[PM-24468] Introduce CipherRiskClient #3397

Workflow file for this run

.github/workflows/build-android.yml at b327c24

	name: Build Android

	on:
	pull_request:
	push:
	branches:
	- "main"
	workflow_dispatch:
	inputs:
	update-android-repo:
	description: "Update Android Repo - Opens a PR updating the SDK in bitwarden/android"
	type: boolean
	default: false

	defaults:
	run:
	shell: bash

	jobs:
	build:
	name: Build
	runs-on: ubuntu-24.04
	strategy:
	fail-fast: false
	matrix:
	settings:
	- target: aarch64-linux-android
	- target: armv7-linux-androideabi
	- target: x86_64-linux-android
	- target: i686-linux-android
	permissions:
	contents: read

	steps:
	- name: Checkout repo
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

	- name: Install rust
	uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b # stable
	with:
	toolchain: stable

	- name: Cache cargo registry
	uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 # v2.7.7
	with:
	key: ${{ matrix.settings.target }}-cargo

	- name: Install Cross
	run: cargo install cross --locked --git https://github.com/cross-rs/cross.git --rev 185398b1b885820515a212de720a306b08e2c8c9

	- name: Build
	env:
	TARGET: ${{ matrix.settings.target }}
	run: cross build -p bitwarden-uniffi --release --target=${{ matrix.settings.target }}

	- name: Upload artifact
	uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
	with:
	name: android-${{ matrix.settings.target }}
	path: ./target/${{ matrix.settings.target }}/release/libbitwarden_uniffi.so
	if-no-files-found: error

	combine:
	name: Combine
	runs-on: ubuntu-24.04
	needs: build
	outputs:
	sdk-package-id: ${{ steps.publish.outputs.sdk-package-id }}
	sdk-version: ${{ steps.publish.outputs.sdk-version }}
	permissions:
	contents: read
	packages: write

	steps:
	- name: Checkout repo (PR)
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	if: github.event_name == 'pull_request'
	with:
	fetch-depth: 0
	ref: ${{ github.event.pull_request.head.ref }}

	- name: Checkout repo (Push or manual run)
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	if: github.event_name == 'push' \|\| github.event_name == 'workflow_dispatch'
	with:
	fetch-depth: 0

	- name: Install rust
	uses: dtolnay/rust-toolchain@b3b07ba8b418998c39fb20f53e8b695cdcc8de1b # stable
	with:
	toolchain: stable

	- name: Cache cargo registry
	uses: Swatinem/rust-cache@f0deed1e0edfc6a9be95417288c0e1099b1eeec3 # v2.7.7
	with:
	key: cargo-combine-cache

	- name: Setup Java
	uses: actions/setup-java@3a4f6e1af504cf6a31855fa899c6aa5355ba6c12 # v4.7.0
	with:
	distribution: temurin
	java-version: 17

	- name: Download Artifacts
	uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8

	- name: Move artifacts
	working-directory: crates/bitwarden-uniffi/kotlin/sdk/src/main/jniLibs
	run: \|
	mkdir armeabi-v7a arm64-v8a x86 x86_64
	mv /home/runner/work/sdk-internal/sdk-internal/android-armv7-linux-androideabi/libbitwarden_uniffi.so ./armeabi-v7a/libbitwarden_uniffi.so
	mv /home/runner/work/sdk-internal/sdk-internal/android-aarch64-linux-android/libbitwarden_uniffi.so ./arm64-v8a/libbitwarden_uniffi.so
	mv /home/runner/work/sdk-internal/sdk-internal/android-i686-linux-android/libbitwarden_uniffi.so ./x86/libbitwarden_uniffi.so
	mv /home/runner/work/sdk-internal/sdk-internal/android-x86_64-linux-android/libbitwarden_uniffi.so ./x86_64/libbitwarden_uniffi.so

	- name: Generate bindings
	working-directory: crates/bitwarden-uniffi/kotlin
	run: ./build-schemas.sh

	- name: Setup gradle
	uses: gradle/actions/setup-gradle@94baf225fe0a508e581a564467443d0e2379123b # v4.3.0

	- name: Test build demo app
	working-directory: crates/bitwarden-uniffi/kotlin
	run: \|
	./gradlew build --warning-mode all --stacktrace

	- name: Publish
	id: publish
	run: ./gradlew sdk:publish
	working-directory: crates/bitwarden-uniffi/kotlin
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

	update:
	name: Trigger SDK update in Android repo
	runs-on: ubuntu-24.04
	if: (github.ref == 'refs/heads/main' && github.event_name == 'push') \|\| inputs.update-android-repo
	needs: combine
	permissions:
	id-token: write

	steps:
	- name: Log in to Azure
	uses: bitwarden/gh-actions/azure-login@main
	with:
	subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
	tenant_id: ${{ secrets.AZURE_TENANT_ID }}
	client_id: ${{ secrets.AZURE_CLIENT_ID }}

	- name: Get Azure Key Vault secrets
	id: get-kv-secrets
	uses: bitwarden/gh-actions/get-keyvault-secrets@main
	with:
	keyvault: gh-org-bitwarden
	secrets: "BW-GHAPP-ID,BW-GHAPP-KEY"

	- name: Log out from Azure
	uses: bitwarden/gh-actions/azure-logout@main

	- name: Generate GH App token
	uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1
	id: app-token
	with:
	app-id: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-ID }}
	private-key: ${{ steps.get-kv-secrets.outputs.BW-GHAPP-KEY }}
	owner: bitwarden
	repositories: android
	permission-actions: write

	- name: Call SDLC SDK Update workflow in Android repo
	env:
	GH_TOKEN: ${{ steps.app-token.outputs.token }}
	_SDK_PACKAGE: ${{ needs.combine.outputs.sdk-package-id }}
	_SDK_VERSION: ${{ needs.combine.outputs.sdk-version }}
	run: \|
	echo "🚀 Triggering sdlc-sdk-update.yml workflow in bitwarden/android repo..."
	gh workflow run sdlc-sdk-update.yml --repo bitwarden/android --ref main -f run-mode=Update -f sdk-package=$_SDK_PACKAGE -f sdk-version=$_SDK_VERSION

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[PM-24468] Introduce CipherRiskClient #3397

Workflow file

[PM-24468] Introduce CipherRiskClient #3397

Uh oh!

Jobs

Run details

Workflow file for this run