1
0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-22 11:45:59 +01:00

Devops 1323 pin actions versions (#5346)

* update all actions for version pin

* Fix typo

* Actions version pin final push

* upadte set-up DCT job to use latest gh action
This commit is contained in:
Opeyemi 2023-05-05 21:17:19 +01:00 committed by GitHub
parent 53c81a2ee3
commit a9ab32b476
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
26 changed files with 307 additions and 307 deletions

View File

@ -14,7 +14,7 @@ jobs:
# Feature request # Feature request
- if: github.event.label.name == 'feature-request' - if: github.event.label.name == 'feature-request'
name: Feature request name: Feature request
uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 uses: peter-evans/close-issue@276d7966e389d888f011539a86c8920025ea0626 # v3.0.1
with: with:
comment: | comment: |
We use GitHub issues as a place to track bugs and other development related issues. The [Bitwarden Community Forums](https://community.bitwarden.com/) has a [Feature Requests](https://community.bitwarden.com/c/feature-requests) section for submitting, voting for, and discussing requests like this one. We use GitHub issues as a place to track bugs and other development related issues. The [Bitwarden Community Forums](https://community.bitwarden.com/) has a [Feature Requests](https://community.bitwarden.com/c/feature-requests) section for submitting, voting for, and discussing requests like this one.
@ -25,7 +25,7 @@ jobs:
# Intended behavior # Intended behavior
- if: github.event.label.name == 'intended-behavior' - if: github.event.label.name == 'intended-behavior'
name: Intended behaviour name: Intended behaviour
uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 uses: peter-evans/close-issue@276d7966e389d888f011539a86c8920025ea0626 # v3.0.1
with: with:
comment: | comment: |
Your issue appears to be describing the intended behavior of the software. If you want this to be changed, it would be a feature request. Your issue appears to be describing the intended behavior of the software. If you want this to be changed, it would be a feature request.
@ -38,7 +38,7 @@ jobs:
# Customer support request # Customer support request
- if: github.event.label.name == 'customer-support' - if: github.event.label.name == 'customer-support'
name: Customer Support request name: Customer Support request
uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 uses: peter-evans/close-issue@276d7966e389d888f011539a86c8920025ea0626 # v3.0.1
with: with:
comment: | comment: |
We use GitHub issues as a place to track bugs and other development related issues. Your issue appears to be a support request, or would otherwise be better handled by our dedicated Customer Success team. We use GitHub issues as a place to track bugs and other development related issues. Your issue appears to be a support request, or would otherwise be better handled by our dedicated Customer Success team.
@ -49,14 +49,14 @@ jobs:
# Resolved # Resolved
- if: github.event.label.name == 'resolved' - if: github.event.label.name == 'resolved'
name: Resolved name: Resolved
uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 uses: peter-evans/close-issue@276d7966e389d888f011539a86c8920025ea0626 # v3.0.1
with: with:
comment: | comment: |
Weve closed this issue, as it appears the original problem has been resolved. If this happens again or continues to be a problem, please respond to this issue with any additional detail to assist with reproduction and root cause analysis. Weve closed this issue, as it appears the original problem has been resolved. If this happens again or continues to be a problem, please respond to this issue with any additional detail to assist with reproduction and root cause analysis.
# Stale # Stale
- if: github.event.label.name == 'stale' - if: github.event.label.name == 'stale'
name: Stale name: Stale
uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 uses: peter-evans/close-issue@276d7966e389d888f011539a86c8920025ea0626 # v3.0.1
with: with:
comment: | comment: |
As we havent heard from you about this problem in some time, this issue will now be closed. As we havent heard from you about this problem in some time, this issue will now be closed.

View File

@ -14,7 +14,7 @@ jobs:
# Translation PR / Crowdin # Translation PR / Crowdin
- if: github.event.label.name == 'translation-pr' - if: github.event.label.name == 'translation-pr'
name: Translation-PR name: Translation-PR
uses: peter-evans/close-issue@849549ba7c3a595a064c4b2c56f206ee78f93515 # v2.0.0 uses: peter-evans/close-issue@276d7966e389d888f011539a86c8920025ea0626 # v3.0.1
with: with:
comment: | comment: |
We really appreciate you taking the time to improve our translations. We really appreciate you taking the time to improve our translations.

View File

@ -17,13 +17,13 @@ jobs:
runs-on: macos-11 runs-on: macos-11
steps: steps:
- name: Login to Azure - name: Login to Azure
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "brew-bump-workflow-pat" secrets: "brew-bump-workflow-pat"

View File

@ -17,19 +17,19 @@ jobs:
runs-on: macos-11 runs-on: macos-11
steps: steps:
- name: Login to Azure - name: Login to Azure
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "brew-bump-workflow-pat" secrets: "brew-bump-workflow-pat"
- name: Update Homebrew cask - name: Update Homebrew cask
uses: macauley/action-homebrew-bump-cask@445c42390d790569d938f9068d01af39ca030feb uses: macauley/action-homebrew-bump-cask@445c42390d790569d938f9068d01af39ca030feb # v1.0.0
with: with:
# Required, custom GitHub access token with the 'public_repo' and 'workflow' scopes # Required, custom GitHub access token with the 'public_repo' and 'workflow' scopes
token: ${{ steps.retrieve-secrets.outputs.brew-bump-workflow-pat }} token: ${{ steps.retrieve-secrets.outputs.brew-bump-workflow-pat }}

