tmp #49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Build Desktop | |
| on: | |
| push: | |
| branches: | |
| - "main" | |
| - "rc" | |
| - "hotfix-rc-desktop" | |
| paths: | |
| - "apps/desktop/**" | |
| - "libs/**" | |
| - "*" | |
| - "!*.md" | |
| - "!*.txt" | |
| - ".github/workflows/build-desktop.yml" | |
| workflow_dispatch: | |
| inputs: | |
| sdk_branch: | |
| description: "Custom SDK branch" | |
| required: false | |
| type: string | |
| defaults: | |
| run: | |
| shell: bash | |
| jobs: | |
| electron-verify: | |
| name: Verify Electron Version | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Verify | |
| run: | | |
| PACKAGE_VERSION=$(jq -r .devDependencies.electron package.json) | |
| ELECTRON_BUILDER_VERSION=$(jq -r .electronVersion ./apps/desktop/electron-builder.json) | |
| if [[ "$PACKAGE_VERSION" == "$ELECTRON_BUILDER_VERSION" ]]; then | |
| echo "Versions matches" | |
| else | |
| echo "Version missmatch, package.json: $PACKAGE_VERSION, electron-builder.json: $ELECTRON_BUILDER_VERSION" | |
| exit 1 | |
| fi | |
| setup: | |
| name: Setup | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| package_version: ${{ steps.retrieve-version.outputs.package_version }} | |
| release_channel: ${{ steps.release-channel.outputs.channel }} | |
| build_number: ${{ steps.increment-version.outputs.build_number }} | |
| rc_branch_exists: ${{ steps.branch-check.outputs.rc_branch_exists }} | |
| hotfix_branch_exists: ${{ steps.branch-check.outputs.hotfix_branch_exists }} | |
| node_version: ${{ steps.retrieve-node-version.outputs.node_version }} | |
| defaults: | |
| run: | |
| working-directory: apps/desktop | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Get Package Version | |
| id: retrieve-version | |
| run: | | |
| PKG_VERSION=$(jq -r .version src/package.json) | |
| echo "package_version=$PKG_VERSION" >> $GITHUB_OUTPUT | |
| - name: Increment Version | |
| id: increment-version | |
| run: | | |
| BUILD_NUMBER=$(expr 3000 + $GITHUB_RUN_NUMBER) | |
| echo "Setting build number to $BUILD_NUMBER" | |
| echo "build_number=$BUILD_NUMBER" >> $GITHUB_OUTPUT | |
| - name: Get Version Channel | |
| id: release-channel | |
| run: | | |
| case "${{ steps.retrieve-version.outputs.package_version }}" in | |
| *"alpha"*) | |
| echo "channel=alpha" >> $GITHUB_OUTPUT | |
| echo "[!] We do not yet support 'alpha'" | |
| exit 1 | |
| ;; | |
| *"beta"*) | |
| echo "channel=beta" >> $GITHUB_OUTPUT | |
| ;; | |
| *) | |
| echo "channel=latest" >> $GITHUB_OUTPUT | |
| ;; | |
| esac | |
| - name: Check if special branches exist | |
| id: branch-check | |
| run: | | |
| if [[ $(git ls-remote --heads origin rc) ]]; then | |
| echo "rc_branch_exists=1" >> $GITHUB_OUTPUT | |
| else | |
| echo "rc_branch_exists=0" >> $GITHUB_OUTPUT | |
| fi | |
| if [[ $(git ls-remote --heads origin hotfix-rc-desktop) ]]; then | |
| echo "hotfix_branch_exists=1" >> $GITHUB_OUTPUT | |
| else | |
| echo "hotfix_branch_exists=0" >> $GITHUB_OUTPUT | |
| fi | |
| - name: Get Node Version | |
| id: retrieve-node-version | |
| working-directory: ./ | |
| run: | | |
| NODE_NVMRC=$(cat .nvmrc) | |
| NODE_VERSION=${NODE_NVMRC/v/''} | |
| echo "node_version=$NODE_VERSION" >> $GITHUB_OUTPUT | |
| linux-desktop-native: | |
| name: Desktop Native Linux Build | |
| runs-on: ubuntu-24.04 | |
| container: | |
| image: alpine:3.21 | |
| needs: setup | |
| defaults: | |
| run: | |
| working-directory: apps/desktop/desktop_native | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Set up environment | |
| run: | | |
| apk add --no-cache \ | |
| build-base \ | |
| rustup | |
| echo 1 | rustup-init --default-toolchain stable --target x86_64-unknown-linux-musl | |
| - name: Build Native Module | |
| run: | | |
| cargo build --release --target x86_64-unknown-linux-musl | |
| linux: | |
| name: Linux Build | |
| # Note, before updating the ubuntu version of the workflow, ensure the snap base image | |
