bitwarden/browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser synced 2026-02-12 14:34:02 +00:00
Code Issues Releases Wiki Activity

merging master into feature branch

Browse Source
This commit is contained in:
CarleyDiaz-Bitwarden
2022-08-03 14:20:15 -04:00
parent a7eaa26c74
commit e287715251
371 changed files with 16725 additions and 22348 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
.github/workflows/build-browser.yml vendored
View File

@@ -16,7 +16,7 @@ on:
branches:
- 'master'
- 'rc'
- 'hotfix-rc/**'
- 'hotfix-rc'
paths:
- 'apps/browser/**'
- 'libs/**'
@@ -347,7 +347,7 @@ jobs:
trigger-desktop-build:
name: Trigger desktop build
if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') || contains(github.ref, 'hotfix-rc') }}
if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') || github.ref != 'refs/heads/hotfix-rc' }}
runs-on: ubuntu-20.04
needs:
- build

2
.github/workflows/build-cli.yml vendored
View File

@@ -17,7 +17,7 @@ on:
branches:
- 'master'
- 'rc'
- 'hotfix-rc/**'
- 'hotfix-rc'
paths:
- 'apps/cli/**'
- 'libs/**'

134
.github/workflows/build-desktop.yml vendored
View File

@@ -159,7 +159,7 @@ jobs:
- name: Set up environment
run: |
sudo apt-get update
sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm
sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm musl-dev musl-tools
- name: Set up Snap
run: sudo snap install snapcraft --classic
@@ -175,6 +175,27 @@ jobs:
run: npm ci
working-directory: ./
- name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 # v3.0.2
id: cache
with:
path: |
apps/desktop/desktop_native/*.node
${{ env.RUNNER_TEMP }}/.cargo/registry
${{ env.RUNNER_TEMP }}/.cargo/git
key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }}
- name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native
env:
PKG_CONFIG_ALLOW_CROSS: true
PKG_CONFIG_ALL_STATIC: true
TARGET: musl
run: |
rustup target add x86_64-unknown-linux-musl
npm run build:cross-platform
- name: Build application
run: npm run dist:lin
@@ -256,11 +277,18 @@ jobs:
- name: Set up environment
run: choco install checksum --no-progress
- name: Rust
shell: pwsh
run: |
rustup target install i686-pc-windows-msvc
rustup target install aarch64-pc-windows-msvc
- name: Print environment
run: |
node --version
npm --version
choco --version
rustup show
- name: Login to Azure
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
@@ -282,6 +310,19 @@ jobs:
run: npm ci
working-directory: ./
- name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 # v3.0.2
id: cache
with:
path: apps/desktop/desktop_native/*.node
key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }}
- name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native
run: |
npm run build:cross-platform
- name: Build & Sign (dev)
env:
ELECTRON_BUILDER_SIGN: 1
@@ -443,10 +484,15 @@ jobs:
npm install -g node-gyp
node-gyp install $(node -v)
- name: Rust
shell: pwsh
run: rustup target install aarch64-apple-darwin
- name: Print environment
run: |
node --version
npm --version
rustup show
echo "GitHub ref: $GITHUB_REF"
echo "GitHub event: $GITHUB_EVENT"
@@ -536,6 +582,19 @@ jobs:
run: npm ci
working-directory: ./
- name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 # v3.0.2
id: cache
with:
path: apps/desktop/desktop_native/*.node
key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }}
- name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native
run: |
npm run build:cross-platform
- name: Build application (dev)
run: npm run build
@@ -570,10 +629,15 @@ jobs:
npm install -g node-gyp
node-gyp install $(node -v)
- name: Rust
shell: pwsh
run: rustup target install aarch64-apple-darwin
- name: Print environment
run: |
node --version
npm --version
rustup show
echo "GitHub ref: $GITHUB_REF"
echo "GitHub event: $GITHUB_EVENT"
@@ -663,23 +727,30 @@ jobs:
run: npm ci
working-directory: ./
- name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 # v3.0.2
id: cache
with:
path: apps/desktop/desktop_native/*.node
key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }}
- name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native
run: |
npm run build:cross-platform
- name: Build
if: steps.build-cache.outputs.cache-hit != 'true'
run: npm run build
- name: Extract branch name
if: contains(github.ref, 'hotfix-rc')
id: extract_branch
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
- name: Download artifact from hotfix-rc
if: contains(github.ref, 'hotfix-rc')
if: github.ref == 'refs/heads/hotfix-rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: ${{ steps.extract_branch.outputs.branch }}
branch: hotfix-rc
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from rc
@@ -692,7 +763,7 @@ jobs:
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from master
if: ${{ github.ref != 'refs/heads/rc' && !contains(github.ref, 'hotfix-rc') }}
if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc' }}
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0
with:
workflow: build-browser.yml
@@ -776,10 +847,15 @@ jobs:
npm install -g node-gyp
node-gyp install $(node -v)
- name: Rust
shell: pwsh
run: rustup target install aarch64-apple-darwin
- name: Print environment
run: |
node --version
npm --version
rustup show
echo "GitHub ref: $GITHUB_REF"
echo "GitHub event: $GITHUB_EVENT"
@@ -869,23 +945,30 @@ jobs:
run: npm ci
working-directory: ./
- name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 # v3.0.2
id: cache
with:
path: apps/desktop/desktop_native/*.node
key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }}
- name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native
run: |
npm run build:cross-platform
- name: Build
if: steps.build-cache.outputs.cache-hit != 'true'
run: npm run build
- name: Extract branch name
if: contains(github.ref, 'hotfix-rc')
id: extract_branch
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
- name: Download artifact from hotfix-rc
if: contains(github.ref, 'hotfix-rc')
if: github.ref == 'refs/heads/hotfix-rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: ${{ steps.extract_branch.outputs.branch }}
branch: hotfix-rc
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from rc
@@ -898,7 +981,7 @@ jobs:
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from master
if: ${{ github.ref != 'refs/heads/rc' && !contains(github.ref, 'hotfix-rc') }}
if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc' }}
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0
with:
workflow: build-browser.yml
@@ -1067,6 +1150,19 @@ jobs:
run: npm ci
working-directory: ./
- name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 # v3.0.2
id: cache
with:
path: apps/desktop/desktop_native/*.node
key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }}
- name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native
run: |
npm run build:cross-platform
- name: Build
if: steps.build-cache.outputs.cache-hit != 'true'
run: npm run build

