From 155e3bf56c3a95a22fa227dda9d47014e8d9ff62 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Fri, 16 May 2025 16:23:56 +0200 Subject: [PATCH 01/14] Add lane to get latest published version from App Store --- fastlane/Fastfile | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/fastlane/Fastfile b/fastlane/Fastfile index da27558616..321623fcfc 100644 --- a/fastlane/Fastfile +++ b/fastlane/Fastfile @@ -31,4 +31,12 @@ platform :ios do |options| } ) end + + desc "Get latest published version" + lane :get_latest_version do + app_store_build_number( + api_key_path: options[:api_key_path] + ) + puts lane_context[SharedValues::LATEST_VERSION] + end end From c548523cfe58c6ccb2bd42c6d7853b737c9c7610 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Fri, 16 May 2025 16:24:08 +0200 Subject: [PATCH 02/14] Add GitHub Actions workflow for publishing releases --- .github/workflows/publish-github-release.yml | 40 ++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100644 .github/workflows/publish-github-release.yml diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml new file mode 100644 index 0000000000..97795c0365 --- /dev/null +++ b/.github/workflows/publish-github-release.yml @@ -0,0 +1,40 @@ +name: Publish GitHub Release as newest + +on: + workflow_dispatch: +# schedule: +# - cron: '0 3 * * *' + +jobs: + create-release: + name: Create GitHub Release + runs-on: ubuntu-24.04 + permissions: + contents: write + actions: read + + steps: + - name: Check out repository + uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + with: + fetch-depth: 0 + + - name: Log in to Azure + uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1 + with: + creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} + + - name: Download Fastlane credentials + env: + ACCOUNT_NAME: bitwardenci + CONTAINER_NAME: mobile + FILE: appstoreconnect-fastlane.json + run: | + mkdir -p $HOME/secrets + az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME --name $FILE \ + --file $HOME/secrets/$FILE --output none + + - name: Check released version + run: | + fastlane get_latest_version \ + api_key_path:"$HOME/secrets/appstoreconnect-fastlane.json" From 53b34408782b38a7dc01da475b38f699840f8e22 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Fri, 16 May 2025 16:52:12 +0200 Subject: [PATCH 03/14] Update status of latest prerelease --- .github/workflows/publish-github-release.yml | 56 +++++++++++++++++++- 1 file changed, 54 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index 97795c0365..d6937bdf97 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -19,12 +19,32 @@ jobs: with: fetch-depth: 0 + - name: Get latest pre-release name + id: get_latest_prerelease + run: | + latest_release=$(jq -r 'first' <<< $(curl --silent https://api.github.com/repos/bitwarden/ios/releases)) + is_latest_prerelease=$(jq -r '.prerelease' <<< $latest_release) + echo "is_latest_prerelease=$is_latest_prerelease" >> $GITHUB_OUTPUT + + if [ "$is_latest_prerelease" != "true" ]; then + echo "No pre-release found" + exit 0 + fi + + latest_prerelease_version=$(jq -r '.tag_name' <<< $latest_release) + echo "latest_prerelease_version=$latest_prerelease_version" >> $GITHUB_OUTPUT + + latest_prerelease_id=$(jq -r '.id' <<< $latest_release) + echo "latest_prerelease_id=$latest_prerelease_id" >> $GITHUB_OUTPUT + - name: Log in to Azure + if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1 with: creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} - name: Download Fastlane credentials + if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' env: ACCOUNT_NAME: bitwardenci CONTAINER_NAME: mobile @@ -35,6 +55,38 @@ jobs: --file $HOME/secrets/$FILE --output none - name: Check released version + if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' + id: appstore_version + run: | + appstore_version=$(fastlane get_latest_version \ + api_key_path:"$HOME/secrets/appstoreconnect-fastlane.json") + + echo "Latest version on App Store: $appstore_version" + echo "appstore_version=$appstore_version" >> $GITHUB_OUTPUT + + - name: Check if version is already released + if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' + id: check_version + run: | + latest_prerelease_version=${{ steps.get_latest_prerelease.outputs.latest_prerelease_version }} + appstore_version=${{ steps.appstore_version.outputs.appstore_version }} + + if [ "$latest_prerelease_version" == "$appstore_version" ]; then + echo "Version $latest_prerelease_version is already released on App Store" + echo "version_released=true" >> $GITHUB_OUTPUT + else + echo "Version $latest_prerelease_version is not released on App Store" + echo "version_released=false" >> $GITHUB_OUTPUT + fi + + - name: Make GitHub release latest and non-pre-release + if: steps.check_version.outputs.version_released == 'true' + id: make_release run: | - fastlane get_latest_version \ - api_key_path:"$HOME/secrets/appstoreconnect-fastlane.json" + latest_prerelease_version=${{ steps.get_latest_prerelease.outputs.latest_prerelease_version }} + echo "Making release $latest_prerelease_version latest and non-pre-release" + curl -X PATCH \ + -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ + -H "Accept: application/vnd.github.v3+json" \ + https://api.github.com/repos/bitwarden/ios/releases/$latest_prerelease_id \ + -d '{"prerelease": false, "draft": false, "make_latest": true}' \ No newline at end of file From 054209e220060c65aee9cea16d19b8064141b4b1 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Fri, 16 May 2025 16:57:56 +0200 Subject: [PATCH 04/14] Enable scheduled GitHub release workflow for weekdays --- .github/workflows/publish-github-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index d6937bdf97..d59d8e5db3 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -2,8 +2,8 @@ name: Publish GitHub Release as newest on: workflow_dispatch: -# schedule: -# - cron: '0 3 * * *' + schedule: + - cron: '0 3 * * 1-5' jobs: create-release: From 9825ed2c6bfa8fd98822ba8a654f023b20b51066 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Mon, 19 May 2025 12:53:16 +0200 Subject: [PATCH 05/14] Rename job from 'create-release' to 'publish-release' in GitHub Actions workflow --- .github/workflows/publish-github-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index d59d8e5db3..b65b94a20d 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -6,8 +6,8 @@ on: - cron: '0 3 * * 1-5' jobs: - create-release: - name: Create GitHub Release + publish-release: + name: Publish GitHub Release runs-on: ubuntu-24.04 permissions: contents: write From 43ab803e1d01e4e2f0ad7428ca5d36763720bb96 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 20 May 2025 16:49:31 +0200 Subject: [PATCH 06/14] Refactor GitHub Actions workflow to use `gh` CLI for fetching latest pre-release details and streamline release process --- .github/workflows/publish-github-release.yml | 23 ++++++++------------ 1 file changed, 9 insertions(+), 14 deletions(-) diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index b65b94a20d..e40e8a0641 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -21,9 +21,11 @@ jobs: - name: Get latest pre-release name id: get_latest_prerelease + env: + GITHUB_TOKEN: ${{ github.token }} run: | - latest_release=$(jq -r 'first' <<< $(curl --silent https://api.github.com/repos/bitwarden/ios/releases)) - is_latest_prerelease=$(jq -r '.prerelease' <<< $latest_release) + latest_release=$(gh release list --json name,tagName,isDraft,isPrerelease -L 1) + is_latest_prerelease=$(jq -r '.[0].isPrerelease' <<< $latest_release) echo "is_latest_prerelease=$is_latest_prerelease" >> $GITHUB_OUTPUT if [ "$is_latest_prerelease" != "true" ]; then @@ -31,12 +33,9 @@ jobs: exit 0 fi - latest_prerelease_version=$(jq -r '.tag_name' <<< $latest_release) + latest_prerelease_version=$(jq -r '.