View File

@ -41,7 +41,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up cloc - name: Set up cloc
run: | run: |
@ -79,7 +79,7 @@ jobs:
working-directory: apps/browser working-directory: apps/browser
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Testing locales - extName length - name: Testing locales - extName length
run: | run: |
@ -119,7 +119,7 @@ jobs:
working-directory: apps/browser working-directory: apps/browser
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@eeb10cff27034e7acf239c5d29f62154018672fd # v3.3.0 uses: actions/setup-node@eeb10cff27034e7acf239c5d29f62154018672fd # v3.3.0
@ -173,56 +173,56 @@ jobs:
working-directory: ./ working-directory: ./
- name: Upload Opera artifact - name: Upload Opera artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: dist-opera-${{ env._BUILD_NUMBER }}.zip name: dist-opera-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/dist/dist-opera.zip path: apps/browser/dist/dist-opera.zip
if-no-files-found: error if-no-files-found: error
- name: Upload Opera MV3 artifact - name: Upload Opera MV3 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: dist-opera-MV3-${{ env._BUILD_NUMBER }}.zip name: dist-opera-MV3-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/dist/dist-opera-mv3.zip path: apps/browser/dist/dist-opera-mv3.zip
if-no-files-found: error if-no-files-found: error
- name: Upload Chrome artifact - name: Upload Chrome artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: dist-chrome-${{ env._BUILD_NUMBER }}.zip name: dist-chrome-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/dist/dist-chrome.zip path: apps/browser/dist/dist-chrome.zip
if-no-files-found: error if-no-files-found: error
- name: Upload Chrome MV3 artifact - name: Upload Chrome MV3 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: dist-chrome-MV3-${{ env._BUILD_NUMBER }}.zip name: dist-chrome-MV3-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/dist/dist-chrome-mv3.zip path: apps/browser/dist/dist-chrome-mv3.zip
if-no-files-found: error if-no-files-found: error
- name: Upload Firefox artifact - name: Upload Firefox artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: dist-firefox-${{ env._BUILD_NUMBER }}.zip name: dist-firefox-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/dist/dist-firefox.zip path: apps/browser/dist/dist-firefox.zip
if-no-files-found: error if-no-files-found: error
- name: Upload Edge artifact - name: Upload Edge artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: dist-edge-${{ env._BUILD_NUMBER }}.zip name: dist-edge-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/dist/dist-edge.zip path: apps/browser/dist/dist-edge.zip
if-no-files-found: error if-no-files-found: error
- name: Upload Edge MV3 artifact - name: Upload Edge MV3 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: dist-edge-MV3-${{ env._BUILD_NUMBER }}.zip name: dist-edge-MV3-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/dist/dist-edge-mv3.zip path: apps/browser/dist/dist-edge-mv3.zip
if-no-files-found: error if-no-files-found: error
- name: Upload browser source - name: Upload browser source
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: browser-source-${{ env._BUILD_NUMBER }}.zip name: browser-source-${{ env._BUILD_NUMBER }}.zip
path: browser-source.zip path: browser-source.zip
@ -230,7 +230,7 @@ jobs:
- name: Upload coverage artifact - name: Upload coverage artifact
if: false if: false
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: coverage-${{ env._BUILD_NUMBER }}.zip name: coverage-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/coverage/coverage-${{ env._BUILD_NUMBER }}.zip path: apps/browser/coverage/coverage-${{ env._BUILD_NUMBER }}.zip
@ -246,7 +246,7 @@ jobs:
_BUILD_NUMBER: ${{ needs.setup.outputs.adj_build_number }} _BUILD_NUMBER: ${{ needs.setup.outputs.adj_build_number }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@eeb10cff27034e7acf239c5d29f62154018672fd # v3.3.0 uses: actions/setup-node@eeb10cff27034e7acf239c5d29f62154018672fd # v3.3.0
@ -330,7 +330,7 @@ jobs:
ls -la ls -la
- name: Upload Safari artifact - name: Upload Safari artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: dist-safari-${{ env._BUILD_NUMBER }}.zip name: dist-safari-${{ env._BUILD_NUMBER }}.zip
path: apps/browser/dist/dist-safari.zip path: apps/browser/dist/dist-safari.zip
@ -345,22 +345,22 @@ jobs:
- build-safari - build-safari
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "crowdin-api-token" secrets: "crowdin-api-token"
- name: Upload Sources - name: Upload Sources
uses: crowdin/github-action@ecd7eb0ef6f3cfa16293c79e9cbc4bc5b5fd9c49 # v1.4.9 uses: crowdin/github-action@3cabba4ddfd0579a1236b3fb68405236dc489ccc # v1.8.0
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }} CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
@ -408,7 +408,7 @@ jobs:
fi fi
- name: Login to Azure - Prod Subscription - name: Login to Azure - Prod Subscription
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
if: failure() if: failure()
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
@ -416,13 +416,13 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
if: failure() if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url" secrets: "devops-alerts-slack-webhook-url"
- name: Notify Slack on failure - name: Notify Slack on failure
uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33 # v1.5.0 uses: act10ns/slack@ed1309ab9862e57e9e583e51c7889486b9a00b0f # v2.0.0
if: failure() if: failure()
env: env:
SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}

View File

@ -38,7 +38,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up cloc - name: Set up cloc
run: | run: |
@ -56,7 +56,7 @@ jobs:
package_version: ${{ steps.retrieve-version.outputs.package_version }} package_version: ${{ steps.retrieve-version.outputs.package_version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Get Package Version - name: Get Package Version
id: retrieve-version id: retrieve-version
@ -79,7 +79,7 @@ jobs:
_WIN_PKG_VERSION: 3.4 _WIN_PKG_VERSION: 3.4
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup Unix Vars - name: Setup Unix Vars
run: | run: |
@ -153,7 +153,7 @@ jobs:
_WIN_PKG_VERSION: 3.4 _WIN_PKG_VERSION: 3.4
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup Windows builder - name: Setup Windows builder
run: | run: |
@ -299,7 +299,7 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Print environment - name: Print environment
run: | run: |
@ -309,7 +309,7 @@ jobs:
echo "BW Package Version: $_PACKAGE_VERSION" echo "BW Package Version: $_PACKAGE_VERSION"
- name: Get bw linux cli - name: Get bw linux cli
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with: with:
name: bw-linux-${{ env._PACKAGE_VERSION }}.zip name: bw-linux-${{ env._PACKAGE_VERSION }}.zip
path: apps/cli/dist/snap path: apps/cli/dist/snap
@ -396,7 +396,7 @@ jobs:
fi fi
- name: Login to Azure - Prod Subscription - name: Login to Azure - Prod Subscription
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
if: failure() if: failure()
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
@ -404,13 +404,13 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
if: failure() if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url" secrets: "devops-alerts-slack-webhook-url"
- name: Notify Slack on failure - name: Notify Slack on failure
uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33 uses: act10ns/slack@ed1309ab9862e57e9e583e51c7889486b9a00b0f # v2.0.0
if: failure() if: failure()
env: env:
SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}

