Skip to content
Release Swift Package

Release Swift Build 2708 #363

Sign in to view logs

Release Swift Build 2708

Release Swift Build 2708 #363

Workflow file for this run

.github/workflows/release-swift.yml at 6474d6f
name: Release Swift Package
run-name: Release Swift Build ${{ inputs.build-run-number }}
on:
workflow_dispatch:
inputs:
build-run-id:
description: "Build Swift Run ID"
type: string
required: true
build-run-number:
description: "Build Swift Run Number - used for workflow run-name"
type: string
required: true
sdk-swift-branch-name:
description: "sdk-swift Branch Name"
type: string
required: true
update-ios-repo:
description: "Update iOS Repo - Opens a PR updating the SDK in bitwarden/ios"
type: boolean
jobs:
release:
name: Release to sdk-swift
runs-on: ubuntu-24.04
permissions:
contents: read
id-token: write
env:
_BOT_EMAIL: [email protected]
_BOT_NAME: bitwarden-devops-bot
steps:
- name: Checkout SDK repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
path: sdk
persist-credentials: false
- name: Get version
id: version
working-directory: sdk
run: |
VERSION=$(grep -o '^version = ".*"' Cargo.toml | grep -Eo "[0-9]+\.[0-9]+\.[0-9]+")
echo "version=$VERSION" >> $GITHUB_OUTPUT
echo "πŸ‘€ Version: $VERSION"
- name: Get workflow run commit ref
id: get-sdk-internal-ref
env:
GH_TOKEN: ${{ github.token }}
_RUN_ID: ${{ inputs.build-run-id }}
working-directory: sdk
run: |
COMMIT_SHA=$(gh run view $_RUN_ID --json headSha --jq '.headSha')
COMMIT_MSG=$(gh api repos/bitwarden/sdk-internal/commits/$COMMIT_SHA --jq '.commit.message' | head -n1)
COMMIT_MSG=$(echo "$COMMIT_MSG" | sed 's/(#\([0-9]*\))/(bitwarden\/sdk-internal#\1)/') # formats the PR ID for github autolink
SHORT_SHA=$(echo $COMMIT_SHA | cut -c1-7)
echo "sha=$COMMIT_SHA" >> $GITHUB_OUTPUT
echo "short_sha=$SHORT_SHA" >> $GITHUB_OUTPUT
echo "commit_message=$COMMIT_MSG" >> $GITHUB_OUTPUT
echo "πŸ‘€ Commit SHA: $COMMIT_SHA"
echo "πŸ‘€ Short SHA: $SHORT_SHA"
echo "πŸ‘€ Commit Message: $COMMIT_MSG"
- name: Set release name
id: set-release-name
env:
_BUILD_RUN_NUMBER: ${{ inputs.build-run-number }}
_SDK_INTERNAL_SHORT_REF: ${{ steps.get-sdk-internal-ref.outputs.short_sha }}
_VERSION: ${{ steps.version.outputs.version }}
run: |
RELEASE_NAME="$_VERSION-$_BUILD_RUN_NUMBER-$_SDK_INTERNAL_SHORT_REF"
echo "πŸ‘€ Release name: $RELEASE_NAME"
echo "release_name=$RELEASE_NAME" >> $GITHUB_OUTPUT
- name: Download BitwardenFFI artifact
uses: bitwarden/gh-actions/download-artifacts@main
id: download-artifact-ffi
with:
workflow: build-swift.yml
workflow_conclusion: success
artifacts: "BitwardenFFI-${{ steps.version.outputs.version }}-${{ steps.get-sdk-internal-ref.outputs.short_sha }}.xcframework"
run_id: ${{ inputs.build-run-id }}
skip_unpack: true
- name: Calculate swift file checksum
id: calculate-swift-checksum
env:
_VERSION: ${{ steps.version.outputs.version }}
_SDK_INTERNAL_SHORT_REF: ${{ steps.get-sdk-internal-ref.outputs.short_sha }}
run: |
CHECKSUM=$(swift package compute-checksum BitwardenFFI-$_VERSION-$_SDK_INTERNAL_SHORT_REF.xcframework.zip)