[0].tagName' <<< $latest_release) echo "latest_prerelease_version=$latest_prerelease_version" >> $GITHUB_OUTPUT - latest_prerelease_id=$(jq -r '.id' <<< $latest_release) - echo "latest_prerelease_id=$latest_prerelease_id" >> $GITHUB_OUTPUT - - name: Log in to Azure if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1 @@ -82,11 +81,7 @@ jobs: - name: Make GitHub release latest and non-pre-release if: steps.check_version.outputs.version_released == 'true' id: make_release - run: | - latest_prerelease_version=${{ steps.get_latest_prerelease.outputs.latest_prerelease_version }} - echo "Making release $latest_prerelease_version latest and non-pre-release" - curl -X PATCH \ - -H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \ - -H "Accept: application/vnd.github.v3+json" \ - https://api.github.com/repos/bitwarden/ios/releases/$latest_prerelease_id \ - -d '{"prerelease": false, "draft": false, "make_latest": true}' \ No newline at end of file + env: + TAG: ${{ steps.get_latest_prerelease.outputs.latest_prerelease_version }} + GH_TOKEN: ${{ github.token }} + run: gh release edit $TAG --prerelease=false --latest \ No newline at end of file From 60deb4fc071f23625ff7e56521b04fe59421b4c8 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 20 May 2025 17:00:18 +0200 Subject: [PATCH 07/14] Rename steps in GitHub Actions workflow to reflect draft release handling --- .github/workflows/publish-github-release.yml | 32 ++++++++++---------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index e40e8a0641..cec125ea84 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -19,31 +19,31 @@ jobs: with: fetch-depth: 0 - - name: Get latest pre-release name - id: get_latest_prerelease + - name: Get latest draft release name + id: get_latest_draft env: GITHUB_TOKEN: ${{ github.token }} run: | latest_release=$(gh release list --json name,tagName,isDraft,isPrerelease -L 1) - is_latest_prerelease=$(jq -r '.[0].isPrerelease' <<< $latest_release) - echo "is_latest_prerelease=$is_latest_prerelease" >> $GITHUB_OUTPUT + is_latest_draft=$(jq -r '.[0].isDraft' <<< $latest_release) + echo "is_latest_draft=$is_latest_draft" >> $GITHUB_OUTPUT - if [ "$is_latest_prerelease" != "true" ]; then + if [ "$is_latest_draft" != "true" ]; then echo "No pre-release found" exit 0 fi - latest_prerelease_version=$(jq -r '.[0].tagName' <<< $latest_release) - echo "latest_prerelease_version=$latest_prerelease_version" >> $GITHUB_OUTPUT + latest_draft_version=$(jq -r '.[0].tagName' <<< $latest_release) + echo "latest_draft_version=$latest_draft_version" >> $GITHUB_OUTPUT - name: Log in to Azure - if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' + if: steps.get_latest_draft.outputs.is_latest_draft == 'true' uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1 with: creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} - name: Download Fastlane credentials - if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' + if: steps.get_latest_draft.outputs.is_latest_draft == 'true' env: ACCOUNT_NAME: bitwardenci CONTAINER_NAME: mobile @@ -54,7 +54,7 @@ jobs: --file $HOME/secrets/$FILE --output none - name: Check released version - if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' + if: steps.get_latest_draft.outputs.is_latest_draft == 'true' id: appstore_version run: | appstore_version=$(fastlane get_latest_version \ @@ -64,17 +64,17 @@ jobs: echo "appstore_version=$appstore_version" >> $GITHUB_OUTPUT - name: Check if version is already released - if: steps.get_latest_prerelease.outputs.is_latest_prerelease == 'true' + if: steps.get_latest_draft.outputs.is_latest_draft == 'true' id: check_version run: | - latest_prerelease_version=${{ steps.get_latest_prerelease.outputs.latest_prerelease_version }} + latest_draft_version=${{ steps.get_latest_draft.outputs.latest_draft_version }} appstore_version=${{ steps.appstore_version.outputs.appstore_version }} - if [ "$latest_prerelease_version" == "$appstore_version" ]; then - echo "Version $latest_prerelease_version is already released on App Store" + if [ "$latest_draft_version" == "$appstore_version" ]; then + echo "Version $latest_draft_version is already released on App Store" echo "version_released=true" >> $GITHUB_OUTPUT else - echo "Version $latest_prerelease_version is not released on App Store" + echo "Version $latest_draft_version is not released on App Store" echo "version_released=false" >> $GITHUB_OUTPUT fi @@ -82,6 +82,6 @@ jobs: if: steps.check_version.outputs.version_released == 'true' id: make_release env: - TAG: ${{ steps.get_latest_prerelease.outputs.latest_prerelease_version }} + TAG: ${{ steps.get_latest_draft.outputs.latest_draft_version }} GH_TOKEN: ${{ github.token }} run: gh release edit $TAG --prerelease=false --latest \ No newline at end of file From 89af3f94cdeb9d77c5d648744a6f254cf4936967 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 20 May 2025 17:01:53 +0200 Subject: [PATCH 08/14] Update GitHub release step to mark release as non-draft --- .github/workflows/publish-github-release.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index cec125ea84..01ca3ffceb 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -84,4 +84,4 @@ jobs: env: TAG: ${{ steps.get_latest_draft.outputs.latest_draft_version }} GH_TOKEN: ${{ github.token }} - run: gh release edit $TAG --prerelease=false --latest \ No newline at end of file + run: gh release edit $TAG --prerelease=false --latest --draft=false \ No newline at end of file From 40ae989d0550dc81330622fd8a018ce266e0eac7 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 20 May 2025 17:04:11 +0200 Subject: [PATCH 09/14] Refactor version check logic to use environment variables for clarity --- .github/workflows/publish-github-release.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index 01ca3ffceb..46766222c6 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -66,15 +66,15 @@ jobs: - name: Check if version is already released if: steps.get_latest_draft.outputs.is_latest_draft == 'true' id: check_version + env: + LATEST_DRAFT_VERSION: ${{ steps.get_latest_draft.outputs.latest_draft_version }} + APPSTORE_VERSION: ${{ steps.appstore_version.outputs.appstore_version }} run: | - latest_draft_version=${{ steps.get_latest_draft.outputs.latest_draft_version }} - appstore_version=${{ steps.appstore_version.outputs.appstore_version }} - - if [ "$latest_draft_version" == "$appstore_version" ]; then - echo "Version $latest_draft_version is already released on App Store" + if [ "$LATEST_DRAFT_VERSION" == "$APPSTORE_VERSION" ]; then + echo "Version $LATEST_DRAFT_VERSION is already released on App Store" echo "version_released=true" >> $GITHUB_OUTPUT else - echo "Version $latest_draft_version is not released on App Store" + echo "Version $LATEST_DRAFT_VERSION is not released on App Store" echo "version_released=false" >> $GITHUB_OUTPUT fi From 7c3cd8385a0481df97495172408b920bf1939675 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Fri, 30 May 2025 12:44:05 +0200 Subject: [PATCH 10/14] Add GitHub Actions workflows for publishing Authenticator and Password Manager releases; update Fastfile to set STORE_VERSION in GitHub environment --- .../publish-github-release-authenticator.yml | 21 ++++++++++++++++++ ...blish-github-release-passoword-manager.yml | 22 +++++++++++++++++++ fastlane/Fastfile | 4 +++- 3 files changed, 46 insertions(+), 1 deletion(-) create mode 100644 .github/workflows/publish-github-release-authenticator.yml create mode 100644 .github/workflows/publish-github-release-passoword-manager.yml diff --git a/.github/workflows/publish-github-release-authenticator.yml b/.github/workflows/publish-github-release-authenticator.yml new file mode 100644 index 0000000000..3d9fe23c7f --- /dev/null +++ b/.github/workflows/publish-github-release-authenticator.yml @@ -0,0 +1,21 @@ +name: Publish Authenticator GitHub Release as newest + +on: + workflow_dispatch: + schedule: + - cron: '0 3 * * 1-5' + +permissions: + contents: write + actions: read +jobs: + publish-release-authenticator: + name: Publish Authenticator Release + uses: