mirror of
https://github.com/bitwarden/browser.git
synced 2024-12-22 16:29:09 +01:00
BRE-344 - Add Repository Management workflow (#11855)
This commit is contained in:
parent
adcd5bd307
commit
9d2c57d3d9
@ -1,124 +1,130 @@
|
|||||||
name: Version Bump
|
name: Repository management
|
||||||
|
|
||||||
on:
|
on:
|
||||||
workflow_dispatch:
|
workflow_dispatch:
|
||||||
inputs:
|
inputs:
|
||||||
|
task:
|
||||||
|
default: "Version Bump"
|
||||||
|
description: "Task to execute"
|
||||||
|
options:
|
||||||
|
- "Version Bump"
|
||||||
|
- "Version Bump and Cut rc"
|
||||||
|
required: true
|
||||||
|
type: choice
|
||||||
bump_browser:
|
bump_browser:
|
||||||
description: "Bump Browser?"
|
description: "Bump Browser version?"
|
||||||
type: boolean
|
type: boolean
|
||||||
default: false
|
default: false
|
||||||
bump_cli:
|
bump_cli:
|
||||||
description: "Bump CLI?"
|
description: "Bump CLI version?"
|
||||||
type: boolean
|
type: boolean
|
||||||
default: false
|
default: false
|
||||||
bump_desktop:
|
bump_desktop:
|
||||||
description: "Bump Desktop?"
|
description: "Bump Desktop version?"
|
||||||
type: boolean
|
type: boolean
|
||||||
default: false
|
default: false
|
||||||
bump_web:
|
bump_web:
|
||||||
description: "Bump Web?"
|
description: "Bump Web version?"
|
||||||
type: boolean
|
type: boolean
|
||||||
default: false
|
default: false
|
||||||
|
target_ref:
|
||||||
|
default: "main"
|
||||||
|
description: "Branch/Tag to target for cut"
|
||||||
|
required: true
|
||||||
|
type: string
|
||||||
version_number_override:
|
version_number_override:
|
||||||
description: "New version override (leave blank for automatic calculation, example: '2024.1.0')"
|
description: "New version override (leave blank for automatic calculation, example: '2024.1.0')"
|
||||||
required: false
|
required: false
|
||||||
type: string
|
type: string
|
||||||
cut_rc_branch:
|
|
||||||
description: "Cut RC branch?"
|
|
||||||
default: true
|
|
||||||
type: boolean
|
|
||||||
enable_slack_notification:
|
|
||||||
description: "Enable Slack notifications for upcoming release?"
|
|
||||||
default: false
|
|
||||||
type: boolean
|
|
||||||
|
|
||||||
jobs:
|
jobs:
|
||||||
|
setup:
|
||||||
|
name: Setup
|
||||||
|
runs-on: ubuntu-24.04
|
||||||
|
outputs:
|
||||||
|
branch: ${{ steps.set-branch.outputs.branch }}
|
||||||
|
token: ${{ steps.app-token.outputs.token }}
|
||||||
|
steps:
|
||||||
|
- name: Set branch
|
||||||
|
id: set-branch
|
||||||
|
env:
|
||||||
|
TASK: ${{ inputs.task }}
|
||||||
|
run: |
|
||||||
|
if [[ "$TASK" == "Version Bump" ]]; then
|
||||||
|
BRANCH="none"
|
||||||
|
elif [[ "$TASK" == "Version Bump and Cut rc" ]]; then
|
||||||
|
BRANCH="rc"
|
||||||
|
fi
|
||||||
|
|
||||||
|
echo "branch=$BRANCH" >> $GITHUB_OUTPUT
|
||||||
|
|
||||||
|
- name: Generate GH App token
|
||||||
|
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
|
||||||
|
id: app-token
|
||||||
|
with:
|
||||||
|
app-id: ${{ secrets.BW_GHAPP_ID }}
|
||||||
|
private-key: ${{ secrets.BW_GHAPP_KEY }}
|
||||||
|
|
||||||
|
|
||||||
|
cut_branch:
|
||||||
|
name: Cut branch
|
||||||
|
if: ${{ needs.setup.outputs.branch == 'rc' }}
|
||||||
|
needs: setup
|
||||||
|
runs-on: ubuntu-24.04
|
||||||
|
steps:
