hCaptcha · CAMOBAP · Jul 16, 2024 · Jul 2, 2024 · Jul 3, 2024 · Jul 12, 2024
diff --git a/.github/actions/android-emulator-run/action.yml b/.github/actions/android-emulator-run/action.yml
@@ -25,11 +25,16 @@ inputs:
     description: Emulator boot options
     required: true
     default: -no-window -gpu swiftshader_indirect -noaudio -no-boot-anim -camera-back none
+  fresh-avd:
+    description: Force AVD creation and skip cache
+    required: false
+    default: 'false'
 
 runs:
   using: "composite"
   steps:
   - name: Cache AVD
+    if: inputs.fresh-avd != 'true'
     uses: actions/cache@v4
     id: avd-cache
     with:
@@ -45,7 +50,7 @@ runs:
       sudo udevadm control --reload-rules
       sudo udevadm trigger --name-match=kvm
   - name: 'Create AVD'
-    if: steps.avd-cache.outputs.cache-hit != 'true'
+    if: inputs.fresh-avd != 'true' && steps.avd-cache.outputs.cache-hit != 'true'
     uses: reactivecircus/android-emulator-runner@v2
     with:
       arch: ${{ inputs.arch }}
@@ -63,6 +68,6 @@ runs:
       profile: ${{ inputs.profile }}
       api-level: ${{ inputs.api-level }}
       emulator-options: ${{ inputs.boot-options }}
-      force-avd-creation: false
+      force-avd-creation: ${{ inputs.fresh-avd == 'true' }}
       disable-animations: true
       script: ${{ inputs.script }}
diff --git a/.github/actions/check-user-permission/action.yml b/.github/actions/check-user-permission/action.yml
@@ -0,0 +1,50 @@
+name: Check User Permission
+description: Checks if the user has the required permission level.
+
+inputs:
+  token:
+    description: Secret GitHub API token to use for making API requests.
+    default: ${{ github.token }}
+    required: true
+  require:
+    description: 'Permission level to check against (admin, write, read)'
+    default: write
+    required: true
+
+outputs:
+  granted:
+    description: 'true if the user has the required permission, false otherwise'
+    value: ${{ steps.check.outputs.granted }}
+  permission:
+    description: actual user permission (admin, write, read)
+    value: ${{ steps.check.outputs.permission }}
+
+runs:
+  using: "composite"
+  steps:
+    - name: Check user permission
+      id: check
+      shell: bash
+      env:
+        GITHUB_TOKEN: ${{ inputs.token }}
+        OWNER: ${{ github.repository_owner }}
+        REPO: ${{ github.event.repository.name }}
+        USERNAME: ${{ github.triggering_actor }}
+        PERMISSION: ${{ inputs.require }}
+      run: |
+        # Fetch the collaborator permission level using the GitHub API
+        response=$(curl -s -H "Authorization: token $GITHUB_TOKEN" \
+                        "https://api.github.com/repos/$OWNER/$REPO/collaborators/$USERNAME/permission")
+
+        # Extract the permission level from the JSON response
+        user_permission=$(echo $response | jq -r '.permission')
+        echo "permission=${user_permission}" >> $GITHUB_OUTPUT
+
+        # Compare the permission level with the required permission
+        if [[ "$user_permission" == "$PERMISSION" || ( "$user_permission" == "admin" && "$PERMISSION" == "write" ) ]]; then
+          echo "User has the required permission."
+          echo "granted=true" >> $GITHUB_OUTPUT
+        else
+          echo "User does not have the required permission."
+          echo "granted=false" >> $GITHUB_OUTPUT
+        fi
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -12,6 +12,7 @@ on:
   pull_request:
     paths-ignore:
       - '**.md'
+  workflow_dispatch:
 
