GPTDriver Test Suite Automation Scripts

[NidhiDixit09]

Reference

SDK-XXXX -- <TITLE>.

Summary

Motivation

Type Of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• This change requires a documentation update

Testing Instructions

cc @BranchMetrics/saas-sdk-devs for visibility.

To fix this issue, we need to explicitly set the permissions key in the workflow file to restrict the permissions granted to the GITHUB_TOKEN in the workflow. The minimal, safest starting point is contents: read, which grants read-only repository access. Since this workflow checks out code, builds, signs, and uploads artifacts, but does not push changes, open issues, or create pull requests, the minimal contents: read permission is appropriate. This should be added at the root level of the workflow file (after name: and before on:), which will affect all jobs unless overridden.

No changes to functionality will occur with this update, and all workflow steps will continue to work as before, but potential write access to repository content will be removed.

[matter-code-review]

Summary By MatterAI

🔄 What Changed

Added automation scripts for GPTDriver test suite execution via GitHub Actions. Introduced .github/gptdriverrunscript.sh (Bash script to upload builds, trigger tests, and validate results) and .github/workflows/gpt-driver-tests.yml (CI workflow to build iOS SDK & app, sign, package, and run automated tests on GPTDriver).

🔍 Impact of the Change

Enables fully automated testing of iOS builds on GPTDriver upon pushing to Release-* branches. Integrates version extraction, SDK compilation, app bundling, code signing, IPA generation, and cloud test execution with result reporting in GitHub Actions.

📁 Total Files Changed

• .github/gptdriverrunscript.sh: Added (124 lines) – Core script to interact with GPTDriver API for uploading, running, and monitoring tests.
• .github/workflows/gpt-driver-tests.yml: Added (149 lines) – Orchestrates full CI pipeline: version parsing, SDK/app build, code signing, IPA export, and test triggering.

🧪 Test Added

• Automated E2E Test Flow: On push to Release-*, the workflow:
  1. Extracts version from branch name.
  2. Builds Branch SDK as .xcframework.
  3. Clones simulator app, injects SDK, signs, and builds IPA.
  4. Uploads IPA to GPTDriver via API.
  5. Triggers test suite with tags.
  6. Polls until completion (max 2h timeout).
  7. Reports results via GITHUB_STEP_SUMMARY.

🔒 Security Vulnerabilities

• API token usage is secure via secrets.
• Certificate and provisioning profile handling is correct.
• No hardcoded credentials.
• Minor risk: API_KEY is duplicated as API_ORG_KEY in env — potential misconfiguration.

Tip

Quality Recommendations

1. Remove redundant API_KEY environment variable assignment; use API_ORG_KEY consistently

2. Add timeout handling in curl calls within post_data() to prevent hanging

3. Validate jq is installed before script execution to avoid runtime failures

4. Use consistent error logging (all to stderr) and standardize exit codes

5. Split long workflow steps into reusable composite actions for maintainability

Tanka Poem ♫

Build flows through air,
Tests wake in silent clouds,
Code signs with care,
Results bloom in green —
CI sings. 🌿

Sequence Diagram

sequenceDiagram
    participant GHA as GitHub Actions
    participant Script as gptdriverrunscript.sh
    participant API as GPTDriver API
    participant SDK as Branch SDK
    participant App as BranchLinkSimulator App

    Note over GHA: Trigger on push to Release-*

    GHA->>GHA: Extract version from branch
    GHA->>SDK: Build xcframework
    GHA->>App: Checkout & inject SDK
    GHA->>GHA: Sign app with cert + profile
    GHA->>GHA: Build IPA
    GHA->>Script: Run with IPA path, platform

    Script->>API: POST /uploadBuild (multipart)
    API-->>Script: {buildId, app_link}

    Script->>API: POST /tests/execute {organisationId, uploadId, tags}
    API-->>Script: {test_suite_ids[0]}

    Script->>API: GET /testSuiteRuns/{id}/gh (polling)

    alt Status = completed
        API-->>Script: {status: completed, result: succeeded}
        Script-->>GHA: exit 0
    else Timeout or failure
        Script-->>GHA: exit 1
    end

    Script->>GHA: Write markdown to GITHUB_STEP_SUMMARY

Loading

[matter-code-review]

Important

PR Review Skipped

PR review skipped as per the configuration setting. Run a manually review by commenting /matter review

💡Tips to use MatterAI

Command List

• /matter summary: Generate AI Summary for the PR
• /matter review: Generate AI Reviews for the latest commit in the PR
• /matter review-full: Generate AI Reviews for the complete PR
• /matter release-notes: Generate AI release-notes for the PR
• /matter : Chat with your PR with MatterAI Agent
• /matter remember : Generate AI memories for the PR
• /matter explain: Get an explanation of the PR
• /matter help: Show the list of available commands and documentation
• Need help? Join our Discord server: https://discord.gg/fJU5DvanU3