bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-24 12:13:17 +00:00
Code Issues Releases Wiki Activity
5,351 Commits 480 Branches 222 Tags
eeb1be1dba3bfefea00fc7837f7feca93f95aa37
Commit Graph

166 Commits

Author SHA1 Message Date
renovate[bot]
4b2030de77 [deps] BRE: Update anchore/scan-action action to v6 (#5180) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-03 11:35:28 -05:00
MtnBurrit0
840ff00189 BRE-292: Sync ephemeral environment with GH workflow (#5174) 
* Add sync_environment call

* Put callable workflow in it's own job

* Switch to context for GitHub input

* Set requirements and inherit secrets

* Add the condition to the job

* Update .github/workflows/build.yml

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>

---------

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
 2025-01-02 13:58:32 -07:00
Michał Chęciński
16488091d2 Remove is_workflow_call input from build workflow (#5161) 2024-12-17 10:45:02 -05:00
Opeyemi
d0c72a34f1 Update SH Unified Build trigger (#5154) 
* Update SH Unified Build trigger

* make value a boolean
 2024-12-16 15:21:05 +01:00
Matt Bishop
c0a9c55891 Fix image path formation for Cosign (#5151) 2024-12-13 10:26:45 -05:00
Matt Bishop
11bdb93d1e Sign main branch container builds with cosign (#5148) 
* Sign main branch container builds with cosign

* Properly label
 2024-12-13 09:41:17 -05:00
Michał Chęciński
470a12640e Trigger unified build on rc and hotfix-rc branches (#5108) 2024-12-04 13:18:58 +00:00
Matt Bishop
eec4a77bda Check run earlier during setup (#5022) 2024-11-11 13:19:20 -05:00
Alex Urbina
89be2f495a Fix Hackerone Report ID 2830741 (#5010) 2024-11-08 20:41:58 +00:00
MtnBurrit0
a56f3a587c Update logic to handle pull_request_target (#5008) 
- Removing the grep and create a conditional based on GITHUB_EVENT_NAME
 2024-11-08 11:58:07 -07:00
Matt Bishop
e7cbdaa469 Only build Unified on main branch pushes (#5006) 2024-11-08 10:31:18 -05:00
Matt Bishop
fcb706b9c5 Catch PR targets for certain build operations (#5003) 
* Catch PR targets for certain build operations

* Support EE
 2024-11-07 17:11:01 -05:00
Matt Bishop
f7957f7053 Check run permissions for secrets usage (#4992) 2024-11-07 09:56:57 -05:00
Matt Bishop
e7bd31c009 Check for secrets on Docker builds (#4985) 2024-11-06 13:56:12 -05:00
renovate[bot]
2abd37d2d7 [deps] DevOps: Update gh minor (#4945) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-30 11:23:50 -04:00
MtnBurrit0
724f2ee5e5 Secure inputs (#4927) 2024-10-22 10:29:57 -06:00
Opeyemi
c809794642 [BRE-372] - Clean up document start (#4915) 2024-10-21 13:11:59 +01:00
AJ
1fb366d42b Replace github.ref with GITHUB_REF in build.yml scripts (#4857) 
Data should be separated from code where possible to avoid injection (CWE-78).

* https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections
* https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables
 2024-10-17 11:50:31 -04:00
renovate[bot]
245e2e4d52 [deps] DevOps: Update gh minor (#4885) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-17 10:42:44 -04:00
renovate[bot]
8e62e9eb38 [deps] DevOps: Update anchore/scan-action action to v5 (#4892) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-17 10:42:26 -04:00
MtnBurrit0
96f58dc309 BRE-349: Call _update_ephemeral_tags workflow (#4850) 
* Kick off ephemeral environment updates