View File

@ -40,7 +40,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up cloc - name: Set up cloc
run: | run: |
@ -55,7 +55,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Verify - name: Verify
run: | run: |
@ -83,7 +83,7 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Get Package Version - name: Get Package Version
id: retrieve-version id: retrieve-version
@ -143,10 +143,10 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048 # v3.2.0
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -180,7 +180,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
id: cache id: cache
with: with:
path: | path: |
@ -204,42 +204,42 @@ jobs:
run: npm run dist:lin run: npm run dist:lin
- name: Upload .deb artifact - name: Upload .deb artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb name: Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb
if-no-files-found: error if-no-files-found: error
- name: Upload .rpm artifact - name: Upload .rpm artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm
if-no-files-found: error if-no-files-found: error
- name: Upload .freebsd artifact - name: Upload .freebsd artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd
if-no-files-found: error if-no-files-found: error
- name: Upload .snap artifact - name: Upload .snap artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap name: bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap
path: apps/desktop/dist/bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap path: apps/desktop/dist/bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap
if-no-files-found: error if-no-files-found: error
- name: Upload .AppImage artifact - name: Upload .AppImage artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
if-no-files-found: error if-no-files-found: error
- name: Upload auto-update artifact - name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: ${{ needs.setup.outputs.release_channel }}-linux.yml name: ${{ needs.setup.outputs.release_channel }}-linux.yml
path: apps/desktop/dist/${{ needs.setup.outputs.release_channel }}-linux.yml path: apps/desktop/dist/${{ needs.setup.outputs.release_channel }}-linux.yml
@ -259,10 +259,10 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048 # v3.2.0
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -277,7 +277,7 @@ jobs:
node-gyp install $(node -v) node-gyp install $(node -v)
- name: Install AST - name: Install AST
uses: bitwarden/gh-actions/install-ast@471ae4aec27405f16c5b796e288f54262c406e5d uses: bitwarden/gh-actions/install-ast@34ecb67b2a357795dc893549df0795e7383ff50f
- name: Set up environmentF - name: Set up environmentF
run: choco install checksum --no-progress run: choco install checksum --no-progress
@ -296,13 +296,13 @@ jobs:
rustup show rustup show
- name: Login to Azure - name: Login to Azure
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "code-signing-vault-url, secrets: "code-signing-vault-url,
@ -316,7 +316,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -369,91 +369,91 @@ jobs:
-NewName bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z -NewName bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z
- name: Upload portable exe artifact - name: Upload portable exe artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe name: Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe
path: apps/desktop/dist/Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe path: apps/desktop/dist/Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe
if-no-files-found: error if-no-files-found: error
- name: Upload installer exe artifact - name: Upload installer exe artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe name: Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe
path: apps/desktop/dist/nsis-web/Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe path: apps/desktop/dist/nsis-web/Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe
if-no-files-found: error if-no-files-found: error
- name: Upload appx ia32 artifact - name: Upload appx ia32 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx
if-no-files-found: error if-no-files-found: error
- name: Upload store appx ia32 artifact - name: Upload store appx ia32 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx
if-no-files-found: error if-no-files-found: error
- name: Upload NSIS ia32 artifact - name: Upload NSIS ia32 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z name: bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z
path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z
if-no-files-found: error if-no-files-found: error
- name: Upload appx x64 artifact - name: Upload appx x64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx
if-no-files-found: error if-no-files-found: error
- name: Upload store appx x64 artifact - name: Upload store appx x64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx
if-no-files-found: error if-no-files-found: error
- name: Upload NSIS x64 artifact - name: Upload NSIS x64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z name: bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z
path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z
if-no-files-found: error if-no-files-found: error
- name: Upload appx ARM64 artifact - name: Upload appx ARM64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx
if-no-files-found: error if-no-files-found: error
- name: Upload store appx ARM64 artifact - name: Upload store appx ARM64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx
if-no-files-found: error if-no-files-found: error
- name: Upload NSIS ARM64 artifact - name: Upload NSIS ARM64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z name: bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z
path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z
if-no-files-found: error if-no-files-found: error
- name: Upload nupkg artifact - name: Upload nupkg artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden.${{ env._PACKAGE_VERSION }}.nupkg name: bitwarden.${{ env._PACKAGE_VERSION }}.nupkg
path: apps/desktop/dist/chocolatey/bitwarden.${{ env._PACKAGE_VERSION }}.nupkg path: apps/desktop/dist/chocolatey/bitwarden.${{ env._PACKAGE_VERSION }}.nupkg
if-no-files-found: error if-no-files-found: error
- name: Upload auto-update artifact - name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: ${{ needs.setup.outputs.release_channel }}.yml name: ${{ needs.setup.outputs.release_channel }}.yml
path: apps/desktop/dist/nsis-web/${{ needs.setup.outputs.release_channel }}.yml path: apps/desktop/dist/nsis-web/${{ needs.setup.outputs.release_channel }}.yml
@ -472,10 +472,10 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048 # v3.2.0
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -503,14 +503,14 @@ jobs:
- name: Cache Build - name: Cache Build
id: build-cache id: build-cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Cache Safari - name: Cache Safari
id: safari-cache id: safari-cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -588,7 +588,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -624,10 +624,10 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048 # v3.2.0
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -655,14 +655,14 @@ jobs:
- name: Get Build Cache - name: Get Build Cache
id: build-cache id: build-cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache - name: Setup Safari Cache
id: safari-cache id: safari-cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -740,7 +740,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -756,7 +756,7 @@ jobs:
run: npm run build run: npm run build
- name: Download Browser artifact - name: Download Browser artifact
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with: with:
path: ${{ github.workspace }}/browser-build-artifacts path: ${{ github.workspace }}/browser-build-artifacts
@ -779,28 +779,28 @@ jobs:
run: npm run pack:mac run: npm run pack:mac
- name: Upload .zip artifact - name: Upload .zip artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip
if-no-files-found: error if-no-files-found: error
- name: Upload .dmg artifact - name: Upload .dmg artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg
if-no-files-found: error if-no-files-found: error
- name: Upload .dmg blockmap artifact - name: Upload .dmg blockmap artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap
if-no-files-found: error if-no-files-found: error
- name: Upload auto-update artifact - name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: ${{ needs.setup.outputs.release_channel }}-mac.yml name: ${{ needs.setup.outputs.release_channel }}-mac.yml
path: apps/desktop/dist/${{ needs.setup.outputs.release_channel }}-mac.yml path: apps/desktop/dist/${{ needs.setup.outputs.release_channel }}-mac.yml
@ -821,10 +821,10 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048 # v3.2.0
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -852,14 +852,14 @@ jobs:
- name: Get Build Cache - name: Get Build Cache
id: build-cache id: build-cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache - name: Setup Safari Cache
id: safari-cache id: safari-cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -937,7 +937,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -953,7 +953,7 @@ jobs:
run: npm run build run: npm run build
- name: Download Browser artifact - name: Download Browser artifact
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with: with:
path: ${{ github.workspace }}/browser-build-artifacts path: ${{ github.workspace }}/browser-build-artifacts
@ -976,7 +976,7 @@ jobs:
CSC_FOR_PULL_REQUEST: true CSC_FOR_PULL_REQUEST: true
- name: Upload .pkg artifact - name: Upload .pkg artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg
path: apps/desktop/dist/mas-universal/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg path: apps/desktop/dist/mas-universal/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg
@ -1010,10 +1010,10 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a uses: actions/setup-node@17f8bd926464a1afa4c6a11669539e9c1ba77048 # v3.2.0
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -1036,14 +1036,14 @@ jobs:
- name: Get Build Cache - name: Get Build Cache
id: build-cache id: build-cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache - name: Setup Safari Cache
id: safari-cache id: safari-cache
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -1121,7 +1121,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -1137,7 +1137,7 @@ jobs:
run: npm run build run: npm run build
- name: Download Browser artifact - name: Download Browser artifact
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with: with:
path: ${{ github.workspace }}/browser-build-artifacts path: ${{ github.workspace }}/browser-build-artifacts
@ -1163,7 +1163,7 @@ jobs:
run: zip -r Bitwarden-${{ env.PACKAGE_VERSION }}-masdev-universal.zip Bitwarden.app run: zip -r Bitwarden-${{ env.PACKAGE_VERSION }}-masdev-universal.zip Bitwarden.app
- name: Upload masdev artifact - name: Upload masdev artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-masdev-universal.zip name: Bitwarden-${{ env._PACKAGE_VERSION }}-masdev-universal.zip
path: apps/desktop/dist/mas-universal/Bitwarden-${{ env._PACKAGE_VERSION }}-masdev-universal.zip path: apps/desktop/dist/mas-universal/Bitwarden-${{ env._PACKAGE_VERSION }}-masdev-universal.zip
@ -1181,22 +1181,22 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "crowdin-api-token" secrets: "crowdin-api-token"
- name: Upload Sources - name: Upload Sources
uses: crowdin/github-action@ecd7eb0ef6f3cfa16293c79e9cbc4bc5b5fd9c49 uses: crowdin/github-action@3cabba4ddfd0579a1236b3fb68405236dc489ccc # v1.8.0
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }} CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
@ -1261,7 +1261,7 @@ jobs:
fi fi
- name: Login to Azure - Prod Subscription - name: Login to Azure - Prod Subscription
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
if: failure() if: failure()
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
@ -1269,13 +1269,13 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
if: failure() if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url" secrets: "devops-alerts-slack-webhook-url"
- name: Notify Slack on failure - name: Notify Slack on failure
uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33 uses: act10ns/slack@ed1309ab9862e57e9e583e51c7889486b9a00b0f # v2.0.0
if: failure() if: failure()
env: env:
SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}