2
.github/workflows/build-web.yml vendored
View File

@@ -17,7 +17,7 @@ on:
branches:
- 'master'
- 'rc'
- 'hotfix-rc/**'
- 'hotfix-rc'
paths:
- 'apps/web/**'
- 'libs/**'

36
.github/workflows/release-browser.yml vendored
View File

@@ -31,9 +31,9 @@ jobs:
- name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
run: |
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc/* ]]; then
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc ]]; then
echo "==================================="
echo "[!] Can only release from the 'rc' or 'hotfix-rc/*' branches"
echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
echo "==================================="
exit 1
fi
@@ -90,6 +90,22 @@ jobs:
- setup
- locales-test
steps:
- name: Create GitHub deployment
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
id: deployment
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment: 'Browser - Production'
description: 'Deployment ${{ needs.setup.outputs.release-version }} from branch ${{ github.ref_name }}'
task: release
- name: Update deployment status to In Progress
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'in_progress'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Download latest Release build artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8
@@ -141,3 +157,19 @@ jobs:
body: "<insert release notes here>"
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
- name: Update deployment status to Success
if: success()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'success'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Update deployment status to Failure
if: failure()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}

38
.github/workflows/release-cli.yml vendored
View File

@@ -47,9 +47,9 @@ jobs:
- name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
run: |
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc/* ]]; then
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc ]]; then
echo "==================================="
echo "[!] Can only release from the 'rc' or 'hotfix-rc/*' branches"
echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
echo "==================================="
exit 1
fi
@@ -64,6 +64,22 @@ jobs:
monorepo: true
monorepo-project: cli
- name: Create GitHub deployment for Snap
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
id: deployment
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment: 'CLI - Production'
description: 'Deployment ${{ steps.version.outputs.version }} from branch ${{ github.ref_name }}'
task: release
- name: Update deployment status to In Progress
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'in_progress'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Download all Release artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8
@@ -104,6 +120,21 @@ jobs:
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
- name: Update deployment status to Success
if: success()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'success'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Update deployment status to Failure
if: failure()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
snap:
name: Deploy Snap
@@ -159,7 +190,6 @@ jobs:
snapcraft push bw_${{ env._PKG_VERSION }}_amd64.snap --release stable
snapcraft logout
choco:
name: Deploy Choco
runs-on: windows-2019
@@ -219,7 +249,6 @@ jobs:
cd dist
choco push
npm:
name: Publish NPM
runs-on: ubuntu-20.04
@@ -274,3 +303,4 @@ jobs:
- name: Publish NPM
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
run: npm publish --access public

