1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-05 09:10:53 +01:00
bitwarden-browser/.github/workflows/release.yml

Ignoring revisions in .git-blame-ignore-revs. Click here to bypass and see the normal blame view.

196 lines
6.9 KiB
YAML
Raw Normal View History

---
name: Release
on:
workflow_dispatch:
inputs:
release_type:
description: 'Release Options'
required: true
default: 'Initial Release'
type: choice
options:
- Initial Release
- Redeploy
2022-02-25 15:13:39 +01:00
- Dry Run
jobs:
setup:
name: Setup
Pinning ast version (#1080) * Pinning version of AST instead of using latest * adding the pinned version of the commit * adding an array join * pinning version of dotnet * trying the AST pin of the version we started using * disabling jobs and adding test step to window job * adding dotnet 2.1.x to see if that fixes the issue * removing the test code and testing the addition of .net 2.1.x * repinning to last successful sign * trying the newest version of AST * disabling the non-windows jobs again * disabling the windows build job and added a test job * removing stray comma * changing the multiline delimiter * pivoting away from our EV cert and testing with a test one * switching back to the EV cert and adding a verbose flag * disabling some steps that are breaking * swithing back to the test cert * testing new format for the ast command * removing the node portions of the test since they are not needed * trying AST without the tenat-id * rolling back to original commit * switching to custom AST for better troubleshooting * removing the ast commit logic and forcing latest * fixing up the pwsh sign command * fixing the AST verison * making sure that the secrets are not blank * trying the EV cert for signing * Using pinned commit from AST instead of custom code * fixing env * building the actually pinned commit instead of whatever the other thing was... * testing the windows job * removing the dotnet 2.1.x dependency since the older AST version shouldn't need it * reenabling the test ast job since something is failing * moving the git switch command * testing new gh-action * fixing the gh-action path * updating the hash of the new action * enabling the build jobs again * updating the hash for the new Install AST action * fixing linter issues
2021-09-16 19:15:05 +02:00
runs-on: ubuntu-20.04
outputs:
package_version: ${{ steps.retrieve-version.outputs.package_version }}
branch-name: ${{ steps.branch.outputs.branch-name }}
steps:
2021-06-01 20:21:04 +02:00
- name: Branch check
2022-02-25 15:13:39 +01:00
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
2021-06-01 20:21:04 +02:00
run: |
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix" ]]; then
2021-06-01 20:21:04 +02:00
echo "==================================="
echo "[!] Can only release from the 'rc' or 'hotfix' branches"
2021-06-01 20:21:04 +02:00
echo "==================================="
exit 1
fi
- name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
- name: Get Package Version
id: retrieve-version
run: |
PKG_VERSION=$(jq -r .version src/package.json)
echo "::set-output name=package_version::$PKG_VERSION"
- name: Check to make sure Desktop release version has been bumped
env:
2021-01-22 18:27:37 +01:00
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
latest_ver=$(hub release -L 1 -f '%T')
latest_ver=${latest_ver:1}
echo "Latest version: $latest_ver"
ver=${{ steps.retrieve-version.outputs.package_version }}
echo "Version: $ver"
if [ "$latest_ver" = "$ver" ] && \
[ "${{ github.event.inputs.release_type }}" == "Initial Release" ]; then
echo "Version has not been bumped!"
exit 1
fi
- name: Get branch name
id: branch
run: |
BRANCH_NAME=$(basename ${{ github.ref }})
echo "::set-output name=branch-name::$BRANCH_NAME"
- name: Download all artifacts
uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783
with:
workflow: build.yml
workflow_conclusion: success
branch: ${{ steps.branch.outputs.branch-name }}
- name: Rename .pkg to .pkg.archive
2022-02-10 18:51:50 +01:00
env:
PKG_VERSION: ${{ steps.retrieve-version.outputs.package_version }}
run: mv Bitwarden-${{ env.PKG_VERSION }}-universal.pkg Bitwarden-${{ env.PKG_VERSION }}-universal.pkg.archive
- name: Create release
2022-02-25 15:13:39 +01:00
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: ncipollo/release-action@95215a3cb6e6a1908b3c44e00b4fdb15548b1e09 # v2.8.5
env:
PKG_VERSION: ${{ steps.retrieve-version.outputs.package_version }}
with:
artifacts: "Bitwarden-${{ env.PKG_VERSION }}-amd64.deb,
Bitwarden-${{ env.PKG_VERSION }}-x86_64.rpm,
Bitwarden-${{ env.PKG_VERSION }}-x64.freebsd,
bitwarden_${{ env.PKG_VERSION }}_amd64.snap,
Bitwarden-${{ env.PKG_VERSION }}-x86_64.AppImage,
latest-linux.yml,
Bitwarden-Portable-${{ env.PKG_VERSION }}.exe,
Bitwarden-Installer-${{ env.PKG_VERSION }}.exe,
Bitwarden-${{ env.PKG_VERSION }}-ia32-store.appx,
Bitwarden-${{ env.PKG_VERSION }}-ia32.appx,
2021-10-27 22:10:15 +02:00
Bitwarden-${{ env.PKG_VERSION }}-ia32.nsis.7z,
Bitwarden-${{ env.PKG_VERSION }}-x64-store.appx,
Bitwarden-${{ env.PKG_VERSION }}-x64.appx,
2021-10-27 22:10:15 +02:00
Bitwarden-${{ env.PKG_VERSION }}-x64.nsis.7z,
Bitwarden-${{ env.PKG_VERSION }}-arm64-store.appx,
Bitwarden-${{ env.PKG_VERSION }}-arm64.appx,
2021-10-27 22:10:15 +02:00
Bitwarden-${{ env.PKG_VERSION }}-arm64.nsis.7z,
bitwarden.${{ env.PKG_VERSION }}.nupkg,
latest.yml,
2021-11-02 16:24:33 +01:00
Bitwarden-${{ env.PKG_VERSION }}-universal-mac.zip,
Bitwarden-${{ env.PKG_VERSION }}-universal.dmg,
Bitwarden-${{ env.PKG_VERSION }}-universal.dmg.blockmap,
latest-mac.yml,
Bitwarden-${{ env.PKG_VERSION }}-universal.pkg.archive"
