Skip to content

[codex] Add Zoho support ticket flow #368

[codex] Add Zoho support ticket flow

[codex] Add Zoho support ticket flow #368

Workflow file for this run

name: CI
env:
# Self-hosted runners persist /nix/store; avoid stale Magic Nix Cache hooks/proxies.
NIX_CONFIG: |
post-build-hook =
extra-substituters =
substituters = https://cache.nixos.org/
on:
pull_request:
workflow_call:
inputs:
build_aab:
description: "Whether to build AAB in addition to APK"
required: false
type: boolean
default: false
outputs:
apk_filename:
description: "The filename of the APK"
value: ${{ jobs.android_build.outputs.apk_filename }}
apk_artifact_name:
description: "The artifact name for the APK"
value: ${{ jobs.android_build.outputs.apk_artifact_name }}
aab_filename:
description: "The filename of the AAB"
value: ${{ jobs.android_build.outputs.aab_filename }}
aab_artifact_name:
description: "The artifact name for the AAB"
value: ${{ jobs.android_build.outputs.aab_artifact_name }}
jobs:
changes:
runs-on: ubuntu-latest
outputs:
client_changed: ${{ steps.set_changed.outputs.client_changed }}
steps:
- name: πŸ— Checkout code
uses: actions/checkout@v6
- name: πŸ”Ž Detect client-related changes
id: filter
if: github.event_name == 'pull_request'
uses: dorny/paths-filter@v3
with:
filters: |
client:
- 'client/**'
- 'scripts/**'
- 'package.json'
- 'bun.lock'
- '.github/workflows/**'
- name: 🧭 Set client change output
id: set_changed
env:
EVENT_NAME: ${{ github.event_name }}
FILTER_CLIENT: ${{ steps.filter.outputs.client }}
run: |
if [[ "$EVENT_NAME" == "pull_request" ]]; then
echo "client_changed=${FILTER_CLIENT}" >> "$GITHUB_OUTPUT"
else
# For workflow_call, always run client checks/build.
echo "client_changed=true" >> "$GITHUB_OUTPUT"
fi
lint:
runs-on: self-hosted
needs: changes
if: needs.changes.outputs.client_changed == 'true'
steps:
- name: πŸ— Checkout code
uses: actions/checkout@v6
- name: πŸ“¦ Install signet app dependencies
run: nix develop .# --command bash -c "bun install --frozen-lockfile"
- name: ✨ Lint code
run: nix develop .# --command bash -c "bun client lint"
- name: πŸ” Typecheck code
run: nix develop .# --command bash -c "bun client typecheck"
android_build:
runs-on: self-hosted
needs: [changes, lint]
if: needs.changes.outputs.client_changed == 'true'
outputs:
apk_filename: ${{ steps.rename_apk.outputs.apk_filename }}
apk_artifact_name: ${{ steps.rename_apk.outputs.artifact_name }}
aab_filename: ${{ steps.aab_meta.outputs.aab_filename }}
aab_artifact_name: ${{ steps.aab_meta.outputs.artifact_name }}
steps:
- name: πŸ— Checkout code
uses: actions/checkout@v6
- name: πŸ“¦ Install signet app dependencies
run: nix develop .# --command bash -c "bun install --frozen-lockfile"
- name: πŸ”§ Create sentry.properties
env:
SENTRY_AUTH_TOKEN: ${{ secrets.SENTRY_AUTH_TOKEN }}
run: ./scripts/create_sentry_properties.sh
- name: πŸ” Decode keystore
env:
KEYSTORE_BASE64: ${{ secrets.KEYSTORE_BASE64 }}
run: |
echo "$KEYSTORE_BASE64" | base64 -d > client/android/app/release.keystore
- name: πŸ”§ Create local.properties for release signing
env:
MYAPP_RELEASE_KEY_ALIAS: ${{ secrets.KEY_ALIAS }}
MYAPP_RELEASE_STORE_PASSWORD: ${{ secrets.KEYSTORE_PASSWORD }}
MYAPP_RELEASE_KEY_PASSWORD: ${{ secrets.KEY_PASSWORD }}
run: ./scripts/create_local_properties.sh
- name: πŸ”¨ Build signet Android app (APK)
run: nix develop .# --command bash -c "bun client build:android:signet:ci:apk"
- name: πŸ“¦ Build signet Android app (AAB)
if: ${{ inputs.build_aab }}
run: nix develop .# --command bash -c "bun client build:android:signet:ci:aab"
- name: 🧹 Clean up keystore & local.properties
if: ${{ always() }}
run: |
rm -f client/android/app/release.keystore
rm -f client/android/local.properties
- name: πŸ“ Rename APK for publication
id: rename_apk
run: |
apk_path="client/android/app/build/outputs/apk/signet/release/app-signet-release.apk"
new_apk_path="client/android/app/build/outputs/apk/signet/release/noah.apk"
mv "${apk_path}" "${new_apk_path}"
echo "new_path=${new_apk_path}" >> $GITHUB_OUTPUT
echo "apk_filename=noah.apk" >> $GITHUB_OUTPUT
echo "artifact_name=noah-android-apk" >> $GITHUB_OUTPUT
shell: bash
- name: πŸ“ Prepare AAB outputs
id: aab_meta
# Always run so job outputs are defined whether or not we built an AAB
if: ${{ always() }}
shell: bash
run: |
set -euo pipefail
aab_expected="client/android/app/build/outputs/bundle/signetRelease/app-signet-release.aab"
if [[ "${{ inputs.build_aab }}" == 'true' && -f "$aab_expected" ]]; then
timestamp=$(date +'%Y-%m-%d-%H-%M')
aab_filename="noah-android-aab-${timestamp}.aab"
new_aab_path="client/android/app/build/outputs/bundle/signetRelease/${aab_filename}"
mv "$aab_expected" "$new_aab_path"
echo "new_path=${new_aab_path}" >> "$GITHUB_OUTPUT"
echo "aab_filename=${aab_filename}" >> "$GITHUB_OUTPUT"
echo "artifact_name=noah-android-aab" >> "$GITHUB_OUTPUT"
else
echo "new_path=" >> "$GITHUB_OUTPUT"
echo "aab_filename=" >> "$GITHUB_OUTPUT"
echo "artifact_name=" >> "$GITHUB_OUTPUT"
fi
- name: πŸ“€ Upload Android APK artifact
uses: actions/upload-artifact@v7
with:
name: ${{ steps.rename_apk.outputs.artifact_name }}
path: ${{ steps.rename_apk.outputs.new_path }}
if-no-files-found: error
overwrite: true
- name: πŸ“€ Upload Android AAB artifact
if: ${{ inputs.build_aab && steps.aab_meta.outputs.new_path != '' }}
uses: actions/upload-artifact@v7
with:
name: ${{ steps.aab_meta.outputs.artifact_name }}
path: ${{ steps.aab_meta.outputs.new_path }}
retention-days: 7
if-no-files-found: error
overwrite: true
client_gate:
runs-on: ubuntu-latest
needs: [changes, lint, android_build]
if: always()
steps:
- name: βœ… Gate
run: |
if [[ "${{ needs.changes.result }}" != "success" ]]; then
echo "Client change detection failed"
exit 1
fi
if [[ "${{ needs.changes.outputs.client_changed }}" != "true" ]]; then
echo "No client-related changes; client checks not required"
exit 0
fi
if [[ "${{ needs.lint.result }}" == "success" ]] && \
[[ "${{ needs.android_build.result }}" == "success" ]]; then
echo "Client checks passed"
exit 0
else
echo "Client checks failed"
exit 1
fi