# Copyright 2020 Google LLC # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. name: firestore on: pull_request: schedule: # Run every day at 12am (PST) - cron uses UTC times - cron: '0 8 * * *' concurrency: group: ${{ github.workflow }}-${{ github.head_ref || github.ref }} cancel-in-progress: true jobs: changes: runs-on: macos-14 # Only when this is not a scheduled run if: github.event_name != 'schedule' outputs: changed: ${{ steps.changes.outputs.changed }} steps: - uses: dorny/paths-filter@v2 id: changes with: filters: | changed: # Firestore sources - 'Firestore/**' # Interop headers - 'FirebaseAuth/Interop/*.h' # FirebaseCore header change - 'FirebaseCore/Internal' - 'FirebaseCore/Sources/Public' # Podspec - 'FirebaseFirestoreInternal.podspec' - 'FirebaseFirestore.podspec' - 'FirebaseFirestoreSwift.podspec' # CMake - '**CMakeLists.txt' - 'cmake/**' # Build scripts to which Firestore is sensitive # # Note that this doesn't include check scripts because changing those will # already trigger the check workflow. - 'scripts/binary_to_array.py' - 'scripts/build.sh' - 'scripts/install_prereqs.sh' - 'scripts/localize_podfile.swift' - 'scripts/pod_lib_lint.rb' - 'scripts/run_firestore_emulator.sh' - 'scripts/setup_*' - 'scripts/sync_project.rb' - 'scripts/test_quickstart.sh' - 'scripts/xcresult_logs.py' # This workflow - '.github/workflows/firestore.yml' # Rebuild on Ruby infrastructure changes. - 'Gemfile*' check: needs: changes # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') runs-on: macos-14 steps: - uses: actions/checkout@v4 - uses: actions/setup-python@v4 with: python-version: 3.11 - name: Setup check run: scripts/setup_check.sh - name: Run check run: scripts/check.sh --test-only cmake: needs: check # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') strategy: matrix: # TODO(#12769): Update to macos-14 which doesn't include Python 3.7 os: [macos-12, ubuntu-latest] env: MINT_PATH: ${{ github.workspace }}/mint runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - name: Prepare ccache uses: actions/cache@v3 with: path: ${{ runner.temp }}/ccache key: firestore-ccache-${{ runner.os }}-${{ github.sha }} restore-keys: | firestore-ccache-${{ runner.os }}- - name: Cache Mint packages uses: actions/cache@v3 with: path: ${{ env.MINT_PATH }} key: ${{ runner.os }}-mint-${{ hashFiles('**/Mintfile') }} restore-keys: ${{ runner.os }}-mint- - uses: actions/setup-python@v4 with: python-version: '3.7' - name: Setup build run: scripts/install_prereqs.sh Firestore ${{ runner.os }} cmake - name: Build and test run: | export EXPERIMENTAL_MODE=true export CCACHE_DIR=${{ runner.temp }}/ccache scripts/third_party/travis/retry.sh scripts/build.sh Firestore ${{ runner.os }} cmake cmake-prod-db: # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') needs: check strategy: matrix: # TODO(#12769): Update to macos-14 which doesn't include Python 3.7 os: [macos-12] databaseId: [(default), test-db] env: plist_secret: ${{ secrets.GHASecretsGPGPassphrase1 }} MINT_PATH: ${{ github.workspace }}/mint TARGET_DATABASE_ID: ${{ matrix.databaseId }} runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - name: Prepare ccache uses: actions/cache@v3 with: path: ${{ runner.temp }}/ccache key: firestore-ccache-${{ matrix.databaseId }}-${{ runner.os }}-${{ github.sha }} restore-keys: | firestore-ccache-${{ matrix.databaseId }}-${{ runner.os }}- - name: Cache Mint packages uses: actions/cache@v3 with: path: ${{ env.MINT_PATH }} key: ${{ runner.os }}-mint-${{ hashFiles('**/Mintfile') }} restore-keys: ${{ runner.os }}-mint- - uses: actions/setup-python@v4 with: python-version: '3.7' - name: Install Secret GoogleService-Info.plist run: scripts/decrypt_gha_secret.sh scripts/gha-encrypted/firestore.plist.gpg \ Firestore/Example/App/GoogleService-Info.plist "$plist_secret" - name: