Refactor release swift workflow

- Add default environment variables - Update branch check - Point Bitwarden actions to main - Move github-release step to last - Create release on sdk-swift project
bitwarden · Apr 16, 2024 · 09da1bd · 09da1bd
1 parent 2b55e24
commit 09da1bd
Showing 1 changed file with 50 additions and 33 deletions.
diff --git a/.github/workflows/release-swift.yml b/.github/workflows/release-swift.yml
@@ -15,6 +15,9 @@ on:
           - Redeploy
           - Dry Run
 
+env:
+  _KEY_VAULT: "bitwarden-ci"
+
 jobs:
   validate:
     name: Validate Branch - Set Version
@@ -28,9 +31,9 @@ jobs:
       - name: Branch check
         if: ${{ github.event.inputs.release_type != 'Dry Run' }}
         run: |
-          if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc-swift" ]]; then
+          if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
             echo "==================================="
-            echo "[!] Can only release from the 'rc' or 'hotfix-rc-cli' branches"
+            echo "[!] Can only release from the 'rc' or 'refs/heads/hotfix-rc' branches"
             echo "==================================="
             exit 1
           fi
@@ -41,40 +44,11 @@ jobs:
           VERSION=$(grep -o '^version = ".*"' crates/bitwarden/Cargo.toml | grep -Eo "[0-9]+\.[0-9]+\.[0-9]+")
           echo "version=$VERSION" >> $GITHUB_OUTPUT
 
-  github-release:
-    name: GitHub Release
-    runs-on: ubuntu-22.04
-    needs: validate
-    env:
-      _PKG_VERSION: ${{ needs.validate.outputs.version }}
-    steps:
-      - name: Download BitwardenEFI artifact
-        uses: bitwarden/gh-actions/download-artifacts@62d1bf7c3e31c458cc7236b1e69a475d235cd78f
-        with:
-          workflow: build-swift.yml
-          artifacts: BitwardenFFI-${{ env._PKG_VERSION }}.xcframework
-          path: packages
-          workflow_conclusion: success
-          branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'master' || github.ref_name }}
-
-      - name: Create release
-        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
-        uses: ncipollo/release-action@6c75be85e571768fa31b40abf38de58ba0397db5 # v1.13.0
-        with:
-          artifacts: "packages/BitwardenFFI-${{ env._PKG_VERSION }}.xcframework"
-          commit: ${{ github.sha }}
-          tag: BitwardenFFI-v${{ env._PKG_VERSION }}
-          name: BitwardenFFI v${{ env._PKG_VERSION }}
-          body: "<insert release notes here>"
-          token: ${{ secrets.GITHUB_TOKEN }}
-          draft: true
-
   repo-sync:
     name: Push changed files to SDK Swift repo
     runs-on: ubuntu-22.04
     needs: validate
     env:
-      _KEY_VAULT: "bitwarden-ci"
       _BOT_EMAIL: [email protected]
       _BOT_NAME: bitwarden-devops-bot
       _PKG_VERSION: ${{ needs.validate.outputs.version }}
@@ -98,7 +72,7 @@ jobs:
 
       - name: Retrieve secrets
         id: retrieve-secrets
-        uses: bitwarden/gh-actions/get-keyvault-secrets@62d1bf7c3e31c458cc7236b1e69a475d235cd78f
+        uses: bitwarden/gh-actions/get-keyvault-secrets@main
         with:
           keyvault: ${{ env._KEY_VAULT }}
           secrets: "github-pat-bitwarden-devops-bot-repo-scope"
@@ -114,7 +88,7 @@ jobs:
           # Update BitwardenFFI path
           sed -i '' 's|.binaryTarget(name: "BitwardenFFI", path: "BitwardenFFI.xcframework")|.binaryTarget(\
             name: "BitwardenFFI",\
-            url: "https://github.com/bitwarden/sdk/releases/download/BitwardenFFI-v${{ env._PKG_VERSION }}/BitwardenFFI-${{ env._PKG_VERSION }}.xcframework.zip",|' sdk/languages/swift/Package.swift
+            url: "https://github.com/bitwarden/sdk-swift/releases/download/BitwardenFFI-v${{ env._PKG_VERSION }}/BitwardenFFI-${{ env._PKG_VERSION }}.xcframework.zip",|' sdk/languages/swift/Package.swift
 
           # Run swiftformat
           swiftformat sdk/languages/swift/Package.swift
@@ -155,3 +129,46 @@ jobs:
 
           git tag ${{ env._PKG_VERSION }}
           git push origin ${{ env._PKG_VERSION }}
+
+  github-release:
+    name: GitHub Release
+    runs-on: ubuntu-22.04
+    needs:
+      - validate
+      - repo-sync
+    env:
+      _PKG_VERSION: ${{ needs.validate.outputs.version }}
+    steps:
+      - name: Login to Azure - Prod Subscription
+        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
+        with:
+          creds: ${{ secrets.AZURE_CI_SERVICE_PRINCIPAL }}
+
+      - name: Retrieve secrets
+        id: retrieve-secrets
+        uses: bitwarden/gh-actions/get-keyvault-secrets@main
+        with:
+          keyvault: ${{ env._KEY_VAULT }}
+          secrets: "github-pat-bitwarden-devops-bot-repo-scope"
+
+      - name: Download BitwardenEFI artifact
+        uses: bitwarden/gh-actions/download-artifacts@main
+        with:
+          workflow: build-swift.yml
+          artifacts: BitwardenFFI-${{ env._PKG_VERSION }}.xcframework
+          workflow_conclusion: success
+          branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'master' || github.ref_name }}
+          skip_unpack: true
+
+      - name: Create release
+        if: ${{ inputs.release_type != 'Dry Run' }}
+        uses: ncipollo/release-action@6c75be85e571768fa31b40abf38de58ba0397db5 # v1.13.0
+        with:
+          tag: v${{ env._PKG_VERSION }}
+          name: v${{ env._PKG_VERSION }}
+          body: "<insert release notes here>"
+          token: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
+          draft: true
+          repo: sdk-swift
+          owner: bitwarden
+          artifacts: "BitwardenFFI-${{ env._PKG_VERSION }}.xcframework"