Publish PHP SDK Release #272
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Publish PHP SDK | |
| run-name: Publish PHP SDK ${{ inputs.release_type }} | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| release_type: | |
| description: "Release Options" | |
| required: true | |
| default: "Release" | |
| type: choice | |
| options: | |
| - Release | |
| - Dry Run | |
| env: | |
| _KEY_VAULT: "bitwarden-ci" | |
| jobs: | |
| validate: | |
| name: Setup | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| version: ${{ steps.version.outputs.version }} | |
| steps: | |
| - name: Checkout repo | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Branch check | |
| if: ${{ inputs.release_type != 'Dry Run' }} | |
| run: | | |
| if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then | |
| echo "===================================" | |
| echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches" | |
| echo "===================================" | |
| exit 1 | |
| fi | |
| - name: Get version | |
| id: version | |
| run: | | |
| VERSION=$(cat languages/php/composer.json | grep -Eo '"version": "[0-9]+\.[0-9]+\.[0-9]+"' | grep -Eo '[0-9]+\.[0-9]+\.[0-9]+') | |
| echo "version=$VERSION" >> $GITHUB_OUTPUT | |
| setup-php: | |
| name: Setup PHP | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
| - name: Setup PHP with PECL extension | |
| uses: shivammathur/setup-php@6d7209f44a25a59e904b1ee9f3b0c33ab2cd888d # 2.29.0 | |
| with: | |
| php-version: "8.0" | |
| tools: composer | |
| extensions: ext-ffi | |
| - name: Composer check | |
| run: | | |
| composer install | |
| composer validate | |
| working-directory: languages/php/ | |
| repo-sync: | |
| name: Push changed files to SDK PHP repo | |
| runs-on: ubuntu-22.04 | |
| needs: | |
| - validate | |
| - setup-php | |
| env: | |
| _BOT_EMAIL: [email protected] | |
| _BOT_NAME: bitwarden-devops-bot | |
| _PKG_VERSION: ${{ needs.validate.outputs.version }} | |
| steps: | |
| - name: Checkout SDK repo | |
| uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # v4.0.0 | |
| with: | |
| path: sdk | |
| - name: Login to Azure - Prod Subscription | |
| uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 | |
| with: | |
| creds: ${{ secrets.AZURE_CI_SERVICE_PRINCIPAL }} | |
| - name: Retrieve secrets | |
| id: retrieve-secrets | |
| uses: bitwarden/gh-actions/get-keyvault-secrets@4f37134d838f21609c38cb56694d8605f176704c | |
| with: | |
| keyvault: ${{ env._KEY_VAULT }} | |
| secrets: "github-pat-bitwarden-devops-bot-repo-scope" | |
| - name: Checkout SDK-PHP repo | |
| uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # v4.0.0 | |
| with: | |
| repository: bitwarden/sm-sdk-php | |
| path: sm-sdk-php | |
| ref: main | |
| token: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} | |
| - name: Setup Git | |
| working-directory: sm-sdk-php | |
| run: | | |
| git config --local user.email "${{ env._BOT_EMAIL }}" | |
| git config --local user.name "${{ env._BOT_NAME }}" | |
| - name: Update files | |
| run: | | |
| # Copy files to local sm-sdk-php repo path | |
| cp --verbose -rf sdk/languages/php/. sm-sdk-php | |
| - name: Replace repo name | |
| working-directory: sm-sdk-php | |
| run: | | |
| find . -name '*' -exec \ | |
| sed -i -e 's/github.com\/bitwarden\/sdk\/languages\/php/github.com\/bitwarden\/sm-sdk-php/g' {} \; | |
| find . -name '*' -exec \ | |
| sed -i -e 's/github.com\/bitwarden\/sdk/github.com\/bitwarden\/sm-sdk-php/g' {} \; | |
| - name: Push changes | |
| working-directory: sm-sdk-php | |
| run: | | |
| git add . | |
| git commit -m "Update Go SDK to ${{ github.sha }}" | |
| if [[ "${{ inputs.release_type }}" == "Dry Run" ]]; then | |
| echo "===================================" | |
| echo "[!] Dry Run - Skipping push" | |
| echo "===================================" | |
| git ls-files -m | |
| exit 0 | |
| else | |
| git push origin main | |
| fi | |
| - name: Create release tag on SDK Go repo | |
| if: ${{ inputs.release_type != 'Dry Run' }} | |
| working-directory: sm-sdk-php | |
| run: | | |
| # Check if tag exists, set output then exit 0 if true. | |
| if git log v${{ env._PKG_VERSION }} >/dev/null 2>&1; then | |
| echo "===================================" | |
| echo "[!] Tag v${{ env._PKG_VERSION }} already exists" | |
| echo "===================================" | |
| exit 1 | |
| fi | |
| git tag v${{ env._PKG_VERSION }} | |
| git push origin v${{ env._PKG_VERSION }} | |
| github-release: | |
| name: GitHub Release | |
| runs-on: ubuntu-22.04 | |
| needs: | |
| - setup-php | |
| - repo-sync | |
| - validate | |