| # is equal or greater than the new version. Otherwise there might be GLIBC version issues. | |
| # The snap base for desktop is defined in `apps/desktop/electron-builder.json` | |
| # We are currently running on 20.04 until the Ubuntu 24.04 release is available, as moving | |
| # to 22.04 now breaks users who are on 20.04 due to mismatched GLIBC versions. | |
| runs-on: ubuntu-20.04 | |
| needs: setup | |
| env: | |
| _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
| _NODE_VERSION: ${{ needs.setup.outputs.node_version }} | |
| NODE_OPTIONS: --max_old_space_size=4096 | |
| defaults: | |
| run: | |
| working-directory: apps/desktop | |
| steps: | |
| - name: Check out repo | |
| uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| with: | |
| ref: ${{ github.event.pull_request.head.sha }} | |
| - name: Set up Node | |
| uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 | |
| with: | |
| cache: "npm" | |
| cache-dependency-path: "**/package-lock.json" | |
| node-version: ${{ env._NODE_VERSION }} | |
| - name: Set up environment | |
| run: | | |
| sudo apt-get update | |
| sudo apt-get -y install pkg-config libxss-dev rpm flatpak flatpak-builder | |
| - name: Set up Snap | |
| run: sudo snap install snapcraft --classic | |
| - name: Print environment | |
| run: | | |
| node --version | |
| npm --version | |
| snap --version | |
| snapcraft --version || echo 'snapcraft unavailable' | |
| - name: Install Node dependencies | |
| run: npm ci | |
| working-directory: ./ | |
| - name: Download SDK Artifacts | |
| if: ${{ inputs.sdk_branch != '' }} | |
| uses: bitwarden/gh-actions/download-artifacts@main | |
| with: | |
| github_token: ${{secrets.GITHUB_TOKEN}} | |
| workflow: build-wasm-internal.yml | |
| workflow_conclusion: success | |
| branch: ${{ inputs.sdk_branch }} | |
| artifacts: sdk-internal | |
| repo: bitwarden/sdk-internal | |
| path: ../sdk-internal | |
| if_no_artifact_found: fail | |
| - name: Override SDK | |
| if: ${{ inputs.sdk_branch != '' }} | |
| working-directory: ./ | |
| run: | | |
| ls -l ../ | |
| npm link ../sdk-internal | |
| - name: Cache Native Module | |
| uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
| id: cache | |
| with: | |
| path: | | |
| apps/desktop/desktop_native/napi/*.node | |
| apps/desktop/desktop_native/dist/* | |
| ${{ env.RUNNER_TEMP }}/.cargo/registry | |
| ${{ env.RUNNER_TEMP }}/.cargo/git | |
| key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }} | |
| - name: Build Native Module | |
| if: steps.cache.outputs.cache-hit != 'true' | |
| working-directory: apps/desktop/desktop_native | |
| env: | |
| PKG_CONFIG_ALLOW_CROSS: true | |
| PKG_CONFIG_ALL_STATIC: true | |
| TARGET: musl | |
| run: | | |
| rustup target add x86_64-unknown-linux-musl | |
| node build.js cross-platform | |
| - name: Build application | |
| run: npm run dist:lin | |
| - name: Upload .deb artifact | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb | |
| path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-amd64.deb | |
| if-no-files-found: error | |
| - name: Upload .rpm artifact | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm | |
| path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.rpm | |
| if-no-files-found: error | |
| - name: Upload .freebsd artifact | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd | |
| path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.freebsd | |
| if-no-files-found: error | |
| - name: Upload .snap artifact | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap | |
| path: apps/desktop/dist/bitwarden_${{ env._PACKAGE_VERSION }}_amd64.snap | |
| if-no-files-found: error | |
| - name: Upload .AppImage artifact | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage | |
| path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x86_64.AppImage | |
| if-no-files-found: error | |
