Skip to content

Pick up testers form env vars#915

Merged
nialexsan merged 8 commits intodevelopfrom
nialexsan/firebase-testers-env-var
May 1, 2025
Merged

Pick up testers form env vars#915
nialexsan merged 8 commits intodevelopfrom
nialexsan/firebase-testers-env-var

Conversation

@nialexsan
Copy link
Copy Markdown
Contributor

@nialexsan nialexsan commented Apr 30, 2025

Related Issue

Closes #916

pick up testers from env vars instead of local.properties

Summary of Changes

Need Regression Testing

  • Yes
  • No

Risk Assessment

  • Low
  • Medium
  • High

Additional Notes

Screenshots (if applicable)

jaymengxy and others added 2 commits April 28, 2025 09:59
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 30, 2025

PR Summary

Added functionality to source Firebase testers from both environment variables and local.properties, improving the flexibility of tester management in CI/CD pipeline. The system now merges testers from both sources, removes duplicates, and handles empty/null values gracefully.

Changes

File Summary
.github/workflows/release.yml Added new steps to set FIREBASE_TESTERS from GitHub secrets in both development and release jobs, enabling dynamic tester configuration through environment variables.
app/build.gradle Enhanced tester configuration by implementing logic to merge testers from both local.properties and environment variables. Added processing to split comma-separated lists, trim values, remove duplicates, and handle empty/null cases.

autogenerated by presubmit.ai

Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Review Summary

Commits Considered (2)

Merge r2.8.3 develop into master

Files Processed (1)
  • app/build.gradle (3 hunks)
Actionable Comments (0)
Skipped Comments (2)
  • app/build.gradle [63-67]

    possible issue: "Potential issue with empty string handling in tester list processing"

  • app/build.gradle [61-62]

    enhancement: "Consider validating environment variable format"

Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 Pull request needs attention.

Review Summary

Commits Considered (1)
Files Processed (2)
  • .github/workflows/release.yml (2 hunks)
  • app/build.gradle (3 hunks)
Actionable Comments (1)
  • .github/workflows/release.yml [95-95]

    best practice: "Commented out branch restriction could lead to unintended releases"

Skipped Comments (1)
  • app/build.gradle [61-67]

    possible issue: "Potential issue with empty string handling in testers list"

Comment thread .github/workflows/release.yml Outdated
runs-on: ubuntu-latest
environment: production
if: github.ref == 'refs/heads/master'
# if: github.ref == 'refs/heads/master'
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The commented out branch restriction (if: github.ref == 'refs/heads/master') removes a safety check that prevents releases from non-master branches. If this is intentional, consider adding a different branch restriction or documenting why the restriction was removed to prevent accidental releases.

Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 Pull request needs attention.

Review Summary

Commits Considered (1)
Files Processed (1)
  • .github/workflows/release.yml (4 hunks)
Actionable Comments (2)
  • .github/workflows/release.yml [80-81]

    security: "Consider using secrets for sensitive data"

  • .github/workflows/release.yml [98-98]

    possible issue: "Commented branch protection needs attention"

Skipped Comments (1)
  • .github/workflows/release.yml [8-8]

    best practice: "Remove feature branch from workflow triggers"

Comment on lines +80 to +81
- name: Set Firebase testers from secret
run: echo "FIREBASE_TESTERS=${{ vars.FIREBASE_TESTERS }}" >> $GITHUB_ENV
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using GitHub Variables (vars) for Firebase testers might expose tester email addresses publicly in workflow logs. Consider using GitHub Secrets (secrets) instead of Variables if the tester list contains sensitive information like email addresses.

Comment thread .github/workflows/release.yml Outdated
Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 Pull request needs attention.

Review Summary

Commits Considered (1)
Files Processed (1)
  • .github/workflows/release.yml (2 hunks)
Actionable Comments (2)
  • .github/workflows/release.yml [79-80]

    security: "Potential exposure of sensitive information in workflow logs"

  • .github/workflows/release.yml [148-149]

    security: "Potential exposure of sensitive information in workflow logs"

Skipped Comments (0)

Comment on lines +79 to +80
- name: Set Firebase testers from secret
run: echo "FIREBASE_TESTERS=${{ vars.FIREBASE_TESTERS }}" >> $GITHUB_ENV
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Using vars.FIREBASE_TESTERS could expose sensitive information in GitHub workflow logs. Consider using secrets.FIREBASE_TESTERS instead to better protect tester email addresses and other sensitive data. GitHub Secrets are automatically masked in logs while Variables are not.

Comment on lines +148 to +149
- name: Set Firebase testers from secret
run: echo "FIREBASE_TESTERS=${{ vars.FIREBASE_TESTERS }}" >> $GITHUB_ENV
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Similar to the development workflow, using vars.FIREBASE_TESTERS in the release workflow could expose sensitive information in logs. Use secrets.FIREBASE_TESTERS instead to ensure tester information is properly masked in workflow logs.

@nialexsan nialexsan changed the title Nialexsan/firebase testers env var Pick up testers form env vars Apr 30, 2025
@nialexsan nialexsan marked this pull request as ready for review April 30, 2025 22:16
@nialexsan nialexsan requested a review from a team as a code owner April 30, 2025 22:16
Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚨 Pull request needs attention.

Review Summary

Commits Considered (1)
  • db5db91: Merge branch 'develop' into nialexsan/firebase-testers-env-var
Files Processed (1)
  • app/build.gradle (3 hunks)
Actionable Comments (1)
  • app/build.gradle [63-67]

    possible issue: "Potential issue with empty or malformed input handling"

Skipped Comments (0)

Comment thread app/build.gradle
Comment on lines +63 to +67
def mergedTesters = ([localTesters, envTesters]
.findAll { it?.trim() }
.collectMany { it.split(",")*.trim() }
.toSet() // remove duplicates
.join(","))
Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The current implementation might not handle edge cases well:

  1. If both sources are empty/null, findAll will filter them out but join(",") will still be called on an empty set
  2. If the input contains malformed entries (e.g., ",," or " , "), the current logic will create empty entries

Consider adding input validation and sanitization:

def mergedTesters = ([localTesters, envTesters]
    .findAll { it?.trim() }
    .collectMany { it.split(',') }
    .findAll { it.trim() }  // Filter out empty entries after split
    .toSet()
    .findAll { it }  // Additional safety check
    .join(','))

Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Review Summary

Commits Considered (1)
Files Processed (1)
  • app/build.gradle (3 hunks)
Actionable Comments (0)
Skipped Comments (2)
  • app/build.gradle [63-69]

    possible issue: "Potential issue with list processing when input is malformed"

  • app/build.gradle [61-62]

    best practice: "Missing validation for environment variable"

Copy link
Copy Markdown

@github-actions github-actions Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Review Summary

Commits Considered (1)
  • 5dd63e2: Merge branch 'develop' into nialexsan/firebase-testers-env-var
Files Processed (0)
Actionable Comments (0)
Skipped Comments (0)

@nialexsan nialexsan merged commit 4e7a1da into develop May 1, 2025
3 checks passed
@nialexsan nialexsan deleted the nialexsan/firebase-testers-env-var branch May 1, 2025 15:21
@github-actions github-actions Bot mentioned this pull request May 13, 2025
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Fix android production builds

3 participants