Skip to content

feat(notifications_push_repository): Verify push notification signature #5278

feat(notifications_push_repository): Verify push notification signature

feat(notifications_push_repository): Verify push notification signature #5278

Workflow file for this run

name: Dart CI
on:
pull_request:
concurrency:
group: dart-${{ github.head_ref || github.run_id }}
cancel-in-progress: true
jobs:
dart-ci:
name: Dart CI (${{ matrix.dependencies }})
runs-on: ubuntu-24.04
permissions:
packages: write
strategy:
fail-fast: false
matrix:
dependencies:
- upgrade
- downgrade
steps:
- name: Checkout
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4
with:
fetch-depth: 0
- name: Login to GHCR
uses: docker/login-action@9780b0c442fbb1117ed29e0efdff1e18412f7567 # v3
with:
registry: ghcr.io
username: ${{ github.actor }}
password: ${{ secrets.GITHUB_TOKEN }}
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3
- name: Install SQLite
run: sudo apt-get update && sudo apt-get install libsqlite3-0 libsqlite3-dev -y --no-install-recommends
- name: Install dart
uses: dart-lang/setup-dart@0a8a0fc875eb934c15d08629302413c671d3f672 # v1
with:
sdk: 3.5
- name: Setup
run: ./tool/setup.sh
- name: Check up-to-date pubspec.lock
if: ${{ matrix.dependencies == 'upgrade' }}
run: git --no-pager diff --exit-code
- name: Downgrade dependencies
if: ${{ matrix.dependencies == 'downgrade' }}
run: |
git apply .github/workflows/dependency_overrides.patch
melos exec dart pub downgrade
- name: Check formatting
run: melos run format:check
- name: Lint code
run: melos run analyze
- name: Run tests
run: |
mapfile -t packages < <(melos list --parsable --diff=${{ github.event.pull_request.head.sha }}~${{ github.event.pull_request.commits }}..${{ github.event.pull_request.head.sha }} --include-dependents | xargs -r -n1 basename)
packages_glob="$(printf ",%s" "${packages[@]}")"
packages_glob="${packages_glob:1}"
if [ -n "$packages_glob" ]; then
if [[ "$packages_glob" == *"nextcloud"* ]]; then
if [[ "${{ github.event.pull_request.head.repo.full_name }}" == "${{ github.repository }}" ]]; then
export PUSH_IMAGES="1"
fi
./tool/build-dev-container.sh
fi
MELOS_PACKAGES="$packages_glob" melos test
else
./tool/build-dev-container.sh
melos test
fi
- name: Setup Codecov
if: ${{ matrix.dependencies == 'upgrade' }}
run: |
cd /tmp
curl https://keybase.io/codecovsecurity/pgp_keys.asc | gpg --no-default-keyring --keyring trustedkeys.gpg --import
curl -Os https://uploader.codecov.io/latest/linux/codecov
curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM
curl -Os https://uploader.codecov.io/latest/linux/codecov.SHA256SUM.sig
gpgv codecov.SHA256SUM.sig codecov.SHA256SUM
shasum -a 256 -c codecov.SHA256SUM
chmod +x codecov
mkdir /tmp/bin
mv codecov /tmp/bin
- name: Upload coverage to Codecov
if: ${{ matrix.dependencies == 'upgrade' }}
run: |
export PATH="$PATH:/tmp/bin"
melos exec --file-exists="coverage/lcov.info" --concurrency=1 -- "
codecov --verbose upload-process --fail-on-error -F MELOS_PACKAGE_NAME -f MELOS_PACKAGE_PATH/coverage/lcov.info -t ${{ secrets.CODECOV_TOKEN }}
"