View File

@ -37,7 +37,7 @@ jobs:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up cloc - name: Set up cloc
run: | run: |
@ -56,7 +56,7 @@ jobs:
version: ${{ steps.version.outputs.value }} version: ${{ steps.version.outputs.value }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Get GitHub sha as version - name: Get GitHub sha as version
id: version id: version
@ -87,7 +87,7 @@ jobs:
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # v3.4.1 uses: actions/setup-node@2fddd8803e2f5c9604345a0b591c3020ee971a93 # v3.4.1
@ -126,7 +126,7 @@ jobs:
run: zip -r web-${{ env._VERSION }}-${{ matrix.name }}.zip build run: zip -r web-${{ env._VERSION }}-${{ matrix.name }}.zip build
- name: Upload ${{ matrix.name }} artifact - name: Upload ${{ matrix.name }} artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: web-${{ env._VERSION }}-${{ matrix.name }}.zip name: web-${{ env._VERSION }}-${{ matrix.name }}.zip
path: apps/web/web-${{ env._VERSION }}-${{ matrix.name }}.zip path: apps/web/web-${{ env._VERSION }}-${{ matrix.name }}.zip
@ -156,7 +156,7 @@ jobs:
_VERSION: ${{ needs.setup.outputs.version }} _VERSION: ${{ needs.setup.outputs.version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Check Branch to Publish - name: Check Branch to Publish
env: env:
@ -173,7 +173,7 @@ jobs:
########## ACRs ########## ########## ACRs ##########
- name: Login to Azure - QA - name: Login to Azure - QA
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
@ -181,7 +181,7 @@ jobs:
run: az acr login -n bitwardenqa run: az acr login -n bitwardenqa
- name: Login to Azure - Prod - name: Login to Azure - Prod
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
@ -189,7 +189,7 @@ jobs:
run: az acr login -n bitwardenprod run: az acr login -n bitwardenprod
- name: Download ${{ matrix.artifact_name }} artifact - name: Download ${{ matrix.artifact_name }} artifact
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with: with:
name: web-${{ env._VERSION }}-${{ matrix.artifact_name }}.zip name: web-${{ env._VERSION }}-${{ matrix.artifact_name }}.zip
path: apps/web path: apps/web
@ -229,13 +229,13 @@ jobs:
run: unzip web-${{ env._VERSION }}-${{ matrix.artifact_name }}.zip run: unzip web-${{ env._VERSION }}-${{ matrix.artifact_name }}.zip
- name: Login to Azure - name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve github PAT secrets - name: Retrieve github PAT secrets
id: retrieve-secret-pat id: retrieve-secret-pat
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "github-pat-bitwarden-devops-bot-repo-scope" secrets: "github-pat-bitwarden-devops-bot-repo-scope"
@ -243,13 +243,13 @@ jobs:
- name: Setup DCT - name: Setup DCT
if: ${{ env.is_publish_branch == 'true' }} if: ${{ env.is_publish_branch == 'true' }}
id: setup-dct id: setup-dct
uses: bitwarden/gh-actions/setup-docker-trust@a8c384a05a974c05c48374c818b004be221d43ff uses: bitwarden/gh-actions/setup-docker-trust@ea03b38348a42e18ac63c17f97004697f65e0dc6
with: with:
azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
azure-keyvault-name: "bitwarden-ci" azure-keyvault-name: "bitwarden-ci"
- name: Build Docker image - name: Build Docker image
uses: docker/build-push-action@c56af957549030174b10d6867f20e78cfd7debc5 uses: docker/build-push-action@3b5e8027fcad23fda98b2e3ac259d8d67585f671 # v3.2.0
with: with:
context: apps/web context: apps/web
file: apps/web/Dockerfile file: apps/web/Dockerfile
@ -282,16 +282,16 @@ jobs:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 # v2.3.4 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "crowdin-api-token" secrets: "crowdin-api-token"
@ -344,7 +344,7 @@ jobs:
fi fi
- name: Login to Azure - Prod Subscription - name: Login to Azure - Prod Subscription
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
if: failure() if: failure()
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
@ -352,13 +352,13 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
if: failure() if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "devops-alerts-slack-webhook-url" secrets: "devops-alerts-slack-webhook-url"
- name: Notify Slack on failure - name: Notify Slack on failure
uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33 # v1.5.1 uses: act10ns/slack@ed1309ab9862e57e9e583e51c7889486b9a00b0f # v2.0.0
if: failure() if: failure()
env: env:
SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}

View File

@ -13,18 +13,18 @@ jobs:
steps: steps:
- name: Set up Node - name: Set up Node
uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea # v2.1.5 uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0
with: with:
node-version: "16" node-version: "16"
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
fetch-depth: 0 fetch-depth: 0
- name: Cache npm - name: Cache npm
id: npm-cache id: npm-cache
uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: "~/.npm" path: "~/.npm"
key: ${{ runner.os }}-npm-chromatic-${{ hashFiles('**/package-lock.json') }} key: ${{ runner.os }}-npm-chromatic-${{ hashFiles('**/package-lock.json') }}
@ -33,7 +33,7 @@ jobs:
run: npm ci run: npm ci
- name: Publish to Chromatic - name: Publish to Chromatic
uses: chromaui/action@c72f0b48c8887c0ef0abe18ad865a6c1e01e73c6 uses: chromaui/action@d51b84e79d164fbe8fc5bb7175695d88ddd04b72 # v1.0.0
with: with:
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }} projectToken: ${{ secrets.CHROMATIC_PROJECT_TOKEN }}

View File

@ -23,22 +23,22 @@ jobs:
crowdin_project_id: "308189" crowdin_project_id: "308189"
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "crowdin-api-token, github-gpg-private-key, github-gpg-private-key-passphrase" secrets: "crowdin-api-token, github-gpg-private-key, github-gpg-private-key-passphrase"
- name: Download translations - name: Download translations
uses: bitwarden/gh-actions/crowdin@05052c5c575ceb09ceea397fe241879e199ed44b uses: bitwarden/gh-actions/crowdin@34ecb67b2a357795dc893549df0795e7383ff50f
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }} CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}

View File

@ -50,7 +50,7 @@ jobs:
_ENVIRONMENT_ARTIFACT: ${{ needs.setup.outputs.environment-artifact }} _ENVIRONMENT_ARTIFACT: ${{ needs.setup.outputs.environment-artifact }}
steps: steps:
- name: Create GitHub deployment - name: Create GitHub deployment
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48 uses: chrnorm/deployment-action@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
id: deployment id: deployment
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
@ -60,10 +60,10 @@ jobs:
description: 'Deployment from branch ${{ github.ref_name }}' description: 'Deployment from branch ${{ github.ref_name }}'
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Download latest cloud asset - name: Download latest cloud asset
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-web.yml workflow: build-web.yml
path: apps/web path: apps/web
@ -76,7 +76,7 @@ jobs:
run: unzip ${{ env._ENVIRONMENT_ARTIFACT }} run: unzip ${{ env._ENVIRONMENT_ARTIFACT }}
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
ref: ${{ env._ENVIRONMENT_BRANCH }} ref: ${{ env._ENVIRONMENT_BRANCH }}
path: deployment path: deployment
@ -107,7 +107,7 @@ jobs:
- name: Update deployment status to Success - name: Update deployment status to Success
if: ${{ success() }} if: ${{ success() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: ${{ env._ENVIRONMENT_URL }} environment-url: ${{ env._ENVIRONMENT_URL }}
@ -116,7 +116,7 @@ jobs:
- name: Update deployment status to Failure - name: Update deployment status to Failure
if: ${{ failure() }} if: ${{ failure() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: ${{ env._ENVIRONMENT_URL }} environment-url: ${{ env._ENVIRONMENT_URL }}

View File

@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Enforce Label - name: Enforce Label
uses: yogevbd/enforce-label-action@8d1e1709b1011e6d90400a0e6cf7c0b77aa5efeb # v2.1.0 uses: yogevbd/enforce-label-action@a3c219da6b8fa73f6ba62b68ff09c469b3a1c024 # v2.2.2
with: with:
BANNED_LABELS: "hold,needs-qa" BANNED_LABELS: "hold,needs-qa"
BANNED_LABELS_DESCRIPTION: "PRs with the hold or needs-qa labels cannot be merged" BANNED_LABELS_DESCRIPTION: "PRs with the hold or needs-qa labels cannot be merged"

View File

@ -16,7 +16,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Add label to pull request - name: Add label to pull request
uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90 uses: andymckay/labeler@e6c4322d0397f3240f0e7e30a33b5c5df2d39e90 # v1.0.4
if: ${{ !github.event.pull_request.head.repo.fork }} if: ${{ !github.event.pull_request.head.repo.fork }}
with: with:
add-labels: "needs-qa" add-labels: "needs-qa"

View File

@ -21,7 +21,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Lint filenames (no capital characters) - name: Lint filenames (no capital characters)
run: | run: |