|
||||||
|
- name: Check out target ref
|
||||||
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
|
with:
|
||||||
|
ref: ${{ inputs.target_ref }}
|
||||||
|
token: ${{ needs.setup.outputs.token }}
|
||||||
|
|
||||||
|
- name: Check if ${{ needs.setup.outputs.branch }} branch exists
|
||||||
|
env:
|
||||||
|
BRANCH_NAME: ${{ needs.setup.outputs.branch }}
|
||||||
|
run: |
|
||||||
|
if [[ $(git ls-remote --heads origin $BRANCH_NAME) ]]; then
|
||||||
|
echo "$BRANCH_NAME already exists! Please delete $BRANCH_NAME before running again." >> $GITHUB_STEP_SUMMARY
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
- name: Cut branch
|
||||||
|
env:
|
||||||
|
BRANCH_NAME: ${{ needs.setup.outputs.branch }}
|
||||||
|
run: |
|
||||||
|
git switch --quiet --create $BRANCH_NAME
|
||||||
|
git push --quiet --set-upstream origin $BRANCH_NAME
|
||||||
|
|
||||||
|
|
||||||
bump_version:
|
bump_version:
|
||||||
name: Bump Version
|
name: Bump Version
|
||||||
runs-on: ubuntu-22.04
|
if: ${{ always() }}
|
||||||
|
runs-on: ubuntu-24.04
|
||||||
|
needs:
|
||||||
|
- cut_branch
|
||||||
|
- setup
|
||||||
outputs:
|
outputs:
|
||||||
version_browser: ${{ steps.set-final-version-output.outputs.version_browser }}
|
version_browser: ${{ steps.set-final-version-output.outputs.version_browser }}
|
||||||
version_cli: ${{ steps.set-final-version-output.outputs.version_cli }}
|
version_cli: ${{ steps.set-final-version-output.outputs.version_cli }}
|
||||||
version_desktop: ${{ steps.set-final-version-output.outputs.version_desktop }}
|
version_desktop: ${{ steps.set-final-version-output.outputs.version_desktop }}
|
||||||
version_web: ${{ steps.set-final-version-output.outputs.version_web }}
|
version_web: ${{ steps.set-final-version-output.outputs.version_web }}
|
||||||
steps:
|
steps:
|
||||||
- name: Validate version input
|
- name: Validate version input format
|
||||||
if: ${{ inputs.version_number_override != '' }}
|
if: ${{ inputs.version_number_override != '' }}
|
||||||
uses: bitwarden/gh-actions/version-check@main
|
uses: bitwarden/gh-actions/version-check@main
|
||||||
with:
|
with:
|
||||||
version: ${{ inputs.version_number_override }}
|
version: ${{ inputs.version_number_override }}
|
||||||
|
|
||||||
- name: Slack Notification Check
|
- name: Check out branch
|
||||||
run: |
|
|
||||||
if [[ "${{ inputs.enable_slack_notification }}" == true ]]; then
|
|
||||||
echo "Slack notifications enabled."
|
|
||||||
else
|
|
||||||
echo "Slack notifications disabled."
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Checkout Branch
|
|
||||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
with:
|
with:
|
||||||
ref: main
|
ref: main
|
||||||
|
token: ${{ needs.setup.outputs.token }}
|
||||||
|
|
||||||
- name: Check if RC branch exists
|
- name: Configure Git
|
||||||
if: ${{ inputs.cut_rc_branch == true }}
|
|
||||||
run: |
|
run: |
|
||||||
remote_rc_branch_check=$(git ls-remote --heads origin rc | wc -l)
|
git config --local user.email "actions@github.com"
|
||||||
if [[ "${remote_rc_branch_check}" -gt 0 ]]; then
|
git config --local user.name "Github Actions"
|
||||||
echo "Remote RC branch exists."
|
|
||||||
echo "Please delete current RC branch before running again."
