# This workflow runs TypeScript compatibility checks when the SDK is updated. # Triggered automatically by the SDK repository via workflow_dispatch when SDK PRs are created/updated. name: SDK Breaking Change Check run-name: "SDK breaking change check (${{ github.event.inputs.sdk_version }})" on: workflow_dispatch: inputs: sdk_version: description: "SDK version being tested" required: true type: string source_repo: description: "Source repository" required: true type: string artifacts_run_id: description: "Artifacts run ID" required: true type: string artifact_name: description: "Artifact name" required: true type: string permissions: contents: read actions: read id-token: write jobs: type-check: name: TypeScript compatibility check runs-on: ubuntu-24.04 timeout-minutes: 15 env: _SOURCE_REPO: ${{ github.event.inputs.source_repo }} _SDK_VERSION: ${{ github.event.inputs.sdk_version }} _ARTIFACTS_RUN_ID: ${{ github.event.inputs.artifacts_run_id }} _ARTIFACT_NAME: ${{ github.event.inputs.artifact_name }} steps: - name: Log in to Azure uses: bitwarden/gh-actions/azure-login@main with: subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} tenant_id: ${{ secrets.AZURE_TENANT_ID }} client_id: ${{ secrets.AZURE_CLIENT_ID }} - name: Get Azure Key Vault secrets id: get-kv-secrets uses: bitwarden/gh-actions/get-keyvault-secrets@main with: keyvault: gh-org-bitwarden secrets: "BW-GHAPP-ID,BW-GHAPP-KEY" - name: Generate GH App token uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4 id: app-token with: app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }} private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }} permission-actions: read # for reading and downloading the artifacts for a workflow run - name: Log out from Azure uses: bitwarden/gh-actions/azure-logout@main - name: Check out clients repository uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1 with: persist-credentials: false - name: Get Node Version id: retrieve-node-version run: | NODE_NVMRC=$(cat .nvmrc) NODE_VERSION=${NODE_NVMRC/v/''} echo "node_version=$NODE_VERSION" >> "$GITHUB_OUTPUT" - name: Set up Node uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v5.0.0 with: cache: 'npm' cache-dependency-path: '**/package-lock.json' node-version: ${{ steps.retrieve-node-version.outputs.node_version }} - name: Install Node dependencies run: | echo "📦 Installing Node dependencies with retry logic..." RETRY_COUNT=0 MAX_RETRIES=3 while [ ${RETRY_COUNT} -lt ${MAX_RETRIES} ]; do RETRY_COUNT=$((RETRY_COUNT + 1)) echo "🔄 npm ci attempt ${RETRY_COUNT} of ${MAX_RETRIES}..." if npm ci; then echo "✅ npm ci successful" break else echo "❌ npm ci attempt ${RETRY_COUNT} failed" [ ${RETRY_COUNT} -lt ${MAX_RETRIES} ] && sleep 5 fi done if [ ${RETRY_COUNT} -eq ${MAX_RETRIES} ]; then echo "::error::npm ci failed after ${MAX_RETRIES} attempts" exit 1 fi - name: Download SDK artifacts uses: bitwarden/gh-actions/download-artifacts@main with: github_token: ${{ steps.app-token.outputs.token }} workflow: build-wasm-internal.yml workflow_conclusion: success run_id: ${{ env._ARTIFACTS_RUN_ID }} artifacts: ${{ env._ARTIFACT_NAME }} repo: ${{ env._SOURCE_REPO }} path: ./sdk-internal if_no_artifact_found: fail - name: Override SDK using npm link working-directory: ./ run: | echo "🔧 Setting up SDK override using npm link..." echo "📊 SDK Version: ${_SDK_VERSION}" echo "📦 Artifact Source: ${_SOURCE_REPO} run ${_ARTIFACTS_RUN_ID}" echo "📋 SDK package contents:" ls -la ./sdk-internal/ echo "🔗 Creating npm link to SDK package..." if ! npm link ./sdk-internal; then echo "::error::Failed to link SDK package" exit 1 fi - name: Run TypeScript compatibility check run: | echo "🔍 Running TypeScript type checking with SDK version: ${_SDK_VERSION}" echo "🎯 Type checking command: npm run test:types" # Add GitHub Step Summary output echo "## 📊 TypeScript Compatibility Check" >> $GITHUB_STEP_SUMMARY echo "- **SDK Version**: ${_SDK_VERSION}" >> $GITHUB_STEP_SUMMARY echo "- **Source Repository**: ${_SOURCE_REPO}" >> $GITHUB_STEP_SUMMARY echo "- **Artifacts Run ID**: ${_ARTIFACTS_RUN_ID}" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY TYPE_CHECK_START=$(date +%s) # Run type check with timeout - exit code determines gh run watch result if timeout 10m npm run test:types; then TYPE_CHECK_END=$(date +%s) TYPE_CHECK_DURATION=$((TYPE_CHECK_END - TYPE_CHECK_START)) echo "✅ TypeScript compilation successful (${TYPE_CHECK_DURATION}s)" echo "✅ **Result**: TypeScript compilation successful" >> $GITHUB_STEP_SUMMARY echo "No breaking changes detected for SDK version ${_SDK_VERSION}" >> $GITHUB_STEP_SUMMARY else TYPE_CHECK_END=$(date +%s) TYPE_CHECK_DURATION=$((TYPE_CHECK_END - TYPE_CHECK_START)) echo "❌ TypeScript compilation failed after ${TYPE_CHECK_DURATION}s - breaking changes detected" echo "❌ **Result**: TypeScript compilation failed" >> $GITHUB_STEP_SUMMARY echo "Breaking changes detected for SDK version ${_SDK_VERSION}" >> $GITHUB_STEP_SUMMARY exit 1 fi