Update dependency electron-updater to v6 #1179
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Build | |
on: | |
push: | |
branches-ignore: | |
- 'l10n_master' | |
paths-ignore: | |
- '.github/workflows/**' | |
workflow_dispatch: {} | |
jobs: | |
cloc: | |
name: CLOC | |
runs-on: ubuntu-20.04 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Set up CLOC | |
run: | | |
sudo apt update | |
sudo apt -y install cloc | |
- name: Print lines of code | |
run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git | |
setup: | |
name: Setup | |
runs-on: ubuntu-20.04 | |
outputs: | |
package_version: ${{ steps.retrieve-version.outputs.package_version }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Get Package Version | |
id: retrieve-version | |
run: | | |
PKG_VERSION=$(jq -r .version src/package.json) | |
echo "::set-output name=package_version::$PKG_VERSION" | |
linux-cli: | |
name: Build Linux CLI | |
runs-on: ubuntu-20.04 | |
needs: setup | |
env: | |
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
_PKG_FETCH_NODE_VERSION: 18.5.0 | |
_PKG_FETCH_VERSION: 3.4 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Set up Node | |
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 | |
with: | |
cache: 'npm' | |
cache-dependency-path: '**/package-lock.json' | |
node-version: '18' | |
- name: Update NPM | |
run: | | |
npm install -g node-gyp | |
node-gyp install $(node -v) | |
- name: Get pkg-fetch | |
run: | | |
cd $HOME | |
fetchedUrl="https://github.com/vercel/pkg-fetch/releases/download/v$_PKG_FETCH_VERSION/node-v$_PKG_FETCH_NODE_VERSION-linux-x64" | |
mkdir -p .pkg-cache/v$_PKG_FETCH_VERSION | |
wget $fetchedUrl -O "./.pkg-cache/v$_PKG_FETCH_VERSION/fetched-v$_PKG_FETCH_NODE_VERSION-linux-x64" | |
- name: Keytar | |
run: | | |
keytarVersion=$(cat src/package.json | jq -r '.dependencies.keytar') | |
keytarTar="keytar-v$keytarVersion-napi-v3-linux-x64.tar" | |
keytarTarGz="$keytarTar.gz" | |
keytarUrl="https://github.com/atom/node-keytar/releases/download/v$keytarVersion/$keytarTarGz" | |
mkdir -p ./keytar/linux | |
wget $keytarUrl -O ./keytar/linux/$keytarTarGz | |
tar -xvf ./keytar/linux/$keytarTarGz -C ./keytar/linux | |
- name: Install | |
run: npm install | |
- name: Package CLI | |
run: npm run dist:cli:lin | |
- name: Zip | |
run: zip -j ./dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip ./dist-cli/linux/bwdc ./keytar/linux/build/Release/keytar.node | |
- name: Create checksums | |
run: sha256sum ./dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip | cut -d " " -f 1 > ./dist-cli/bwdc-linux-sha256-$_PACKAGE_VERSION.txt | |
- name: Version Test | |
run: | | |
sudo apt-get update | |
sudo apt install libsecret-1-0 dbus-x11 gnome-keyring | |
eval $(dbus-launch --sh-syntax) | |
eval $(echo -n "" | /usr/bin/gnome-keyring-daemon --login) | |
eval $(/usr/bin/gnome-keyring-daemon --components=secrets --start) | |
mkdir -p test/linux | |
unzip ./dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip -d ./test/linux | |
testVersion=$(./test/linux/bwdc -v) | |
echo "version: $_PACKAGE_VERSION" | |
echo "testVersion: $testVersion" | |
if [ "$testVersion" != "$_PACKAGE_VERSION" ]; then | |
echo "Version test failed." | |
exit 1 | |
fi | |
- name: Upload Linux Zip to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: bwdc-linux-${{ env._PACKAGE_VERSION }}.zip | |
path: ./dist-cli/bwdc-linux-${{ env._PACKAGE_VERSION }}.zip | |
if-no-files-found: error | |
- name: Upload Linux checksum to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt | |
path: ./dist-cli/bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt | |
if-no-files-found: error | |
macos-cli: | |
name: Build Mac CLI | |
runs-on: macos-11 | |
needs: setup | |
env: | |
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
_PKG_FETCH_NODE_VERSION: 18.5.0 | |
_PKG_FETCH_VERSION: 3.4 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Set up Node | |
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 | |