| env: | |
| _PKG_VERSION: ${{ needs.validate.outputs.version }} | |
| steps: | |
| - name: Login to Azure - Prod Subscription | |
| uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 | |
| with: | |
| creds: ${{ secrets.AZURE_CI_SERVICE_PRINCIPAL }} | |
| - name: Retrieve secrets | |
| id: retrieve-secrets | |
| uses: bitwarden/gh-actions/get-keyvault-secrets@4f37134d838f21609c38cb56694d8605f176704c | |
| with: | |
| keyvault: ${{ env._KEY_VAULT }} | |
| secrets: "github-pat-bitwarden-devops-bot-repo-scope" | |
| - name: Download x86_64-apple-darwin artifact | |
| uses: bitwarden/gh-actions/download-artifacts@main | |
| with: | |
| workflow: build-rust-cross-platform.yml | |
| workflow_conclusion: success | |
| branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} | |
| artifacts: libbitwarden_c_files-x86_64-apple-darwin | |
| skip_unpack: true | |
| - name: Download aarch64-apple-darwin artifact | |
| uses: bitwarden/gh-actions/download-artifacts@main | |
| with: | |
| workflow: build-rust-cross-platform.yml | |
| workflow_conclusion: success | |
| branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} | |
| artifacts: libbitwarden_c_files-aarch64-apple-darwin | |
| skip_unpack: true | |
| - name: Download x86_64-unknown-linux-gnu artifact | |
| uses: bitwarden/gh-actions/download-artifacts@main | |
| with: | |
| workflow: build-rust-cross-platform.yml | |
| workflow_conclusion: success | |
| branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} | |
| artifacts: libbitwarden_c_files-x86_64-unknown-linux-gnu | |
| skip_unpack: true | |
| - name: Download x86_64-pc-windows-msvc artifact | |
| uses: bitwarden/gh-actions/download-artifacts@main | |
| with: | |
| workflow: build-rust-cross-platform.yml | |
| workflow_conclusion: success | |
| branch: ${{ inputs.release_type == 'Dry Run' && 'main' || github.ref_name }} | |
| artifacts: libbitwarden_c_files-x86_64-pc-windows-msvc | |
| skip_unpack: true | |
| - name: Rename build artifacts | |
| run: | | |
| mv libbitwarden_c_files-x86_64-apple-darwin.zip libbitwarden_c_files-x86_64-apple-darwin-$_PKG_VERSION.zip | |
| mv libbitwarden_c_files-aarch64-apple-darwin.zip libbitwarden_c_files-aarch64-apple-darwin-$_PKG_VERSION.zip | |
| mv libbitwarden_c_files-x86_64-unknown-linux-gnu.zip libbitwarden_c_files-x86_64-unknown-linux-gnu-$_PKG_VERSION.zip | |
| mv libbitwarden_c_files-x86_64-pc-windows-msvc.zip libbitwarden_c_files-x86_64-pc-windows-msvc-$_PKG_VERSION.zip | |
| - name: Create release | |
| if: ${{ inputs.release_type != 'Dry Run' }} | |
| uses: ncipollo/release-action@6c75be85e571768fa31b40abf38de58ba0397db5 # v1.13.0 | |
| with: | |
| tag: v${{ env._PKG_VERSION }} | |
| name: v${{ env._PKG_VERSION }} | |
| body: "<insert release notes here>" | |
| token: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} | |
| draft: true | |
| repo: sm-sdk-php | |
| owner: bitwarden | |
| artifacts: "libbitwarden_c_files-x86_64-apple-darwin-${{ env._PKG_VERSION }}.zip, | |
| libbitwarden_c_files-aarch64-apple-darwin-${{ env._PKG_VERSION }}.zip, | |
| libbitwarden_c_files-x86_64-unknown-linux-gnu-${{ env._PKG_VERSION }}.zip, | |
| libbitwarden_c_files-x86_64-pc-windows-msvc-${{ env._PKG_VERSION }}.zip" | |
| packagist-publish: | |
| name: Publish to Packagist | |
| runs-on: ubuntu-22.04 | |
| needs: | |
| - validate | |
| - setup-php | |
| - repo-sync | |
| - github-release | |
| steps: | |
| - name: Login to Azure - Prod Subscription | |
| uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 | |
| with: | |
| creds: ${{ secrets.AZURE_CI_SERVICE_PRINCIPAL }} | |
| - name: Retrieve secrets | |
| id: retrieve-secrets | |
| uses: bitwarden/gh-actions/get-keyvault-secrets@4f37134d838f21609c38cb56694d8605f176704c | |
| with: | |
| keyvault: ${{ env._KEY_VAULT }} | |
| secrets: "github-pat-bitwarden-devops-bot-repo-scope, | |
| packagist-key" | |
| - name: Checkout SDK-PHP repo | |
| uses: actions/checkout@1e31de5234b9f8995739874a8ce0492dc87873e2 # v4.0.0 | |
| with: | |
| repository: bitwarden/sm-sdk-php | |
| path: sm-sdk-php | |
| ref: main | |
| token: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} | |
| - name: Publish version | |
| if: ${{ inputs.release_type != 'Dry Run' }} | |
| env: | |
| PACKAGIST_KEY: ${{ steps.retrieve-secrets.outputs.packagist-key }} | |
| run: curl -XPOST -H'content-type:application/json' 'https://packagist.org/api/update-package?username=bitwarden&apiToken=${{ env.PACKAGIST_KEY }}' -d'{"repository":{"url":"https://packagist.org/packages/bitwarden/sdk-secrets"}}' | |
| working-directory: sm-sdk-php |