Introduce Github Actions

[tatocaster]

This change aims to introduce Github Action in the project - issue: #29

Requirements:

• Have all unit tests and Android tests run when someone opens a PR.
• If any of the tests fail, then the PR should be blocked.
• Document is a way (i.e. on your PR) how this automation works.

How it works?

• Runs on every pull request on the target branch: "main"

Steps are:

• Checkout
• Gradle wrapper validation - From the security perspective it is always good to check if the binary we download is trustful, in that case, it checks the checksum
• Grants execution permission to Gradle
• Runs all unit tests in all modules - ./gradlew test
• Sets up an emulator with the API level 29 and runs all instrumented tests in all modules against the emulator - ./gradlew connectedAndroidtest

How to set up branch protection and mergeability of PR?

• Enable status checks in repository settings, Github docs with images.
• Settings -> Actions tab -> "allow all actions". "Allow select actions" is much better but a bit hassle to update every time. Opt-in at your convenience.
• Settings -> Actions tab -> "Read repository contents permission", feels safer. It will protect the project if some contributors accidentally misuse any step from the action.

Future suggestions:

• add lint checks
• OWASP dependency check to check all the dependencies against the common vulnerabilities

[alexstyl]

Nice one. I added the protection rules to main and allowed all actions for now.

Is there anything left to do other than merge this to main @tatocaster ?

[tatocaster]

Nothing else, we can merge it safely.

Thanks 🙏

[alexstyl]

This is phenomenal. Thanks for your work!