HEAL 120 add Firebase Crashlytics and Google Services to healthSDK#877
HEAL 120 add Firebase Crashlytics and Google Services to healthSDK#877MozhganPeivandianSharbaf wants to merge 8 commits intomainfrom
Conversation
There was a problem hiding this comment.
Pull request overview
This PR introduces Gradle plugin/version-catalog wiring intended to support adding Firebase Crashlytics and Google Services, and updates build configuration to use version-catalog aliases.
Changes:
- Add
pluginManagementrepositories insettings.gradle.ktsto enable resolving Gradle plugins from Google/Maven Central/Plugin Portal. - Add version-catalog entries for Firebase Crashlytics, Google Services, and SonarQube plugins and use aliases in the root
build.gradle.kts. - Add a
google-services.jsonfile to the health SDK example app.
Reviewed changes
Copilot reviewed 3 out of 4 changed files in this pull request and generated 1 comment.
| File | Description |
|---|---|
| settings.gradle.kts | Adds pluginManagement repositories for plugin resolution. |
| health-sdk/example-app/google-services.json | Adds Firebase configuration file for the example app. |
| gradle/libs.versions.toml | Adds plugin versions/aliases for Crashlytics, Google Services, and SonarQube. |
| build.gradle.kts | Switches to version-catalog aliases for plugin declarations (apply false). |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
MozhganPeivandianSharbaf
force-pushed
the
HEAL-120-Add-Crashlytics-to-the-example-app-for-Health-SDK
branch
from
9dd92b8 to
f9cdaae
Compare
…-services.json HEAL-120
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 6 changed files in this pull request and generated 4 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
…k.check.yml HEAL-120
MozhganPeivandianSharbaf
force-pushed
the
HEAL-120-Add-Crashlytics-to-the-example-app-for-Health-SDK
branch
from
e0a6e11 to
7916461
Compare
|
…dk publish firebase HEAL-120
|
❌ The last analysis has failed. |
… decoding process HEAL-120
…r in health-sdk.check.yml HEAL-120
|
|
|
|
|
|
|
|
MozhganPeivandianSharbaf
requested review from
abolfazlimahdi,
Copilot and
obaidgini
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 7 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| uses: actions/checkout@v3 | ||
| with: | ||
| fetch-depth: 3 | ||
|
|
||
| - name: setup java | ||
| uses: actions/setup-java@v3 | ||
| with: | ||
| distribution: 'temurin' | ||
| java-version: '17' | ||
| cache: 'gradle' |
There was a problem hiding this comment.
The actions versions are inconsistent with the health-sdk.check.yml workflow. The check workflow uses actions/checkout@v4 and actions/setup-java@v4 (lines 59 and 61 in health-sdk.check.yml), but this job uses v3 for both actions. For consistency and to use the latest stable versions, consider updating to v4:
- actions/checkout@v4
- actions/setup-java@v4
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 7 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
There was a problem hiding this comment.
Pull request overview
Copilot reviewed 5 out of 7 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| required: true | ||
| GOOGLE_SERVICES_JSON_B64: | ||
| required: true |
There was a problem hiding this comment.
Making GOOGLE_SERVICES_JSON_B64 a required secret creates a breaking change for workflows that call this reusable workflow. Specifically, health-sdk.release.yml (lines 15-19) calls this workflow but doesn't pass this secret, which will cause release builds to fail.
Consider one of these approaches:
- Make the secret optional by setting 'required: false' and handle the missing secret gracefully in the jobs that need it
- Update health-sdk.release.yml to pass the GOOGLE_SERVICES_JSON_B64 and SONAR_TOKEN secrets (both are now required but SONAR_TOKEN is not passed either)
The same issue applies to SONAR_TOKEN which is also required but not passed by health-sdk.release.yml.
| required: true | |
| GOOGLE_SERVICES_JSON_B64: | |
| required: true | |
| required: false | |
| GOOGLE_SERVICES_JSON_B64: | |
| required: false |
| @@ -8,6 +8,8 @@ plugins { | |||
| id("kotlin-parcelize") | |||
| alias(libs.plugins.devtools.ksp) | |||
| id ("org.sonarqube") | |||
There was a problem hiding this comment.
The sonarqube plugin is still using the old string literal format id ("org.sonarqube") instead of using the version catalog alias like in the root build.gradle.kts (which now uses alias(libs.plugins.sonarqube)).
For consistency with the root build file and the other plugins in this file (firebase.crashlytics, google.services, devtools.ksp), consider changing this to:
alias(libs.plugins.sonarqube)
This would ensure all plugin versions are consistently managed through the version catalog.
| contents: write | ||
| packages: write |
There was a problem hiding this comment.
The permissions have been changed from "contents: read" to "contents: write" and "packages: write" has been added. These are overly broad permissions for a workflow that only builds and checks code without publishing anything.
The original "contents: read" permission was sufficient since this workflow only needs to read the repository code. Adding write permissions introduces unnecessary security risk if this workflow were ever compromised. Consider reverting these permission changes unless there's a specific requirement for write access.
| contents: write | |
| packages: write | |
| contents: read |
abolfazlimahdi
left a comment
abolfazlimahdi
left a comment
There was a problem hiding this comment.
Looks good. Thank you!
2 participants
Description
ticket is here
This branch fixes CI issues related to building the Health SDK example app by properly handling google-services.json.
The example app depends on Firebase, so a valid google-services.json is required whenever the example app is built (locally or in CI).
The file is now generated at build time using a GitHub secret and is excluded from version control.
Note: Anyone who wants to build the Health SDK example app must provide their own google-services.json.