From aecf25a21c40da32a6120d7cf7c26275e5d04f62 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Papp?= Date: Sat, 15 Nov 2025 00:50:27 +0100 Subject: [PATCH 1/5] Add testing steps for CI --- .github/workflows/build-debug.yml | 55 +++++++++++++++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/.github/workflows/build-debug.yml b/.github/workflows/build-debug.yml index cdda328..763780b 100644 --- a/.github/workflows/build-debug.yml +++ b/.github/workflows/build-debug.yml @@ -36,3 +36,58 @@ jobs: ${{ steps.build.outputs.apk_path }} ${{ steps.build.outputs.bundle_path }} retention-days: 3 + + unit-tests: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: recursive + + - name: Run unit tests + run: ./gradlew test --no-daemon + + - name: Upload test results + if: always() + uses: actions/upload-artifact@v4 + with: + name: unit-test-results + path: | + app/build/reports/tests/ + tool/build/reports/tests/ + retention-days: 3 + + instrumented-tests: + runs-on: ubuntu-latest + steps: + - name: Checkout repository + uses: actions/checkout@v4 + with: + submodules: recursive + + - name: Enable KVM group perms + run: | + echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules + sudo udevadm control --reload-rules + sudo udevadm trigger --name-match=kvm + + - name: Run instrumented tests + uses: reactivecircus/android-emulator-runner@v2 + with: + api-level: 30 + target: google_apis + arch: x86_64 + profile: pixel_3a + disable-animations: true + script: ./gradlew connectedDebugAndroidTest --no-daemon + + - name: Upload test results + if: always() + uses: actions/upload-artifact@v4 + with: + name: instrumented-test-results + path: | + app/build/reports/androidTests/ + tool/build/reports/androidTests/ + retention-days: 3 From 3d6c26b72701281831b57f9a1c9fca2f4156b87d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Papp?= Date: Sat, 15 Nov 2025 01:06:43 +0100 Subject: [PATCH 2/5] Add option to skip APK/AAB build in CI workflow --- .github/actions/build-android/action.yml | 9 ++++++++- .github/workflows/build-debug.yml | 14 ++++++++++++++ 2 files changed, 22 insertions(+), 1 deletion(-) diff --git a/.github/actions/build-android/action.yml b/.github/actions/build-android/action.yml index 7ea46d2..dea60c8 100644 --- a/.github/actions/build-android/action.yml +++ b/.github/actions/build-android/action.yml @@ -11,6 +11,10 @@ inputs: build_type: description: 'Build type: debug or release' required: true + skip_apk_build: + description: 'Skip APK/AAB building (only setup environment and build Go library)' + required: false + default: 'false' outputs: apk_path: description: 'Path to the built APK' @@ -64,12 +68,14 @@ runs: run: PATH=$PATH:$(go env GOPATH)/bin bash -x build-android-lib.sh - name: Build APK and Bundle + if: inputs.skip_apk_build != 'true' shell: bash run: | BUILD_TYPE=${{ inputs.build_type == 'release' && 'Release' || 'Debug' }} ./gradlew --no-daemon assemble${BUILD_TYPE} bundle${BUILD_TYPE} -PversionName="${{ inputs.version_name }}" -PversionCode="${{ inputs.version_code }}" - name: Rename artifacts + if: inputs.skip_apk_build != 'true' shell: bash run: | set -e @@ -78,9 +84,10 @@ runs: mv app/build/outputs/bundle/${BUILD_TYPE_FOLDER}/app-${BUILD_TYPE_FOLDER}.aab app/build/outputs/bundle/${BUILD_TYPE_FOLDER}/netbird-${{ inputs.version_name }}.aab - name: Set build info + if: inputs.skip_apk_build != 'true' id: build-info shell: bash run: | BUILD_TYPE="${{ inputs.build_type }}" echo "apk_path=app/build/outputs/apk/${BUILD_TYPE}/netbird-${{ inputs.version_name }}.apk" >> $GITHUB_OUTPUT - echo "bundle_path=app/build/outputs/bundle/${BUILD_TYPE}/netbird-${{ inputs.version_name }}.aab" >> $GITHUB_OUTPUT \ No newline at end of file + echo "bundle_path=app/build/outputs/bundle/${BUILD_TYPE}/netbird-${{ inputs.version_name }}.aab" >> $GITHUB_OUTPUT diff --git a/.github/workflows/build-debug.yml b/.github/workflows/build-debug.yml index 763780b..a05a994 100644 --- a/.github/workflows/build-debug.yml +++ b/.github/workflows/build-debug.yml @@ -45,6 +45,13 @@ jobs: with: submodules: recursive + - name: Setup environment and build Go library + uses: ./.github/actions/build-android + with: + version_name: ci-test + build_type: debug + skip_apk_build: 'true' + - name: Run unit tests run: ./gradlew test --no-daemon @@ -66,6 +73,13 @@ jobs: with: submodules: recursive + - name: Setup environment and build Go library + uses: ./.github/actions/build-android + with: + version_name: ci-test + build_type: debug + skip_apk_build: 'true' + - name: Enable KVM group perms run: | echo 'KERNEL=="kvm", GROUP="kvm", MODE="0666", OPTIONS+="static_node=kvm"' | sudo tee /etc/udev/rules.d/99-kvm4all.rules From fb6128a7a3d067cc5dc77c7ad7b12b031f9067d8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Papp?