| - name: Upload auto-update artifact | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: ${{ needs.setup.outputs.release_channel }}-linux.yml | |
| path: apps/desktop/dist/${{ needs.setup.outputs.release_channel }}-linux.yml | |
| if-no-files-found: error | |
| - name: Build flatpak | |
| working-directory: apps/desktop | |
| run: | | |
| sudo flatpak remote-add --if-not-exists flathub https://flathub.org/repo/flathub.flatpakrepo | |
| sudo npm run pack:lin:flatpak | |
| - name: Upload flatpak artifact | |
| uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| with: | |
| name: com.bitwarden.desktop.flatpak | |
| path: apps/desktop/dist/com.bitwarden.desktop.flatpak | |
| if-no-files-found: error | |
| # windows: | |
| # name: Windows Build | |
| # runs-on: windows-2022 | |
| # needs: | |
| # - setup | |
| # defaults: | |
| # run: | |
| # shell: pwsh | |
| # working-directory: apps/desktop | |
| # env: | |
| # _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
| # _NODE_VERSION: ${{ needs.setup.outputs.node_version }} | |
| # NODE_OPTIONS: --max_old_space_size=4096 | |
| # steps: | |
| # - name: Check out repo | |
| # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| # with: | |
| # ref: ${{ github.event.pull_request.head.sha }} | |
| # - name: Set up Node | |
| # uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 | |
| # with: | |
| # cache: "npm" | |
| # cache-dependency-path: "**/package-lock.json" | |
| # node-version: ${{ env._NODE_VERSION }} | |
| # - name: Install AST | |
| # run: dotnet tool install --global AzureSignTool --version 4.0.1 | |
| # - name: Set up environmentF | |
| # run: choco install checksum --no-progress | |
| # - name: Rust | |
| # shell: pwsh | |
| # run: | | |
| # rustup target install i686-pc-windows-msvc | |
| # rustup target install aarch64-pc-windows-msvc | |
| # - name: Print environment | |
| # run: | | |
| # node --version | |
| # npm --version | |
| # choco --version | |
| # rustup show | |
| # - name: Login to Azure | |
| # uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 | |
| # with: | |
| # creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} | |
| # - name: Retrieve secrets | |
| # id: retrieve-secrets | |
| # uses: bitwarden/gh-actions/get-keyvault-secrets@main | |
| # with: | |
| # keyvault: "bitwarden-ci" | |
| # secrets: "code-signing-vault-url, | |
| # code-signing-client-id, | |
| # code-signing-tenant-id, | |
| # code-signing-client-secret, | |
| # code-signing-cert-name" | |
| # - name: Install Node dependencies | |
| # run: npm ci | |
| # working-directory: ./ | |
| # - name: Download SDK Artifacts | |
| # if: ${{ inputs.sdk_branch != '' }} | |
| # uses: bitwarden/gh-actions/download-artifacts@main | |
| # with: | |
| # github_token: ${{secrets.GITHUB_TOKEN}} | |
| # workflow: build-wasm-internal.yml | |
| # workflow_conclusion: success | |
| # branch: ${{ inputs.sdk_branch }} | |
| # artifacts: sdk-internal | |
| # repo: bitwarden/sdk-internal | |
| # path: ../sdk-internal | |
| # if_no_artifact_found: fail | |
| # - name: Override SDK | |
| # if: ${{ inputs.sdk_branch != '' }} | |
| # working-directory: ./ | |
| # run: | | |
| # ls -l ../ | |
| # npm link ../sdk-internal | |
| # - name: Cache Native Module | |
| # uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
| # id: cache | |
| # with: | |
| # path: | | |
| # apps/desktop/desktop_native/napi/*.node | |
| # apps/desktop/desktop_native/dist/* | |
| # key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }} | |
| # - name: Build Native Module | |
| # if: steps.cache.outputs.cache-hit != 'true' | |
| # working-directory: apps/desktop/desktop_native | |
| # run: node build.js cross-platform | |
| # - name: Build & Sign (dev) | |
| # env: | |
| # ELECTRON_BUILDER_SIGN: 1 | |
| # SIGNING_VAULT_URL: ${{ steps.retrieve-secrets.outputs.code-signing-vault-url }} | |