* Fix missing ,

* Switch to head_ref

* Update to `main`
 2024-10-10 09:49:04 -06:00
renovate[bot]
793ef3aab8 [deps] DevOps: Update gh minor (#4828) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-30 11:36:51 +02:00
renovate[bot]
3381bca608 [deps] DevOps: Update gh minor (#4780) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-24 11:31:57 -04:00
renovate[bot]
8891540972 [deps] DevOps: Update gh minor (#4723) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-04 09:44:19 -04:00
renovate[bot]
8ad74ce5b1 [deps] DevOps: Update gh minor (#4652) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:47:52 -04:00
renovate[bot]
6dec1c6e04 [deps] DevOps: Update GitHub Artifact Actions to v4 (#4664) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:47:35 -04:00
renovate[bot]
0753cc9172 [deps] DevOps: Update actions/github-script action to v7 (#4666) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:47:10 -04:00
renovate[bot]
ee8716859f [deps] DevOps: Update actions/setup-dotnet action to v4 (#4667) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:46:30 -04:00
renovate[bot]
e677344d7e [deps] DevOps: Update actions/setup-node action to v4 (#4668) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:46:11 -04:00
renovate[bot]
7c50e4f2be [deps] DevOps: Update docker/build-push-action action to v6 (#4670) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 11:41:49 -04:00
Daniel García
1a584b4477 [PM-9361] Generate Swagger specs in CI for the SDK (#4428) 
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
 2024-08-20 15:34:22 +02:00
renovate[bot]
eaa386f3da [deps] DevOps: Update gh minor (#4585) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-13 13:33:53 -04:00
renovate[bot]
31412db1a9 [deps] DevOps: Update anchore/scan-action action to v4 (#4606) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-08 16:12:22 -04:00
renovate[bot]
45b99336da [deps] DevOps: Update gh minor (#4539) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-07-22 17:10:28 -04:00
renovate[bot]
2b38c49ff6 [deps] DevOps: Update gh minor (#3368) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-07-10 15:47:20 -04:00
Opeyemi
9d7e1ccc41 update failure stpes (#3870) 2024-03-05 20:14:50 +00:00
Matt Bishop
faf84f9aa9 Use primary tag for container scans (#3838) 
* Use local path for container scans

* Use a primary tag
 2024-02-23 16:09:51 -05:00
Matt Bishop
96d0ae9cf7 Consolidated scanning (#3832) 
* Consolidated security scanning

* Add quality scan

* Version bumps

* Add container scanning

* Check out repo for container scan

* Build need and dependent outputs

* Incremental SAST

* Sonar fixes

* Underscore

* Inherit secrets

* Qualify Docker image name outputs

* Try a login

* Remove build modifications as this doesn't work with a matrix

* Move container scanning closer to tbe Docker steps for better management
 2024-02-23 13:47:23 -05:00
Matt Bishop
ae5d6071ca Remove CLOC job (#3796) 2024-02-13 12:42:01 -05:00
Vince Grassia
26ee43b770 Update logic for Docker image tag (#3695) 2024-01-23 21:03:11 +00:00
Matt Bishop
c63db733e0 Workflow linting and test separation (#3684) 
* Workflow linting and test separation

* Name linting step

* Few more renames

* Database testing consolidation

* Few more renames and tweaks
 2024-01-23 13:24:52 -05:00
Matt Bishop
1f8e2385db Wire up code coverage (#3618) 2023-12-27 10:36:20 -05:00
Opeyemi
3f1f6b576a [DEVOPS-1657] - UPDATE: Adds k8s deploy trigger on main branch (#3597) 2023-12-19 17:05:02 +00:00
Joseph Flinn
c120b7e867 Point workflows to main (#3549) 
* Point workflows to main

* Merge in master. Update new version-bump workflow changes
 2023-12-12 20:08:12 +00:00
Michał Chęciński
a589af3588 [DEVOPS-1654] Tag Server images in master with git commit (#3516) 
* Add image name with SHA

* Test

* Remove testing

* Change name

* Change to short SHA

* Test

* Fix

* Remove testing

* Test

* Remove testing
 2023-12-07 09:42:35 -05:00
Vince Grassia
6aa763a854 Update 'master' to 'main' (#3427) 2023-11-08 13:08:15 -05:00
Vince Grassia
f29d3e79a5 Pin gh-actions hashes to master (#3419) 2023-11-07 13:16:12 -07:00
renovate[bot]
1c0c6cc879 Update bitwarden/gh-actions digest to c970b0f (#3332) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-18 12:22:12 -04:00
renovate[bot]
8c3ca2f1fa Update bitwarden/gh-actions digest to f112580 (#3314) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-10-05 14:58:13 -04:00
renovate[bot]
464dac8f4d Update bitwarden/gh-actions digest to fdcf1fc (#3230) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2023-09-26 10:30:28 -04:00