Skip to content

ci: add iOS Build + Test GitHub Actions workflow#20

Closed
DocNR wants to merge 4 commits into
mainfrom
ci/ios-build-test
Closed

ci: add iOS Build + Test GitHub Actions workflow#20
DocNR wants to merge 4 commits into
mainfrom
ci/ios-build-test

Conversation

@DocNR
Copy link
Copy Markdown
Owner

@DocNR DocNR commented Apr 30, 2026

Summary

First CI for the repo. Runs `xcodebuild test` on every PR and on main pushes.

Why now

PR #19's pbxproj-entries-for-new-Swift-files step almost shipped broken — the new `ActivitySummary.swift` and `Nip19.swift` needed manual entries in 5 places each across the project file, and missing one would fail to build but pass local Xcode (which discovers Swift files differently). CI catches this kind of thing before merge.

Workflow design

  • Simulator destination is dynamic: picks the first available iPhone sim at runtime instead of pinning a name like `iPhone 17`. macOS runner images bump iPhone generations periodically; a hardcoded name breaks every rollover.
  • Cancels stale runs on the same ref via `concurrency` so superseded commits don't burn macOS minutes.
  • Uploads xcresult bundle on failure as a 14-day artifact so failures can be opened in Xcode locally.
  • Skips ClaveUITests (we only run unit tests in CI; UI tests require a simulator boot + interaction time).
  • Disables code signing since we're only running unit tests on the simulator — no archive / distribution.

Test plan

  • CI runs green on this PR (proves the workflow itself works)
  • After merge: enable `Build + unit tests` as a required status check on `main` via:
    ```
    gh api repos/DocNR/clave/branches/main/protection/required_status_checks \
    --method PATCH -f strict=true -F 'contexts[]=Build + unit tests'
    ```

🤖 Generated with Claude Code

DocNR and others added 4 commits April 30, 2026 09:53
@DocNR @claude
ci: add iOS Build + Test GitHub Actions workflow
96f8d7b 
Runs xcodebuild test on every PR and on main pushes. Catches the kind of
failures that aren't visible from local Xcode alone:

- Missing pbxproj entries for new Swift files (almost shipped a broken
  PR #19 due to this — the new ActivitySummary.swift / Nip19.swift
  needed manual entries in 5 places across the pbxproj).
- Test regressions before merge.
- Build breakage from Swift / Xcode version drift on the runner image.

Workflow notes:
- Picks the first available iPhone simulator at runtime instead of pinning
  to a specific name — runner images bump iPhone generations periodically
  and a hardcoded name (e.g. iPhone 17) breaks the workflow on rollover.
- `concurrency` cancels stale runs on the same ref so we don't burn macOS
  minutes on superseded commits.
- Uploads the xcresult bundle as an artifact only on failure (14-day
  retention) so test failures can be opened in Xcode locally.
- Disables code signing in CI — we're only running unit tests on the
  simulator, no archive / distribution.

Once this lands and runs green at least once, set as a required status
check on `main` via:

  gh api repos/DocNR/clave/branches/main/protection/required_status_checks \
    --method PATCH -f strict=true -F 'contexts[]=Build + unit tests'

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@DocNR @claude
fix(ci): lower ClaveTests deployment target 26.4 → 17.6 to match main…
868c670 
… app

ClaveTests inherited the project-level baseline of iOS 26.4. The main
app and NSE both override to 17.6. CI runner (macos-latest, Xcode 16.4,
iOS Simulator 26.2) failed:

  Cannot test target "ClaveTests" on "iPhone 16 Pro": iPhone 16 Pro's
  iOS Simulator 26.2 doesn't match ClaveTests's iOS Simulator 26.4
  deployment target.

Tests should match the main app's deployment target so they exercise
the same constraints as production. The previous 26.4 was likely an
auto-bump artifact when the project was opened in a newer Xcode.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
@DocNR
fix(ci): add -skipPackagePluginValidation + -skipMacroValidation flags
45bf3d2 
Xcode 14+ requires explicit user approval for SwiftPM plugins (security
feature). Local devs click 'Trust & Enable' once; CI needs the explicit
flags to skip the prompt. Affects swift-secp256k1's SharedSourcesPlugin.
@DocNR
fix(ci): pre-trust SwiftPM plugin fingerprints + resolve packages exp…
d9b9a26 
…licitly

The failure mode was sneaky: -skipPackagePluginValidation lets the
xcodebuild step proceed without the trust prompt, but swift-secp256k1's
SharedSourcesPlugin still silently degrades — libsecp256k1.o builds
without ECDH/extrakeys/recovery modules, so symbols like _secp256k1_ecdh
are undefined at link time when ClaveNSE/Clave try to use P256K.

Setting IDESkipPackagePluginFingerprintValidatation + the SCM defaults
BEFORE resolving packages allows plugins to run with full define
expansion. Then we resolve packages in a separate step so any plugin
errors surface explicitly instead of getting buried in the test step.
@DocNR
Copy link
Copy Markdown
Owner Author

DocNR commented Apr 30, 2026

Closing — see BACKLOG iOS CI sprint entry. Half-broken CI is worse than no CI; needs focused sprint to resolve the swift-secp256k1 SharedSourcesPlugin / xcodebuild plugin-trust interaction in CI environments. Closing in favor of a future PR.

@DocNR DocNR closed this Apr 30, 2026
@DocNR DocNR deleted the ci/ios-build-test branch April 30, 2026 14:09
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DocNR