| # SIGNING_CLIENT_ID: ${{ steps.retrieve-secrets.outputs.code-signing-client-id }} | |
| # SIGNING_TENANT_ID: ${{ steps.retrieve-secrets.outputs.code-signing-tenant-id }} | |
| # SIGNING_CLIENT_SECRET: ${{ steps.retrieve-secrets.outputs.code-signing-client-secret }} | |
| # SIGNING_CERT_NAME: ${{ steps.retrieve-secrets.outputs.code-signing-cert-name }} | |
| # run: | | |
| # npm run build | |
| # npm run pack:win | |
| # - name: Rename appx files for store | |
| # run: | | |
| # Copy-Item "./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx" ` | |
| # -Destination "./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx" | |
| # Copy-Item "./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx" ` | |
| # -Destination "./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx" | |
| # Copy-Item "./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx" ` | |
| # -Destination "./dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx" | |
| # - name: Package for Chocolatey | |
| # run: | | |
| # Copy-Item -Path ./stores/chocolatey -Destination ./dist/chocolatey -Recurse | |
| # Copy-Item -Path ./dist/nsis-web/Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe ` | |
| # -Destination ./dist/chocolatey | |
| # $checksum = checksum -t sha256 ./dist/chocolatey/Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe | |
| # $chocoInstall = "./dist/chocolatey/tools/chocolateyinstall.ps1" | |
| # (Get-Content $chocoInstall).replace('__version__', "$env:_PACKAGE_VERSION").replace('__checksum__', $checksum) | Set-Content $chocoInstall | |
| # choco pack ./dist/chocolatey/bitwarden.nuspec --version "$env:_PACKAGE_VERSION" --out ./dist/chocolatey | |
| # - name: Fix NSIS artifact names for auto-updater | |
| # run: | | |
| # Rename-Item -Path .\dist\nsis-web\Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z ` | |
| # -NewName bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z | |
| # Rename-Item -Path .\dist\nsis-web\Bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z ` | |
| # -NewName bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z | |
| # Rename-Item -Path .\dist\nsis-web\Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z ` | |
| # -NewName bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z | |
| # - name: Upload portable exe artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe | |
| # path: apps/desktop/dist/Bitwarden-Portable-${{ env._PACKAGE_VERSION }}.exe | |
| # if-no-files-found: error | |
| # - name: Upload installer exe artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe | |
| # path: apps/desktop/dist/nsis-web/Bitwarden-Installer-${{ env._PACKAGE_VERSION }}.exe | |
| # if-no-files-found: error | |
| # - name: Upload appx ia32 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx | |
| # path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32.appx | |
| # if-no-files-found: error | |
| # - name: Upload store appx ia32 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx | |
| # path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-ia32-store.appx | |
| # if-no-files-found: error | |
| # - name: Upload NSIS ia32 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z | |
| # path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-ia32.nsis.7z | |
| # if-no-files-found: error | |
| # - name: Upload appx x64 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx | |
| # path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64.appx | |
| # if-no-files-found: error | |
| # - name: Upload store appx x64 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx | |
| # path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-x64-store.appx | |
| # if-no-files-found: error | |
| # - name: Upload NSIS x64 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z | |
| # path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-x64.nsis.7z | |
| # if-no-files-found: error | |