Install Google Service Account key run: | scripts/decrypt_gha_secret.sh scripts/gha-encrypted/firestore-integration.json.gpg \ google-service-account.json "$plist_secret" # create composite indexes with Terraform - name: Set up Google Cloud SDK uses: google-github-actions/setup-gcloud@v1 - name: Setup Terraform uses: hashicorp/setup-terraform@v2 - name: Terraform Init run: | cd Firestore terraform init - name: Terraform Apply run: | cd Firestore # Define a temporary file, redirect both stdout and stderr to it output_file=$(mktemp) if ! terraform apply -var-file=../google-service-account.json -auto-approve > "$output_file" 2>&1 ; then cat "$output_file" if cat "$output_file" | grep -q "index already exists"; then echo "===================================================================================" echo "Terraform apply failed due to index already exists; We can safely ignore this error." echo "===================================================================================" fi exit 1 fi rm -f "$output_file" env: GOOGLE_APPLICATION_CREDENTIALS: ../google-service-account.json continue-on-error: true - name: Setup build run: scripts/install_prereqs.sh Firestore ${{ runner.os }} cmake - name: Build and test run: | export CCACHE_DIR=${{ runner.temp }}/ccache scripts/third_party/travis/retry.sh scripts/build.sh Firestore ${{ runner.os }} cmake sanitizers-mac: # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') needs: check strategy: matrix: # TODO(#12769): Update to macos-14 which doesn't include Python 3.7 os: [macos-12] sanitizer: [asan, tsan] runs-on: ${{ matrix.os }} env: SANITIZERS: ${{ matrix.sanitizer }} steps: - uses: actions/checkout@v4 - name: Prepare ccache uses: actions/cache@v3 with: path: ${{ runner.temp }}/ccache key: ${{ matrix.sanitizer }}-firestore-ccache-${{ runner.os }}-${{ github.sha }} restore-keys: | ${{ matrix.sanitizer }}-firestore-ccache-${{ runner.os }}- - uses: actions/setup-python@v4 with: python-version: '3.7' - name: Setup build run: scripts/install_prereqs.sh Firestore ${{ runner.os }} cmake - name: Build and test run: | export EXPERIMENTAL_MODE=true export CCACHE_DIR=${{ runner.temp }}/ccache scripts/third_party/travis/retry.sh scripts/build.sh Firestore ${{ runner.os }} cmake sanitizers-ubuntu: # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') needs: check strategy: matrix: os: [ubuntu-latest] # Excluding TSAN on ubuntu because of the warnings it generates around schedule.cc. # This could be due to Apple Clang provide additional support for synchronization # on Apple platforms, which is what we primarily care about. sanitizer: [asan] runs-on: ${{ matrix.os }} env: SANITIZERS: ${{ matrix.sanitizer }} ASAN_OPTIONS: detect_leaks=0 steps: - uses: actions/checkout@v3 - name: Prepare ccache uses: actions/cache@v3 with: path: ${{ runner.temp }}/ccache key: ${{ matrix.sanitizer }}-firestore-ccache-${{ runner.os }}-${{ github.sha }} restore-keys: | ${{ matrix.sanitizer }}-firestore-ccache-${{ runner.os }}- - uses: actions/setup-python@v4 with: python-version: '3.7' - name: Setup build run: scripts/install_prereqs.sh Firestore ${{ runner.os }} cmake - name: Build and test run: | export EXPERIMENTAL_MODE=true export CCACHE_DIR=${{ runner.temp }}/ccache scripts/third_party/travis/retry.sh scripts/build.sh Firestore ${{ runner.os }} cmake xcodebuild: # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') runs-on: macos-14 needs: check strategy: matrix: target: [iOS, macOS, tvOS] steps: - uses: actions/checkout@v4 - uses: mikehardy/buildcache-action@c87cea0ccd718971d6cc39e672c4f26815b6c126 with: cache_key: ${{ matrix.target }} - uses: ruby/setup-ruby@v1 - name: Setup build run: scripts/install_prereqs.sh Firestore ${{ matrix.target }} xcodebuild - name: Build and test run: | export EXPERIMENTAL_MODE=true