Feature/resolve conflicts (#225)

* Update secret extractor

* Fix app build

* Split release workflows

* Remove google services generation

* Fixes - launch learning resource when logged out, new filter for all tab, remove campaign description new line characters

* Fix all analyze warnings (#224)

* Fix all analyze warnings

* Regenerated pod lockfile

* Don't fail analyze on infos

* Fix analysis_options sections

* Regenerated pod lockfile

* Fix nullability issues

* Regenerated pod lockfile

* Remove unrecognized `--set-exit-if-change` from Flutter formatter

---------

Co-authored-by: kackogut <[email protected]>

* tech/update-inappwebview (#223)

* Fix iOs builds by upgrading webview version

* Regenerated pod lockfile

* Regenerated pod lockfile

---------

Co-authored-by: kackogut <[email protected]>

* Regenerated pod lockfile

---------

Co-authored-by: James Elgar <[email protected]>
Co-authored-by: kackogut <[email protected]>

.github/actions/setup-app/action.yml

@@ -20,7 +20,7 @@ runs:
         channel: 'beta' # 'dev', 'alpha', default to: 'stable'
         flutter-version: '3.14.x'
         cache: true
-      
+
     - name: Flutter version
       shell: bash
       run: |

.github/workflows/android-release.yml

@@ -0,0 +1,56 @@
+name: Android release
+
+on:
+  workflow_dispatch:
+  workflow_call:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref }}
+  cancel-in-progress: true
+
+jobs:
+  release_android:
+    runs-on: ubuntu-latest
+    timeout-minutes: 30
+    steps:
+    - uses: actions/checkout@v2
+
+    - name: 🧰 Setup app
+      uses: ./.github/actions/setup-app
+
+    - name: 🔑 Add secrets
+      env:
+        KEY_PROPERTIES_BASE64: ${{ secrets.KEY_PROPERTIES_BASE64 }}
+        KEY_JKS_BASE64: ${{ secrets.KEY_JKS_BASE64 }}
+      run: |
+        echo $KEY_PROPERTIES_BASE64 | base64 -d > ./android/key.properties
+        echo $KEY_JKS_BASE64 | base64 -d > ./android/app/key.jks
+
+    - name: 🏴‍☠️ Java setup
+      uses: actions/setup-java@v3
+      with:
+        java-version: '17'
+        distribution: 'temurin'
+        cache: 'gradle'
+
+    - name: 🛠️ Build app
+      run: flutter build appbundle --release
+
+    - name: ⏫ Upload bundle as gh artifact
+      uses: actions/upload-artifact@v2
+      with:
+        name: Signed app bundle
+        path: ${{steps.sign_app.outputs.signedReleaseFile}}
+
+    - name: ⏫ Upload bundle to Play Store
+      uses: r0adkll/upload-google-play@v1
+      with:
+        serviceAccountJsonPlainText: ${{ secrets.ANDROID_SERVICE_ACCOUNT_JSON }}
+        packageName: com.nowu.app
+        releaseFiles: /home/runner/work/now-u-app/now-u-app/build/app/outputs/bundle/release/app-release.aab
+        track: production
+        status: completed
+        # inAppUpdatePriority: 2
+        # userFraction: 0.33
+        # whatsNewDirectory: distribution/whatsnew
+        # mappingFile: app/build/outputs/mapping/release/mapping.txt

.github/workflows/flutter-ci-cd.yaml

@@ -1,169 +1,58 @@
 name: Flutter CI CD
 
-# This workflow is triggered on pushes to the repository.
-
 on:
-  push: 
-    # branches: [staging, master]
-    branches: [staging]
-  # pull_request:
-  #  branches: [ dev ]
+  push:
+    branches: [main]
+    tags:
+      - '[0-9]+.[0-9]+.[0-9]+'
+
   workflow_dispatch: # to manually run this workflow
-
-# on: push    # Default will running for every branch.
-
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.head_ref }}
   cancel-in-progress: true
 