| # - name: Upload appx ARM64 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx | |
| # path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64.appx | |
| # if-no-files-found: error | |
| # - name: Upload store appx ARM64 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx | |
| # path: apps/desktop/dist/Bitwarden-${{ env._PACKAGE_VERSION }}-arm64-store.appx | |
| # if-no-files-found: error | |
| # - name: Upload NSIS ARM64 artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z | |
| # path: apps/desktop/dist/nsis-web/bitwarden-${{ env._PACKAGE_VERSION }}-arm64.nsis.7z | |
| # if-no-files-found: error | |
| # - name: Upload nupkg artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: bitwarden.${{ env._PACKAGE_VERSION }}.nupkg | |
| # path: apps/desktop/dist/chocolatey/bitwarden.${{ env._PACKAGE_VERSION }}.nupkg | |
| # if-no-files-found: error | |
| # - name: Upload auto-update artifact | |
| # uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3 | |
| # with: | |
| # name: ${{ needs.setup.outputs.release_channel }}.yml | |
| # path: apps/desktop/dist/nsis-web/${{ needs.setup.outputs.release_channel }}.yml | |
| # if-no-files-found: error | |
| # macos-build: | |
| # name: MacOS Build | |
| # runs-on: macos-13 | |
| # needs: | |
| # - setup | |
| # env: | |
| # _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
| # _NODE_VERSION: ${{ needs.setup.outputs.node_version }} | |
| # NODE_OPTIONS: --max_old_space_size=4096 | |
| # defaults: | |
| # run: | |
| # working-directory: apps/desktop | |
| # steps: | |
| # - name: Check out repo | |
| # uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 | |
| # with: | |
| # ref: ${{ github.event.pull_request.head.sha }} | |
| # - name: Set up Node | |
| # uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0 | |
| # with: | |
| # cache: "npm" | |
| # cache-dependency-path: "**/package-lock.json" | |
| # node-version: ${{ env._NODE_VERSION }} | |
| # - name: Set up Node-gyp | |
| # run: python3 -m pip install setuptools | |
| # - name: Rust | |
| # shell: pwsh | |
| # run: rustup target install aarch64-apple-darwin | |
| # - name: Print environment | |
| # run: | | |
| # node --version | |
| # npm --version | |
| # rustup show | |
| # echo "GitHub ref: $GITHUB_REF" | |
| # echo "GitHub event: $GITHUB_EVENT" | |
| # - name: Cache Build | |
| # id: build-cache | |
| # uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
| # with: | |
| # path: apps/desktop/build | |
| # key: ${{ runner.os }}-${{ github.run_id }}-build | |
| # - name: Cache Safari | |
| # id: safari-cache | |
| # uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
| # with: | |
| # path: apps/browser/dist/Safari | |
| # key: ${{ runner.os }}-${{ github.run_id }}-safari-extension | |
| # - name: Login to Azure | |
| # uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0 | |
| # with: | |
| # creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} | |
| # - name: Download Provisioning Profiles secrets | |
| # env: | |
| # ACCOUNT_NAME: bitwardenci | |
| # CONTAINER_NAME: profiles | |
| # run: | | |
| # mkdir -p $HOME/secrets | |
| # az storage blob download --account-name $ACCOUNT_NAME --container-name $CONTAINER_NAME \ | |
| # --name bitwarden_desktop_appstore.provisionprofile \ | |
| # --file $HOME/secrets/bitwarden_desktop_appstore.provisionprofile \ | |
| # --output none | |
| # - name: Get certificates | |
| # run: | | |
| # mkdir -p $HOME/certificates | |
| # az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/bitwarden-desktop-key | | |
| # jq -r .value | base64 -d > $HOME/certificates/bitwarden-desktop-key.p12 | |
| # az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/appstore-app-cert | | |
| # jq -r .value | base64 -d > $HOME/certificates/appstore-app-cert.p12 | |
| # az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/appstore-installer-cert | | |
| # jq -r .value | base64 -d > $HOME/certificates/appstore-installer-cert.p12 | |