with: | |
cache: 'npm' | |
cache-dependency-path: '**/package-lock.json' | |
node-version: '18' | |
- name: Update NPM | |
run: | | |
npm install -g node-gyp | |
node-gyp install $(node -v) | |
- name: Get pkg-fetch | |
run: | | |
cd $HOME | |
fetchedUrl="https://github.com/vercel/pkg-fetch/releases/download/v$_PKG_FETCH_VERSION/node-v$_PKG_FETCH_NODE_VERSION-macos-x64" | |
mkdir -p .pkg-cache/v$_PKG_FETCH_VERSION | |
wget $fetchedUrl -O "./.pkg-cache/v$_PKG_FETCH_VERSION/fetched-v$_PKG_FETCH_NODE_VERSION-macos-x64" | |
- name: Keytar | |
run: | | |
keytarVersion=$(cat src/package.json | jq -r '.dependencies.keytar') | |
keytarTar="keytar-v$keytarVersion-napi-v3-darwin-x64.tar" | |
keytarTarGz="$keytarTar.gz" | |
keytarUrl="https://github.com/atom/node-keytar/releases/download/v$keytarVersion/$keytarTarGz" | |
mkdir -p ./keytar/macos | |
wget $keytarUrl -O ./keytar/macos/$keytarTarGz | |
tar -xvf ./keytar/macos/$keytarTarGz -C ./keytar/macos | |
- name: Install | |
run: npm install | |
- name: Package CLI | |
run: npm run dist:cli:mac | |
- name: Zip | |
run: zip -j ./dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip ./dist-cli/macos/bwdc ./keytar/macos/build/Release/keytar.node | |
- name: Create checksums | |
run: sha256sum ./dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip | cut -d " " -f 1 > ./dist-cli/bwdc-macos-sha256-$_PACKAGE_VERSION.txt | |
- name: Version Test | |
run: | | |
mkdir -p test/macos | |
unzip ./dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip -d ./test/macos | |
testVersion=$(./test/macos/bwdc -v) | |
echo "version: $_PACKAGE_VERSION" | |
echo "testVersion: $testVersion" | |
if [ "$testVersion" != "$_PACKAGE_VERSION" ]; then | |
echo "Version test failed." | |
exit 1 | |
fi | |
- name: Upload Mac Zip to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: bwdc-macos-${{ env._PACKAGE_VERSION }}.zip | |
path: ./dist-cli/bwdc-macos-${{ env._PACKAGE_VERSION }}.zip | |
if-no-files-found: error | |
- name: Upload Mac checksum to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt | |
path: ./dist-cli/bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt | |
if-no-files-found: error | |
windows-cli: | |
name: Build Windows CLI | |
runs-on: windows-2019 | |
needs: setup | |
env: | |
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
_WIN_PKG_FETCH_VERSION: 18.5.0 | |
_WIN_PKG_VERSION: 3.4 | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Setup Windows builder | |
run: | | |
choco install checksum --no-progress | |
choco install reshack --no-progress | |
- name: Set up Node | |
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 | |
with: | |
cache: 'npm' | |
cache-dependency-path: '**/package-lock.json' | |
node-version: '18' | |
- name: Update NPM | |
run: | | |
npm install -g node-gyp | |
node-gyp install $(node -v) | |
- name: Get pkg-fetch | |
shell: pwsh | |
run: | | |
cd $HOME | |
$fetchedUrl = "https://github.com/vercel/pkg-fetch/releases/download/v$env:_WIN_PKG_VERSION/node-v$env:_WIN_PKG_FETCH_VERSION-win-x64" | |
New-Item -ItemType directory -Path ./.pkg-cache | |
New-Item -ItemType directory -Path ./.pkg-cache/v$env:_WIN_PKG_VERSION | |
Invoke-RestMethod -Uri $fetchedUrl ` | |
-OutFile "./.pkg-cache/v$env:_WIN_PKG_VERSION/fetched-v$env:_WIN_PKG_FETCH_VERSION-win-x64" | |
- name: Keytar | |
shell: pwsh | |
run: | | |
$keytarVersion = (Get-Content -Raw -Path ./src/package.json | ConvertFrom-Json).dependencies.keytar | |
$keytarTar = "keytar-v${keytarVersion}-napi-v3-{0}-x64.tar" | |
$keytarTarGz = "${keytarTar}.gz" | |
$keytarUrl = "https://github.com/atom/node-keytar/releases/download/v${keytarVersion}/${keytarTarGz}" | |
New-Item -ItemType directory -Path ./keytar/windows | Out-Null | |
Invoke-RestMethod -Uri $($keytarUrl -f "win32") -OutFile "./keytar/windows/$($keytarTarGz -f "win32")" | |
7z e "./keytar/windows/$($keytarTarGz -f "win32")" -o"./keytar/windows" | |
7z e "./keytar/windows/$($keytarTar -f "win32")" -o"./keytar/windows" | |