 jobs:
-  android:
-    # This job will run on ubuntu virtual machine
-    runs-on: ubuntu-latest
-    timeout-minutes: 30
-    env:
-        KEY_JKS: ${{ secrets.ANDROID_KEY_JKS }}
-        KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
-        ALIAS_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
-    steps:
-    - uses: actions/checkout@v2
-
-    - name: Key base64 to file
-      id: write_file_key
-      uses: timheuer/base64-to-file@v1
-      with:
-        fileName: 'key.jks'
-        encodedString: ${{ secrets.KEY_JKS_BASE64 }}
-
-    - name: Key properties base64 to file
-      id: write_file_key_properties
-      uses: timheuer/base64-to-file@v1
-      with:
-        fileName: 'key.properties'
-        encodedString: ${{ secrets.KEY_PROPERTIES_BASE64 }}
-
-    - name: Move key.jks and key.properties to proper dir
-      run: |
-        mv ${{ steps.write_file_key.outputs.filePath }} ./android/app/
-        mv ${{ steps.write_file_key_properties.outputs.filePath }} ./android/
-
-    - name: Create firebase google-service.json
-      env:
-        FIREBASE_CONFIG: ${{ secrets.FIREBASE_CONFIG_PROD }}
-      run: echo $FIREBASE_CONFIG > ./android/app/google-services.json
-
-    # Setup Java environment in order to build the Android app.
-    - uses: actions/setup-java@v3
-      with:
-        java-version: '17'
-        distribution: 'temurin'
-        cache: 'gradle'
-
-    - name: Setup app
-      uses: ./.github/actions/setup-app
-
-      # env:
-        # ACTIONS_ALLOW_UNSECURE_COMMANDS: 'true'
-        # env:
-        #   KEY_JKS: ${{ secrets.ANDROID_KEY_JKS }}
-        #   KEY_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
-        #   ALIAS_PASSWORD: ${{ secrets.ANDROID_KEY_PASSWORD }}
-        # run: echo $KEY_JKS > android/key.jks && flutter pub get && flutter build apk --release --no-shrink
-
-    # Export key into key.jks file
-    # - run: pwd 
-    # - run: echo $TEST_SECRET 
-    # - run: echo $KEY_JKS > android/key.jks
-
-    # Build apk
-    - run: flutter build appbundle --release
-
-    # Upload generated apk to the artifacts.
-    - uses: actions/upload-artifact@v1
-      with:
-        name: release-android
-        path: build/app/outputs/bundle/release/app-release.aab
-
-    - name: Upload to Play Store # Finish setting this up
-      uses: r0adkll/upload-google-play@v1
-      with:
-        serviceAccountJsonPlainText: ${{ secrets.ANDROID_SERVICE_ACCOUNT_JSON }}
-        packageName: com.nowu.app
-        releaseFiles: /home/runner/work/now-u-app/now-u-app/build/app/outputs/bundle/release/app-release.aab
-        track: beta
-        status: completed
-        # inAppUpdatePriority: 2
-        # userFraction: 0.33
-        # whatsNewDirectory: distribution/whatsnew
-        # mappingFile: app/build/outputs/mapping/release/mapping.txt
-
-
-  # TODO https://damienaicheh.github.io/flutter/github/actions/2021/04/22/build-sign-flutter-ios-github-actions-en.html
-  build_ios:
+  prepare:
     runs-on: macos-latest
     timeout-minutes: 30
     steps:
-      # Checks-out our repository under $GITHUB_WORKSPACE, so our job can access it
-      - name: Checkout repository
-        uses: actions/checkout@v2
+      - uses: actions/checkout@v2
+
+      - name: Extract version from tag
+        uses: damienaicheh/[email protected]
 
-      # Install the Apple certificate and provisioning profile 
-      - name: Install the Apple certificate and provisioning profile
-        env:
-          BUILD_CERTIFICATE_BASE64: ${{ secrets.APPSTORE_CERT_BASE64 }}
-          P12_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }}
-          BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.MOBILEPROVISION_BASE64 }}
-          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
+      - name: Setup cider
         run: |
-          # create variables
-          CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
-          PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
-          KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
-          # import certificate and provisioning profile from secrets
-          echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
-          echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
-          # create temporary keychain
-          security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
-          security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
-          security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
-          # import certificate to keychain
-          security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
-          security list-keychain -d user -s $KEYCHAIN_PATH
-          # apply provisioning profile
-          mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
-          cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
+          export PATH="$PATH":"$HOME/.pub-cache/bin"
+          pub global activate cider
 
