CI: Nightly Builds (#1612)

UnschooledGamer · web-flow · commit c2830e995e8e · 2025-09-30T09:57:38.000+05:30
* add nightly builds CI

* add if check comment, uncomment while pushing to upstream repo

* add workflow_dispatch for testing

* Update nightly-build.yml

* add: envs for keystore &amp; build json path, removal step for those

* use caching for Gradle

* Update apk path

* add: workflow call, creation of nightly releases. and comments (if ran in PR)

* fix: PREV_TAG messed up EOF 🙃

* fix: PR_NUMBER if condition

* fix: (again) PR_NUMBER if condition

* fix: UPDATED_VERSION bad substitution

* fix: PR_NUMBER assignment

* add(CI): community-release-notifier, nightly-build concurrency, on demand PR builds

* add(CI): PR label removal for on demand Preview Releases CI

* remove(CI): remove .github excluding from on-demand preview CI for testing

* add(CI): checkout action for on-demand-preview-releases-PR.yml

* fix(CI): workflow path for on-demand-preview-releases-PR.yml

* add(CI): comments for on-demand-preview-releases-PR.yml

* fix(CI): on-demand-preview-releases-PR CI running without satisfying run conditions

* fix(CI): on-demand-preview-releases-PR CI env

* refactor(CI): on-demand-preview-releases-PR to use `.outcome` instead of `failure()`

* refactor(CI): on-demand-preview-releases-PR to use `.outcome` instead of `failure()`

* fix(CI): on-demand-preview-releases-PR to use backslash backticks

* chore: fetch-depth to 0

* chore: remove branch from reusable workflow

* chore: add clean false to the checkout for on-demand-preview-releases-PR.yml

* chore: add sha commit to the reusable workflow for on-demand-preview-releases-PR.yml

* chore: add repo to the reusable workflow for on-demand-preview-releases-PR.yml

* refactor: builder, update last comment step in separate jobs

As GitHub doesn't like reusable workflows in steps

* chore: update on-demand-preview-releases-PR.yml

* chore: use `needs` for on-demand-preview-releases-PR.yml &amp; expose nightly-build status via outputs

* fix: concurrency group deadlock when triggered from on-demand Previews... CI

* fix: concurrency group deadlock when triggered from on-demand Previews... CI

* fix: concurrency group deadlock when triggered from on-demand Previews... CI

* fix: secrets not found in on-demand-preview-releases-PR.yml

* chore: update

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update on-demand-preview-releases-PR.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update community-release-notifier.yml

* chore: add community-release-notifier to nightly-build.yml

* chore: update

* chore: update

* chore: update

* chore: update

* chore: update

* chore: update

* chore: update

* chore: update

* chore: update

* Update(nightly-build): use sticky comment in case of PR.

* Update nightly-build.yml

* update(on-demand-preview-releases-PR): use sticky comments

* Update nightly-build.yml

* Update nightly-build.yml

* Update nightly-build.yml

* add: release outputs

* Update nightly-build.yml

* Update community-release-notifier.yml

* Update nightly-build.yml

* Update nightly-build.yml

* Update community-release-notifier.yml

* Update nightly-build.yml

* Update on-demand-preview-releases-PR.yml

* fix: on-demand PR builds CI's failure detection conditions

* refactor(on-demand-ci): To use sticky comments for initial Informing of build status.

* fix(on-demand-ci): job failure comment always triggering, uses `always()` alongside now.

These commit fixes job failure comment always triggering and posting failure comments regardless if build workflow succeeds

* chore: limit failure status (PR) comment to failure, cancelled types

* chore: remove debug upstream result step (saving ~2-3s run time)