155
.github/workflows/release-desktop-beta.yml vendored
View File

@@ -19,18 +19,19 @@ jobs:
outputs:
release-version: ${{ steps.version.outputs.version }}
release-channel: ${{ steps.release-channel.outputs.channel }}
branch-name: ${{ steps.branch.outputs.branch-name }}
steps:
- name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
# - name: Branch check
# run: |
# if [[ "$GITHUB_REF" != "refs/heads/master" ]] && [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc/* ]]; then
# echo "==================================="
# echo "[!] Can only release from the 'master', 'rc' or 'hotfix-rc/*' branches"
# echo "==================================="
# exit 1
# fi
- name: Branch check
run: |
if [[ "$GITHUB_REF" != "refs/heads/master" ]] && [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != "refs/heads/hotfix-rc" ]]; then
echo "==================================="
echo "[!] Can only release from the 'master', 'rc' or 'hotfix-rc' branches"
echo "==================================="
exit 1
fi
- name: Bump Desktop Version - Root
env:
@@ -70,18 +71,45 @@ jobs:
;;
esac
- name: Setup git config
run: |
git config --global user.name "GitHub Action Bot"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --global url."https://github.com/".insteadOf ssh://git@github.com/
git config --global url."https://".insteadOf ssh://
- name: Create desktop-beta-release branch
id: branch
env:
VERSION: ${{ github.event.inputs.version_number }}
run: |
find="."
replace="_"
ver=${VERSION//$find/$replace}
branch_name=desktop-beta-release-$ver-beta
git switch -c $branch_name
git add .
git commit -m "Bump desktop version to $VERSION-beta"
git push -u origin $branch_name
echo "::set-output name=branch-name::$branch_name"
linux:
name: Linux Build
runs-on: ubuntu-20.04
needs: setup
env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
_PACKAGE_VERSION: ${{ needs.setup.outputs.release-version }}
defaults:
run:
working-directory: apps/desktop
steps:
- name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
with:
ref: ${{ needs.setup.outputs.branch-name }}
- name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0
@@ -158,8 +186,8 @@ jobs:
- name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
with:
name: ${{ needs.setup.outputs.release_channel }}-linux.yml
path: apps/desktop/dist/${{ needs.setup.outputs.release_channel }}-linux.yml
name: ${{ needs.setup.outputs.release-channel }}-linux.yml
path: apps/desktop/dist/${{ needs.setup.outputs.release-channel }}-linux.yml
if-no-files-found: error
@@ -172,10 +200,12 @@ jobs:
shell: pwsh
working-directory: apps/desktop
env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
_PACKAGE_VERSION: ${{ needs.setup.outputs.release-version }}
steps:
- name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
with:
ref: ${{ needs.setup.outputs.branch-name }}
- name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0
@@ -352,8 +382,8 @@ jobs:
- name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
with:
name: ${{ needs.setup.outputs.release_channel }}.yml
path: apps/desktop/dist/nsis-web/${{ needs.setup.outputs.release_channel }}.yml
name: ${{ needs.setup.outputs.release-channel }}.yml
path: apps/desktop/dist/nsis-web/${{ needs.setup.outputs.release-channel }}.yml
if-no-files-found: error
@@ -362,13 +392,15 @@ jobs:
runs-on: macos-11
needs: setup
env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
_PACKAGE_VERSION: ${{ needs.setup.outputs.release-version }}
defaults:
run:
working-directory: apps/desktop
steps:
- name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
with:
ref: ${{ needs.setup.outputs.branch-name }}
- name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0
@@ -489,13 +521,15 @@ jobs:
- setup
- macos-build
env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
_PACKAGE_VERSION: ${{ needs.setup.outputs.release-version }}
defaults:
run:
working-directory: apps/desktop
steps:
- name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
with:
ref: ${{ needs.setup.outputs.branch-name }}
- name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0
@@ -609,19 +643,13 @@ jobs:
if: steps.build-cache.outputs.cache-hit != 'true'
run: npm run build
- name: Extract branch name
if: contains(github.ref, 'hotfix-rc')
id: extract_branch
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
- name: Download artifact from hotfix-rc