commit: ${{ github.sha }}
tag: v${{ env.PKG_VERSION }}
name: Version ${{ env.PKG_VERSION }}
body: "<insert release notes here>"
token: ${{ secrets.GITHUB_TOKEN }}
draft: true
snap:
name: Deploy Snap
Pinning ast version (#1080) * Pinning version of AST instead of using latest * adding the pinned version of the commit * adding an array join * pinning version of dotnet * trying the AST pin of the version we started using * disabling jobs and adding test step to window job * adding dotnet 2.1.x to see if that fixes the issue * removing the test code and testing the addition of .net 2.1.x * repinning to last successful sign * trying the newest version of AST * disabling the non-windows jobs again * disabling the windows build job and added a test job * removing stray comma * changing the multiline delimiter * pivoting away from our EV cert and testing with a test one * switching back to the EV cert and adding a verbose flag * disabling some steps that are breaking * swithing back to the test cert * testing new format for the ast command * removing the node portions of the test since they are not needed * trying AST without the tenat-id * rolling back to original commit * switching to custom AST for better troubleshooting * removing the ast commit logic and forcing latest * fixing up the pwsh sign command * fixing the AST verison * making sure that the secrets are not blank * trying the EV cert for signing * Using pinned commit from AST instead of custom code * fixing env * building the actually pinned commit instead of whatever the other thing was... * testing the windows job * removing the dotnet 2.1.x dependency since the older AST version shouldn't need it * reenabling the test ast job since something is failing * moving the git switch command * testing new gh-action * fixing the gh-action path * updating the hash of the new action * enabling the build jobs again * updating the hash for the new Install AST action * fixing linter issues
2021-09-16 19:15:05 +02:00
runs-on: ubuntu-20.04
needs: setup
env:
_PKG_VERSION: ${{ needs.setup.outputs.package_version }}
steps:
- name: Checkout Repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-prod-kv"
secrets: "snapcraft-store-token"
- name: Install Snap
uses: samuelmeuli/action-snapcraft@10d7d0a84d9d86098b19f872257df314b0bd8e2d # v1.2.0
with:
snapcraft_token: ${{ steps.retrieve-secrets.outputs.snapcraft-store-token }}
- name: Setup
run: mkdir dist
- name: Download Snap artifact
uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783
with:
workflow: build.yml
workflow_conclusion: success
branch: ${{ needs.setup.outputs.branch-name }}
artifacts: bitwarden_${{ env._PKG_VERSION }}_amd64.snap
path: ./dist
- name: Test
run: ls -alht dist
- name: Deploy to Snap Store
2022-02-25 15:13:39 +01:00
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
run: |
snapcraft upload dist/bitwarden_${{ env._PKG_VERSION }}_amd64.snap --release stable
snapcraft logout
choco:
name: Deploy Choco
Pinning ast version (#1080) * Pinning version of AST instead of using latest * adding the pinned version of the commit * adding an array join * pinning version of dotnet * trying the AST pin of the version we started using * disabling jobs and adding test step to window job * adding dotnet 2.1.x to see if that fixes the issue * removing the test code and testing the addition of .net 2.1.x * repinning to last successful sign * trying the newest version of AST * disabling the non-windows jobs again * disabling the windows build job and added a test job * removing stray comma * changing the multiline delimiter * pivoting away from our EV cert and testing with a test one * switching back to the EV cert and adding a verbose flag * disabling some steps that are breaking * swithing back to the test cert * testing new format for the ast command * removing the node portions of the test since they are not needed * trying AST without the tenat-id * rolling back to original commit * switching to custom AST for better troubleshooting * removing the ast commit logic and forcing latest * fixing up the pwsh sign command * fixing the AST verison * making sure that the secrets are not blank * trying the EV cert for signing * Using pinned commit from AST instead of custom code * fixing env * building the actually pinned commit instead of whatever the other thing was... * testing the windows job * removing the dotnet 2.1.x dependency since the older AST version shouldn't need it * reenabling the test ast job since something is failing * moving the git switch command * testing new gh-action * fixing the gh-action path * updating the hash of the new action * enabling the build jobs again * updating the hash for the new Install AST action * fixing linter issues
2021-09-16 19:15:05 +02:00
runs-on: windows-2019
2021-01-22 00:06:32 +01:00
needs: setup
env:
_PKG_VERSION: ${{ needs.setup.outputs.package_version }}
steps:
- name: Checkout Repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
- name: Setup Chocolatey
run: choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/
2021-01-25 01:08:44 +01:00
env:
CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }}
- name: Make dist dir
shell: pwsh
run: New-Item -ItemType directory -Path ./dist
- name: Download choco artifact
uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783
with:
workflow: build.yml
workflow_conclusion: success
branch: ${{ needs.setup.outputs.branch-name }}
artifacts: bitwarden.${{ env._PKG_VERSION }}.nupkg
path: ./dist
- name: Push to Chocolatey
2022-02-25 15:13:39 +01:00
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
shell: pwsh
run: |
cd dist
choco push