|
|
||||||
exit 1
|
|
||||||
fi
|
|
||||||
|
|
||||||
- name: Login to Azure - CI Subscription
|
|
||||||
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
|
|
||||||
with:
|
|
||||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
|
||||||
|
|
||||||
- name: Retrieve secrets
|
|
||||||
id: retrieve-secrets
|
|
||||||
uses: bitwarden/gh-actions/get-keyvault-secrets@main
|
|
||||||
with:
|
|
||||||
keyvault: "bitwarden-ci"
|
|
||||||
secrets: "github-gpg-private-key,
|
|
||||||
github-gpg-private-key-passphrase"
|
|
||||||
|
|
||||||
- name: Import GPG key
|
|
||||||
uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
|
|
||||||
with:
|
|
||||||
gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }}
|
|
||||||
passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }}
|
|
||||||
git_user_signingkey: true
|
|
||||||
git_commit_gpgsign: true
|
|
||||||
|
|
||||||
- name: Setup git
|
|
||||||
run: |
|
|
||||||
git config --local user.email "106330231+bitwarden-devops-bot@users.noreply.github.com"
|
|
||||||
git config --local user.name "bitwarden-devops-bot"
|
|
||||||
|
|
||||||
- name: Create Version Branch
|
|
||||||
id: create-branch
|
|
||||||
run: |
|
|
||||||
CLIENTS=()
|
|
||||||
if [[ ${{ inputs.bump_browser }} == true ]]; then
|
|
||||||
CLIENTS+=("browser")
|
|
||||||
fi
|
|
||||||
if [[ ${{ inputs.bump_cli }} == true ]]; then
|
|
||||||
CLIENTS+=("cli")
|
|
||||||
fi
|
|
||||||
if [[ ${{ inputs.bump_desktop }} == true ]]; then
|
|
||||||
CLIENTS+=("desktop")
|
|
||||||
fi
|
|
||||||
if [[ ${{ inputs.bump_web }} == true ]]; then
|
|
||||||
CLIENTS+=("web")
|
|
||||||
fi
|
|
||||||
printf -v joined '%s,' "${CLIENTS[@]}"
|
|
||||||
echo "client=${joined%,}" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
NAME=version_bump_${{ github.ref_name }}_$(date +"%Y-%m-%d")
|
|
||||||
git switch -c $NAME
|
|
||||||
echo "name=$NAME" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
########################
|
########################
|
||||||
# VERSION BUMP SECTION #
|
# VERSION BUMP SECTION #
|
||||||
@ -165,7 +171,9 @@ jobs:
|
|||||||
- name: Bump Browser Version - Version Override
|
- name: Bump Browser Version - Version Override
|
||||||
if: ${{ inputs.bump_browser == true && inputs.version_number_override != '' }}
|
if: ${{ inputs.bump_browser == true && inputs.version_number_override != '' }}
|
||||||
id: bump-browser-version-override
|
id: bump-browser-version-override
|
||||||
run: npm version --workspace=@bitwarden/browser ${{ inputs.version_number_override }}
|
env:
|
||||||
|
VERSION: ${{ inputs.version_number_override }}
|
||||||
|
run: npm version --workspace=@bitwarden/browser $VERSION
|
||||||
|
|
||||||
- name: Bump Browser Version - Automatic Calculation
|
- name: Bump Browser Version - Automatic Calculation
|
||||||
if: ${{ inputs.bump_browser == true && inputs.version_number_override == '' }}
|
if: ${{ inputs.bump_browser == true && inputs.version_number_override == '' }}
|
||||||
@ -250,7 +258,9 @@ jobs:
|
|||||||
- name: Bump CLI Version - Version Override
|
- name: Bump CLI Version - Version Override
|
||||||
if: ${{ inputs.bump_cli == true && inputs.version_number_override != '' }}
|
if: ${{ inputs.bump_cli == true && inputs.version_number_override != '' }}
|
||||||
id: bump-cli-version-override
|
id: bump-cli-version-override
|
||||||
run: npm version --workspace=@bitwarden/cli ${{ inputs.version_number_override }}
|
env:
|
||||||
|
VERSION: ${{ inputs.version_number_override }}
|
||||||
|
run: npm version --workspace=@bitwarden/cli $VERSION
|
||||||
|
|
||||||
- name: Bump CLI Version - Automatic Calculation
|
- name: Bump CLI Version - Automatic Calculation
|
||||||
if: ${{ inputs.bump_cli == true && inputs.version_number_override == '' }}
|
if: ${{ inputs.bump_cli == true && inputs.version_number_override == '' }}
|
||||||
@ -300,7 +310,9 @@ jobs:
|
|||||||
- name: Bump Desktop Version - Root - Version Override
|
- name: Bump Desktop Version - Root - Version Override
|
||||||