if: contains(github.ref, 'hotfix-rc')
if: github.ref == 'refs/heads/hotfix-rc')
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: ${{ steps.extract_branch.outputs.branch }}
branch: hotfix-rc
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from rc
@@ -634,7 +662,7 @@ jobs:
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from master
if: ${{ github.ref != 'refs/heads/rc' && !contains(github.ref, 'hotfix-rc') }}
if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc' }}
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0
with:
workflow: build-browser.yml
@@ -683,8 +711,8 @@ jobs:
- name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535
with:
name: ${{ needs.setup.outputs.release_channel }}-mac.yml
path: apps/desktop/dist/${{ needs.setup.outputs.release_channel }}-mac.yml
name: ${{ needs.setup.outputs.release-channel }}-mac.yml
path: apps/desktop/dist/${{ needs.setup.outputs.release-channel }}-mac.yml
if-no-files-found: error
@@ -695,13 +723,15 @@ jobs:
- setup
- macos-build
env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
_PACKAGE_VERSION: ${{ needs.setup.outputs.release-version }}
defaults:
run:
working-directory: apps/desktop
steps:
- name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
with:
ref: ${{ needs.setup.outputs.branch-name }}
- name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0
@@ -815,19 +845,13 @@ jobs:
if: steps.build-cache.outputs.cache-hit != 'true'
run: npm run build
- name: Extract branch name
if: contains(github.ref, 'hotfix-rc')
id: extract_branch
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
- name: Download artifact from hotfix-rc
if: contains(github.ref, 'hotfix-rc')
if: github.ref == 'refs/heads/hotfix-rc')
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: ${{ steps.extract_branch.outputs.branch }}
branch: hotfix-rc
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from rc
@@ -840,7 +864,7 @@ jobs:
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from master
if: ${{ github.ref != 'refs/heads/rc' && !contains(github.ref, 'hotfix-rc') }}
if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc' }}
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0
with:
workflow: build-browser.yml
@@ -873,7 +897,7 @@ jobs:
if-no-files-found: error
release:
name: MacOS Package Prod Release Asset
name: Release beta channel to S3
runs-on: ubuntu-20.04
needs:
- setup
@@ -896,7 +920,7 @@ jobs:
secrets: "aws-electron-access-id, aws-electron-access-key, aws-electron-bucket-name"
- name: Download all artifacts
uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 # v3.0.0
with:
path: apps/desktop/artifacts
@@ -906,15 +930,44 @@ jobs:
working-directory: apps/desktop/artifacts
run: mv Bitwarden-${{ env.PKG_VERSION }}-universal.pkg Bitwarden-${{ env.PKG_VERSION }}-universal.pkg.archive
# - name: Publish artifacts to S3
# env:
# AWS_ACCESS_KEY_ID: ${{ steps.retrieve-secrets.outputs.aws-electron-access-id }}
# AWS_SECRET_ACCESS_KEY: ${{ steps.retrieve-secrets.outputs.aws-electron-access-key }}
# AWS_DEFAULT_REGION: 'us-west-2'
# AWS_S3_BUCKET_NAME: ${{ steps.retrieve-secrets.outputs.aws-electron-bucket-name }}
# working-directory: apps/desktop/artifacts
# run: |
# aws s3 cp ./ $AWS_S3_BUCKET_NAME/desktop/ \
# --acl "public-read" \
# --recursive \
# --quiet
- name: Publish artifacts to S3
env:
AWS_ACCESS_KEY_ID: ${{ steps.retrieve-secrets.outputs.aws-electron-access-id }}
AWS_SECRET_ACCESS_KEY: ${{ steps.retrieve-secrets.outputs.aws-electron-access-key }}
AWS_DEFAULT_REGION: 'us-west-2'
AWS_S3_BUCKET_NAME: ${{ steps.retrieve-secrets.outputs.aws-electron-bucket-name }}
working-directory: apps/desktop/artifacts
run: |
aws s3 cp ./ $AWS_S3_BUCKET_NAME/desktop/ \
--acl "public-read" \
--recursive \
--quiet
remove-branch:
name: Remove branch
runs-on: ubuntu-20.04
if: always()
needs:
- setup
- linux
- windows
- macos-build
- macos-package-github
- macos-package-mas
- release
steps:
- name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
- name: Setup git config
run: |
git config --global user.name "GitHub Action Bot"
git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --global url."https://github.com/".insteadOf ssh://git@github.com/
git config --global url."https://".insteadOf ssh://
- name: Remove branch
env:
BRANCH: ${{ needs.setup.outputs.branch-name }}
run: git push origin --delete $BRANCH