View File

@ -27,7 +27,7 @@ jobs:
release-version: ${{ steps.version.outputs.version }} release-version: ${{ steps.version.outputs.version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Branch check - name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@ -41,7 +41,7 @@ jobs:
- name: Check Release Version - name: Check Release Version
id: version id: version
uses: bitwarden/gh-actions/release-version-check@ea9fab01d76940267b4147cc1c4542431246b9f6 uses: bitwarden/gh-actions/release-version-check@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
release-type: ${{ github.event.inputs.release_type }} release-type: ${{ github.event.inputs.release_type }}
project-type: ts project-type: ts
@ -56,7 +56,7 @@ jobs:
needs: setup needs: setup
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Testing locales - extName length - name: Testing locales - extName length
run: | run: |
@ -92,7 +92,7 @@ jobs:
- locales-test - locales-test
steps: steps:
- name: Create GitHub deployment - name: Create GitHub deployment
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48 uses: chrnorm/deployment-action@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
id: deployment id: deployment
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
@ -103,7 +103,7 @@ jobs:
- name: Download latest Release build artifacts - name: Download latest Release build artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-browser.yml workflow: build-browser.yml
workflow_conclusion: success workflow_conclusion: success
@ -116,7 +116,7 @@ jobs:
- name: Dry Run - Download latest master build artifacts - name: Dry Run - Download latest master build artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-browser.yml workflow: build-browser.yml
workflow_conclusion: success workflow_conclusion: success
@ -139,7 +139,7 @@ jobs:
- name: Create release - name: Create release
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: ncipollo/release-action@40bb172bd05f266cf9ba4ff965cb61e9ee5f6d01 uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0
with: with:
artifacts: 'browser-source-${{ needs.setup.outputs.release-version }}.zip, artifacts: 'browser-source-${{ needs.setup.outputs.release-version }}.zip,
dist-chrome-${{ needs.setup.outputs.release-version }}.zip, dist-chrome-${{ needs.setup.outputs.release-version }}.zip,
@ -155,7 +155,7 @@ jobs:
- name: Update deployment status to Success - name: Update deployment status to Success
if: ${{ success() }} if: ${{ success() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
state: 'success' state: 'success'
@ -163,7 +163,7 @@ jobs:
- name: Update deployment status to Failure - name: Update deployment status to Failure
if: ${{ failure() }} if: ${{ failure() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure' state: 'failure'

View File

@ -43,7 +43,7 @@ jobs:
release-version: ${{ steps.version.outputs.version }} release-version: ${{ steps.version.outputs.version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Branch check - name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@ -57,7 +57,7 @@ jobs:
- name: Check Release Version - name: Check Release Version
id: version id: version
uses: bitwarden/gh-actions/release-version-check@ea9fab01d76940267b4147cc1c4542431246b9f6 uses: bitwarden/gh-actions/release-version-check@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
release-type: ${{ github.event.inputs.release_type }} release-type: ${{ github.event.inputs.release_type }}
project-type: ts project-type: ts
@ -67,7 +67,7 @@ jobs:
- name: Create GitHub deployment - name: Create GitHub deployment
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48 uses: chrnorm/deployment-action@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
id: deployment id: deployment
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
@ -78,7 +78,7 @@ jobs:
- name: Download all Release artifacts - name: Download all Release artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-cli.yml workflow: build-cli.yml
path: apps/cli path: apps/cli
@ -87,7 +87,7 @@ jobs:
- name: Dry Run - Download all artifacts - name: Dry Run - Download all artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-cli.yml workflow: build-cli.yml
path: apps/cli path: apps/cli
@ -96,7 +96,7 @@ jobs:
- name: Create release - name: Create release
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: ncipollo/release-action@58ae73b360456532aafd58ee170c045abbeaee37 # v1.10.0 uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0
env: env:
PKG_VERSION: ${{ steps.version.outputs.version }} PKG_VERSION: ${{ steps.version.outputs.version }}
with: with:
@ -118,7 +118,7 @@ jobs:
- name: Update deployment status to Success - name: Update deployment status to Success
if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }} if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
state: 'success' state: 'success'
@ -126,7 +126,7 @@ jobs:
- name: Update deployment status to Failure - name: Update deployment status to Failure
if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }} if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure' state: 'failure'
@ -141,16 +141,16 @@ jobs:
_PKG_VERSION: ${{ needs.setup.outputs.release-version }} _PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "snapcraft-store-token" secrets: "snapcraft-store-token"
@ -162,7 +162,7 @@ jobs:
- name: Download artifacts - name: Download artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-cli.yml workflow: build-cli.yml
path: apps/cli path: apps/cli
@ -172,7 +172,7 @@ jobs:
- name: Dry Run - Download artifacts - name: Dry Run - Download artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-cli.yml workflow: build-cli.yml
path: apps/cli path: apps/cli
@ -195,16 +195,16 @@ jobs:
_PKG_VERSION: ${{ needs.setup.outputs.release-version }} _PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@24848bc889cfc0a8313c2b3e378ac0d625b9bc16 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "cli-choco-api-key" secrets: "cli-choco-api-key"
@ -220,7 +220,7 @@ jobs:
- name: Download artifacts - name: Download artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-cli.yml workflow: build-cli.yml
path: apps/cli/dist path: apps/cli/dist
@ -230,7 +230,7 @@ jobs:
- name: Dry Run - Download artifacts - name: Dry Run - Download artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-cli.yml workflow: build-cli.yml
path: apps/cli/dist path: apps/cli/dist
@ -254,23 +254,23 @@ jobs:
_PKG_VERSION: ${{ needs.setup.outputs.release-version }} _PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@24848bc889cfc0a8313c2b3e378ac0d625b9bc16 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "npm-api-key" secrets: "npm-api-key"
- name: Download artifacts - name: Download artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-cli.yml workflow: build-cli.yml
path: apps/cli/build path: apps/cli/build
@ -280,7 +280,7 @@ jobs:
- name: Dry Run - Download artifacts - name: Dry Run - Download artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-cli.yml workflow: build-cli.yml
path: apps/cli/build path: apps/cli/build

