Build: Migrate BCV and run checks for PRs

[Goooler]

It helps us avoid accidental API breaking changes.

https://kotlinlang.org/docs/gradle-binary-compatibility-validation.html

• Tests pass
• Appropriate changes to README are included in PR

[zhanghai]

BCV in KGP is still experimental, so I'd like to wait for it to be stable before migration. (Or once AndroidX migrates.)

I was under the impression apiCheck should be part of assembleDebug or lintVitalRelease - is that not the case? If not, I'd like to add apiCheck on root project instead of only on the preference project.

[Goooler]

apiCheck doesn't matter to assemble or lint stuff. It has been added to check task lifecycle.

[Goooler]

Addressing 8024e7c to #36.

[zhanghai]

https://github.com/kotlin/binary-compatibility-validator#tasks :

apiCheck — builds the project and checks that project's public API is the same as golden value in project api subfolder. This task is automatically inserted into check pipeline, so both build and check tasks will start checking public API upon their execution.

You are right it's only in check (and thus build).

I was using assembleDebug lintVitalRelease as a workaround to bypass release build which requires signing but still run the release lint. I think given that we want apiCheck, we should just switch to buildDebug lintVitalRelease. Wdyt?

[Goooler]

Actually I prefer running build as the only job, which contains the most lifecycle tasks.

I was using assembleDebug lintVitalRelease as a workaround to bypass release build

We can add signingConfig signingConfigs.debug for the release variant to fix it. e.g.

• https://github.com/Goooler/android-gpuimage/blob/8c6bb1f4e2d8c4412cc2ef0c8d9d8b79d3fdb3f7/sample/build.gradle#L16
• https://github.com/Goooler/android-gpuimage/blob/8c6bb1f4e2d8c4412cc2ef0c8d9d8b79d3fdb3f7/.github/workflows/ci.yml

[zhanghai]

I think that doesn't really work when I actually want to publish the sample app. So I'd still prefer a solution that works universally, and seems to me that would be buildDebug lintVitalRelease.

[Goooler]

Debug signings are created by AGP, and they can be reused for release builds. The only side effect is that the debug signings are not permanent across different CI runners.

If we need the permanent signing, try something like creating storable credentials for this project or decoding the personal credentials on CI. However, I don't think it's worth for investing so much engineering effort into such a sample project.

[zhanghai]

I don't really want to reuse my debug signing for release builds - but I don't want to create stored credentials (or using CI secrets) in the git repo either. So I'd rather keep using buildDebug and lintVitalRelease.

[Goooler]

apiCheck is not included by buildDebug.

See https://github.com/zhanghai/ComposePreference/actions/runs/26722413641/job/78751771933