if: ${{ inputs.bump_desktop == true && inputs.version_number_override != '' }}
|
if: ${{ inputs.bump_desktop == true && inputs.version_number_override != '' }}
|
||||||
id: bump-desktop-version-override
|
id: bump-desktop-version-override
|
||||||
run: npm version --workspace=@bitwarden/desktop ${{ inputs.version_number_override }}
|
env:
|
||||||
|
VERSION: ${{ inputs.version_number_override }}
|
||||||
|
run: npm version --workspace=@bitwarden/desktop $VERSION
|
||||||
|
|
||||||
- name: Bump Desktop Version - Root - Automatic Calculation
|
- name: Bump Desktop Version - Root - Automatic Calculation
|
||||||
if: ${{ inputs.bump_desktop == true && inputs.version_number_override == '' }}
|
if: ${{ inputs.bump_desktop == true && inputs.version_number_override == '' }}
|
||||||
@ -311,7 +323,9 @@ jobs:
|
|||||||
|
|
||||||
- name: Bump Desktop Version - App - Version Override
|
- name: Bump Desktop Version - App - Version Override
|
||||||
if: ${{ inputs.bump_desktop == true && inputs.version_number_override != '' }}
|
if: ${{ inputs.bump_desktop == true && inputs.version_number_override != '' }}
|
||||||
run: npm version ${{ inputs.version_number_override }}
|
env:
|
||||||
|
VERSION: ${{ inputs.version_number_override }}
|
||||||
|
run: npm version $VERSION
|
||||||
working-directory: "apps/desktop/src"
|
working-directory: "apps/desktop/src"
|
||||||
|
|
||||||
- name: Bump Desktop Version - App - Automatic Calculation
|
- name: Bump Desktop Version - App - Automatic Calculation
|
||||||
@ -362,7 +376,9 @@ jobs:
|
|||||||
- name: Bump Web Version - Version Override
|
- name: Bump Web Version - Version Override
|
||||||
if: ${{ inputs.bump_web == true && inputs.version_number_override != '' }}
|
if: ${{ inputs.bump_web == true && inputs.version_number_override != '' }}
|
||||||
id: bump-web-version-override
|
id: bump-web-version-override
|
||||||
run: npm version --workspace=@bitwarden/web-vault ${{ inputs.version_number_override }}
|
env:
|
||||||
|
VERSION: ${{ inputs.version_number_override }}
|
||||||
|
run: npm version --workspace=@bitwarden/web-vault $VERSION
|
||||||
|
|
||||||
- name: Bump Web Version - Automatic Calculation
|
- name: Bump Web Version - Automatic Calculation
|
||||||
if: ${{ inputs.bump_web == true && inputs.version_number_override == '' }}
|
if: ${{ inputs.bump_web == true && inputs.version_number_override == '' }}
|
||||||
@ -375,27 +391,29 @@ jobs:
|
|||||||
|
|
||||||
- name: Set final version output
|
- name: Set final version output
|
||||||
id: set-final-version-output
|
id: set-final-version-output
|
||||||
|
env:
|
||||||
|
VERSION: ${{ inputs.version_number_override }}
|
||||||
run: |
|
run: |
|
||||||
if [[ "${{ steps.bump-browser-version-override.outcome }}" = "success" ]]; then
|
if [[ "${{ steps.bump-browser-version-override.outcome }}" = "success" ]]; then
|
||||||
echo "version_browser=${{ inputs.version_number_override }}" >> $GITHUB_OUTPUT
|
echo "version_browser=$VERSION" >> $GITHUB_OUTPUT
|
||||||
elif [[ "${{ steps.bump-browser-version-automatic.outcome }}" = "success" ]]; then
|
elif [[ "${{ steps.bump-browser-version-automatic.outcome }}" = "success" ]]; then
|
||||||
echo "version_browser=${{ steps.calculate-next-browser-version.outputs.version }}" >> $GITHUB_OUTPUT
|
echo "version_browser=${{ steps.calculate-next-browser-version.outputs.version }}" >> $GITHUB_OUTPUT
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "${{ steps.bump-cli-version-override.outcome }}" = "success" ]]; then
|
if [[ "${{ steps.bump-cli-version-override.outcome }}" = "success" ]]; then
|
||||||
echo "version_cli=${{ inputs.version_number_override }}" >> $GITHUB_OUTPUT
|
echo "version_cli=$VERSION" >> $GITHUB_OUTPUT
|
||||||
elif [[ "${{ steps.bump-cli-version-automatic.outcome }}" = "success" ]]; then
|
elif [[ "${{ steps.bump-cli-version-automatic.outcome }}" = "success" ]]; then
|
||||||
echo "version_cli=${{ steps.calculate-next-cli-version.outputs.version }}" >> $GITHUB_OUTPUT
|