-      - name: Create firebase GoogleService-Info.plist
-        env:
-          FIREBASE_CONFIG: ${{ secrets.FIREBASE_IOS_CONFIG_PROD }}
-        run: echo $FIREBASE_CONFIG > ./ios/Runner/GoogleService-Info.plist
+      - name: Set version
+        run: |
+          echo "Setting version to ${{ github.ref_name }}"
+          cider version ${{ github.ref_name }}
 
-      - name: Setup app
-        uses: ./.github/actions/setup-app
+      - name: Update change log
+        run: cider release
 
-      # Build and sign the ipa using a single flutter command
-      - name: Building IPA
-        run: flutter build ipa --release --export-options-plist=ios/Runner/ExportOptions.plist
-
-      # Collect the file and upload as artifact         
-      - name: collect ipa artifacts
-        uses: actions/upload-artifact@v2
+      - name: Commit changes
+        uses: EndBug/add-and-commit@v7
         with:
-         name: release-ipa
-         # Path to the release files
-         path: build/ios/ipa/*.ipa
-
-      # Important! Cleanup: remove the certificate and provisioning profile from the runner!
-      - name: Clean up keychain and provisioning profile
-        if: ${{ always() }}
-        run: |
-          security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
-          rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision
-
-      - name: Publishing app to TestFlight
-        env:
-          APPLEID_USERNAME: ${{ secrets.APPLEID_USERNAME }}
-          APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }}
-          IPA_PATH: build/ios/ipa/now-u.ipa 
-        run: ./.github/scripts/publish_testflight.sh
+          author_name: GitHub Actions
+          author_email: [email protected]
+          branch: main
+          message: "Update version on pubspec.yaml & update change log"
+
+      - name: Release ios
+        uses: now-u/now-u-backend/.github/workflows/android-release.yml@main
+        secrets: inherit
+
+  release-ios:
+    needs: prepare
+    uses: now-u/now-u-app/.github/workflows/ios-release.yml@main
+    secrets: inherit
+
+  release-android:
+    needs: prepare
+    uses: now-u/now-u-app/.github/workflows/android-release.yml@main
+    secrets: inherit

.github/workflows/flutter-test.yml

@@ -23,10 +23,10 @@ jobs:
       - run: pod repo update 
 
       - name: Flutter analyze
-        run: flutter analyze
+        run: flutter analyze --no-fatal-infos
 
-      - name: Flutter analyze
-        run: dart format -o none --set-exit-if-change
+      - name: Flutter format
+        run: dart format -o none
 