| # az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/devid-app-cert | | |
| # jq -r .value | base64 -d > $HOME/certificates/devid-app-cert.p12 | |
| # az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/devid-installer-cert | | |
| # jq -r .value | base64 -d > $HOME/certificates/devid-installer-cert.p12 | |
| # az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/macdev-cert | | |
| # jq -r .value | base64 -d > $HOME/certificates/macdev-cert.p12 | |
| # - name: Set up keychain | |
| # env: | |
| # KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
| # run: | | |
| # security create-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
| # security default-keychain -s build.keychain | |
| # security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
| # security set-keychain-settings -lut 1200 build.keychain | |
| # security import "$HOME/certificates/bitwarden-desktop-key.p12" -k build.keychain -P "" \ | |
| # -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
| # security import "$HOME/certificates/devid-app-cert.p12" -k build.keychain -P "" \ | |
| # -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
| # security import "$HOME/certificates/devid-installer-cert.p12" -k build.keychain -P "" \ | |
| # -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
| # security import "$HOME/certificates/appstore-app-cert.p12" -k build.keychain -P "" \ | |
| # -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
| # security import "$HOME/certificates/appstore-installer-cert.p12" -k build.keychain -P "" \ | |
| # -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
| # security import "$HOME/certificates/macdev-cert.p12" -k build.keychain -P "" \ | |
| # -T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
| # security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain | |
| # - name: Set up provisioning profiles | |
| # run: | | |
| # cp $HOME/secrets/bitwarden_desktop_appstore.provisionprofile \ | |
| # $GITHUB_WORKSPACE/apps/desktop/bitwarden_desktop_appstore.provisionprofile | |
| # - name: Increment version | |
| # shell: pwsh | |
| # env: | |
| # BUILD_NUMBER: ${{ needs.setup.outputs.build_number }} | |
| # run: | | |
| # $package = Get-Content -Raw -Path electron-builder.json | ConvertFrom-Json | |
| # $package | Add-Member -MemberType NoteProperty -Name buildVersion -Value "$env:BUILD_NUMBER" | |
| # $package | ConvertTo-Json -Depth 32 | Set-Content -Path electron-builder.json | |
| # "### MacOS build number: $env:BUILD_NUMBER" | Out-File -FilePath $env:GITHUB_STEP_SUMMARY -Append | |
| # - name: Install Node dependencies | |
| # run: npm ci | |
| # working-directory: ./ | |
| # - name: Download SDK Artifacts | |
| # if: ${{ inputs.sdk_branch != '' }} | |
| # uses: bitwarden/gh-actions/download-artifacts@main | |
| # with: | |
| # github_token: ${{secrets.GITHUB_TOKEN}} | |
| # workflow: build-wasm-internal.yml | |
| # workflow_conclusion: success | |
| # branch: ${{ inputs.sdk_branch }} | |
| # artifacts: sdk-internal | |
| # repo: bitwarden/sdk-internal | |
| # path: ../sdk-internal | |
| # if_no_artifact_found: fail | |
| # - name: Override SDK | |
| # if: ${{ inputs.sdk_branch != '' }} | |
| # working-directory: ./ | |
| # run: | | |
| # ls -l ../ | |
| # npm link ../sdk-internal | |
| # - name: Cache Native Module | |
| # uses: actions/cache@6849a6489940f00c2f30c0fb92c6274307ccb58a # v4.1.2 | |
| # id: cache | |
| # with: | |
| # path: | | |
| # apps/desktop/desktop_native/napi/*.node | |
| # apps/desktop/desktop_native/dist/* | |
| # key: rust-${{ runner.os }}-${{ hashFiles('apps/desktop/desktop_native/**/*') }} | |
| # - name: Build Native Module | |
| # if: steps.cache.outputs.cache-hit != 'true' | |
| # working-directory: apps/desktop/desktop_native | |
| # run: node build.js cross-platform | |
| # - name: Build application (dev) | |
| # run: npm run build |