35
.github/workflows/release-desktop.yml vendored
View File

@@ -42,9 +42,9 @@ jobs:
- name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
run: |
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc/* ]]; then
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc ]]; then
echo "==================================="
echo "[!] Can only release from the 'rc' or 'hotfix-rc/*' branches"
echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
echo "==================================="
exit 1
fi
@@ -76,6 +76,22 @@ jobs:
;;
esac
- name: Create GitHub deployment
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
id: deployment
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment: 'Desktop - Production'
description: 'Deployment ${{ steps.version.outputs.version }} to channel ${{ steps.release-channel.outputs.channel }} from branch ${{ github.ref_name }}'
task: release
- name: Update deployment status to In Progress
uses: chrnorm/deployment-status@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010
with:
@@ -164,6 +180,21 @@ jobs:
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
- name: Update deployment status to Success
if: success()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'success'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Update deployment status to Failure
if: failure()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
snap:
name: Deploy Snap

35
.github/workflows/release-qa-web.yml vendored
View File

@@ -72,6 +72,23 @@ jobs:
name: Deploy Web Vault to QA CloudFlare Pages branch
runs-on: ubuntu-20.04
steps:
- name: Create GitHub deployment
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
id: deployment
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.qa.bitwarden.pw
environment: 'Web Vault - QA'
description: 'Deployment from branch ${{ github.ref_name }}'
- name: Update deployment status to In Progress
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.qa.bitwarden.pw
state: 'in_progress'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Checkout Repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
@@ -118,3 +135,21 @@ jobs:
echo "No changes to commit!";
fi
working-directory: deployment
- name: Update deployment status to Success
if: success()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.qa.bitwarden.pw
state: 'success'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Update deployment status to Failure
if: failure()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.qa.bitwarden.pw
state: 'failure'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}