echo "version_cli=${{ steps.calculate-next-cli-version.outputs.version }}" >> $GITHUB_OUTPUT
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "${{ steps.bump-desktop-version-override.outcome }}" = "success" ]]; then
|
if [[ "${{ steps.bump-desktop-version-override.outcome }}" = "success" ]]; then
|
||||||
echo "version_desktop=${{ inputs.version_number_override }}" >> $GITHUB_OUTPUT
|
echo "version_desktop=$VERSION" >> $GITHUB_OUTPUT
|
||||||
elif [[ "${{ steps.bump-desktop-version-automatic.outcome }}" = "success" ]]; then
|
elif [[ "${{ steps.bump-desktop-version-automatic.outcome }}" = "success" ]]; then
|
||||||
echo "version_desktop=${{ steps.calculate-next-desktop-version.outputs.version }}" >> $GITHUB_OUTPUT
|
echo "version_desktop=${{ steps.calculate-next-desktop-version.outputs.version }}" >> $GITHUB_OUTPUT
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ "${{ steps.bump-web-version-override.outcome }}" = "success" ]]; then
|
if [[ "${{ steps.bump-web-version-override.outcome }}" = "success" ]]; then
|
||||||
echo "version_web=${{ inputs.version_number_override }}" >> $GITHUB_OUTPUT
|
echo "version_web=$VERSION" >> $GITHUB_OUTPUT
|
||||||
elif [[ "${{ steps.bump-web-version-automatic.outcome }}" = "success" ]]; then
|
elif [[ "${{ steps.bump-web-version-automatic.outcome }}" = "success" ]]; then
|
||||||
echo "version_web=${{ steps.calculate-next-web-version.outputs.version }}" >> $GITHUB_OUTPUT
|
echo "version_web=${{ steps.calculate-next-web-version.outputs.version }}" >> $GITHUB_OUTPUT
|
||||||
fi
|
fi
|
||||||
@ -416,199 +434,52 @@ jobs:
|
|||||||
|
|
||||||
- name: Push changes
|
- name: Push changes
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
|
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
|
||||||
env:
|
run: git push
|
||||||
PR_BRANCH: ${{ steps.create-branch.outputs.name }}
|
|
||||||
run: git push -u origin $PR_BRANCH
|
|
||||||
|
|
||||||
- name: Generate PR message
|
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
|
|
||||||
id: pr-message
|
|
||||||
run: |
|
|
||||||
MESSAGE=""
|
|
||||||
if [[ "${{ inputs.bump_browser }}" == "true" ]]; then
|
|
||||||
MESSAGE+=$' Browser version bump to ${{ steps.set-final-version-output.outputs.version_browser }}\n'
|
|
||||||
fi
|
|
||||||
|
|
||||||
if [[ "${{ inputs.bump_cli }}" == "true" ]]; then
|
cherry_pick:
|
||||||
MESSAGE+=$' CLI version bump to ${{ steps.set-final-version-output.outputs.version_cli }}\n'
|
name: Cherry-Pick Commit(s)
|
||||||
fi
|
if: ${{ needs.setup.outputs.branch == 'rc' }}
|
||||||
|
runs-on: ubuntu-24.04
|
||||||
if [[ "${{ inputs.bump_desktop }}" == "true" ]]; then
|
needs:
|
||||||
MESSAGE+=$' Desktop version bump to ${{ steps.set-final-version-output.outputs.version_desktop }}\n'
|
- bump_version
|
||||||
fi
|
- setup
|
||||||
|
|
||||||
if [[ "${{ inputs.bump_web }}" == "true" ]]; then
|
|
||||||
MESSAGE+=$' Web version bump to ${{ steps.set-final-version-output.outputs.version_web }}\n'
|
|
||||||
fi
|
|
||||||
|
|
||||||
echo "MESSAGE<<EOF" >> $GITHUB_ENV
|
|
||||||
echo "$MESSAGE" >> $GITHUB_ENV
|
|
||||||
echo "EOF" >> $GITHUB_ENV
|
|
||||||
|
|
||||||
- name: Generate GH App token
|
|
||||||
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
|
|
||||||
id: app-token
|
|
||||||
with:
|
|
||||||
app-id: ${{ secrets.BW_GHAPP_ID }}
|
|
||||||
private-key: ${{ secrets.BW_GHAPP_KEY }}
|
|
||||||
owner: ${{ github.repository_owner }}
|
|
||||||
|
|
||||||
- name: Create Version PR
|
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
|
|
||||||
id: create-pr
|
|
||||||
env:
|
|
||||||
GH_TOKEN: ${{ steps.app-token.outputs.token }}
|
|
||||||
PR_BRANCH: ${{ steps.create-branch.outputs.name }}
|
|
||||||
TITLE: "Bump client(s) version"
|
|
||||||
run: |
|
|
||||||
PR_URL=$(gh pr create --title "$TITLE" \
|
|
||||||
--base "main" \
|
|
||||||
--head "$PR_BRANCH" \
|
|
||||||
--label "version update" \
|
|
||||||
--label "automated pr" \
|
|
||||||
--body "
|
|
||||||
## Type of change
|
|
