bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2025-12-25 12:43:14 +00:00
Code Issues Releases Wiki Activity
6,403 Commits 480 Branches 222 Tags
eebc053fb62bc4c9ba8d2dddf4d334979be87686
Commit Graph

192 Commits

Author SHA1 Message Date
Vince Grassia
a03994d16a Update build workflow (#6572) 2025-11-13 13:52:26 +01:00
renovate[bot]
0311807951 [deps]: Update actions/upload-artifact action to v5 (#6558) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
 2025-11-13 11:31:52 +01:00
renovate[bot]
7f04830f77 [deps]: Update actions/setup-node action to v6 (#6499) 2025-11-12 14:49:15 -06:00
Matt Andreko
f82125f416 Clean up workflow files from Zizmor output (#6409) 2025-10-22 12:53:46 -04:00
renovate[bot]
2d41e64a8b [deps]: Update actions/setup-dotnet action to v5 (#6333) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-14 10:39:57 +02:00
renovate[bot]
d3fbfc75f0 [deps]: Update anchore/scan-action action to v7 (#6393) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-10-13 15:36:04 +02:00
renovate[bot]
98210b5e9c [deps]: Update actions/github-script action to v8 (#6332) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
 2025-10-08 11:44:07 +02:00
Matt Andreko
7a6fa5a457 Revert "Temporarily hold sarif uploads (#6166)" (#6222) 2025-08-20 09:39:11 -04:00
renovate[bot]
3169c5fb85 [deps]: Update github-action minor (#5865) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Amy Galles <9685081+AmyLGalles@users.noreply.github.com>
Co-authored-by: Daniel García <dani-garcia@users.noreply.github.com>
 2025-08-20 12:19:12 +02:00
Daniel García
6971f0a976 Update Swashbuckle and improve generated OpenAPI files (#6066) 
* Improve generated OpenAPI files

* Nullable

* Fmt

* Correct powershell command

* Fix name

* Add some tests

* Fmt

* Switch to using json naming policy
 2025-08-18 18:40:50 +02:00
Matt Andreko
4e6a036f22 Temporarily hold sarif uploads (#6166) 2025-08-14 09:30:12 -04:00
Andy Pixley
5772c467de [BRE-831] migrate secrets AKV (#5962) 2025-07-09 15:02:11 -04:00
Vince Grassia
0bdd18d6b7 Remove logic for generating and uploading checksum artifacts (#5950) 2025-06-12 11:26:35 -04:00
aj-bw
25d5efacd8 set 0 when workflow is not ran (#5910) 2025-06-05 14:32:40 -04:00
aj-bw
6411cc63ca BRE-875/server-builds-intermittently-failing-after-introducing-build-cache (#5909) 
* increase logging

* remove caching for troubleshooting

* test max parallel of 3

* up parallel

* test removing cache again

* add permissions read

* edit permissions
 2025-06-03 12:40:46 -04:00
tangowithfoxtrot
20105b85aa fix: failing builds; Setup is no longer a dll (#5901) 2025-05-30 13:28:16 -07:00
tangowithfoxtrot
63f5811aa9 feat: non-root self hosted images for standard deployment (#5701) 
* Use IHttpMessageHandlerFactory For HTTP Communication

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* feat: allow custom app-id.json location for rootless

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>

* fix: new build context wont allow copying git context

* feat: allow images to run as non-root user

* fix: build failures caused by bad merge

* build: we don't need to copy the `.git` dir

* Revert "build: we don't need to copy the `.git` dir"

This reverts commit 32c2f6236a.

* Use `IHttpClientFactory` in more places

* update build workflow

* fix: compatibility with the existin run.sh script

* fix: compatibility with existing run.sh script

* Add SelfHosted GlobalSettings for Setup

* Fix my build error

* Add other services

* Add IConfiguration

* fix: missing gosu command for rootful mode

* fix: try using .net core certificate handling

* fix: add `SSL_CERT_DIR` to remaining images

* Remove X509ChainCustomization activation code

* Revert "Use IHttpMessageHandlerFactory For HTTP Communication"

This reverts commit c93be6d52b.

* Revert "fix: build failures caused by bad merge"

This reverts commit 3e4639489b.

* Revert "Use `IHttpClientFactory` in more places"

This reverts commit 284501a493.

* remove unused code

* re-add error log for installation id

* remove missing error message in log

* build: remove duplicate docker+qemu setup steps

Co-authored-by: Opeyemi <Alaoopeyemi101@gmail.com>

* build: optimize for simpler builds over caching

* build: restore previous method for getting the GIT_HASH

* fix: add missing build args to remaining images

* fix: rm extraneous source revision id arg

* fmt: apply consistent spacing and rm redundant WORKDIR directive

* build: update migrator to use simpler build; apply consistent spacing

* fix: merge conflicts; simplify changes

* fix: add publish branch check back

---------

Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com>
Co-authored-by: Opeyemi <Alaoopeyemi101@gmail.com>
 2025-05-30 10:29:47 -07:00
Vince Grassia
3aa9812353 Fix actionlint issues (#5841) 2025-05-20 12:44:01 -04:00
Todd Martin
af08d4b2a5 chore(workflows): Update image tag logic to handle forked branches 2025-05-08 11:27:06 -04:00
MtnBurrit0
cb9d7e450f Drop create_branch input, it's enabled by default. (#5634) 2025-04-10 10:44:31 -06:00
MtnBurrit0
8cd14d55dd EE sync improvements (#5620) 
* Leverage new workflow changes