- name: Setup Version Info | |
shell: pwsh | |
run: | | |
$major, $minor, $patch = $env:_PACKAGE_VERSION.split('.') | |
$versionInfo = @" | |
1 VERSIONINFO | |
FILEVERSION $major,$minor,$patch,0 | |
PRODUCTVERSION $major,$minor,$patch,0 | |
FILEOS 0x40004 | |
FILETYPE 0x1 | |
{ | |
BLOCK "StringFileInfo" | |
{ | |
BLOCK "040904b0" | |
{ | |
VALUE "CompanyName", "Bitwarden Inc." | |
VALUE "ProductName", "Bitwarden" | |
VALUE "FileDescription", "Bitwarden Directory Connector CLI" | |
VALUE "FileVersion", "$env:_PACKAGE_VERSION" | |
VALUE "ProductVersion", "$env:_PACKAGE_VERSION" | |
VALUE "OriginalFilename", "bwdc.exe" | |
VALUE "InternalName", "bwdc" | |
VALUE "LegalCopyright", "Copyright Bitwarden Inc." | |
} | |
} | |
BLOCK "VarFileInfo" | |
{ | |
VALUE "Translation", 0x0409 0x04B0 | |
} | |
} | |
"@ | |
$versionInfo | Out-File ./version-info.rc | |
- name: Resource Hacker | |
shell: cmd | |
run: | | |
set PATH=%PATH%;C:\Program Files (x86)\Resource Hacker | |
set WIN_PKG=C:\Users\runneradmin\.pkg-cache\v%_WIN_PKG_VERSION%\fetched-v%_WIN_PKG_FETCH_VERSION%-win-x64 | |
set WIN_PKG_BUILT=C:\Users\runneradmin\.pkg-cache\v%_WIN_PKG_VERSION%\built-v%_WIN_PKG_FETCH_VERSION%-win-x64 | |
ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action delete -mask ICONGROUP,1, | |
ResourceHacker -open version-info.rc -save version-info.res -action compile | |
ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action addoverwrite -resource version-info.res | |
- name: Install | |
run: npm install | |
- name: Package CLI | |
run: npm run dist:cli:win | |
- name: Zip | |
shell: cmd | |
run: 7z a ./dist-cli/bwdc-windows-%_PACKAGE_VERSION%.zip ./dist-cli/windows/bwdc.exe ./keytar/windows/keytar.node | |
- name: Version Test | |
run: | | |
Expand-Archive -Path "./dist-cli/bwdc-windows-${env:_PACKAGE_VERSION}.zip" -DestinationPath "./test/windows" | |
$testVersion = Invoke-Expression '& ./test/windows/bwdc.exe -v' | |
echo "version: $env:_PACKAGE_VERSION" | |
echo "testVersion: $testVersion" | |
if($testVersion -ne $env:_PACKAGE_VERSION) { | |
Throw "Version test failed." | |
} | |
- name: Create checksums | |
run: | | |
checksum -f="./dist-cli/bwdc-windows-${env:_PACKAGE_VERSION}.zip" ` | |
-t sha256 | Out-File ./dist-cli/bwdc-windows-sha256-${env:_PACKAGE_VERSION}.txt | |
- name: Upload Windows Zip to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: bwdc-windows-${{ env._PACKAGE_VERSION }}.zip | |
path: ./dist-cli/bwdc-windows-${{ env._PACKAGE_VERSION }}.zip | |
if-no-files-found: error | |
- name: Upload Windows checksum to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt | |
path: ./dist-cli/bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt | |
if-no-files-found: error | |
windows-gui: | |
name: Build Windows GUI | |
runs-on: windows-2019 | |
needs: setup | |
env: | |
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Set up Node | |
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 | |
with: | |
cache: 'npm' | |
cache-dependency-path: '**/package-lock.json' | |
node-version: '18' | |
- name: Update NPM | |
run: | | |
npm install -g node-gyp | |
node-gyp install $(node -v) | |
- name: Set Node options | |
run: echo "NODE_OPTIONS=--max_old_space_size=4096" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append | |
shell: pwsh | |
- name: Print environment | |
run: | | |
node --version | |
npm --version | |
- name: Install AST | |
uses: bitwarden/gh-actions/install-ast@c970b0fb89bd966749280e832928db62040812bf | |
- name: Install Node dependencies | |
run: npm install | |
# - name: Run linter | |
# run: npm run lint | |
- name: Build & Sign | |
run: npm run dist:win | |
env: | |
ELECTRON_BUILDER_SIGN: 1 | |
SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }} | |
SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }} | |
SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }} | |
SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }} | |
SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }} | |