echo "checksum=$CHECKSUM" >> $GITHUB_OUTPUT
- name: Log in to Azure
uses: bitwarden/gh-actions/azure-login@main
with:
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
client_id: ${{ secrets.AZURE_CLIENT_ID }}
- name: Get Azure Key Vault secrets - GH Org
id: get-kv-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: gh-org-bitwarden
secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"
- name: Get Azure Key Vault secrets - BW CI
id: get-kv-secrets-ci
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "github-gpg-private-key,github-gpg-private-key-passphrase"
- name: Log out from Azure
uses: bitwarden/gh-actions/azure-logout@main
- name: Generate GH App token
uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1
id: app-token-sdk-swift
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
owner: bitwarden
repositories: sdk-swift
permission-contents: write # used to: push code; create github release
- name: Checkout SDK-Swift repo
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: bitwarden/sdk-swift
path: sdk-swift
ref: ${{ inputs.sdk-swift-branch-name }}
token: ${{ steps.app-token-sdk-swift.outputs.token }}
- name: Import GPG key
uses: crazy-max/ghaction-import-gpg@e89d40939c28e39f97cf32126055eeae86ba74ec # v6.3.0
with:
gpg_private_key: ${{ steps.get-kv-secrets-ci.outputs.github-gpg-private-key }}
passphrase: ${{ steps.get-kv-secrets-ci.outputs.github-gpg-private-key-passphrase }}
git_user_signingkey: true
git_commit_gpgsign: true
workdir: sdk-swift
- name: Setup Git
working-directory: sdk-swift
run: |
git config --local user.email "$_BOT_EMAIL"
git config --local user.name "$_BOT_NAME"
- name: Download BitwardenSdk sources artifact
uses: bitwarden/gh-actions/download-artifacts@main
id: download-artifact
with:
workflow: build-swift.yml
workflow_conclusion: success
artifacts: "BitwardenSdk-${{ steps.version.outputs.version }}-${{ steps.get-sdk-internal-ref.outputs.short_sha }}-sources"
run_id: ${{ inputs.build-run-id }}
path: sdk/crates/bitwarden-uniffi/swift/Sources/BitwardenSdk
- name: Update files
env:
_RELEASE_NAME: ${{ steps.set-release-name.outputs.release_name }}
_PKG_VERSION: ${{ steps.version.outputs.version }}
_SDK_INTERNAL_SHORT_REF: ${{ steps.get-sdk-internal-ref.outputs.short_sha }}
_SWIFT_CHECKSUM: ${{ steps.calculate-swift-checksum.outputs.checksum }}
run: |
# Update BitwardenFFI path
sed -i 's|.binaryTarget(name: "BitwardenFFI", path: "BitwardenFFI.xcframework")|.binaryTarget(\
name: "BitwardenFFI",\
url: "https://github.com/bitwarden/sdk-swift/releases/download/v'$_RELEASE_NAME'/BitwardenFFI-'$_PKG_VERSION'-'$_SDK_INTERNAL_SHORT_REF'.xcframework.zip",\
checksum: "'$_SWIFT_CHECKSUM'")|' sdk/crates/bitwarden-uniffi/swift/Package.swift
find sdk/crates/bitwarden-uniffi/swift/Sources/ -name ".gitignore" -exec rm -f {} \;
rm -rf sdk-swift/Sources
rm -rf sdk-swift/Tests
# Copy files to local sdk-swift repo path
cp --verbose -rf sdk/crates/bitwarden-uniffi/swift/README.md sdk-swift/README.md