View File

@ -23,7 +23,7 @@ jobs:
build_number: ${{ steps.increment-version.outputs.build_number }} build_number: ${{ steps.increment-version.outputs.build_number }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Branch check - name: Branch check
run: | run: |
@ -47,7 +47,7 @@ jobs:
- name: Check Release Version - name: Check Release Version
id: version id: version
uses: bitwarden/gh-actions/release-version-check@ea9fab01d76940267b4147cc1c4542431246b9f6 uses: bitwarden/gh-actions/release-version-check@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
release-type: 'Initial Release' release-type: 'Initial Release'
project-type: ts project-type: ts
@ -115,7 +115,7 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
ref: ${{ needs.setup.outputs.branch-name }} ref: ${{ needs.setup.outputs.branch-name }}
@ -157,42 +157,42 @@ jobs:
run: npm run dist:lin run: npm run dist:lin
- name: Upload .deb artifact - name: Upload .deb artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb name: Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb
if-no-files-found: error if-no-files-found: error
- name: Upload .rpm artifact - name: Upload .rpm artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm
if-no-files-found: error if-no-files-found: error
- name: Upload .freebsd artifact - name: Upload .freebsd artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd
if-no-files-found: error if-no-files-found: error
- name: Upload .snap artifact - name: Upload .snap artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap name: bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap
path: apps/desktop/dist/bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap path: apps/desktop/dist/bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap
if-no-files-found: error if-no-files-found: error
- name: Upload .AppImage artifact - name: Upload .AppImage artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
if-no-files-found: error if-no-files-found: error
- name: Upload auto-update artifact - name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: ${{ needs.setup.outputs.release-channel }}-linux.yml name: ${{ needs.setup.outputs.release-channel }}-linux.yml
path: apps/desktop/dist/${{ needs.setup.outputs.release-channel }}-linux.yml path: apps/desktop/dist/${{ needs.setup.outputs.release-channel }}-linux.yml
@ -211,7 +211,7 @@ jobs:
_PACKAGE_VERSION: ${{ needs.setup.outputs.release-version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.release-version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
ref: ${{ needs.setup.outputs.branch-name }} ref: ${{ needs.setup.outputs.branch-name }}
@ -231,7 +231,7 @@ jobs:
node-gyp install $(node -v) node-gyp install $(node -v)
- name: Install AST - name: Install AST
uses: bitwarden/gh-actions/install-ast@f135c42c8596cb535c5bcb7523c0b2eef89709ac uses: bitwarden/gh-actions/install-ast@34ecb67b2a357795dc893549df0795e7383ff50f
- name: Set up environment - name: Set up environment
run: choco install checksum --no-progress run: choco install checksum --no-progress
@ -243,13 +243,13 @@ jobs:
choco --version choco --version
- name: Login to Azure - name: Login to Azure
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "code-signing-vault-url, secrets: "code-signing-vault-url,
@ -304,91 +304,91 @@ jobs:
-NewName bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z -NewName bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z
- name: Upload portable exe artifact - name: Upload portable exe artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe name: Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe
path: apps/desktop/dist/Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe path: apps/desktop/dist/Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe
if-no-files-found: error if-no-files-found: error
- name: Upload installer exe artifact - name: Upload installer exe artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe name: Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe
path: apps/desktop/dist/nsis-web/Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe path: apps/desktop/dist/nsis-web/Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe
if-no-files-found: error if-no-files-found: error
- name: Upload appx ia32 artifact - name: Upload appx ia32 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx
if-no-files-found: error if-no-files-found: error
- name: Upload store appx ia32 artifact - name: Upload store appx ia32 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx
if-no-files-found: error if-no-files-found: error
- name: Upload NSIS ia32 artifact - name: Upload NSIS ia32 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z name: bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z
path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z
if-no-files-found: error if-no-files-found: error
- name: Upload appx x64 artifact - name: Upload appx x64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx
if-no-files-found: error if-no-files-found: error
- name: Upload store appx x64 artifact - name: Upload store appx x64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx
if-no-files-found: error if-no-files-found: error
- name: Upload NSIS x64 artifact - name: Upload NSIS x64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z name: bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z
path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z
if-no-files-found: error if-no-files-found: error
- name: Upload appx ARM64 artifact - name: Upload appx ARM64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx
if-no-files-found: error if-no-files-found: error
- name: Upload store appx ARM64 artifact - name: Upload store appx ARM64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx
if-no-files-found: error if-no-files-found: error
- name: Upload NSIS ARM64 artifact - name: Upload NSIS ARM64 artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z name: bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z
path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z
if-no-files-found: error if-no-files-found: error
- name: Upload nupkg artifact - name: Upload nupkg artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: bitwarden.${{ env._PACKAGE_VERSION }}.nupkg name: bitwarden.${{ env._PACKAGE_VERSION }}.nupkg
path: apps/desktop/dist/chocolatey/bitwarden.${{ env._PACKAGE_VERSION }}.nupkg path: apps/desktop/dist/chocolatey/bitwarden.${{ env._PACKAGE_VERSION }}.nupkg
if-no-files-found: error if-no-files-found: error
- name: Upload auto-update artifact - name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: ${{ needs.setup.outputs.release-channel }}.yml name: ${{ needs.setup.outputs.release-channel }}.yml
path: apps/desktop/dist/nsis-web/${{ needs.setup.outputs.release-channel }}.yml path: apps/desktop/dist/nsis-web/${{ needs.setup.outputs.release-channel }}.yml
@ -406,7 +406,7 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
ref: ${{ needs.setup.outputs.branch-name }} ref: ${{ needs.setup.outputs.branch-name }}
@ -434,14 +434,14 @@ jobs:
- name: Cache Build - name: Cache Build
id: build-cache id: build-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Cache Safari - name: Cache Safari
id: safari-cache id: safari-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -535,7 +535,7 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
ref: ${{ needs.setup.outputs.branch-name }} ref: ${{ needs.setup.outputs.branch-name }}
@ -563,14 +563,14 @@ jobs:
- name: Get Build Cache - name: Get Build Cache
id: build-cache id: build-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache - name: Setup Safari Cache
id: safari-cache id: safari-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -653,7 +653,7 @@ jobs:
- name: Download artifact from hotfix-rc - name: Download artifact from hotfix-rc
if: github.ref == 'refs/heads/hotfix-rc' if: github.ref == 'refs/heads/hotfix-rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2.27.0
with: with:
workflow: build-browser.yml workflow: build-browser.yml
workflow_conclusion: success workflow_conclusion: success
@ -662,7 +662,7 @@ jobs:
- name: Download artifact from rc - name: Download artifact from rc
if: github.ref == 'refs/heads/rc' if: github.ref == 'refs/heads/rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2.27.0
with: with:
workflow: build-browser.yml workflow: build-browser.yml
workflow_conclusion: success workflow_conclusion: success
@ -671,7 +671,7 @@ jobs:
- name: Download artifact from master - name: Download artifact from master
if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc' }} if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc' }}
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2.27.0
with: with:
workflow: build-browser.yml workflow: build-browser.yml
workflow_conclusion: success workflow_conclusion: success
@ -696,28 +696,28 @@ jobs:
run: npm run pack:mac run: npm run pack:mac
- name: Upload .zip artifact - name: Upload .zip artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal-mac.zip
if-no-files-found: error if-no-files-found: error
- name: Upload .dmg artifact - name: Upload .dmg artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg
if-no-files-found: error if-no-files-found: error
- name: Upload .dmg blockmap artifact - name: Upload .dmg blockmap artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap
path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.dmg.blockmap
if-no-files-found: error if-no-files-found: error
- name: Upload auto-update artifact - name: Upload auto-update artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: ${{ needs.setup.outputs.release-channel }}-mac.yml name: ${{ needs.setup.outputs.release-channel }}-mac.yml
path: apps/desktop/dist/${{ needs.setup.outputs.release-channel }}-mac.yml path: apps/desktop/dist/${{ needs.setup.outputs.release-channel }}-mac.yml
@ -737,7 +737,7 @@ jobs:
working-directory: apps/desktop working-directory: apps/desktop
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
ref: ${{ needs.setup.outputs.branch-name }} ref: ${{ needs.setup.outputs.branch-name }}
@ -765,14 +765,14 @@ jobs:
- name: Get Build Cache - name: Get Build Cache
id: build-cache id: build-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache - name: Setup Safari Cache
id: safari-cache id: safari-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8 # v3.3.1
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -855,7 +855,7 @@ jobs:
- name: Download artifact from hotfix-rc - name: Download artifact from hotfix-rc
if: github.ref == 'refs/heads/hotfix-rc' if: github.ref == 'refs/heads/hotfix-rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2.27.0
with: with:
workflow: build-browser.yml workflow: build-browser.yml
workflow_conclusion: success workflow_conclusion: success
@ -864,7 +864,7 @@ jobs:
- name: Download artifact from rc - name: Download artifact from rc
if: github.ref == 'refs/heads/rc' if: github.ref == 'refs/heads/rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2.27.0
with: with:
workflow: build-browser.yml workflow: build-browser.yml
workflow_conclusion: success workflow_conclusion: success
@ -873,7 +873,7 @@ jobs:
- name: Download artifact from master - name: Download artifact from master
if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc' }} if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc' }}
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2.27.0
with: with:
workflow: build-browser.yml workflow: build-browser.yml
workflow_conclusion: success workflow_conclusion: success
@ -898,7 +898,7 @@ jobs:
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }}
- name: Upload .pkg artifact - name: Upload .pkg artifact
uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 uses: actions/upload-artifact@3cea5372237819ed00197afe530f5a7ea3e805c8 # v3.1.0
with: with:
name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg name: Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg
path: apps/desktop/dist/mas-universal/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg path: apps/desktop/dist/mas-universal/Bitwarden-${{ env._PACKAGE_VERSION }}-universal.pkg
@ -916,7 +916,7 @@ jobs:
- macos-package-mas - macos-package-mas
steps: steps:
- name: Create GitHub deployment - name: Create GitHub deployment
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48 uses: chrnorm/deployment-action@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
id: deployment id: deployment
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
@ -926,13 +926,13 @@ jobs:
task: release task: release
- name: Login to Azure - name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "aws-electron-access-id, secrets: "aws-electron-access-id,
@ -944,7 +944,7 @@ jobs:
cf-prod-account" cf-prod-account"
- name: Download all artifacts - name: Download all artifacts
uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741 uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
with: with:
path: apps/desktop/artifacts path: apps/desktop/artifacts
@ -983,7 +983,7 @@ jobs:
- name: Update deployment status to Success - name: Update deployment status to Success
if: ${{ success() }} if: ${{ success() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
state: 'success' state: 'success'
@ -991,7 +991,7 @@ jobs:
- name: Update deployment status to Failure - name: Update deployment status to Failure
if: ${{ failure() }} if: ${{ failure() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure' state: 'failure'
@ -1011,7 +1011,7 @@ jobs:
- release - release
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Setup git config - name: Setup git config
run: | run: |