- name: Upload Portable Executable to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: Bitwarden-Connector-Portable-${{ env._PACKAGE_VERSION }}.exe | |
path: ./dist/Bitwarden-Connector-Portable-${{ env._PACKAGE_VERSION }}.exe | |
if-no-files-found: error | |
- name: Upload Installer Executable to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe | |
path: ./dist/Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe | |
if-no-files-found: error | |
- name: Upload Installer Executable Blockmap to GitHub | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe.blockmap | |
path: ./dist/Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe.blockmap | |
if-no-files-found: error | |
- name: Upload latest auto-update artifact | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: latest.yml | |
path: ./dist/latest.yml | |
if-no-files-found: error | |
linux-gui: | |
name: Build Linux GUI | |
runs-on: ubuntu-20.04 | |
needs: setup | |
env: | |
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Set up Node | |
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 | |
with: | |
cache: 'npm' | |
cache-dependency-path: '**/package-lock.json' | |
node-version: '18' | |
- name: Update NPM | |
run: | | |
npm install -g node-gyp | |
node-gyp install $(node -v) | |
- name: Set Node options | |
run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV | |
- name: Set up environment | |
run: | | |
sudo apt-get update | |
sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev | |
sudo apt-get -y install rpm | |
- name: NPM Install | |
run: npm install | |
- name: NPM Rebuild | |
run: npm run rebuild | |
- name: NPM Package | |
run: npm run dist:lin | |
- name: Upload AppImage | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-x86_64.AppImage | |
path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-x86_64.AppImage | |
if-no-files-found: error | |
- name: Upload latest auto-update artifact | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: latest-linux.yml | |
path: ./dist/latest-linux.yml | |
if-no-files-found: error | |
macos-gui: | |
name: Build MacOS GUI | |
runs-on: macos-11 | |
needs: setup | |
env: | |
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} | |
steps: | |
- name: Checkout repo | |
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 | |
- name: Set up Node | |
uses: actions/setup-node@5e21ff4d9bc1a8cf6de233a3057d20ec6b3fb69d # v3.8.1 | |
with: | |
cache: 'npm' | |
cache-dependency-path: '**/package-lock.json' | |
node-version: '18' | |
- name: Update NPM | |
run: | | |
npm install -g node-gyp | |
node-gyp install $(node -v) | |
- name: Set Node options | |
run: echo "NODE_OPTIONS=--max_old_space_size=4096" >> $GITHUB_ENV | |
- name: Print environment | |
run: | | |
node --version | |
npm --version | |
echo "GitHub ref: $GITHUB_REF" | |
echo "GitHub event: $GITHUB_EVENT" | |
shell: bash | |
- name: Decrypt secrets | |
env: | |
DECRYPT_FILE_PASSWORD: ${{ secrets.DECRYPT_FILE_PASSWORD }} | |
shell: bash | |
run: | | |
mkdir -p $HOME/secrets | |
gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \ | |
--output "$HOME/secrets/devid-app-cert.p12" \ | |
"$GITHUB_WORKSPACE/.github/secrets/devid-app-cert.p12.gpg" | |
gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \ | |
--output "$HOME/secrets/devid-installer-cert.p12" \ | |
"$GITHUB_WORKSPACE/.github/secrets/devid-installer-cert.p12.gpg" | |
gpg --quiet --batch --yes --decrypt --passphrase="$DECRYPT_FILE_PASSWORD" \ | |
--output "$HOME/secrets/macdev-cert.p12" \ | |
"$GITHUB_WORKSPACE/.github/secrets/macdev-cert.p12.gpg" | |
- name: Set up keychain | |
env: | |
KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }} | |
DEVID_CERT_PASSWORD: ${{ secrets.DEVID_CERT_PASSWORD }} | |
MACDEV_CERT_PASSWORD: ${{ secrets.MACDEV_CERT_PASSWORD }} | |
shell: bash | |
run: | | |
security create-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
security default-keychain -s build.keychain | |