cp --verbose -rf sdk/crates/bitwarden-uniffi/swift/Package.swift sdk-swift/Package.swift
cp --verbose -rf sdk/crates/bitwarden-uniffi/swift/Sources sdk-swift
cp --verbose -rf sdk/crates/bitwarden-uniffi/swift/Tests sdk-swift
- name: Push changes
id: push-changes
working-directory: sdk-swift
env:
_RELEASE_NAME: ${{ steps.set-release-name.outputs.release_name }}
_SDK_INTERNAL_REF: ${{ steps.get-sdk-internal-ref.outputs.sha }}
_SDK_INTERNAL_COMMIT_MSG: ${{ steps.get-sdk-internal-ref.outputs.commit_message }}
_BRANCH_NAME: ${{ inputs.sdk-swift-branch-name }}
run: |
# NOTE: bitwarden/ios repo expects the full sdk-internal commit hash in sdk-swift commit message
git add .
git commit -m "bitwarden/sdk-internal@$_SDK_INTERNAL_REF $_RELEASE_NAME - $_SDK_INTERNAL_COMMIT_MSG"
git push origin $_BRANCH_NAME
COMMIT_HASH=$(git rev-parse HEAD)
echo "πŸ‘€ Commit hash: $COMMIT_HASH"
echo "commit-hash=$COMMIT_HASH" >> $GITHUB_OUTPUT
git tag v$_RELEASE_NAME
git push origin v$_RELEASE_NAME
echo "πŸ‘€ Release Tag: v$_RELEASE_NAME"
echo "# πŸš€ Swift SDK Updated Successfully!" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "πŸ“‹ **Branch:** [\`$_BRANCH_NAME\`](https://github.com/bitwarden/sdk-swift/commits/$_BRANCH_NAME)" >> $GITHUB_STEP_SUMMARY
echo "πŸ“ **Commit:** bitwarden/sdk-swift@$COMMIT_HASH" >> $GITHUB_STEP_SUMMARY
- name: Create release
env:
GH_TOKEN: ${{ steps.app-token-sdk-swift.outputs.token }}
_RELEASE_NAME: ${{ steps.set-release-name.outputs.release_name }}
_PKG_VERSION: ${{ steps.version.outputs.version }}
_SDK_INTERNAL_SHORT_REF: ${{ steps.get-sdk-internal-ref.outputs.short_sha }}
run: |
gh release create "v$_RELEASE_NAME" \
--repo bitwarden/sdk-swift \
--title "v$_RELEASE_NAME" \
--notes "" \
--prerelease \
"BitwardenFFI-$_PKG_VERSION-$_SDK_INTERNAL_SHORT_REF.xcframework.zip"
- name: Generate GH App token
uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1
id: app-token-ios
with:
app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
owner: bitwarden
repositories: ios
permission-actions: write # used for: trigger update workflow
- name: Trigger SDK Update in iOS repo
if: inputs.update-ios-repo
env:
GH_TOKEN: ${{ steps.app-token-ios.outputs.token }}
_SDK_SWIFT_REF: ${{ steps.push-changes.outputs.commit-hash }}
_RELEASE_NAME: ${{ steps.set-release-name.outputs.release_name }}
working-directory: sdk
run: |
echo "πŸš€ Triggering sdlc-sdk-update.yml workflow in bitwarden/ios repo..."
gh workflow run sdlc-sdk-update.yml --repo bitwarden/ios --ref main -f run-mode="Update" -f sdk-version="$_RELEASE_NAME" -f sdk-swift-ref="$_SDK_SWIFT_REF"
echo "# πŸ“± **iOS SDK Update Triggered!**" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "πŸ‘€ **Release Name:** $_RELEASE_NAME" >> $GITHUB_STEP_SUMMARY
echo "πŸ”— **Quick Links:**" >> $GITHUB_STEP_SUMMARY
echo "- [Workflow Runs](https://github.com/bitwarden/ios/actions/workflows/sdlc-sdk-update.yml)" >> $GITHUB_STEP_SUMMARY
echo "- [Pull Requests](https://github.com/bitwarden/ios/pulls?q=head:sdlc/sdk-update)" >> $GITHUB_STEP_SUMMARY