||||||
- [ ] Bug fix
|
|
||||||
- [ ] New feature development
|
|
||||||
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
|
|
||||||
- [ ] Build/deploy pipeline (DevOps)
|
|
||||||
- [X] Other
|
|
||||||
|
|
||||||
## Objective
|
|
||||||
$MESSAGE")
|
|
||||||
|
|
||||||
echo "pr_number=${PR_URL##*/}" >> $GITHUB_OUTPUT
|
|
||||||
|
|
||||||
- name: Approve PR
|
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
|
|
||||||
env:
|
|
||||||
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
|
|
||||||
PR_NUMBER: ${{ steps.create-pr.outputs.pr_number }}
|
|
||||||
run: gh pr review $PR_NUMBER --approve
|
|
||||||
|
|
||||||
- name: Merge PR
|
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
|
|
||||||
env:
|
|
||||||
GH_TOKEN: ${{ steps.app-token.outputs.token }}
|
|
||||||
PR_NUMBER: ${{ steps.create-pr.outputs.pr_number }}
|
|
||||||
run: gh pr merge $PR_NUMBER --squash --auto --delete-branch
|
|
||||||
|
|
||||||
- name: Report upcoming browser release version to Slack
|
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' && steps.set-final-version-output.outputs.version_browser != '' && inputs.enable_slack_notification == true }}
|
|
||||||
uses: bitwarden/gh-actions/report-upcoming-release-version@main
|
|
||||||
with:
|
|
||||||
version: ${{ steps.set-final-version-output.outputs.version_browser }}
|
|
||||||
project: browser
|
|
||||||
AZURE_KV_CI_SERVICE_PRINCIPAL: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
|
||||||
|
|
||||||
- name: Report upcoming cli release version to Slack
|
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' && steps.set-final-version-output.outputs.version_cli != '' && inputs.enable_slack_notification == true }}
|
|
||||||
uses: bitwarden/gh-actions/report-upcoming-release-version@main
|
|
||||||
with:
|
|
||||||
version: ${{ steps.set-final-version-output.outputs.version_cli }}
|
|
||||||
project: cli
|
|
||||||
AZURE_KV_CI_SERVICE_PRINCIPAL: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
|
||||||
|
|
||||||
- name: Report upcoming desktop release version to Slack
|
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' && steps.set-final-version-output.outputs.version_desktop != '' && inputs.enable_slack_notification == true }}
|
|
||||||
uses: bitwarden/gh-actions/report-upcoming-release-version@main
|
|
||||||
with:
|
|
||||||
version: ${{ steps.set-final-version-output.outputs.version_desktop }}
|
|
||||||
project: desktop
|
|
||||||
AZURE_KV_CI_SERVICE_PRINCIPAL: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
|
||||||
|
|
||||||
- name: Report upcoming web release version to Slack
|
|
||||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' && steps.set-final-version-output.outputs.version_web != '' && inputs.enable_slack_notification == true }}
|
|
||||||
uses: bitwarden/gh-actions/report-upcoming-release-version@main
|
|
||||||
with:
|
|
||||||
version: ${{ steps.set-final-version-output.outputs.version_web }}
|
|
||||||
project: web
|
|
||||||
AZURE_KV_CI_SERVICE_PRINCIPAL: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
|
||||||
|
|
||||||
cut_rc:
|
|
||||||
name: Cut RC branch
|
|
||||||
if: ${{ inputs.cut_rc_branch == true }}
|
|
||||||
needs: bump_version
|
|
||||||
runs-on: ubuntu-22.04
|
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout Branch
|
- name: Check out main branch
|
||||||
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
with:
|
with:
|
||||||
ref: main
|
ref: main
|
||||||
|
token: ${{ needs.setup.outputs.token }}
|
||||||
|
|
||||||
### Browser
|
- name: Configure Git
|
||||||
- name: Browser - Verify version has been updated
|
|
||||||
if: ${{ inputs.bump_browser == true }}
|
|
||||||
env:
|
|
||||||
NEW_VERSION: ${{ needs.bump_version.outputs.version_browser }}
|
|
||||||
run: |
|
run: |
|
||||||
# Wait for version to change.
|
git config --local user.email "actions@github.com"
|
||||||
while : ; do
|
git config --local user.name "Github Actions"
|
||||||
echo "Waiting for version to be updated..."