View File

@ -53,7 +53,7 @@ jobs:
release-channel: ${{ steps.release-channel.outputs.channel }} release-channel: ${{ steps.release-channel.outputs.channel }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Branch check - name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@ -67,7 +67,7 @@ jobs:
- name: Check Release Version - name: Check Release Version
id: version id: version
uses: bitwarden/gh-actions/release-version-check@ea9fab01d76940267b4147cc1c4542431246b9f6 uses: bitwarden/gh-actions/release-version-check@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
release-type: ${{ github.event.inputs.release_type }} release-type: ${{ github.event.inputs.release_type }}
project-type: ts project-type: ts
@ -94,7 +94,7 @@ jobs:
- name: Create GitHub deployment - name: Create GitHub deployment
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48 uses: chrnorm/deployment-action@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
id: deployment id: deployment
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
@ -104,13 +104,13 @@ jobs:
task: release task: release
- name: Login to Azure - name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "aws-electron-access-id, secrets: "aws-electron-access-id,
@ -123,7 +123,7 @@ jobs:
- name: Download all artifacts - name: Download all artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-desktop.yml workflow: build-desktop.yml
workflow_conclusion: success workflow_conclusion: success
@ -132,7 +132,7 @@ jobs:
- name: Dry Run - Download all artifacts - name: Dry Run - Download all artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-desktop.yml workflow: build-desktop.yml
workflow_conclusion: success workflow_conclusion: success
@ -185,13 +185,13 @@ jobs:
--endpoint-url https://${CF_ACCOUNT}.r2.cloudflarestorage.com --endpoint-url https://${CF_ACCOUNT}.r2.cloudflarestorage.com
- name: Get checksum files - name: Get checksum files
uses: bitwarden/gh-actions/get-checksum@8b6a560c8ad3b9dab81659ae6cd1e319d8771a91 uses: bitwarden/gh-actions/get-checksum@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
packages_dir: "apps/desktop/artifacts" packages_dir: "apps/desktop/artifacts"
file_path: "apps/desktop/artifacts/sha256-checksums.txt" file_path: "apps/desktop/artifacts/sha256-checksums.txt"
- name: Create Release - name: Create Release
uses: ncipollo/release-action@95215a3cb6e6a1908b3c44e00b4fdb15548b1e09 uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0
if: ${{ steps.release-channel.outputs.channel == 'latest' && github.event.inputs.release_type != 'Dry Run' && github.event.inputs.github_release }} if: ${{ steps.release-channel.outputs.channel == 'latest' && github.event.inputs.release_type != 'Dry Run' && github.event.inputs.github_release }}
env: env:
PKG_VERSION: ${{ steps.version.outputs.version }} PKG_VERSION: ${{ steps.version.outputs.version }}
@ -231,7 +231,7 @@ jobs:
- name: Update deployment status to Success - name: Update deployment status to Success
if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }} if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
state: 'success' state: 'success'
@ -239,7 +239,7 @@ jobs:
- name: Update deployment status to Failure - name: Update deployment status to Failure
if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }} if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure' state: 'failure'
@ -254,22 +254,22 @@ jobs:
_PKG_VERSION: ${{ needs.setup.outputs.release-version }} _PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps: steps:
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "snapcraft-store-token" secrets: "snapcraft-store-token"
- name: Install Snap - name: Install Snap
uses: samuelmeuli/action-snapcraft@10d7d0a84d9d86098b19f872257df314b0bd8e2d # v1.2.0 uses: samuelmeuli/action-snapcraft@d33c176a9b784876d966f80fb1b461808edc0641 # v2.1.1
with: with:
snapcraft_token: ${{ steps.retrieve-secrets.outputs.snapcraft-store-token }} snapcraft_token: ${{ steps.retrieve-secrets.outputs.snapcraft-store-token }}
@ -279,7 +279,7 @@ jobs:
- name: Download Snap artifact - name: Download Snap artifact
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-desktop.yml workflow: build-desktop.yml
workflow_conclusion: success workflow_conclusion: success
@ -289,7 +289,7 @@ jobs:
- name: Dry Run - Download Snap artifact - name: Dry Run - Download Snap artifact
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-desktop.yml workflow: build-desktop.yml
workflow_conclusion: success workflow_conclusion: success
@ -313,7 +313,7 @@ jobs:
_PKG_VERSION: ${{ needs.setup.outputs.release-version }} _PKG_VERSION: ${{ needs.setup.outputs.release-version }}
steps: steps:
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Print Environment - name: Print Environment
run: | run: |
@ -321,13 +321,13 @@ jobs:
dotnet nuget --version dotnet nuget --version
- name: Login to Azure - name: Login to Azure
uses: Azure/login@24848bc889cfc0a8313c2b3e378ac0d625b9bc16 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "cli-choco-api-key" secrets: "cli-choco-api-key"
@ -345,7 +345,7 @@ jobs:
- name: Download choco artifact - name: Download choco artifact
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-desktop.yml workflow: build-desktop.yml
workflow_conclusion: success workflow_conclusion: success
@ -355,7 +355,7 @@ jobs:
- name: Dry Run - Download choco artifact - name: Dry Run - Download choco artifact
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-desktop.yml workflow: build-desktop.yml
workflow_conclusion: success workflow_conclusion: success

View File

@ -10,7 +10,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Create GitHub deployment - name: Create GitHub deployment
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48 uses: chrnorm/deployment-action@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
id: deployment id: deployment
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
@ -20,10 +20,10 @@ jobs:
description: 'Deployment from branch ${{ github.ref_name }}' description: 'Deployment from branch ${{ github.ref_name }}'
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Download latest cloud asset - name: Download latest cloud asset
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-web.yml workflow: build-web.yml
path: apps/web path: apps/web
@ -36,7 +36,7 @@ jobs:
run: unzip web-*-cloud-QA.zip run: unzip web-*-cloud-QA.zip
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
ref: cf-pages-qa ref: cf-pages-qa
path: deployment path: deployment
@ -67,7 +67,7 @@ jobs:
- name: Update deployment status to Success - name: Update deployment status to Success
if: ${{ success() }} if: ${{ success() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.qa.bitwarden.pw environment-url: http://vault.qa.bitwarden.pw
@ -76,7 +76,7 @@ jobs:
- name: Update deployment status to Failure - name: Update deployment status to Failure
if: ${{ failure() }} if: ${{ failure() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.qa.bitwarden.pw environment-url: http://vault.qa.bitwarden.pw

