From d5015093cbe13c1a473d2c3290bc92558ea42e89 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Fri, 16 Feb 2024 12:33:34 +0100 Subject: [PATCH 1/5] Add ruby sdk to bump version --- .github/workflows/version-bump.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/version-bump.yml b/.github/workflows/version-bump.yml index e40f68a8e..8abe4b018 100644 --- a/.github/workflows/version-bump.yml +++ b/.github/workflows/version-bump.yml @@ -19,6 +19,7 @@ on: - cli - napi - python-sdk + - ruby-sdk version_number: description: "New version (example: '2024.1.0')" required: true @@ -150,6 +151,11 @@ jobs: sed -i 's/version = "[0-9]\.[0-9]\.[0-9]"/version = "${{ inputs.version_number }}"/' ./languages/python/pyproject.toml sed -i 's/__version__ = "[0-9]\.[0-9]\.[0-9]"/__version__ = "${{ inputs.version_number }}"/' ./languages/python/bitwarden_sdk/__init__.py + ### ruby sdk + - name: Bump ruby-sdk Version + if: ${{ inputs.project == 'ruby-sdk' }} + run: sed -i "s/VERSION = '[0-9]\.[0-9]\.[0-9]'/VERSION = '${{ inputs.version_number }}'/" ./languages/ruby/bitwarden_sdk/lib/version.rb + ############################ # VERSION BUMP SECTION END # ############################ From 479ff83874a38299560ecefd977c6ee379197772 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Fri, 16 Feb 2024 12:33:50 +0100 Subject: [PATCH 2/5] Trigger on push to main rc and htfix-rc --- .github/workflows/build-rust-cross-platform.yml | 8 ++++++++ .github/workflows/generate_schemas.yml | 6 ++++++ 2 files changed, 14 insertions(+) diff --git a/.github/workflows/build-rust-cross-platform.yml b/.github/workflows/build-rust-cross-platform.yml index 89b75cbab..2eb1d12a8 100644 --- a/.github/workflows/build-rust-cross-platform.yml +++ b/.github/workflows/build-rust-cross-platform.yml @@ -2,6 +2,14 @@ name: Build Rust Cross Platform on: workflow_call: + workflow_dispatch: + push: + branches: + - main + - rc + - hotfix-rc + paths: + - "crates/**" jobs: build_rust: diff --git a/.github/workflows/generate_schemas.yml b/.github/workflows/generate_schemas.yml index 025b85105..011911eb1 100644 --- a/.github/workflows/generate_schemas.yml +++ b/.github/workflows/generate_schemas.yml @@ -2,6 +2,12 @@ name: Generate schemas on: workflow_call: + workflow_dispatch: + push: + branches: + - main + - rc + - hotfix-rc env: CARGO_TERM_COLOR: always From f8df5f8b7ff677116e99dc9a706424b642e86afb Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Fri, 16 Feb 2024 12:34:21 +0100 Subject: [PATCH 3/5] Publish ruby only on workflow dispatch get the artifacts from build workflows instead of triggering them --- .github/workflows/publish-ruby.yml | 94 ++++++++++++++++++++++-------- 1 file changed, 69 insertions(+), 25 deletions(-) diff --git a/.github/workflows/publish-ruby.yml b/.github/workflows/publish-ruby.yml index 3dce457b2..cbb2116bc 100644 --- a/.github/workflows/publish-ruby.yml +++ b/.github/workflows/publish-ruby.yml @@ -1,23 +1,40 @@ name: Publish Ruby SDK +run-name: Publish Ruby SDK ${{ inputs.release_type }} on: - push: - branches: - - main + workflow_dispatch: + inputs: + release_type: + description: "Release Options" + required: true + default: "Release" + type: choice + options: + - Release + - Dry Run jobs: - generate_schemas: - uses: ./.github/workflows/generate_schemas.yml + setup: + name: Setup + runs-on: ubuntu-22.04 + steps: + - name: Checkout repo + uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - build_rust: - uses: ./.github/workflows/build-rust-cross-platform.yml + - name: Branch check + if: ${{ github.event.inputs.release_type != 'Dry Run' }} + run: | + if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then + echo "===================================" + echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches" + echo "===================================" + exit 1 + fi - build_ruby: - name: Build Ruby + publish_ruby: + name: Publish Ruby runs-on: ubuntu-22.04 - needs: - - generate_schemas - - build_rust + needs: setup steps: - name: Checkout Repository uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 @@ -27,33 +44,60 @@ jobs: with: ruby-version: 3.2 - - name: Download Ruby schemas artifact - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 + - name: Login to Azure + uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 with: - name: schemas.rb + creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} + + - name: Retrieve ruby gem api key + id: retrieve-secret + uses: bitwarden/gh-actions/get-keyvault-secrets@main + with: + keyvault: "bitwarden-ci" + secrets: "ruby-gem-api-key" + + - name: Download artifacts + uses: bitwarden/gh-actions/download-artifacts@main + with: + workflow: generate_schemas.yml path: languages/ruby/bitwarden_sdk/lib + workflow_conclusion: success + branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + name: schemas.rb - - name: Download x86_64-apple-darwin files - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 + - name: Download x86_64-apple-darwin artifact + uses: bitwarden/gh-actions/download-artifacts@main with: - name: libbitwarden_c_files-x86_64-apple-darwin + workflow: generate_schemas.yml path: temp/macos-x64 + workflow_conclusion: success + branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} + name: libbitwarden_c_files-x86_64-apple-darwin - - name: Download aarch64-apple-darwin files - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 + - name: Download aarch64-apple-darwin artifact + uses: bitwarden/gh-actions/download-artifacts@main with: + workflow: generate_schemas.yml + workflow_conclusion: success + branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} name: libbitwarden_c_files-aarch64-apple-darwin path: temp/macos-arm64 - - name: Download x86_64-unknown-linux-gnu files - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 + - name: Download x86_64-unknown-linux-gnu artifact + uses: bitwarden/gh-actions/download-artifacts@main with: + workflow: generate_schemas.yml + workflow_conclusion: success + branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} name: libbitwarden_c_files-x86_64-unknown-linux-gnu path: temp/linux-x64 - - name: Download x86_64-pc-windows-msvc files - uses: actions/download-artifact@eaceaf801fd36c7dee90939fad912460b18a1ffe # v4.1.2 + - name: Download x86_64-pc-windows-msvc artifact + uses: bitwarden/gh-actions/download-artifacts@main with: + workflow: generate_schemas.yml + workflow_conclusion: success + branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} name: libbitwarden_c_files-x86_64-pc-windows-msvc path: temp/windows-x64 @@ -84,5 +128,5 @@ jobs: printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials gem push *.gem env: - GEM_HOST_API_KEY: ${{ secrets.GEM_HOST_API_KEY }} + GEM_HOST_API_KEY: ${{ steps.retrieve-secret.outputs.ruby-gem-api-key }} working-directory: languages/ruby/bitwarden_sdk From baa1c19e92c52325b1500fb9b4b58c0ddf2e4432 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Mon, 19 Feb 2024 13:26:19 +0100 Subject: [PATCH 4/5] Change way of publishing to rubygems --- .github/workflows/publish-ruby.yml | 25 ++++--------------------- 1 file changed, 4 insertions(+), 21 deletions(-) diff --git a/.github/workflows/publish-ruby.yml b/.github/workflows/publish-ruby.yml index cbb2116bc..fc427806a 100644 --- a/.github/workflows/publish-ruby.yml +++ b/.github/workflows/publish-ruby.yml @@ -12,6 +12,9 @@ on: options: - Release - Dry Run + permissions: + id-token: write + contents: write jobs: setup: @@ -44,18 +47,6 @@ jobs: with: ruby-version: 3.2 - - name: Login to Azure - uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 - with: - creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} - - - name: Retrieve ruby gem api key - id: retrieve-secret - uses: bitwarden/gh-actions/get-keyvault-secrets@main - with: - keyvault: "bitwarden-ci" - secrets: "ruby-gem-api-key" - - name: Download artifacts uses: bitwarden/gh-actions/download-artifacts@main with: @@ -121,12 +112,4 @@ jobs: working-directory: languages/ruby/bitwarden_sdk - name: Push gem to Rubygems - run: | - mkdir -p $HOME/.gem - touch $HOME/.gem/credentials - chmod 0600 $HOME/.gem/credentials - printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials - gem push *.gem - env: - GEM_HOST_API_KEY: ${{ steps.retrieve-secret.outputs.ruby-gem-api-key }} - working-directory: languages/ruby/bitwarden_sdk + uses: rubygems/release-gem@48512b949a6517699b78f000b4f36e641d321ed3 # v1.0.0 From 25a3655461ebbd2c29449d257a591aa759477f19 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 20 Feb 2024 10:45:57 +0100 Subject: [PATCH 5/5] Add conditional for publish gem to rubygems --- .github/workflows/publish-ruby.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/publish-ruby.yml b/.github/workflows/publish-ruby.yml index fc427806a..7bff45687 100644 --- a/.github/workflows/publish-ruby.yml +++ b/.github/workflows/publish-ruby.yml @@ -112,4 +112,5 @@ jobs: working-directory: languages/ruby/bitwarden_sdk - name: Push gem to Rubygems + if: ${{ github.event.inputs.release_type != 'Dry Run' }} uses: rubygems/release-gem@48512b949a6517699b78f000b4f36e641d321ed3 # v1.0.0