chore: Add CI workflows for building and running the example app#13
Merged
kinyoklion merged 2 commits intomainfrom Mar 3, 2026
Merged
chore: Add CI workflows for building and running the example app#13kinyoklion merged 2 commits intomainfrom
kinyoklion merged 2 commits intomainfrom
Conversation
Co-Authored-By: rlamb@launchdarkly.com <rlamb@launchdarkly.com>
Contributor
Author
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
kinyoklion
requested changes
Mar 3, 2026
…tion validation Co-Authored-By: rlamb@launchdarkly.com <rlamb@launchdarkly.com>
![devin-ai-integration[bot]](https://avatars.githubusercontent.com/in/811515?s=60&v=4){kind=small}
kinyoklion
approved these changes
Mar 3, 2026
tanderson-ld
approved these changes
Mar 3, 2026
kinyoklion
changed the title
4 tasks
kinyoklion
added a commit
to launchdarkly/hello-macos
that referenced
this pull request
Mar 3, 2026
# Add CI workflows for building and running the example app ## Summary Updates the existing build workflow (`ci.yml`) and adds a new run workflow (`run.yml`) for the `hello-macos` project, following the same pattern as [hello-android PR #13](launchdarkly/hello-android#13). **`ci.yml` changes:** - Pins `actions/checkout` to SHA with version comment (`v4.2.2`) - Adds version comment to existing pinned `setup-xcode` SHA (`v1.6.0`) - Adds `-workspace 'hello-macos.xcworkspace'` to the `xcodebuild` command - Removes the `schedule` cron trigger (preserves `feat/**` branch triggers) - Renames job from `macos-build` to `build` **`run.yml` (new):** - Fetches mobile key and flag key from AWS SSM via `release-secrets` - Injects credentials into source files via `sed` (using `|` delimiter for safety) - Builds the app with `xcodebuild` - Launches the app with `open`, waits 15s, then uses AppleScript (`osascript`) to read the window text and `grep` for `"feature flag evaluates to true"` ### Action versions used | Action | Version | SHA | Reference | |---|---|---|---| | `actions/checkout` | v4.2.2 | `11bd71901bbe5b1630ceea73d27597364c9af683` | [release](https://github.com/actions/checkout/releases/tag/v4.2.2) | | `maxim-lobanov/setup-xcode` | v1.6.0 | `60606e260d2fc5762a71e64e74b2174e8ea3c8bd` | [release](https://github.com/maxim-lobanov/setup-xcode/releases/tag/v1.6.0) | | `launchdarkly/gh-actions/actions/release-secrets` | release-secrets-v1.2.0 | `bbbbbda684f500766264e7fe327668094ba83d1c` | [release](https://github.com/launchdarkly/gh-actions/releases/tag/release-secrets-v1.2.0) | ## Updates since last revision - Restored `feat/**` branch triggers in `ci.yml` for both `push` and `pull_request` (per reviewer feedback). - Switched `sed` delimiter from `/` to `|` in both key injection commands for safer substitution (per reviewer feedback). ## Review & Testing Checklist for Human CI is currently green (build, run, and semgrep all pass), but the following items warrant manual verification: - [ ] **AppleScript reliability across runner updates**: The `run.yml` verification uses `osascript` with `System Events` to read UI text. While this passed CI on `macos-14`, it relies on the runner granting accessibility permissions to the shell. If GitHub updates runner configurations this could break. This is the highest-risk item. - [ ] **Process name in AppleScript**: The script references `process "hello-macos"` — confirm this consistently matches the actual process name when the `.app` bundle is launched. It may vary across Xcode/macOS versions. - [ ] **Verify SHA pins**: Confirm each SHA in the table above matches the stated version tag on the corresponding action's releases page. - [ ] **Intentional removal of `schedule` cron trigger**: The original `ci.yml` had a daily cron schedule (`0 9 * * *`). This was removed to align with the `hello-android` pattern. Confirm this is desired. **Suggested test plan:** Trigger the `run.yml` workflow manually 2–3 times to confirm the AppleScript-based verification is stable and not flaky due to timing or permissions. ### Notes - Unlike Android, this does not require an emulator — the macOS app runs natively on the `macos-14` runner. - The 15-second sleep before reading the window text may need tuning if SDK initialization takes longer in CI. - SDK key retrieval follows the same `release-secrets` pattern used in other hello-app repos. --- Link to Devin Session: https://app.devin.ai/sessions/cea1bda349b740048511ed04e7be5c61 Requested by: rlamb@launchdarkly.com --------- Co-authored-by: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Co-authored-by: rlamb@launchdarkly.com <rlamb@launchdarkly.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Add CI workflows for building and running the example app
Summary
Adds two GitHub Actions workflows to the
hello-androidproject:build.yml— Builds the debug APK using Gradle on ubuntu-22.04 with Java 17 (Temurin).run.yml— Fetches the LaunchDarkly mobile key and flag key from AWS SSM, injects them into the source, builds the debug APK, launches it on an Android emulator (API 29, x86_64), and validates that the UI displays "feature flag evaluates to true".Both workflows trigger on pushes and PRs to
main, ignoring markdown-only changes.All actions are pinned to full SHAs with inline version comments and a reference link to the release page above each
uses:line.Action versions used
actions/checkout11bd71901bbe5b1630ceea73d27597364c9af683actions/setup-javac5195efecf7bdfc987ee8bae7a71cb8b11521c00launchdarkly/gh-actions/actions/release-secretsbbbbbda684f500766264e7fe327668094ba83d1cjlumbroso/free-disk-space54081f138730dfa15788a46383842cd2f914a1bereactivecircus/android-emulator-runner324029e2f414c084d8b15ba075288885e74aef9cReview & Testing Checklist for Human
AWS_ROLE_ARNrepository variable: The run workflow requiresvars.AWS_ROLE_ARNto be configured for the OIDC-based AWS credentials flow. Confirm this variable is set in the repo settings.sedinjection robustness: The mobile key is injected viased -i "s/mobile-key-from-launch-darkly-website/$LAUNCHDARKLY_MOBILE_KEY/". If the mobile key contains/or other sed-special characters, this will break. Verify the key format is safe, or consider switching to a different delimiter.uiautomator dumpreliability: The evaluation validation usesadb exec-out uiautomator dump /dev/ttyto capture UI text. Verify this reliably captures the flag evaluation text on the emulator. The 15-second sleep before the dump may need tuning if SDK initialization takes longer in CI.Notes
js-corerepo'sreact-native-detox.ymlworkflow.release-secretspattern used in other hello-app repos (e.g.hello-ruby).build.yml) is straightforward and low-risk.run.yml) uses KVM acceleration for emulator performance and frees disk space before launching the emulator to avoid space issues.Link to Devin Session: https://app.devin.ai/sessions/0b2bb3fc4f5845238a581c78eefd5369
Requested by: rlamb@launchdarkly.com