* chore: update

* chore: update

* chore: update

* chore: add if for releaseRequired in release-notifier for nightly-build.yml

* chore: add if for releaseRequired in release-notifier for nightly-build.yml

* chore: add if for releaseRequired in release-notifier for nightly-build.yml

* chore: add check if release url is present before running community actions

* chore: add Repo checks
diff --git a/.github/workflows/community-release-notifier.yml b/.github/workflows/community-release-notifier.yml
@@ -0,0 +1,38 @@
+name: community-release-notifier
+on:
+  release:
+    types: [ released ]
+  workflow_call:
+    inputs:
+       tag_name:
+          required: true
+          description: "Release tag_name"
+          type: 'string' 
+       url: 
+          required: true
+          description: "release URL"
+          type: 'string'
+    secrets:
+      DISCORD_WEBHOOK_RELEASE_NOTES:
+        description: 'Discord Webhook for Notifying Releases to Discord'
+        required: true
+
+jobs:
+  discord-release:
+    if: github.repository_owner == 'Acode-Foundation'
+    runs-on: ubuntu-latest
+    steps:
+    - name: Get Release Content
+      id: get-release-content
+      uses: 2428392/gh-truncate-string-action@b3ff790d21cf42af3ca7579146eedb93c8fb0757 # v1.4.1
+      with:
+        maxLength: 2000
+        stringToTruncate: |
+          📢 Acode [${{ github.event.release.tag_name || inputs.tag_name }}](<${{ github.event.release.url || inputs.url }}>) was just Released 🎉!
+          
+
+    - name: Discord Webhook Action (Publishing)
+      uses: tsickert/discord-webhook@c840d45a03a323fbc3f7507ac7769dbd91bfb164 # v5.3.0
+      with:
+        webhook-url: ${{ secrets.DISCORD_WEBHOOK_RELEASE_NOTES }}
+        content: ${{ steps.get-release-content.outputs.string }}
diff --git a/.github/workflows/nightly-build.yml b/.github/workflows/nightly-build.yml
@@ -0,0 +1,224 @@
+  name: Nightly Build
+
+  on:
+    schedule:
+      # Fire every day at 7:00am UTC (Roughly before EU workday and after US workday)
+      - cron: "0 7 * * *"
+    push:
+      tags:
+        - nightly
+    workflow_call:
+      inputs:
+        is_PR:
+          default: false
+          type: boolean
+          description: If a Pull Request has triggered it.
+        PR_NUMBER:
+          required: true
+          type: number
+          description: The Pull Request that triggered this workflow
+        skip_tagging_and_releases:
+          required: false
+          default: true
+          type: boolean
+          description: Skips Tagging & releases, since workflow_call isn't available for github.event_name, default is true
+      outputs:
+        job_result:
+          description: "Build job result"
+          value: ${{ jobs.build.result }}
+
+    workflow_dispatch:
+
+  concurrency:
+    # Allow only one workflow per any non-`main` branch.
+    group: ${{ github.workflow }}-${{ github.ref_name }}-${{ github.ref_name == 'main' && github.sha || 'anysha' }}-${{ inputs.is_PR && 'is_PR' || 'not_PR'}}
+    cancel-in-progress: true
+
+  env:
+    STORE_FILE_PATH: /tmp/app-debug.keystore
+    BUILD_JSON_PATH: build.json
+    VERSION_LABEL: ${{ (inputs.is_PR && 'pr') || 'nightly' }}
+    DISCORD_RELEASE_NOTIFIER_ENABLED: "true"
+  jobs:
+    build:
+      timeout-minutes: 60
+      runs-on: ubuntu-latest
+      if: github.repository_owner == 'Acode-Foundation'
+      
+      outputs:
+         release_output_url: ${{ steps.release.outputs.url }} 
+         updated_version: ${{ steps.update-version.outputs.UPDATED_VERSION}} 
+      steps:
+        - name: Fast Fail if secrets are missing
+          if: ${{ env.KEYSTORE_CONTENT == '' || env.BUILD_JSON_CONTENT == '' }}
+          env:
+             KEYSTORE_CONTENT: ${{ secrets.KEYSTORE_CONTENT }} 
+             BUILD_JSON_CONTENT: ${{ secrets.BUILD_JSON_CONTENT }} 
+          run: |
