diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 0000000000..b238e832fd --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,363 @@ +name: Release + +on: + workflow_dispatch: {} + +jobs: + + cloc: + runs-on: ubuntu-latest + + steps: + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Set up cloc + run: | + sudo apt-get update + sudo apt-get -y install cloc + + - name: Print lines of code + run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git + + linux: + runs-on: ubuntu-latest + + steps: + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV + + - name: Set up environment + run: | + sudo apt-get update + sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev rpm + + - name: Set up snap + run: | + sudo snap install snapcraft --classic + # echo "$SNAP_TOKEN" | snapcraft login --with - + #env: + # SNAP_TOKEN: ${{ secrets.SNAP_TOKEN }} + + - name: Print environment + run: | + node --version + npm --version + snap --version + snapcraft --version || echo 'snapcraft unavailable' + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Build application + run: npm run dist:lin + + - name: Upload .deb artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-amd64.deb + + - name: Upload .rpm artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.rpm + + - name: Upload .freebsd artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.freebsd + + - name: Upload .snap artifact + uses: actions/upload-artifact@v2 + with: + name: bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap + path: ./dist/bitwarden_${{ env.PACKAGE_VERSION }}_amd64.snap + + - name: Upload .AppImage artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x86_64.AppImage + + #- name: Deploy to Snap Store + # run: | + # ./scripts/snap-update.ps1 -version $env:PACKAGE_VERSION + # snapcraft logout + # shell: pwsh + + windows: + runs-on: windows-latest + environment: test_ast + steps: + - name: Set up dotnet + uses: actions/setup-dotnet@v1 + with: + dotnet-version: "3.1.x" + + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append + shell: pwsh + + - name: Install AST + shell: pwsh + run: | + cd $HOME + + git clone https://github.com/vcsjones/AzureSignTool.git + cd AzureSignTool + $latest_head = $(git rev-parse HEAD)[0..9] -join "" + $latest_version = "0.0.0-g$latest_head" + + Write-Host "--------" + Write-Host "git commit - $(git rev-parse HEAD)" + Write-Host "latest_head - $latest_head" + Write-Host "PACKAGE VERSION TO BUILD - $latest_version" + Write-Host "--------" + + dotnet restore + dotnet pack --output ./nupkg + dotnet tool install --global --ignore-failed-sources --add-source ./nupkg --version $latest_version azuresigntool + + #- name: Set up environment + # shell: pwsh + # run: | + # choco install checksum --no-progress + # choco apikey --key $env:CHOCO_API_KEY --source https://push.chocolatey.org/ + # env: + # CHOCO_API_KEY: ${{ secrets.CHOCO_API_KEY }} + + - name: Print environment + run: | + node --version + npm --version + choco --version + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Build, Sign & Release + run: npm run publish:win + env: + ELECTRON_BUILDER_SIGN: 1 + SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} + SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} + SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} + SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} + SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + + - name: Rename appx files for store + shell: pwsh + run: | + Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32.appx" ` + -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx" + Copy-Item "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64.appx" ` + -Destination "./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx" + + - name: Upload portable exe artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + path: ./dist/Bitwarden-Portable-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload installer exe artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + path: ./dist/nsis-web/Bitwarden-Installer-${{ env.PACKAGE_VERSION }}.exe + + - name: Upload store appx ia32 artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx + + - name: Upload store appx x64 artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx + + #- name: Deploy to Chocolatey + # run: ./scripts/choco-update.ps1 -version $env:PACKAGE_VERSION + # shell: pwsh + + #- name: Upload Chocolatey nupkg artifact + # uses: actions/upload-artifact@v2 + # with: + # name: bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + # path: ./dist/chocolatey/bitwarden.${{ env.PACKAGE_VERSION }}.nupkg + + - name: Upload release assets + run: | + hub release edit ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-ia32-store.appx ` + -a ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-x64-store.appx ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }} + + macos: + runs-on: macos-latest + steps: + - name: Set up Node + uses: actions/setup-node@v1 + with: + node-version: '10.x' + + - name: Set Node options + run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV + + - name: Print environment + run: | + node --version + npm --version + Write-Output "GitHub ref: $env:GITHUB_REF" + Write-Output "GitHub event: $env:GITHUB_EVENT" + shell: pwsh + env: + GITHUB_REF: ${{ github.ref }} + GITHUB_EVENT: ${{ github.event_name }} + + - name: Checkout repo + uses: actions/checkout@v2 + + - name: Decrypt secrets + run: ./.github/scripts/macos/decrypt-secrets.ps1 + shell: pwsh + env: + DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }} + + - name: Set up keychain + run: ./.github/scripts/macos/setup-keychain.ps1 + shell: pwsh + env: + KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} + DESKTOP_KEY_PASSWORD: ${{ secrets.DESKTOP_KEY_PASSWORD }} + DEVID_CERT_PASSWORD: ${{ secrets.DEVID_CERT_PASSWORD }} + APPSTORE_CERT_PASSWORD: ${{ secrets.APPSTORE_CERT_PASSWORD }} + MACDEV_CERT_PASSWORD: ${{ secrets.MACDEV_CERT_PASSWORD }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Set up provisioning profiles + run: ./.github/scripts/macos/setup-profiles.ps1 + shell: pwsh + + - name: Increment version + run: ./.github/scripts/macos/increment-version.ps1 + shell: pwsh + + - name: Load package version + run: ./.github/scripts/load-version.ps1 + shell: pwsh + + - name: Install Node dependencies + run: npm install + + - name: Run linter + run: npm run lint + + - name: Create Safari directory + shell: pwsh + run: New-Item ./dist-safari -ItemType Directory -ea 0 + + - name: Checkout browser extension + uses: actions/checkout@v2 + with: + repository: 'bitwarden/browser' + path: 'dist-safari/browser' + + - name: Build Safari extension + shell: pwsh + run: ./scripts/safari-build.ps1 -skipcheckout -skipoutcopy + + - name: Load Safari extension for .dmg + shell: pwsh + run: ./scripts/safari-build.ps1 -copyonly + + - name: Build application (dist) + run: npm run dist:mac + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload .zip artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}-mac.zip + + - name: Upload .dmg artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}.dmg + path: ./dist/Bitwarden-${{ env.PACKAGE_VERSION }}.dmg + + - name: Load Safari extension for App Store + shell: pwsh + run: ./scripts/safari-build.ps1 -mas -copyonly + + - name: Build application for App Store + run: npm run dist:mac:mas + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload .pkg artifact + uses: actions/upload-artifact@v2 + with: + name: Bitwarden-${{ env.PACKAGE_VERSION }}.pkg + path: ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg + + - name: Deploy to App Store + run: npm run upload:mas + env: + APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} + APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} + + - name: Upload release assets + run: | + hub release edit ` + -a ./dist/mas/Bitwarden-${{ env.PACKAGE_VERSION }}.pkg ` + -m "$($env:RELEASE_TAG_NAME.TrimStart('v'))" ` + $env:RELEASE_TAG_NAME + shell: pwsh + env: + GITHUB_TOKEN: ${{ secrets.GH_TOKEN }} + RELEASE_TAG_NAME: ${{ github.event.release.tag_name }}