 env:
   JAVA_VERSION: '17'
@@ -134,7 +135,6 @@ jobs:
     # ubuntu-latest fails with JNI ERROR (app bug): weak global reference table overflow (max=51200)
     # macos-latest i.e. macos-14 https://github.com/ReactiveCircus/android-emulator-runner/issues/324
     runs-on: macos-13
-    timeout-minutes: 30
     steps:
       - uses: actions/checkout@v4
       - uses: actions/setup-java@v4
@@ -146,18 +146,20 @@ jobs:
           cache-read-only: false
       - name: Run tests
         uses: ./.github/actions/android-emulator-run
+        timeout-minutes: 20
         with:
           api-level: 29
+          fresh-avd: true
           script: |
             adb uninstall com.hcaptcha.sdk.bench.test || true
             ./gradlew benchmark:connectedReleaseAndroidTest
-      - if: failure()
+      - if: always()
         uses: actions/upload-artifact@v4
         with:
           name: androidTest-benchmark-results
           path: |
-            benchmark/build/outputs/androidTest-results
-            benchmark/build/reports/androidTests
+            benchmark/build/outputs/
+            benchmark/build/reports/
       - name: Diff benchmark result
         id: diff-benchmark
         uses: ./.github/actions/android-benchmark-diff
@@ -196,22 +198,54 @@ jobs:
       - uses: actions/checkout@v4
         with:
           fetch-depth: 0
+      - uses: ./.github/actions/check-user-permission
+        id: write_access
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
       - uses: actions/setup-java@v4
+        if: steps.write_access.outputs.granted == 'true'
         with:
           java-version: ${{ env.JAVA_VERSION }}
           distribution: adopt
       - uses: gradle/actions/setup-gradle@v3
+        if: steps.write_access.outputs.granted == 'true'
         with:
           cache-read-only: false
       - uses: actions/cache@v4
+        if: steps.write_access.outputs.granted == 'true'
         with:
           path: ~/.sonar/cache
           key: ${{ runner.os }}-sonar
           restore-keys: ${{ runner.os }}-sonar
-      - env:
+      - run: ./gradlew sonarqube --info
+        if: steps.write_access.outputs.granted == 'true'
+        env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
-        run: ./gradlew sonarqube --info
+      - uses: peter-evans/find-comment@v3
+        id: find_comment
+        with:
+          issue-number: ${{ github.event.pull_request.number }}
+          body-includes: SonarQube Execution
+      - uses: peter-evans/create-or-update-comment@v4
+        if: steps.find_comment.outputs.comment-id == null && steps.write_access.outputs.granted == 'false'
+        with:
+          body: |
+            SonarQube Execution Skipped. `${{ github.triggering_actor }}` does not have permissions on this repo. Maintainers will rerun it manually
+          edit-mode: replace
+          comment-id: ${{ steps.find_comment.outputs.comment-id }}
+          issue-number: ${{ github.event.pull_request.number }}
+          token: ${{ secrets.GITHUB_TOKEN }}
+      - uses: peter-evans/create-or-update-comment@v4
+        if: steps.find_comment.outputs.comment-id != null && steps.write_access.outputs.granted == 'true'
+        with:
+          body: |
+
+            SonarQube Execution Completed.
+          edit-mode: append
+          comment-id: ${{ steps.find_comment.outputs.comment-id }}
+          issue-number: ${{ github.event.pull_request.number }}
+          token: ${{ secrets.GITHUB_TOKEN }}
 
   size-report:
     name: 'Diffuse report'

diff --git a/benchmark/src/androidTest/java/com/hcaptcha/sdk/HCaptchaWebViewHelperTest.java b/benchmark/src/androidTest/java/com/hcaptcha/sdk/HCaptchaWebViewHelperTest.java
@@ -10,12 +10,14 @@
 import androidx.test.ext.junit.rules.ActivityScenarioRule;
 import androidx.test.ext.junit.runners.AndroidJUnit4;
 
+import org.junit.Ignore;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 
 import java.util.concurrent.CountDownLatch;
 
+@Ignore("https://github.com/hCaptcha/hcaptcha-android-sdk/issues/101")
 @RunWith(AndroidJUnit4.class)
 public class HCaptchaWebViewHelperTest {
     @Rule