+            echo "::error title=Missing Secrets::KEYSTORE_CONTENT or BUILD_JSON_CONTENT secrets are missing! Aborting workflow."
+            exit 1
+        
+        - name: Logging & summaries
+          run: |
+            echo "::group::Logging" 
+            echo "🎯 github trigger event name: ${{ github.event_name }}"
+            echo "is_PR: ${{ inputs.is_PR }} "
+            echo "PR_NUMBER: ${{ inputs.PR_NUMBER }}" 
+            echo "env: STORE_FILE_PATH: ${{ env.STORE_FILE_PATH }}" 
+            echo "env: BUILD_JSON_PATH: ${{ env.BUILD_JSON_PATH }}" 
+            echo "env: VERSION_LABEL: ${{ env. VERSION_LABEL }}"
+            echo "github sha: ${{ github.sha }}" 
+            echo "should not skip tags, releases: ${{ ! inputs.skip_tagging_and_releases }} " 
+            echo "::endgroup::" 
+            
+            echo "## 🚀 Build Type: ${{ env.VERSION_LABEL }}" >> $GITHUB_STEP_SUMMARY
+            echo "is_PR: ${{ inputs.is_PR || 'NOT a PR' }}" >> $GITHUB_STEP_SUMMARY
+            echo "PR_NUMBER: ${{ inputs.PR_NUMBER || 'not a PR' }}" >> $GITHUB_STEP_SUMMARY
+            echo "should not skip tags, releases: ${{ ! inputs.skip_tagging_and_releases }}" >> $GITHUB_STEP_SUMMARY     
+
+        - name: Checkout Repository
+          uses: actions/checkout@v4
+          with:
+            fetch-depth: 0 # Required for tags
+
+        - name: Set up Java 21
+          uses: actions/setup-java@v4
+          with:
+            distribution: 'temurin'
+            java-version: '21'
+            cache: ${{ (github.ref == 'refs/heads/main' && 'gradle') || '' }}
+
+        - name: Set up Node.js
+          uses: actions/setup-node@v4
+          with:
+            node-version: 'lts/*' # or '18.x' for latest stable
+
+        - name: Add keystore and build.json from secrets
+          run: |
+            echo "${{ secrets.KEYSTORE_CONTENT }}" | base64 -d > $STORE_FILE_PATH
+            echo "${{ secrets.BUILD_JSON_CONTENT }}" | base64 -d > $BUILD_JSON_PATH
+            echo "Keystore and build.json added successfully."
+
+        - name: Export Commit Hash & prev tag
+          run: |
+            echo "GIT_COMMIT=$(git rev-parse HEAD)" >> $GITHUB_ENV
+            echo "PREV_TAG=$(git describe --tags --abbrev=0 || git rev-list --max-parents=0 HEAD)" >> $GITHUB_ENV
+
+        - name: Extract versionCode and version from config.xml
+          id: extract_version
+          run: |
+            if [ ! -f config.xml ]; then
+            echo "config.xml not found!"
+            exit 1
+            fi
+            VERSION_CODE=$(grep 'versionCode=' config.xml | sed -E 's/.*versionCode="([0-9]+)".*/\1/')
+            VERSION=$(grep -oP 'version="\K[0-9.]+' config.xml)
+            echo "VERSION_CODE=$VERSION_CODE" >> $GITHUB_OUTPUT
+            echo "VERSION=$VERSION" >> $GITHUB_OUTPUT
+            echo "Extracted Version Code: $VERSION_CODE"
+            echo "Extracted Version: $VERSION"
+
+        - name: Append Commit Hash to Version and Update config.xml
+          id: update-version 
+          run: |
+            SHORT_COMMIT_HASH=$(echo "${{ env.GIT_COMMIT }}" | cut -c 1-7)
+            if ${{ inputs.is_PR  || false }}; then 
+              PR_NUMBER=${{ inputs.PR_NUMBER }}
+            else
+              PR_NUMBER=
+            fi
+            UPDATED_VERSION="${{ steps.extract_version.outputs.VERSION }}-${{ env.VERSION_LABEL }}.${PR_NUMBER:-$SHORT_COMMIT_HASH}"
+            echo "Updated Version: $UPDATED_VERSION"
+            
+            # Update config.xml with the new version
+            sed -i "s/version=\"${{ steps.extract_version.outputs.VERSION }}\"/version=\"$UPDATED_VERSION\"/g" config.xml
+            echo "Updated version in config.xml"
+            # Output the updated version
+            echo "UPDATED_VERSION=$UPDATED_VERSION" >> $GITHUB_ENV
+            echo "UPDATED_VERSION=$UPDATED_VERSION" >> $GITHUB_OUTPUT 
+
+        - name: Install Node.js Packages
+          run: npm install
+