scripts/third_party/travis/retry.sh scripts/build.sh Firestore ${{ matrix.target }} xcodebuild pod-lib-lint: # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') runs-on: macos-13 needs: check strategy: matrix: podspec: [ 'FirebaseFirestoreInternal.podspec', 'FirebaseFirestore.podspec', 'FirebaseFirestoreSwift.podspec', ] steps: - uses: actions/checkout@v4 - uses: ruby/setup-ruby@v1 - name: Setup Bundler run: ./scripts/setup_bundler.sh - name: Xcode run: sudo xcode-select -s /Applications/Xcode_15.2.app/Contents/Developer - name: Pod lib lint # TODO(#9565, b/227461966): Remove --no-analyze when absl is fixed. run: | scripts/third_party/travis/retry.sh scripts/pod_lib_lint.rb ${{ matrix.podspec }} \ --platforms=ios \ --allow-warnings \ --no-analyze # `pod lib lint` takes a long time so only run the other platforms and static frameworks build in the cron. pod-lib-lint-cron: if: github.event_name == 'schedule' && github.repository == 'Firebase/firebase-ios-sdk' needs: check strategy: matrix: podspec: [ 'FirebaseFirestoreInternal.podspec', 'FirebaseFirestore.podspec', 'FirebaseFirestoreSwift.podspec', ] platforms: [ 'macos', 'tvos', 'ios', ] flags: [ '--use-static-frameworks', '', ] os: [macos-14, macos-13] # TODO: grpc and its dependencies don't build on Xcode 15 for macos because their minimum macos is lower than 10.11. exclude: - os: macos-13 platforms: 'macos' # Skip matrix cells covered by pod-lib-lint job. - os: macos-13 platforms: 'ios' include: - os: macos-14 xcode: Xcode_15.3 - os: macos-13 xcode: Xcode_15.2 runs-on: ${{ matrix.os }} steps: - uses: actions/checkout@v4 - uses: ruby/setup-ruby@v1 - name: Setup Bundler run: ./scripts/setup_bundler.sh - name: Xcode run: sudo xcode-select -s /Applications/${{ matrix.xcode }}.app/Contents/Developer - name: Pod lib lint # TODO(#9565, b/227461966): Remove --no-analyze when absl is fixed. run: | scripts/third_party/travis/retry.sh scripts/pod_lib_lint.rb ${{ matrix.podspec }}\ ${{ matrix.flags }} \ --platforms=${{ matrix.platforms }} \ --allow-warnings \ --no-analyze spm-source: # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') strategy: matrix: target: [iOS, tvOS, macOS] os: [macos-13, macos-14] include: - os: macos-13 xcode: Xcode_15.2 - os: macos-14 xcode: Xcode_15.3 - os: macos-14 xcode: Xcode_15.3 target: visionOS runs-on: ${{ matrix.os }} needs: check env: FIREBASE_SOURCE_FIRESTORE: 1 steps: - uses: actions/checkout@v4 - uses: mikehardy/buildcache-action@c87cea0ccd718971d6cc39e672c4f26815b6c126 with: cache_key: spm${{ matrix.os }}-${{ matrix.xcode }}-${{ matrix.target }} - name: Xcode run: sudo xcode-select -s /Applications/${{ matrix.xcode }}.app/Contents/Developer - name: Initialize xcodebuild run: scripts/setup_spm_tests.sh - name: iOS Build Test run: scripts/third_party/travis/retry.sh ./scripts/build.sh FirebaseFirestore ${{ matrix.target }} spmbuildonly - name: Swift Build run: scripts/third_party/travis/retry.sh ./scripts/build.sh FirebaseFirestoreSwift ${{ matrix.target }} spmbuildonly spm-binary: # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') runs-on: macos-14 needs: check steps: - uses: actions/checkout@v4 - uses: mikehardy/buildcache-action@c87cea0ccd718971d6cc39e672c4f26815b6c126 with: cache_key: spm-binary - name: Initialize xcodebuild run: scripts/setup_spm_tests.sh - name: iOS Build Test run: scripts/third_party/travis/retry.sh ./scripts/build.sh FirebaseFirestore iOS spmbuildonly - name: Swift Build run: scripts/third_party/travis/retry.sh ./scripts/build.sh FirebaseFirestoreSwift iOS spmbuildonly check-firestore-internal-public-headers: # Either a scheduled run from public repo, or a pull request with firestore changes. if: | (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || (github.event_name == 'pull_request' && needs.changes.outputs.changed == 