diff --git a/gradle/shared/html-java-gen.gradle b/gradle/shared/html-java-gen.gradle
@@ -0,0 +1,31 @@
+android.libraryVariants.all { variant ->
+    def packageName = android.namespace
+    def variantName = variant.name.capitalize()
+    def outputDir = file("${project.buildDir}/generated/source/hcaptcha/${variant.name}/${packageName.replaceAll('\\.', '/')}")
+    def generateTask = project.task("generate${variantName}JavaClassFromStaticHtml") {
+        group 'Generate'
+        description "Generate HTML java class"
+
+        doFirst {
+            def outputJavaClass = file("$outputDir/HCaptchaHtml.java")
+            def template = file("$projectDir/src/main/html/HCaptchaHtml.java.tml").text
+            def html = file("$projectDir/src/main/html/hcaptcha.html")
+                    .readLines()
+                    .stream()
+                    .map({l -> "\"${l.replaceAll('"', '\\\\"')}\\n\""})
+                    .collect(java.util.stream.Collectors.joining("\n${' ' * 16}+ "))
+
+            def engine = new groovy.text.SimpleTemplateEngine()
+            def src = engine.createTemplate(template).make([
+                    "htmlContent": html,
+                    "packageName": packageName
+            ])
+
+            outputDir.mkdirs()
+            outputJavaClass.write(src.toString())
+        }
+    }
+
+    // preBuild.dependsOn generateTask
+    variant.registerJavaGeneratingTask(generateTask, outputDir)
+}
diff --git a/gradle/shared/size-check.gradle b/gradle/shared/size-check.gradle
@@ -0,0 +1,28 @@
+android.libraryVariants.all { variant ->
+    def variantName = variant.name.capitalize()
+    project.task("report${variantName}AarSize") {
+        group 'Help'
+        description "Report ${variant.name} AAR size"
+        dependsOn variant.packageLibraryProvider
+
+        doFirst {
+            var aarPath = variant.packageLibraryProvider.get().archiveFile.get().getAsFile()
+            long aarSizeKb = aarPath.length() / 1024
+            println("File ${aarPath} is ${aarSizeKb}Kbyte")
+        }
+    }
+
+    project.tasks.findByName("check").dependsOn(project.task("check${variantName}AarSize") {
+        group 'Verification'
+        description "Checks ${variant.name} AAR size doesn't exceed ${project.ext}Kb"
+        dependsOn variant.packageLibraryProvider
+
+        doFirst {
+            var aarFile = variant.packageLibraryProvider.get().archiveFile.get().getAsFile()
+            long aarSizeKb = aarFile.length() / 1024
+            if (aarSizeKb > maxAarSizeKb) {
+                throw new GradleException("${aarPath} size exceeded! ${aarSizeKb}Kbyte > ${MAX_AAR_SIZE_KB}Kbyte")
+            }
+        }
+    })
+}
diff --git a/sdk/build.gradle b/sdk/build.gradle
@@ -9,6 +9,10 @@ plugins {
     id "org.sonarqube" version "3.4.0.2513"
 }
 
+ext {
+    maxAarSizeKb = 200
+}
+
 android {
     compileSdk 34
     namespace 'com.hcaptcha.sdk'
@@ -111,64 +115,6 @@ project.afterEvaluate {
     }
 }
 
-long MAX_AAR_SIZE_KB = 200
-
-android.libraryVariants.all { variant ->
-    def variantName = variant.name.capitalize()
-    project.task("report${variantName}AarSize") {
-        group 'Help'
-        description "Report ${variant.name} AAR size"
-        dependsOn variant.packageLibraryProvider
-
-        doFirst {
-            var aarPath = variant.packageLibraryProvider.get().archiveFile.get().getAsFile()
-            long aarSizeKb = aarPath.length() / 1024
-            println("File ${aarPath} is ${aarSizeKb}Kbyte")
-        }
-    }
-
-    project.tasks.findByName("check").dependsOn(project.task("check${variantName}AarSize") {
-        group 'Verification'
-        description "Checks ${variant.name} AAR size doesn't exceed ${MAX_AAR_SIZE_KB}Kb"
-        dependsOn variant.packageLibraryProvider
-
-        doFirst {
-            var aarFile = variant.packageLibraryProvider.get().archiveFile.get().getAsFile()
-            long aarSizeKb = aarFile.length() / 1024
-            if (aarSizeKb > MAX_AAR_SIZE_KB) {
-                throw new GradleException("${aarPath} size exceeded! ${aarSizeKb}Kbyte > ${MAX_AAR_SIZE_KB}Kbyte")
-            }
-        }
-    })
-
-    def packageName = "com.hcaptcha.sdk"
-    def outputDir = file("${project.buildDir}/generated/source/hcaptcha/${variant.name}/${packageName.replaceAll('\\.', '/')}")
-    def generateTask = project.task("generate${variantName}JavaClassFromStaticHtml") {
-        group 'Generate'
-        description "Generate HTML java class"
-
-        doFirst {
-            def outputJavaClass = file("$outputDir/HCaptchaHtml.java")
-            def template = file("$projectDir/src/main/html/HCaptchaHtml.java.tml").text
-            def html = file("$projectDir/src/main/html/hcaptcha.html")
-                    .readLines()
-                    .stream()
-                    .map({l -> "\"${l.replaceAll('"', '\\\\"')}\\n\""})
-                    .collect(java.util.stream.Collectors.joining("\n${' ' * 16}+ "))
-
-            def engine = new groovy.text.SimpleTemplateEngine()
-            def src = engine.createTemplate(template).make([
-                    "htmlContent": html,
-                    "packageName": packageName
-            ])
-
-            outputDir.mkdirs()
-            outputJavaClass.write(src.toString())
-        }
-    }
-
-    // preBuild.dependsOn generateTask
-    variant.registerJavaGeneratingTask(generateTask, outputDir)
-}
-
-apply from: "$rootProject.projectDir/gradle/shared/code-quality.gradle"
+apply from: "$rootProject.projectDir/gradle/shared/code-quality.gradle"
+apply from: "$rootProject.projectDir/gradle/shared/size-check.gradle"
+apply from: "$rootProject.projectDir/gradle/shared/html-java-gen.gradle"