* Refactor ephemeral-environment workflow

* Add .has_secrets check back into build
 2025-04-09 09:44:42 -06:00
Daniel García
887332b436 [PM-15127] Remove secrets requirement from build workflow (#5546) 
* [PM-15127] Remove secrets requirement from build workflow

* Remove unneeded check, fix target workflow

* Remove IF
 2025-03-31 15:19:55 +02:00
Matt Andreko
229aecb55c Update SARIF upload to use proper branch (#5534) 2025-03-24 14:20:42 -04:00
renovate[bot]
148a631178 [deps]: Update github/codeql-action action to v3.28.8 (#5292) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-31 15:59:39 +01:00
renovate[bot]
a9ef475046 [deps]: Update github-action minor (#5296) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-21 10:56:17 -08:00
renovate[bot]
f265911526 [deps] BRE: Update gh minor (#5016) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-09 10:09:55 +01:00
renovate[bot]
4b2030de77 [deps] BRE: Update anchore/scan-action action to v6 (#5180) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-03 11:35:28 -05:00
MtnBurrit0
840ff00189 BRE-292: Sync ephemeral environment with GH workflow (#5174) 
* Add sync_environment call

* Put callable workflow in it's own job

* Switch to context for GitHub input

* Set requirements and inherit secrets

* Add the condition to the job

* Update .github/workflows/build.yml

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>

---------

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
 2025-01-02 13:58:32 -07:00
Michał Chęciński
16488091d2 Remove is_workflow_call input from build workflow (#5161) 2024-12-17 10:45:02 -05:00
Opeyemi
d0c72a34f1 Update SH Unified Build trigger (#5154) 
* Update SH Unified Build trigger

* make value a boolean
 2024-12-16 15:21:05 +01:00
Matt Bishop
c0a9c55891 Fix image path formation for Cosign (#5151) 2024-12-13 10:26:45 -05:00
Matt Bishop
11bdb93d1e Sign main branch container builds with cosign (#5148) 
* Sign main branch container builds with cosign

* Properly label
 2024-12-13 09:41:17 -05:00
Michał Chęciński
470a12640e Trigger unified build on rc and hotfix-rc branches (#5108) 2024-12-04 13:18:58 +00:00
Matt Bishop
eec4a77bda Check run earlier during setup (#5022) 2024-11-11 13:19:20 -05:00
Alex Urbina
89be2f495a Fix Hackerone Report ID 2830741 (#5010) 2024-11-08 20:41:58 +00:00
MtnBurrit0
a56f3a587c Update logic to handle pull_request_target (#5008) 
- Removing the grep and create a conditional based on GITHUB_EVENT_NAME
 2024-11-08 11:58:07 -07:00
Matt Bishop
e7cbdaa469 Only build Unified on main branch pushes (#5006) 2024-11-08 10:31:18 -05:00
Matt Bishop
fcb706b9c5 Catch PR targets for certain build operations (#5003) 
* Catch PR targets for certain build operations

* Support EE
 2024-11-07 17:11:01 -05:00
Matt Bishop
f7957f7053 Check run permissions for secrets usage (#4992) 2024-11-07 09:56:57 -05:00
Matt Bishop
e7bd31c009 Check for secrets on Docker builds (#4985) 2024-11-06 13:56:12 -05:00
renovate[bot]
2abd37d2d7 [deps] DevOps: Update gh minor (#4945) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-30 11:23:50 -04:00
MtnBurrit0
724f2ee5e5 Secure inputs (#4927) 2024-10-22 10:29:57 -06:00
Opeyemi
c809794642 [BRE-372] - Clean up document start (#4915) 2024-10-21 13:11:59 +01:00
AJ
1fb366d42b Replace github.ref with GITHUB_REF in build.yml scripts (#4857) 
Data should be separated from code where possible to avoid injection (CWE-78).

* https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections
* https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables
 2024-10-17 11:50:31 -04:00
renovate[bot]
245e2e4d52 [deps] DevOps: Update gh minor (#4885) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-17 10:42:44 -04:00
renovate[bot]
8e62e9eb38 [deps] DevOps: Update anchore/scan-action action to v5 (#4892) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-17 10:42:26 -04:00
MtnBurrit0
96f58dc309 BRE-349: Call _update_ephemeral_tags workflow (#4850) 
* Kick off ephemeral environment updates

* Fix missing ,

* Switch to head_ref

* Update to `main`
 2024-10-10 09:49:04 -06:00
renovate[bot]
793ef3aab8 [deps] DevOps: Update gh minor (#4828) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-30 11:36:51 +02:00
renovate[bot]
3381bca608 [deps] DevOps: Update gh minor (#4780) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-24 11:31:57 -04:00
renovate[bot]
8891540972 [deps] DevOps: Update gh minor (#4723) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-04 09:44:19 -04:00