'true') runs-on: macos-14 needs: check steps: - uses: actions/checkout@v4 - name: Assert that Firestore and FirestoreInternal have identically named headers. run: | fst_dir=Firestore/Source/Public/FirebaseFirestore/ fst_internal_dir=FirebaseFirestoreInternal/FirebaseFirestore/ comparison=$(comm -3 <(ls $fst_dir | sort) <(ls $fst_internal_dir | sort)) if [[ -z "$comparison" ]]; then echo "Success: Directories '$fst_dir' and '$fst_internal_dir' match." else echo "Error: Directories '$fst_dir' and '$fst_internal_dir' differ:" echo "Files only in '$fst_dir':" # Files in this set do not start with whitespace. Grep for them and a # dashed prefix for nicer formatting. echo "$comparison" | grep -v '^\s' | sed 's/^/- /' echo "Files only in '$fst_internal_dir':" # Files in this set start with whitespace. Grep for them and a dashed # prefix for nicer formatting. echo "$comparison" | grep '^\s' | sed 's/^ /- /' exit 1 fi # TODO: Re-enable either in or after #11706. # spm-source-cron: # # Don't run on private repo. # if: github.event_name == 'schedule' && github.repository == 'Firebase/firebase-ios-sdk' # runs-on: macos-14 # strategy: # matrix: # target: [tvOS, macOS, catalyst] # env: # FIREBASE_SOURCE_FIRESTORE: 1 # steps: # - uses: actions/checkout@v4 # - uses: mikehardy/buildcache-action@c87cea0ccd718971d6cc39e672c4f26815b6c126 # with: # cache_key: ${{ matrix.os }} # - name: Initialize xcodebuild # run: scripts/setup_spm_tests.sh # - name: Build Test - Binary # run: scripts/third_party/travis/retry.sh ./scripts/build.sh FirebaseFirestore ${{ matrix.target }} spmbuildonly # - name: Swift Build # run: scripts/third_party/travis/retry.sh ./scripts/build.sh FirebaseFirestoreSwift ${{ matrix.target }} spmbuildonly spm-binary-cron: # Don't run on private repo. if: github.event_name == 'schedule' && github.repository == 'Firebase/firebase-ios-sdk' runs-on: macos-14 strategy: matrix: target: [tvOS, macOS, catalyst] steps: - uses: actions/checkout@v4 - uses: mikehardy/buildcache-action@c87cea0ccd718971d6cc39e672c4f26815b6c126 with: cache_key: ${{ matrix.target }} - name: Initialize xcodebuild run: scripts/setup_spm_tests.sh - name: Build Test - Binary run: scripts/third_party/travis/retry.sh ./scripts/build.sh FirebaseFirestore ${{ matrix.target }} spmbuildonly - name: Swift Build run: scripts/third_party/travis/retry.sh ./scripts/build.sh FirebaseFirestoreSwift ${{ matrix.target }} spmbuildonly # A job that fails if any required job in the test matrix fails, # to be used as a required check for merging. check-required-tests: runs-on: ubuntu-latest if: always() name: Check all required Firestore tests results needs: [cmake, cmake-prod-db, xcodebuild, spm-source, spm-binary] steps: - name: Check test matrix if: needs.cmake.result == 'failure' || needs.cmake-prod-db.result == 'failure' || needs.xcodebuild.result == 'failure' || needs.spm.result == 'failure' run: exit 1 # Disable until FirebaseUI is updated to accept Firebase 9 and quickstart is updated to accept # Firebase UI 12 # quickstart: # # Don't run on private repo unless it is a PR. # if: (github.repository == 'Firebase/firebase-ios-sdk' && github.event_name == 'schedule') || github.event_name == 'pull_request' # env: # plist_secret: ${{ secrets.GHASecretsGPGPassphrase1 }} # signin_secret: ${{ secrets.GHASecretsGPGPassphrase1 }} # runs-on: macos-14 # needs: check # steps: # - uses: actions/checkout@v4 # - name: Setup quickstart # run: scripts/setup_quickstart.sh firestore # - name: Install Secret GoogleService-Info.plist # run: scripts/decrypt_gha_secret.sh scripts/gha-encrypted/qs-firestore.plist.gpg \ # quickstart-ios/firestore/GoogleService-Info.plist "$plist_secret" # - name: Test swift quickstart # run: ([ -z $plist_secret ] || # scripts/third_party/travis/retry.sh scripts/test_quickstart.sh Firestore false)