+        - name: Run npm setup
+          run: npm run setup
+
+        - name: Run npm build paid dev apk
+          run: |
+             npm run build paid dev apk
+             echo "VERSION: $UPDATED_VERSION" >> $GITHUB_STEP_SUMMARY
+
+        - name: Upload APK Artifact
+          uses: actions/upload-artifact@v4
+          with:
+            name: app-debug-${{ env.GIT_COMMIT }}
+            path: platforms/android/app/build/outputs/apk/debug/app-debug.apk
+
+        - name: remove keystore and build.json
+          run: |
+            rm $STORE_FILE_PATH $BUILD_JSON_PATH
+            echo "Keystore and build.json removed successfully."
+        
+        - name: Check Nightly Tag and Force Update
+          #if: github.event_name == 'push' && contains(github.event.ref, 'tags/nightly') == false
+          if: ${{ ! inputs.skip_tagging_and_releases }}
+          run: |
+            # Check if the nightly tag exists and get the commit it points to
+            if git show-ref --quiet refs/tags/nightly; then
+              TAG_COMMIT=$(git rev-parse nightly)
+            else
+              TAG_COMMIT=""
+            fi
+            
+            # If the current commit is the same as the tag, skip updating the tag
+            if [ "$TAG_COMMIT" != "${{ env.GIT_COMMIT }}" ]; then
+              echo "releaseRequired=true" >> $GITHUB_ENV
+              # export tag commit before updating for change logs comparing. 
+              echo "TAG_COMMIT=$TAG_COMMIT" >> $GITHUB_ENV 
+            
+              git config --global user.name 'GitHub Actions'
+              git config --global user.email 'github-actions@github.com'
+              git tag -f nightly
+              git push origin nightly --force
+            else
+              echo "Nightly tag already points to this commit. Skipping update."
+            fi
+
+        - name: Release Nightly Version
+#          Only run this step, if not called from another workflow. And a previous step is successful with releasedRequired=true
+          id: release
+          if: ${{ ! inputs.skip_tagging_and_releases && success() && env.releaseRequired == 'true' }}
+          uses: softprops/action-gh-release@v2
+          with:
+            prerelease: true
+            name: ${{ env.UPDATED_VERSION }}
+            tag_name: ${{ env.UPDATED_VERSION }} 
+            files: |
+              platforms/android/app/build/outputs/apk/debug/app-debug.apk
+            body: |
+              Automated Nightly (pre-release) Releases for Today
+              \n\n[Compare Changes](https://github.com/${{ github.repository }}/compare/${{ env.TAG_COMMIT }}...${{ github.sha }})
+
+        - name: Update Last Comment by bot (If ran in PR)
+          if: inputs.is_PR
+          uses: marocchino/sticky-pull-request-comment@v2
+          with:
+             hide_and_recreate: true
+             hide_classify: "OUTDATED"
+             header: on-demand-build-status
+             message: |
+                   Preview Release for this, has been built.
+         
+                   [Click here to view that github actions build](https://github.com/${{ github.repository}}/actions/runs/${{ github.run_id }})
+             
+
+    community-release-notifier:
+      needs: build
+#      Run only if push tags, or triggered by a schedule
+      if: ${{ github.repository_owner == 'Acode-Foundation' && (contains(fromJSON('["push", "schedule"]'), github.event_name) || ! inputs.skip_tagging_and_releases) && needs.build.outputs.release_output_url }}
+      uses: Acode-Foundation/acode/.github/workflows/community-release-notifier.yml@main
+      with:
+         tag_name: ${{ needs.build.outputs.updated_version }}
+         url: ${{ needs.build.outputs.release_output_url }}
+      secrets:
+        DISCORD_WEBHOOK_RELEASE_NOTES: ${{ secrets.DISCORD_WEBHOOK_RELEASE_NOTES }}
diff --git a/.github/workflows/on-demand-preview-releases-PR.yml b/.github/workflows/on-demand-preview-releases-PR.yml