       - name: Run tests
         run: flutter test

.github/workflows/ios-release.yml

@@ -0,0 +1,89 @@
+name: IOS release
+
+on:
+  workflow_dispatch:
+  workflow_call:
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.head_ref }}
+  cancel-in-progress: true
+
+# TODO https://damienaicheh.github.io/flutter/github/actions/2021/04/22/build-sign-flutter-ios-github-actions-en.html
+jobs:
+  release_ios:
+    runs-on: macos-latest
+    timeout-minutes: 30
+    steps:
+      # Checks-out our repository under $GITHUB_WORKSPACE, so our job can access it
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      # Install the Apple certificate and provisioning profile
+      - name: 🔑 Install the Apple certificate and provisioning profile
+        env:
+          # NOTE: Once a year this certificate will expire.
+          # This secret stores the base64 encoded p12. This can be generated with the following:
+          #
+          # Follow this guide to convert the downloaded certifacte to p12
+          # https://gist.github.com/jcward/d08b33fc3e6c5f90c18437956e5ccc35
+          # Rough overview
+          # Generate certifacte (.cer) or use the same file as before
+          # Upload cert here and download output: https://developer.apple.com/account/resources/profiles/list
+          # Do some stuff to generate p12 cert (ios_distribution.p12)
+          # NOTE: When running `openssl pkcs12 -export` use the -legacy flag
+          # NOTE: Download apple cert from  https://developer.apple.com/certificationauthority/AppleWWDRCA.cer
+          #
+          # After generating use `cat ios_distribution.p12 | base64 | xclip
+          # -selection c` to copy the output and update the secret. If passowrd
+          # is chnage update P12_PASSWORD as well
+          BUILD_CERTIFICATE_BASE64: ${{ secrets.APPSTORE_CERT_BASE64 }}
+          P12_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }}
+          BUILD_PROVISION_PROFILE_BASE64: ${{ secrets.MOBILEPROVISION_BASE64 }}
+          KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
+        run: |
+          # create variables
+          CERTIFICATE_PATH=$RUNNER_TEMP/build_certificate.p12
+          PP_PATH=$RUNNER_TEMP/build_pp.mobileprovision
+          KEYCHAIN_PATH=$RUNNER_TEMP/app-signing.keychain-db
+          # import certificate and provisioning profile from secrets
+          echo -n "$BUILD_CERTIFICATE_BASE64" | base64 --decode --output $CERTIFICATE_PATH
+          echo -n "$BUILD_PROVISION_PROFILE_BASE64" | base64 --decode --output $PP_PATH
+          # create temporary keychain
+          security create-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          security set-keychain-settings -lut 21600 $KEYCHAIN_PATH
+          security unlock-keychain -p "$KEYCHAIN_PASSWORD" $KEYCHAIN_PATH
+          # import certificate to keychain
+          security import $CERTIFICATE_PATH -P "$P12_PASSWORD" -A -t cert -f pkcs12 -k $KEYCHAIN_PATH
+          security list-keychain -d user -s $KEYCHAIN_PATH
+          # apply provisioning profile
+          mkdir -p ~/Library/MobileDevice/Provisioning\ Profiles
+          cp $PP_PATH ~/Library/MobileDevice/Provisioning\ Profiles
+
+      - name: 🧰  Setup app
+        uses: ./.github/actions/setup-app
+
+      # Build and sign the ipa using a single flutter command
+      - name: 🛠️ Building IPA
+        run: flutter build ipa --release --export-options-plist=ios/Runner/ExportOptions.plist
+
+      # Collect the file and upload as artifact
+      - name: ⏫ Upload bundle as gh artifact
+        uses: actions/upload-artifact@v2
+        with:
+         name: release-ipa
+         # Path to the release files
+         path: build/ios/ipa/*.ipa
+
+      # Important! Cleanup: remove the certificate and provisioning profile from the runner!
+      - name: 🧹 Clean up keychain and provisioning profile
+        if: ${{ always() }}
+        run: |
+          security delete-keychain $RUNNER_TEMP/app-signing.keychain-db
+          rm ~/Library/MobileDevice/Provisioning\ Profiles/build_pp.mobileprovision
+
+      - name: ⏫ Publishing app to TestFlight
+        env:
+          APPLEID_USERNAME: ${{ secrets.APPLEID_USERNAME }}
+          APPLEID_PASSWORD: ${{ secrets.APPLEID_PASSWORD }}
+          IPA_PATH: build/ios/ipa/now-u.ipa 
+        run: ./.github/scripts/publish_testflight.sh

.github/workflows/secret-extractor.yml

@@ -4,8 +4,7 @@ on:
   workflow_dispatch:
 
 jobs:
-  android:
-    # This job will run on ubuntu virtual machine
+  extract:
     runs-on: ubuntu-latest
     timeout-minutes: 30
     env:
@@ -17,8 +16,10 @@ jobs:
 
     - name: Extract secrets
       env:
+        KEY_PROPERTIES: ${{ secrets.KEY_PROPERTIES_BASE64}}
         KEY_JKS: ${{ secrets.KEY_JKS_BASE64}}
         OPENSSL_PASSWORD: ${{ secrets.SECRET_EXTRACTION_OPENSSL_PASSWORD }}
         OPENSSL_ITER: ${{ secrets.SECRET_EXTRACTION_OPENSSL_ITER }}
       run: |
+        echo "KEY_PROPERTIES = $(echo "${KEY_PROPERTIES}" | openssl enc -e -aes-256-cbc -a -pbkdf2 -iter ${OPENSSL_ITER} -k "${OPENSSL_PASSWORD}")"
         echo "KEY_JKS = $(echo "${KEY_JKS}" | openssl enc -e -aes-256-cbc -a -pbkdf2 -iter ${OPENSSL_ITER} -k "${OPENSSL_PASSWORD}")"