|
|
||||||
git pull --force
|
|
||||||
CURRENT_VERSION=$(cat package.json | jq -r '.version')
|
|
||||||
|
|
||||||
# If the versions don't match we continue the loop, otherwise we break out of the loop.
|
- name: Perform cherry-pick(s)
|
||||||
[[ "$NEW_VERSION" != "$CURRENT_VERSION" ]] || break
|
|
||||||
sleep 10
|
|
||||||
done
|
|
||||||
working-directory: apps/browser
|
|
||||||
|
|
||||||
### CLI
|
|
||||||
- name: CLI - Verify version has been updated
|
|
||||||
if: ${{ inputs.bump_cli == true }}
|
|
||||||
env:
|
|
||||||
NEW_VERSION: ${{ needs.bump_version.outputs.version_cli }}
|
|
||||||
run: |
|
run: |
|
||||||
# Wait for version to change.
|
# Function for cherry-picking
|
||||||
while : ; do
|
cherry_pick () {
|
||||||
echo "Waiting for version to be updated..."
|
local package_path="apps/$1/package.json"
|
||||||
git pull --force
|
local source_branch=$2
|
||||||
CURRENT_VERSION=$(cat package.json | jq -r '.version')
|
local destination_branch=$3
|
||||||
|
|
||||||
# If the versions don't match we continue the loop, otherwise we break out of the loop.
|
# Get project commit/version from source branch
|
||||||
[[ "$NEW_VERSION" != "$CURRENT_VERSION" ]] || break
|
git switch $source_branch
|
||||||
sleep 10
|
SOURCE_COMMIT=$(git log --reverse --pretty=format:"%H" --max-count=1 $package_path)
|
||||||
done
|
SOURCE_VERSION=$(cat $package_path | jq -r '.version')
|
||||||
working-directory: apps/cli
|
|
||||||
|
|
||||||
### Desktop
|
# Get project commit/version from destination branch
|
||||||
- name: Desktop - Verify version has been updated
|
git switch $destination_branch
|
||||||
if: ${{ inputs.bump_desktop == true }}
|
DESTINATION_VERSION=$(cat $package_path | jq -r '.version')
|
||||||
env:
|
|
||||||
NEW_VERSION: ${{ needs.bump_version.outputs.version_desktop }}
|
|
||||||
run: |
|
|
||||||
# Wait for version to change.
|
|
||||||
while : ; do
|
|
||||||
echo "Waiting for version to be updated..."
|
|
||||||
git pull --force
|
|
||||||
CURRENT_VERSION=$(cat package.json | jq -r '.version')
|
|
||||||
|
|
||||||
# If the versions don't match we continue the loop, otherwise we break out of the loop.
|
if [[ "$DESTINATION_VERSION" != "$SOURCE_VERSION" ]]; then
|
||||||
[[ "$NEW_VERSION" != "$CURRENT_VERSION" ]] || break
|
git cherry-pick --strategy-option=theirs -x $SOURCE_COMMIT
|
||||||
sleep 10
|
git push -u origin $destination_branch
|
||||||
done
|
fi
|
||||||
working-directory: apps/desktop
|
|
||||||
|
|
||||||
### Web
|
# Cherry-pick from 'main' into 'rc'
|
||||||
- name: Web - Verify version has been updated
|
cherry_pick browser main rc
|
||||||
if: ${{ inputs.bump_web == true }}
|
cherry_pick cli main rc
|
||||||
env:
|
cherry_pick desktop main rc
|
||||||
NEW_VERSION: ${{ needs.bump_version.outputs.version_web }}
|
cherry_pick web main rc
|
||||||
run: |
|
|
||||||
# Wait for version to change.
|
|
||||||
while : ; do
|
|
||||||
echo "Waiting for version to be updated..."