@@ -0,0 +1,101 @@
+name: On Demand Preview Releases for PR
+#  avoids paths like .md, and anything in .github folder
+on:
+  pull_request:
+    paths-ignore:
+      - '!*.md'
+#      - '.github/**'
+    types: [labeled, synchronize]
+
+
+permissions:
+  contents: write
+  pull-requests: write
+  # All Pull Requests are issues, but not all issues are Pull Requests (like GitHub says 🙃)
+  issues: write
+
+concurrency:
+  # Allow only one workflow per any non-`main` branch.
+  group: ${{ github.workflow }}-${{ github.ref_name }}-${{ github.ref_name == 'main' && github.sha || 'anysha' }}
+  cancel-in-progress: true
+
+jobs:
+  job_trigger:
+    name: Trigger Preview Release (if conditions met)
+    if: |
+        (github.repository_owner == 'Acode-Foundation'
+        && (!contains(github.event.pull_request.labels.*.name, 'DO NOT PREVIEW RELEASE') 
+        && (contains(github.event.pull_request.labels.*.name, 'Bypass check - PREVIEW RELEASE') 
+        || contains(github.event.pull_request.labels.*.name, 'CI: RUN ON-DEMAND PREVIEW RELEASES')))
+        )
+
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v4
+        with:
+          clean: false
+          fetch-depth: 0
+
+      - name: Remove Manually added PR Label
+        if: |
+          contains(github.event.pull_request.labels.*.name, 'CI: RUN ON-DEMAND PREVIEW RELEASES')
+
+        run: gh pr edit $PR --remove-label "$labels"
+        env:
+           PR: ${{ github.event.pull_request.number }}
+           labels: 'CI: RUN ON-DEMAND PREVIEW RELEASES'
+           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Add comment to PR
+        uses: marocchino/sticky-pull-request-comment@v2
+        with:
+          hide_and_recreate: true
+          hide_classify: "OUTDATED"
+          header: on-demand-build-status
+          message: |
+            ⚒️ Starting a workflow to build, Your On-Demand Preview Release/build for ${{ github.event.pull_request.html_url || github.event.pull_request.url }}.
+            
+            status: **\`🟡 in_progress\`**
+            
+            Kindly wait, this message may be updated with success or failure status.
+            
+            For Owners: Please [Click here to view that github actions](https://github.com/${{ github.repository}}/actions/runs/${{ github.run_id }})/
+
+        env:
+          PR: ${{ github.event.pull_request.number }}
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+  trigger_builder:
+      needs: job_trigger
+      secrets: inherit
+      uses: Acode-Foundation/acode/.github/workflows/nightly-build.yml@main
+      with:
+        is_PR: true
+        PR_NUMBER: ${{ github.event.pull_request.number }}
+        skip_tagging_and_releases: true
+
+  update_Last_Comment:
+      needs: [job_trigger,trigger_builder]
+      runs-on: ubuntu-latest
+      if: ${{ github.repository_owner == 'Acode-Foundation' && always() && contains(fromJSON('["failure","cancelled"]'), needs.trigger_builder.result) }}
+      steps:
+#        - name: Checkout code
+#          uses: actions/checkout@v4
+#          with:
+#            clean: false
+#            fetch-depth: 0
+
+        - name: Update Last Comment by bot (if Workflow Triggering failed)
+          uses: marocchino/sticky-pull-request-comment@v2
+          with:
+             hide_and_recreate: true
+             hide_classify: "OUTDATED"
+             header: on-demand-build-status
+             message: |
+                   🔴 (Workflow Trigger stopped), Your On-Demand Preview Release/build for ${{ github.event.pull_request.html_url || github.event.pull_request.url }}.
+                   status: **${{ needs.trigger_builder.result || 'failure'}}**         
+               
+                   ---
+                   For Owners: Please [Click here to view that github actions](https://github.com/${{ github.repository}}/actions/runs/${{ github.run_id }})