security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain | |
security set-keychain-settings -lut 1200 build.keychain | |
security import "$HOME/secrets/devid-app-cert.p12" -k build.keychain -P $DEVID_CERT_PASSWORD \ | |
-T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
security import "$HOME/secrets/devid-installer-cert.p12" -k build.keychain -P $DEVID_CERT_PASSWORD \ | |
-T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
security import "$HOME/secrets/macdev-cert.p12" -k build.keychain -P $MACDEV_CERT_PASSWORD \ | |
-T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild | |
security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain | |
- name: Load package version | |
run: | | |
$rootPath = $env:GITHUB_WORKSPACE; | |
$packageVersion = (Get-Content -Raw -Path $rootPath\src\package.json | ConvertFrom-Json).version; | |
Write-Output "Setting package version to $packageVersion"; | |
Write-Output "PACKAGE_VERSION=$packageVersion" | Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append; | |
shell: pwsh | |
- name: Install Node dependencies | |
run: npm install | |
- name: Build application | |
run: npm run dist:mac | |
env: | |
APPLE_ID_USERNAME: ${{ secrets.APPLE_ID_USERNAME }} | |
APPLE_ID_PASSWORD: ${{ secrets.APPLE_ID_PASSWORD }} | |
- name: Upload .zip artifact | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip | |
path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip | |
if-no-files-found: error | |
- name: Upload .dmg artifact | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg | |
path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg | |
if-no-files-found: error | |
- name: Upload .dmg Blockmap artifact | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg.blockmap | |
path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg.blockmap | |
if-no-files-found: error | |
- name: Upload latest auto-update artifact | |
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3 | |
with: | |
name: latest-mac.yml | |
path: ./dist/latest-mac.yml | |
if-no-files-found: error | |
check-failures: | |
name: Check for failures | |
runs-on: ubuntu-20.04 | |
needs: | |
- cloc | |
- setup | |
- linux-cli | |
- macos-cli | |
- windows-cli | |
- windows-gui | |
- linux-gui | |
- macos-gui | |
steps: | |
- name: Check if any job failed | |
if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }} | |
env: | |
CLOC_STATUS: ${{ needs.cloc.result }} | |
SETUP_STATUS: ${{ needs.setup.result }} | |
LINUX_CLI_STATUS: ${{ needs.linux-cli.result }} | |
MACOS_CLI_STATUS: ${{ needs.macos-cli.result }} | |
WINDOWS_CLI_STATUS: ${{ needs.windows-cli.result }} | |
WINDOWS_GUI_STATUS: ${{ needs.windows-gui.result }} | |
LINUX_GUI_STATUS: ${{ needs.linux-gui.result }} | |
MACOS_GUI_STATUS: ${{ needs.macos-gui.result }} | |
run: | | |
if [ "$CLOC_STATUS" = "failure" ]; then | |
exit 1 | |
elif [ "$SETUP_STATUS" = "failure" ]; then | |
exit 1 | |
elif [ "$LINUX_CLI_STATUS" = "failure" ]; then | |
exit 1 | |
elif [ "$MACOS_CLI_STATUS" = "failure" ]; then | |
exit 1 | |
elif [ "$WINDOWS_CLI_STATUS" = "failure" ]; then | |
exit 1 | |
elif [ "$WINDOWS_GUI_STATUS" = "failure" ]; then | |
exit 1 | |
elif [ "$LINUX_GUI_STATUS" = "failure" ]; then | |
exit 1 | |
elif [ "$MACOS_GUI_STATUS" = "failure" ]; then | |
exit 1 | |
fi | |
- name: Login to Azure - CI subscription | |
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 | |
if: failure() | |
with: | |
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} | |
- name: Retrieve secrets | |
id: retrieve-secrets | |
uses: bitwarden/gh-actions/get-keyvault-secrets@c970b0fb89bd966749280e832928db62040812bf | |
if: failure() | |
with: | |
keyvault: "bitwarden-ci" | |
secrets: "devops-alerts-slack-webhook-url" | |
- name: Notify Slack on failure | |
uses: act10ns/slack@ed1309ab9862e57e9e583e51c7889486b9a00b0f # v2.0.0 | |
if: failure() | |
env: | |
SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} | |
with: | |
status: ${{ job.status }} |