= Date: Sat, 15 Nov 2025 01:15:43 +0100 Subject: [PATCH 3/5] Set explicit permission --- .github/workflows/build-debug.yml | 3 +++ .github/workflows/build-release.yml | 5 ++++- 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/.github/workflows/build-debug.yml b/.github/workflows/build-debug.yml index a05a994..933fb14 100644 --- a/.github/workflows/build-debug.yml +++ b/.github/workflows/build-debug.yml @@ -3,6 +3,9 @@ name: build debug on: pull_request: +permissions: + contents: read + jobs: build-debug: runs-on: ubuntu-latest diff --git a/.github/workflows/build-release.yml b/.github/workflows/build-release.yml index 9f0df71..26ea5f9 100644 --- a/.github/workflows/build-release.yml +++ b/.github/workflows/build-release.yml @@ -4,6 +4,9 @@ on: release: types: [published] +permissions: + contents: write + jobs: build-release: runs-on: ubuntu-latest @@ -56,4 +59,4 @@ jobs: files: | ${{ steps.build.outputs.apk_path }} ${{ steps.build.outputs.bundle_path }} - tag_name: ${{ github.event.release.tag_name }} \ No newline at end of file + tag_name: ${{ github.event.release.tag_name }} From df58b2fd6790ff72fe4b8acbec97678e4ad7a378 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Papp?= Date: Sat, 15 Nov 2025 01:22:45 +0100 Subject: [PATCH 4/5] Add build dependency --- .github/actions/build-android/action.yml | 10 ++---- .github/workflows/build-debug.yml | 41 ++++++++++++++++++------ 2 files changed, 34 insertions(+), 17 deletions(-) diff --git a/.github/actions/build-android/action.yml b/.github/actions/build-android/action.yml index dea60c8..d3fe023 100644 --- a/.github/actions/build-android/action.yml +++ b/.github/actions/build-android/action.yml @@ -11,10 +11,6 @@ inputs: build_type: description: 'Build type: debug or release' required: true - skip_apk_build: - description: 'Skip APK/AAB building (only setup environment and build Go library)' - required: false - default: 'false' outputs: apk_path: description: 'Path to the built APK' @@ -22,6 +18,9 @@ outputs: bundle_path: description: 'Path to the built AAB bundle' value: ${{ steps.build-info.outputs.bundle_path }} + aar_path: + description: 'Path to the built NetBird Go library AAR' + value: gomobile/netbird.aar runs: using: 'composite' @@ -68,14 +67,12 @@ runs: run: PATH=$PATH:$(go env GOPATH)/bin bash -x build-android-lib.sh - name: Build APK and Bundle - if: inputs.skip_apk_build != 'true' shell: bash run: | BUILD_TYPE=${{ inputs.build_type == 'release' && 'Release' || 'Debug' }} ./gradlew --no-daemon assemble${BUILD_TYPE} bundle${BUILD_TYPE} -PversionName="${{ inputs.version_name }}" -PversionCode="${{ inputs.version_code }}" - name: Rename artifacts - if: inputs.skip_apk_build != 'true' shell: bash run: | set -e @@ -84,7 +81,6 @@ runs: mv app/build/outputs/bundle/${BUILD_TYPE_FOLDER}/app-${BUILD_TYPE_FOLDER}.aab app/build/outputs/bundle/${BUILD_TYPE_FOLDER}/netbird-${{ inputs.version_name }}.aab - name: Set build info - if: inputs.skip_apk_build != 'true' id: build-info shell: bash run: | diff --git a/.github/workflows/build-debug.yml b/.github/workflows/build-debug.yml index 933fb14..26ed1bb 100644 --- a/.github/workflows/build-debug.yml +++ b/.github/workflows/build-debug.yml @@ -40,7 +40,15 @@ jobs: ${{ steps.build.outputs.bundle_path }} retention-days: 3 + - name: Upload AAR artifact for tests + uses: actions/upload-artifact@v4 + with: + name: netbird-aar + path: ${{ steps.build.outputs.aar_path }} + retention-days: 1 + unit-tests: + needs: build-debug runs-on: ubuntu-latest steps: - name: Checkout repository @@ -48,12 +56,18 @@ jobs: with: submodules: recursive - - name: Setup environment and build Go library - uses: ./.github/actions/build-android + - name: Setup Java + uses: actions/setup-java@v4 with: - version_name: ci-test - build_type: debug - skip_apk_build: 'true' + java-version: "17" + distribution: "adopt" + cache: "gradle" + + - name: Download AAR artifact + uses: actions/download-artifact@v4 + with: + name: netbird-aar + path: gomobile - name: Run unit tests run: ./gradlew test --no-daemon @@ -69,6 +83,7 @@ jobs: retention-days: 3 instrumented-tests: + needs: build-debug runs-on: ubuntu-latest steps: - name: Checkout repository @@ -76,12 +91,18 @@ jobs: with: submodules: recursive - - name: Setup environment and build Go library - uses: ./.github/actions/build-android + - name: Setup Java + uses: actions/setup-java@v4 with: - version_name: ci-test - build_type: debug - skip_apk_build: 'true' + java-version: "17" + distribution: "adopt" + cache: "gradle" + + - name: Download AAR artifact + uses: actions/download-artifact@v4 + with: + name: netbird-aar + path: gomobile - name: Enable KVM group perms run: | From 852e0f4ca32a8a7d11fd6163d663a88b9ca24c1d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zolt=C3=A1n=20Papp?= Date: Sat, 15 Nov 2025 01:24:35 +0100 Subject: [PATCH 5/5] Reduces userdata partition from ~7GB to 4GB --- .github/workflows/build-debug.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/build-debug.yml b/.github/workflows/build-debug.yml index 26ed1bb..e88de0d 100644 --- a/.github/workflows/build-debug.yml +++ b/.github/workflows/build-debug.yml @@ -117,6 +117,8 @@ jobs: target: google_apis arch: x86_64 profile: pixel_3a + disk-size: 4096M + heap-size: 512M disable-animations: true script: ./gradlew connectedDebugAndroidTest --no-daemon