46
.github/workflows/release-web.yml vendored
View File

@@ -28,9 +28,9 @@ jobs:
- name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
run: |
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc/* ]]; then
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != "refs/heads/hotfix-rc" ]]; then
echo "==================================="
echo "[!] Can only release from the 'rc' or 'hotfix-rc/*' branches"
echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
echo "==================================="
exit 1
fi
@@ -147,7 +147,7 @@ jobs:
- self-host
env:
_RELEASE_VERSION: ${{ needs.setup.outputs.release_version }}
_TAG_VERSION: ${{ needs.setup.outputs.tag_version }}
_TAG_VERSION: ${{ needs.setup.outputs.release_version }}
steps:
- name: Checkout Repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
@@ -227,6 +227,24 @@ jobs:
- self-host
- cfpages-deploy
steps:
- name: Create GitHub deployment
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
id: deployment
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.bitwarden.com
environment: 'Web Vault - Production'
description: 'Deployment ${{ needs.setup.outputs.release_version }} from branch ${{ github.ref_name }}'
task: release
- name: Update deployment status to In Progress
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.bitwarden.com
state: 'in_progress'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Download latest build artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8
@@ -259,11 +277,29 @@ jobs:
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: ncipollo/release-action@58ae73b360456532aafd58ee170c045abbeaee37 # v1.10.0
with:
name: "Version v${{ needs.setup.outputs.release_version }}"
name: "Web v${{ needs.setup.outputs.release_version }}"
commit: ${{ github.sha }}
tag: web-v${{ needs.setup.outputs.tag_version }}
tag: web-v${{ needs.setup.outputs.release_version }}
body: "<insert release notes here>"
artifacts: "apps/web/artifacts/web-${{ needs.setup.outputs.release_version }}-selfhosted-COMMERCIAL.zip,
apps/web/artifacts/web-${{ needs.setup.outputs.release_version }}-selfhosted-open-source.zip"
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
- name: Update deployment status to Success
if: success()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.bitwarden.com
state: 'success'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Update deployment status to Failure
if: failure()
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.bitwarden.com
state: 'failure'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}

68
.github/workflows/version-auto-bump.yml vendored Normal file
View File

@@ -0,0 +1,68 @@
---
name: Version Auto Bump
on:
release:
types: [published]
defaults:
run:
shell: bash
jobs:
setup:
name: "Setup"
runs-on: ubuntu-20.04
outputs:
version_number: ${{ steps.version.outputs.new-version }}
if: contains(github.event.release.tag, 'desktop')
steps:
- name: Checkout Branch
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- name: Get version to bump
id: version
env:
RELEASE_TAG: ${{ github.event.release.tag }}
run: |
CURR_MAJOR=$(echo $RELEASE_TAG | sed -r 's/desktop-v([0-9]{4}\.[0-9]\.)([0-9])/\1/')
CURR_VER=$(echo $RELEASE_TAG | sed -r 's/desktop-v([0-9]{4}\.[0-9]\.)([0-9])/\2/')
echo $CURR_VER
((CURR_VER++))
NEW_VER=$CURR_MAJOR$CURR_VER
echo "::set-output name=new-version::$NEW_VER"
trigger_version_bump:
name: "Trigger desktop version bump workflow"
runs-on: ubuntu-20.04
needs:
- setup
steps:
- name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010
with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
env:
KEYVAULT: bitwarden-prod-kv
SECRET: "github-pat-bitwarden-devops-bot-repo-scope"
run: |
VALUE=$(az keyvault secret show --vault-name $KEYVAULT --name $SECRET --query value --output tsv)
echo "::add-mask::$VALUE"
echo "::set-output name=$SECRET::$VALUE"
- name: Call GitHub API to trigger workflow bump
env:
TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
VERSION: ${{ needs.setup.outputs.version_number}}
run: |
JSON_STRING=$(printf '{"ref":"master", "inputs": { "client":"Desktop", "version_number":"%s"}}' "$VERSION")
curl \
-X POST \
-i -u bitwarden-devops-bot:$TOKEN \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/bitwarden/clients/actions/workflows/version-bump.yml/dispatches \
-d $JSON_STRING