View File

@ -24,7 +24,7 @@ jobs:
tag_version: ${{ steps.version.outputs.tag }} tag_version: ${{ steps.version.outputs.tag }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Branch check - name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@ -38,7 +38,7 @@ jobs:
- name: Check Release Version - name: Check Release Version
id: version id: version
uses: bitwarden/gh-actions/release-version-check@8f055ef543c7433c967a1b9b04a0f230923233bb uses: bitwarden/gh-actions/release-version-check@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
release-type: ${{ github.event.inputs.release_type }} release-type: ${{ github.event.inputs.release_type }}
project-type: ts project-type: ts
@ -65,12 +65,12 @@ jobs:
echo "Github Release Option: $_RELEASE_OPTION" echo "Github Release Option: $_RELEASE_OPTION"
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
########## DockerHub ########## ########## DockerHub ##########
- name: Setup DCT - name: Setup DCT
id: setup-dct id: setup-dct
uses: bitwarden/gh-actions/setup-docker-trust@a8c384a05a974c05c48374c818b004be221d43ff uses: bitwarden/gh-actions/setup-docker-trust@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} azure-creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
azure-keyvault-name: "bitwarden-ci" azure-keyvault-name: "bitwarden-ci"
@ -105,7 +105,7 @@ jobs:
########## ACR ########## ########## ACR ##########
- name: Login to Azure - PROD Subscription - name: Login to Azure - PROD Subscription
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
@ -150,11 +150,11 @@ jobs:
_TAG_VERSION: ${{ needs.setup.outputs.release_version }} _TAG_VERSION: ${{ needs.setup.outputs.release_version }}
steps: steps:
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Download latest cloud asset - name: Download latest cloud asset
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-web.yml workflow: build-web.yml
path: apps/web path: apps/web
@ -164,7 +164,7 @@ jobs:
- name: Dry Run - Download latest cloud asset - name: Dry Run - Download latest cloud asset
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-web.yml workflow: build-web.yml
path: apps/web path: apps/web
@ -177,7 +177,7 @@ jobs:
run: unzip web-*-cloud-COMMERCIAL.zip run: unzip web-*-cloud-COMMERCIAL.zip
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
with: with:
ref: cf-pages ref: cf-pages
path: deployment path: deployment
@ -228,7 +228,7 @@ jobs:
steps: steps:
- name: Create GitHub deployment - name: Create GitHub deployment
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48 uses: chrnorm/deployment-action@d42cde7132fcec920de534fffc3be83794335c00 # v2.0.5
id: deployment id: deployment
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
@ -240,7 +240,7 @@ jobs:
- name: Download latest build artifacts - name: Download latest build artifacts
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-web.yml workflow: build-web.yml
path: apps/web/artifacts path: apps/web/artifacts
@ -251,7 +251,7 @@ jobs:
- name: Dry Run - Download latest build artifacts - name: Dry Run - Download latest build artifacts
if: ${{ github.event.inputs.release_type == 'Dry Run' }} if: ${{ github.event.inputs.release_type == 'Dry Run' }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a uses: bitwarden/gh-actions/download-artifacts@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
workflow: build-web.yml workflow: build-web.yml
path: apps/web/artifacts path: apps/web/artifacts
@ -268,7 +268,7 @@ jobs:
- name: Create release - name: Create release
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: ncipollo/release-action@58ae73b360456532aafd58ee170c045abbeaee37 # v1.10.0 uses: ncipollo/release-action@a2e71bdd4e7dab70ca26a852f29600c98b33153e # v1.12.0
with: with:
name: "Web v${{ needs.setup.outputs.release_version }}" name: "Web v${{ needs.setup.outputs.release_version }}"
commit: ${{ github.sha }} commit: ${{ github.sha }}
@ -281,7 +281,7 @@ jobs:
- name: Update deployment status to Success - name: Update deployment status to Success
if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }} if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.bitwarden.com environment-url: http://vault.bitwarden.com
@ -290,7 +290,7 @@ jobs:
- name: Update deployment status to Failure - name: Update deployment status to Failure
if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }} if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
with: with:
token: '${{ secrets.GITHUB_TOKEN }}' token: '${{ secrets.GITHUB_TOKEN }}'
environment-url: http://vault.bitwarden.com environment-url: http://vault.bitwarden.com

View File

@ -20,13 +20,13 @@ jobs:
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
steps: steps:
- name: Login to Azure - name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
with: with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "aws-electron-access-id, secrets: "aws-electron-access-id,

View File

@ -11,7 +11,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: 'Run stale action' - name: 'Run stale action'
uses: actions/stale@3cc123766321e9f15a6676375c154ccffb12a358 # v5.0.0 uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0
with: with:
stale-issue-label: 'needs-reply' stale-issue-label: 'needs-reply'
stale-pr-label: 'needs-changes' stale-pr-label: 'needs-changes'

View File

@ -25,7 +25,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0
@ -52,7 +52,7 @@ jobs:
run: npm run test run: npm run test
- name: Report test results - name: Report test results
uses: dorny/test-reporter@c9b3d0e2bd2a4e96aaf424dbaa31c46b42318226 uses: dorny/test-reporter@c9b3d0e2bd2a4e96aaf424dbaa31c46b42318226 # v1.6.0
if: always() if: always()
with: with:
name: Test Results name: Test Results
@ -79,10 +79,10 @@ jobs:
sudo apt-get install -y gnome-keyring dbus-x11 sudo apt-get install -y gnome-keyring dbus-x11
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Install rust - name: Install rust
uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 uses: actions-rs/toolchain@88dc2356392166efad76775c878094f4e83ff746 # v1.0.6
with: with:
toolchain: stable toolchain: stable
profile: minimal profile: minimal

View File

@ -18,7 +18,7 @@ jobs:
version_number: ${{ steps.version.outputs.new-version }} version_number: ${{ steps.version.outputs.new-version }}
steps: steps:
- name: Checkout Branch - name: Checkout Branch
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c # v3.3.0
- name: Calculate bumped version - name: Calculate bumped version
id: version id: version

View File

@ -49,7 +49,7 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
keyvault: "bitwarden-ci" keyvault: "bitwarden-ci"
secrets: "github-gpg-private-key, github-gpg-private-key-passphrase" secrets: "github-gpg-private-key, github-gpg-private-key-passphrase"
@ -86,14 +86,14 @@ jobs:
- name: Bump Browser Version - Manifest - name: Bump Browser Version - Manifest
if: ${{ github.event.inputs.client == 'Browser' || github.event.inputs.client == 'All' }} if: ${{ github.event.inputs.client == 'Browser' || github.event.inputs.client == 'All' }}
uses: bitwarden/gh-actions/version-bump@03ad9a873c39cdc95dd8d77dbbda67f84db43945 uses: bitwarden/gh-actions/version-bump@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
version: ${{ github.event.inputs.version_number }} version: ${{ github.event.inputs.version_number }}
file_path: "apps/browser/src/manifest.json" file_path: "apps/browser/src/manifest.json"
- name: Bump Browser Version - Manifest v3 - name: Bump Browser Version - Manifest v3
if: ${{ github.event.inputs.client == 'Browser' || github.event.inputs.client == 'All' }} if: ${{ github.event.inputs.client == 'Browser' || github.event.inputs.client == 'All' }}
uses: bitwarden/gh-actions/version-bump@03ad9a873c39cdc95dd8d77dbbda67f84db43945 uses: bitwarden/gh-actions/version-bump@34ecb67b2a357795dc893549df0795e7383ff50f
with: with:
version: ${{ github.event.inputs.version_number }} version: ${{ github.event.inputs.version_number }}
file_path: "apps/browser/src/manifest.v3.json" file_path: "apps/browser/src/manifest.v3.json"

View File

@ -8,4 +8,4 @@ on:
jobs: jobs:
call-workflow: call-workflow:
uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@master uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@34ecb67b2a357795dc893549df0795e7383ff50f