From b75e1583abcc1f21d43352d41112bc1b67c54ef4 Mon Sep 17 00:00:00 2001
From: Okhan Okbay <125963311+okhan-okbay-cko@users.noreply.github.com>
Date: Tue, 12 Dec 2023 16:49:30 +0000
Subject: [PATCH] Migrate to GitHub Actions (#7)

---
 CODEOWNERS => .github/CODEOWNERS      |  0
 .github/scripts/lintEditedFiles.sh    | 20 +++++++++
 .github/workflows/codeql-analysis.yml | 54 +++++++++++++++++++++++
 .github/workflows/verify-pr.yml       | 37 ++++++++++++++++
 Scripts/runSonarQube.sh               | 17 --------
 bitrise.yml                           | 62 ---------------------------
 6 files changed, 111 insertions(+), 79 deletions(-)
 rename CODEOWNERS => .github/CODEOWNERS (100%)
 create mode 100644 .github/scripts/lintEditedFiles.sh
 create mode 100644 .github/workflows/codeql-analysis.yml
 create mode 100644 .github/workflows/verify-pr.yml
 delete mode 100755 Scripts/runSonarQube.sh
 delete mode 100644 bitrise.yml

diff --git a/CODEOWNERS b/.github/CODEOWNERS
similarity index 100%
rename from CODEOWNERS
rename to .github/CODEOWNERS
diff --git a/.github/scripts/lintEditedFiles.sh b/.github/scripts/lintEditedFiles.sh
new file mode 100644
index 0000000..9d5505d
--- /dev/null
+++ b/.github/scripts/lintEditedFiles.sh
@@ -0,0 +1,20 @@
+#!/bin/sh
+
+set -o pipefail
+git fetch origin main
+echo "Fetched"
+
+# Use a conditional to check if there are edited files
+if EDITED_FILES=$(git diff HEAD origin/main --name-only --diff-filter=d | grep "\.swift" | grep -v "\.swiftlint\.yml" | xargs echo | tr ' ' ','); then
+  echo "Got edited files"
+  echo $EDITED_FILES
+
+  # Check if EDITED_FILES is empty or null
+  if [ -z "$EDITED_FILES" ]; then
+    echo "No edited .swift files found."
+  else
+    swiftlint lint $EDITED_FILES | sed -E -n 's/^(.*):([0-9]+):([0-9]+): error: (.*)/::error file=\1,line=\2,col=\3::\4\n\1:\2:\3/p'
+  fi
+else
+  echo "No changes in .swift files found."
+fi
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
new file mode 100644
index 0000000..ef577b2
--- /dev/null
+++ b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,54 @@
+name: "Run CodeQL"
+
+on:
+  push:
+    branches:
+      - 'main'
+      - 'develop'
+      - 'release/*'
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches:
+      - 'main'
+      - 'develop'
+      - 'release/*'
+  schedule:
+    - cron: '34 2 * * 0'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: [ macos-latest ]
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'swift' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+      with:
+        submodules: recursive
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v2
+      with:
+        languages: ${{ matrix.language }}
+        queries: security-and-quality
+
+    - name: Build
+      run: |
+        xcodebuild -scheme CheckoutNetwork -destination "platform=iOS Simulator,name=iPhone 14 Pro,OS=latest"
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v2
diff --git a/.github/workflows/verify-pr.yml b/.github/workflows/verify-pr.yml
new file mode 100644
index 0000000..7118ef2
--- /dev/null
+++ b/.github/workflows/verify-pr.yml
@@ -0,0 +1,37 @@
+name: "Verify PR"
+
+on:
+  pull_request:
+    branches:
+      - 'main'
+      - 'develop'
+      - 'release/*'
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: true
+
+jobs:
+  lint:
+    name: SwiftLint
+    runs-on: macos-latest
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Lint Edited Files
+        run: bash .github/scripts/lintEditedFiles.sh
+
+  verify-pr:
+    name: Verify PR
+    runs-on: macos-latest
+    needs: lint
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v3
+
+    - name: Build
+      run: |
+        set -o pipefail && xcodebuild -scheme CheckoutNetwork -destination "platform=iOS Simulator,name=iPhone 14 Pro,OS=latest"
diff --git a/Scripts/runSonarQube.sh b/Scripts/runSonarQube.sh
deleted file mode 100755
index 9943696..0000000
--- a/Scripts/runSonarQube.sh
+++ /dev/null
@@ -1,17 +0,0 @@
-#!/bin/sh
-
-export SONAR_SCANNER_VERSION=4.7.0.2747
-export SONAR_SCANNER_HOME=$HOME/.sonar/sonar-scanner-$SONAR_SCANNER_VERSION-macosx
-curl --create-dirs -sSLo $HOME/.sonar/sonar-scanner.zip https://binaries.sonarsource.com/Distribution/sonar-scanner-cli/sonar-scanner-cli-$SONAR_SCANNER_VERSION-macosx.zip
-unzip -o $HOME/.sonar/sonar-scanner.zip -d $HOME/.sonar/
-export PATH=$SONAR_SCANNER_HOME/bin:$PATH
-export SONAR_SCANNER_OPTS="-server"
-
-sonar-scanner \
-  -Dsonar.projectKey=checkout_NetworkClient-iOS_AYhsdjYEfXz2nF6wDAnO \
-  -Dsonar.sources=. \
-  -Dsonar.c.file.suffixes=- \
-  -Dsonar.cpp.file.suffixes=- \
-  -Dsonar.objc.file.suffixes=- \
-  -Dsonar.coverage.exclusions=Tests/** \
-  -Dsonar.host.url=https://sonarqube-ext.mgmt.ckotech.co
diff --git a/bitrise.yml b/bitrise.yml
deleted file mode 100644
index 2947b91..0000000
--- a/bitrise.yml
+++ /dev/null
@@ -1,62 +0,0 @@
----
-format_version: '11'
-default_step_lib_source: https://github.com/bitrise-io/bitrise-steplib.git
-project_type: other
-
-workflows:
-
-### MARK: Basic Workflows
-  # Ensure unit tests are passing
-  Prepare_environment:
-    steps:
-    - activate-ssh-key@4:
-        run_if: '{{getenv "SSH_RSA_PRIVATE_KEY" | ne ""}}'
-    - git-clone@6: {}
-  
-  Run_unit_tests:
-    steps:
-    - script@1:
-        title: Run unit tests
-        inputs:
-        - content: |-
-            xcodebuild test \
-                -sdk iphonesimulator \
-                -destination "platform=iOS Simulator,name=iPhone 14" \
-                -scheme "CheckoutNetwork" \
-                | xcpretty \
-                && exit ${PIPESTATUS[0]}
-
-  Run_sonar:
-    steps:
-    - script@1:
-        title: Install and run SonarQube
-        inputs:
-        - content: |-
-            chmod 755 ./Scripts/runSonarQube.sh
-            ./Scripts/runSonarQube.sh
-            
-### MARK: Merged Workflows
-  UnitTestPipeline:
-    before_run:
-    - Prepare_environment
-    after_run:
-    - Run_unit_tests
-    
-  SonarQubePipeline:
-    before_run:
-    - Prepare_environment
-    after_run:
-    - Run_sonar
-    
-meta:
-  bitrise.io:
-    stack: osx-xcode-14.3.x-ventura
-    machine_type_id: g2-m1.4core
-    
-### MARK: Automatic triggers
-# Only the first trigger is detected, so the order is very important !!!
-trigger_map:
-  # On each pull request run unit tests
-- pull_request_source_branch: '*'
-  pull_request_target_branch: '*'
-  workflow: UnitTestPipeline