|
|
||||||
git pull --force
|
|
||||||
CURRENT_VERSION=$(cat package.json | jq -r '.version')
|
|
||||||
|
|
||||||
# If the versions don't match we continue the loop, otherwise we break out of the loop.
|
|
||||||
[[ "$NEW_VERSION" != "$CURRENT_VERSION" ]] || break
|
|
||||||
sleep 10
|
|
||||||
done
|
|
||||||
working-directory: apps/web
|
|
||||||
|
|
||||||
- name: Cut RC branch
|
|
||||||
run: |
|
|
||||||
git switch --quiet --create rc
|
|
||||||
git push --quiet --set-upstream origin rc
|
|
64
.github/workflows/version-auto-bump.yml
vendored
64
.github/workflows/version-auto-bump.yml
vendored
@ -8,27 +8,55 @@ on:
|
|||||||
jobs:
|
jobs:
|
||||||
bump-version:
|
bump-version:
|
||||||
name: Bump Desktop Version
|
name: Bump Desktop Version
|
||||||
runs-on: ubuntu-22.04
|
runs-on: ubuntu-24.04
|
||||||
steps:
|
steps:
|
||||||
- name: Login to Azure - CI Subscription
|
- name: Generate GH App token
|
||||||
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
|
uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
|
||||||
|
id: app-token
|
||||||
with:
|
with:
|
||||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
app-id: ${{ secrets.BW_GHAPP_ID }}
|
||||||
|
private-key: ${{ secrets.BW_GHAPP_KEY }}
|
||||||
|
|
||||||
- name: Retrieve bot secrets
|
- name: Check out target ref
|
||||||
id: retrieve-bot-secrets
|
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
|
||||||
uses: bitwarden/gh-actions/get-keyvault-secrets@main
|
|
||||||
with:
|
with:
|
||||||
keyvault: bitwarden-ci
|
ref: main
|
||||||
secrets: "github-pat-bitwarden-devops-bot-repo-scope"
|
token: ${{ steps.app-token.outputs.token }}
|
||||||
|
|
||||||
- name: Trigger Version Bump workflow
|
- name: Configure Git
|
||||||
env:
|
|
||||||
GH_TOKEN: ${{ steps.retrieve-bot-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
|
|
||||||
run: |
|
run: |
|
||||||
echo '{"cut_rc_branch": "false",
|
git config --local user.email "actions@github.com"
|
||||||
"bump_browser": "false",
|
git config --local user.name "Github Actions"
|
||||||
"bump_cli": "false",
|
|
||||||
"bump_desktop": "true",
|
- name: Get current Desktop version
|
||||||
"bump_web": "false"}' | \
|
id: current-desktop-version
|
||||||
gh workflow run version-bump.yml --json --repo bitwarden/clients
|
run: |
|
||||||
|
CURRENT_VERSION=$(cat package.json | jq -r '.version')
|
||||||
|
echo "version=$CURRENT_VERSION" >> $GITHUB_OUTPUT
|
||||||
|
working-directory: apps/desktop
|
||||||
|
|
||||||
|
- name: Calculate next Desktop release version
|
||||||
|
id: calculate-next-desktop-version
|
||||||
|
uses: bitwarden/gh-actions/version-next@main
|
||||||
|
with:
|
||||||
|
version: ${{ steps.current-desktop-version.outputs.version }}
|
||||||
|
|
||||||
|
- name: Bump Desktop Version - Root - Automatic Calculation
|
||||||
|
id: bump-desktop-version-automatic
|
||||||
|
env:
|
||||||
|
VERSION: ${{ steps.calculate-next-desktop-version.outputs.version }}
|
||||||
|
run: npm version --workspace=@bitwarden/desktop $VERSION
|
||||||
|
|
||||||
|
- name: Bump Desktop Version - App - Automatic Calculation
|
||||||
|
env:
|
||||||
|
VERSION: ${{ steps.calculate-next-desktop-version.outputs.version }}
|
||||||
|
run: npm version $VERSION
|
||||||
|
working-directory: "apps/desktop/src"
|
||||||
|
|
||||||
|
- name: Commit files
|
||||||
|
env:
|
||||||
|
VERSION: ${{ steps.calculate-next-desktop-version.outputs.version }}
|
||||||
|
run: git commit -m "Bumped Desktop client to $VERSION" -a
|
||||||
|
|
||||||
|
- name: Push changes
|
||||||
|
run: git push
|
||||||
|
Loading…
Reference in New Issue
Block a user