bitwarden/gh-actions/.github/workflows/_publish-mobile-github-release.yml@main + with: + release_name: "Authenticator" + workflow_name: "publish-github-release-authenticator.yml" + credentials_filename: "appstoreconnect-fastlane.json" + check_release_command: > + bundle exec fastlane ios get_latest_version_authenticator api_key_path:$CREDENTIALS_PATH + secrets: inherit diff --git a/.github/workflows/publish-github-release-passoword-manager.yml b/.github/workflows/publish-github-release-passoword-manager.yml new file mode 100644 index 0000000000..3902156ad8 --- /dev/null +++ b/.github/workflows/publish-github-release-passoword-manager.yml @@ -0,0 +1,22 @@ +name: Publish Password Manager GitHub Release as newest + +on: + workflow_dispatch: + schedule: + - cron: '0 3 * * 1-5' + +permissions: + contents: write + actions: read + +jobs: + publish-release-password-manager: + name: Publish Password Manager Release + uses: bitwarden/gh-actions/.github/workflows/_publish-mobile-github-release.yml@main + with: + release_name: "Password Manager" + workflow_name: "publish-github-release-passoword-manager.yml" + credentials_filename: "appstoreconnect-fastlane.json" + check_release_command: > + bundle exec fastlane ios get_latest_version api_key_path:$CREDENTIALS_PATH + secrets: inherit diff --git a/fastlane/Fastfile b/fastlane/Fastfile index 321623fcfc..18fb9395f3 100644 --- a/fastlane/Fastfile +++ b/fastlane/Fastfile @@ -37,6 +37,8 @@ platform :ios do |options| app_store_build_number( api_key_path: options[:api_key_path] ) - puts lane_context[SharedValues::LATEST_VERSION] + latest_version = lane_context[SharedValues::LATEST_VERSION] + + sh("echo STORE_VERSION=#{latest_version} >> $GITHUB_ENV") end end From 31425c13d37098ae82d671efc3b71d0558ec1a4b Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 3 Jun 2025 17:38:35 +0200 Subject: [PATCH 11/14] Add latest build number to GitHub environment in get_latest_version lane --- fastlane/Fastfile | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/fastlane/Fastfile b/fastlane/Fastfile index 18fb9395f3..777db2e6d0 100644 --- a/fastlane/Fastfile +++ b/fastlane/Fastfile @@ -38,7 +38,11 @@ platform :ios do |options| api_key_path: options[:api_key_path] ) latest_version = lane_context[SharedValues::LATEST_VERSION] + latest_build_number = lane_context[SharedValues::LATEST_BUILD_NUMBER] sh("echo STORE_VERSION=#{latest_version} >> $GITHUB_ENV") + sh("echo STORE_BUILD_NUMBER=#{latest_build_number} >> $GITHUB_ENV") + UI.message("Latest version: #{latest_version}") + UI.message("Latest build number: #{latest_build_number}") end end From 994b3293fa27ea0af8406dfbffbe5d95f9ce450f Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 3 Jun 2025 17:50:43 +0200 Subject: [PATCH 12/14] Refactor GitHub Actions workflows: consolidate release jobs for Authenticator and Password Manager into a single workflow file --- .../publish-github-release-authenticator.yml | 21 ---- ...blish-github-release-passoword-manager.yml | 22 ---- .github/workflows/publish-github-release.yml | 106 +++++------------- 3 files changed, 26 insertions(+), 123 deletions(-) delete mode 100644 .github/workflows/publish-github-release-authenticator.yml delete mode 100644 .github/workflows/publish-github-release-passoword-manager.yml diff --git a/.github/workflows/publish-github-release-authenticator.yml b/.github/workflows/publish-github-release-authenticator.yml deleted file mode 100644 index 3d9fe23c7f..0000000000 --- a/.github/workflows/publish-github-release-authenticator.yml +++ /dev/null @@ -1,21 +0,0 @@ -name: Publish Authenticator GitHub Release as newest - -on: - workflow_dispatch: - schedule: - - cron: '0 3 * * 1-5' - -permissions: - contents: write - actions: read -jobs: - publish-release-authenticator: - name: Publish Authenticator Release - uses: bitwarden/gh-actions/.github/workflows/_publish-mobile-github-release.yml@main - with: - release_name: "Authenticator" - workflow_name: "publish-github-release-authenticator.yml" - credentials_filename: "appstoreconnect-fastlane.json" - check_release_command: > - bundle exec fastlane ios get_latest_version_authenticator api_key_path:$CREDENTIALS_PATH - secrets: inherit diff --git a/.github/workflows/publish-github-release-passoword-manager.yml b/.github/workflows/publish-github-release-passoword-manager.yml deleted file mode 100644 index 3902156ad8..0000000000 --- a/.github/workflows/publish-github-release-passoword-manager.yml +++ /dev/null @@ -1,22 +0,0 @@ -name: Publish Password Manager GitHub Release as newest - -on: - workflow_dispatch: - schedule: - - cron: '0 3 * * 1-5' - -permissions: - contents: write - actions: read - -jobs: - publish-release-password-manager: - name: Publish Password Manager Release - uses: bitwarden/gh-actions/.github/workflows/_publish-mobile-github-release.yml@main - with: - release_name: "Password Manager" - workflow_name: "publish-github-release-passoword-manager.yml" - credentials_filename: "appstoreconnect-fastlane.json" - check_release_command: > - bundle exec fastlane ios get_latest_version api_key_path:$CREDENTIALS_PATH - secrets: inherit diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index 46766222c6..62f934a377 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -1,87 +1,33 @@ -name: Publish GitHub Release as newest +name: Publish Password Manager GitHub Release as newest on: workflow_dispatch: schedule: - cron: '0 3 * * 1-5' -jobs: - publish-release: - name: Publish GitHub Release - runs-on: ubuntu-24.04 - permissions: - contents: write - actions: read - - steps: - - name: Check out repository - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - with: - fetch-depth: 0 - - - name: Get latest draft release name - id: get_latest_draft - env: - GITHUB_TOKEN: ${{ github.token }} - run: | - latest_release=$(gh release list --json name,tagName,isDraft,isPrerelease -L 1) - is_latest_draft=$(jq -r '.[0].isDraft' <<< $latest_release) - echo "is_latest_draft=$is_latest_draft" >> $GITHUB_OUTPUT - - if [ "$is_latest_draft" != "true" ]; then - echo "No pre-release found" - exit 0 - fi - - latest_draft_version=$(jq -r '.[0].tagName' <<< $latest_release) - echo "latest_draft_version=$latest_draft_version" >> $GITHUB_OUTPUT - - - name: Log in to Azure - if: steps.get_latest_draft.outputs.is_latest_draft == 'true' - uses: Azure/login@cb79c773a3cfa27f31f25eb3f677781210c9ce3d # v1.6.1 - with: - creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} +permissions: + contents: write + actions: read - - name: Download Fastlane credentials - if: steps.get_latest_draft.outputs.is_latest_draft == 'true' - env: - ACCOUNT_NAME: bitwardenci - CONTAINER_NAME: mobile - FILE: appstoreconnect-fastlane.json - run: | - mkdir -p $HOME/secrets - az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME --name $FILE \ - --file $HOME/secrets/$FILE --output none - - - name: Check released version - if: steps.get_latest_draft.outputs.is_latest_draft == 'true' - id: appstore_version - run: | - appstore_version=$(fastlane get_latest_version \ - api_key_path:"$HOME/secrets/appstoreconnect-fastlane.json") - - echo "Latest version on App Store: $appstore_version" - echo "appstore_version=$appstore_version" >> $GITHUB_OUTPUT - - - name: Check if version is already released - if: steps.get_latest_draft.outputs.is_latest_draft == 'true' - id: check_version - env: - LATEST_DRAFT_VERSION: ${{ steps.get_latest_draft.outputs.latest_draft_version }} - APPSTORE_VERSION: ${{ steps.appstore_version.outputs.appstore_version }} - run: | - if [ "$LATEST_DRAFT_VERSION" == "$APPSTORE_VERSION" ]; then - echo "Version $LATEST_DRAFT_VERSION is already released on App Store" - echo "version_released=true" >> $GITHUB_OUTPUT - else - echo "Version $LATEST_DRAFT_VERSION is not released on App Store" - echo "version_released=false" >> $GITHUB_OUTPUT - fi - - - name: Make GitHub release latest and non-pre-release - if: steps.check_version.outputs.version_released == 'true' - id: make_release - env: - TAG: ${{ steps.get_latest_draft.outputs.latest_draft_version }} - GH_TOKEN: ${{ github.token }} - run: gh release edit $TAG --prerelease=false --latest --draft=false \ No newline at end of file +jobs: + publish-release-password-manager: + name: Publish Password Manager Release + uses: bitwarden/gh-actions/.github/workflows/_publish-mobile-github-release.yml@main + with: + release_name: "Password Manager" + workflow_name: "publish-github-release-passoword-manager.yml" + credentials_filename: "appstoreconnect-fastlane.json" + check_release_command: > + bundle exec fastlane ios get_latest_version api_key_path:$CREDENTIALS_PATH + secrets: inherit + + publish-release-authenticator: + name: Publish Authenticator Release + uses: bitwarden/gh-actions/.github/workflows/_publish-mobile-github-release.yml@main + with: + release_name: "Authenticator" + workflow_name: "publish-github-release-authenticator.yml" + credentials_filename: "appstoreconnect-fastlane.json" + check_release_command: > + bundle exec fastlane ios get_latest_version_authenticator api_key_path:$CREDENTIALS_PATH + secrets: inherit \ No newline at end of file From c67c73a6d32f41ae4962d341117f3b65a6994c82 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 3 Jun 2025 18:19:04 +0200 Subject: [PATCH 13/14] Fix workflow names in publish GitHub release actions for consistency --- .github/workflows/publish-github-release.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/publish-github-release.yml b/.github/workflows/publish-github-release.yml index 62f934a377..bd27d8065e 100644 --- a/.github/workflows/publish-github-release.yml +++ b/.github/workflows/publish-github-release.yml @@ -15,7 +15,7 @@ jobs: uses: bitwarden/gh-actions/.github/workflows/_publish-mobile-github-release.yml@main with: release_name: "Password Manager" - workflow_name: "publish-github-release-passoword-manager.yml" + workflow_name: "publish-github-release.yml" credentials_filename: "appstoreconnect-fastlane.json" check_release_command: > bundle exec fastlane ios get_latest_version api_key_path:$CREDENTIALS_PATH @@ -26,7 +26,7 @@ jobs: uses: bitwarden/gh-actions/.github/workflows/_publish-mobile-github-release.yml@main with: release_name: "Authenticator" - workflow_name: "publish-github-release-authenticator.yml" + workflow_name: "publish-github-release.yml" credentials_filename: "appstoreconnect-fastlane.json" check_release_command: > bundle exec fastlane ios get_latest_version_authenticator api_key_path:$CREDENTIALS_PATH From 6b00bec397fa95695154ce9ba3a6bdfa384958b2 Mon Sep 17 00:00:00 2001 From: Michal Checinski Date: Tue, 3 Jun 2025 18:26:37 +0200 Subject: [PATCH 14/14] Refactor get_latest_version lane to use correct method and variable names for clarity --- fastlane/Fastfile | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/fastlane/Fastfile b/fastlane/Fastfile index 777db2e6d0..c3e51e7e18 100644 --- a/fastlane/Fastfile +++ b/fastlane/Fastfile @@ -34,15 +34,15 @@ platform :ios do |options| desc "Get latest published version" lane :get_latest_version do - app_store_build_number( + app_STORE_VERSION_NUMBER( api_key_path: options[:api_key_path] ) - latest_version = lane_context[SharedValues::LATEST_VERSION] - latest_build_number = lane_context[SharedValues::LATEST_BUILD_NUMBER] + latest_version_name = lane_context[SharedValues::LATEST_VERSION] + latest_version_number = lane_context[SharedValues::LATEST_BUILD_NUMBER] - sh("echo STORE_VERSION=#{latest_version} >> $GITHUB_ENV") - sh("echo STORE_BUILD_NUMBER=#{latest_build_number} >> $GITHUB_ENV") - UI.message("Latest version: #{latest_version}") - UI.message("Latest build number: #{latest_build_number}") + sh("echo STORE_VERSION_NAME=#{latest_version_name} >> $GITHUB_ENV") + sh("echo STORE_VERSION_NUMBER=#{latest_build_number} >> $GITHUB_ENV") + UI.message("Latest version: #{latest_version_name}") + UI.message("Latest build number: #{latest_version_number}") end end