mv stats.json stats-base.json 80 - 81 - - name: ％ Get diff 82 - id: get-diff 83 - uses: NejcZdovc/bundle-size-diff@v1 84 - with: 85 - base_path: 'stats-base.json' 86 - pr_path: '../stats-new.json' 87 - excluded_assets: '(.+).chunk.js|(.+).js.map|(.+).json|(.+).png' 88 - 89 - - name: 💬 Drop a comment 90 - uses: marocchino/sticky-pull-request-comment@v2 91 - with: 92 - header: bundle-diff 93 - message: | 94 - | Old size | New size | Diff | 95 - |----------|----------|-----------------------| 96 - | ${{ steps.get-diff.outputs.base_file_string }} | ${{ steps.get-diff.outputs.pr_file_string }} | ${{ steps.get-diff.outputs.diff_file_string }} (${{ steps.get-diff.outputs.percent }}%) | 97 - --- 98 - 99 - fingerprint-native: 100 - runs-on: ubuntu-22.04 101 - if: ${{ github.event.pull_request.head.repo.full_name == github.repository && github.event_name == 'pull_request'}} 102 - steps: 103 - - name: ⬇️ Checkout 104 - uses: actions/checkout@v4 105 - with: 106 - fetch-depth: 100 107 - 108 - - name: ⬇️ Fetch commits from base branch 109 - run: git fetch origin main:main --depth 100 110 - if: github.event_name == 'pull_request' 111 - 112 - - name: 🔧 Setup Node 113 - uses: actions/setup-node@v4 114 - with: 115 - node-version-file: .nvmrc 116 - cache: yarn 117 - 118 - - name: 📷 Check fingerprint and install dependencies 119 - id: fingerprint 120 - uses: bluesky-social/github-actions/fingerprint-native@main 121 - with: 122 - profile: pull-request 123 - 124 - - name: 💬 Drop a comment 125 - uses: marocchino/sticky-pull-request-comment@v2 126 - if: ${{ steps.fingerprint.outputs.includes-changes }} 127 - with: 128 - header: fingerprint-diff 129 - message: | 130 - The Pull Request introduced fingerprint changes against the base commit: 131 - <details><summary>Fingerprint diff</summary> 132 - 133 - ```json 134 - ${{ steps.fingerprint.outputs.diff }} 135 - ``` 136 - 137 - </details> 138 - 139 - --- 140 - *Generated by [PR labeler](https://github.com/expo/expo/actions/workflows/pr-labeler.yml) 🤖* 141 - 142 - - name: 💬 Delete comment 143 - uses: marocchino/sticky-pull-request-comment@v2 144 - if: ${{ !steps.fingerprint.outputs.includes-changes }} 145 - with: 146 - header: fingerprint-diff 147 - delete: true

-31

.github/workflows/sync-internal.yaml

··· 1 - name: Sync to internal repo 2 - 3 - on: 4 - push: 5 - branches: [main] 6 - 7 - jobs: 8 - sync: 9 - runs-on: ubuntu-latest 10 - if: github.repository == 'bluesky-social/social-app' 11 - steps: 12 - - name: Checkout public repo 13 - uses: actions/checkout@v4 14 - with: 15 - fetch-depth: 0 16 - - name: Generate GitHub App Token 17 - id: app-token 18 - uses: actions/create-github-app-token@v1 19 - with: 20 - app-id: ${{ vars.SYNC_INTERNAL_APP_ID }} 21 - private-key: ${{ secrets.SYNC_INTERNAL_PK }} 22 - repositories: social-app-internal 23 - - name: Push to internal repo 24 - env: 25 - TOKEN: ${{ steps.app-token.outputs.token }} 26 - run: | 27 - git config user.name "github-actions" 28 - git config user.email "test@users.noreply.github.com" 29 - git config --unset-all http.https://github.com/.extraheader 30 - git remote add internal https://x-access-token:${TOKEN}@github.com/bluesky-social/social-app-internal.git 31 - git push internal main --force

-46

.github/workflows/verify-yarn-lock.yml

··· 1 - name: Lockfile 2 - 3 - on: 4 - pull_request: 5 - concurrency: 6 - group: '${{ github.workflow }}-${{ github.head_ref || github.ref }}' 7 - cancel-in-progress: true 8 - 9 - jobs: 10 - verify-yarn-lock: 11 - name: No manual yarn.lock edits 12 - runs-on: ubuntu-latest 13 - steps: 14 - - name: Check out PR HEAD 15 - uses: actions/checkout@v3 16 - with: 17 - fetch-depth: 0 18 - 19 - - name: Fetch base branch 20 - run: git fetch origin ${{ github.base_ref }} --depth=1 21 - 22 - - name: Install node 23 - uses: actions/setup-node@v4 24 - with: 25 - node-version-file: .nvmrc 26 - 27 - - name: Reset yarn.lock to base 28 - run: git show "origin/${{ github.base_ref }}:yarn.lock" > yarn.lock 29 - 30 - - name: Yarn install 31 - uses: Wandalen/wretry.action@master 32 - with: 33 - # Fine to skip scripts since we don't run any code 34 - command: yarn install --ignore-scripts 35 - attempt_limit: 3 36 - attempt_delay: 2000 37 - 38 - - name: Verify yarn.lock 39 - run: | 40 - git diff --quiet --exit-code || { 41 - echo '::error::`yarn.lock` does not match what Yarn would generate given the base `yarn.lock` and the head `package.json`.' 42 - echo '::error:: - If this is intentional, you can ignore this check.' 43 - echo '::error:: - If this is unintentional, apply the following diff:' 44 - git --no-pager diff 45 - exit 1 46 - }

Configure Feed

Configure Feed