-
Notifications
You must be signed in to change notification settings - Fork 50
160 lines (136 loc) · 6.03 KB
/
publish-ruby.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
name: Publish Ruby SDK
run-name: Publish Ruby SDK ${{ inputs.release_type }}
on:
workflow_dispatch:
inputs:
release_type:
description: "Release Options"
required: true
default: "Release"
type: choice
options:
- Release
- Dry Run
permissions:
contents: read
id-token: write
jobs:
# setup:
# name: Setup
# runs-on: ubuntu-22.04
# steps:
# - name: Checkout repo
# uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
# - name: Branch check
# if: ${{ github.event.inputs.release_type != 'Dry Run' }}
# run: |
# if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
# echo "==================================="
# echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
# echo "==================================="
# exit 1
# fi
publish_ruby:
name: Publish Ruby
runs-on: ubuntu-22.04
# needs: setup
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Set up Ruby
uses: ruby/setup-ruby@22fdc77bf4148f810455b226c90fb81b5cbc00a7 # v1.171.0
with:
ruby-version: 3.2
- name: Download artifacts
uses: bitwarden/gh-actions/download-artifacts@main
with:
workflow: generate_schemas.yml
path: languages/ruby/bitwarden_sdk_secrets/lib
workflow_conclusion: success
branch: rc # ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
artifacts: schemas.rb
- name: Download x86_64-apple-darwin artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
workflow: build-rust-cross-platform.yml
path: temp/macos-x64
workflow_conclusion: success
branch: rc # ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
artifacts: libbitwarden_c_files-x86_64-apple-darwin
- name: Download aarch64-apple-darwin artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
workflow: build-rust-cross-platform.yml
workflow_conclusion: success
branch: rc # ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
artifacts: libbitwarden_c_files-aarch64-apple-darwin
path: temp/macos-arm64
- name: Download x86_64-unknown-linux-gnu artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
workflow: build-rust-cross-platform.yml
workflow_conclusion: success
branch: rc # ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
artifacts: libbitwarden_c_files-x86_64-unknown-linux-gnu
path: temp/linux-x64
- name: Download x86_64-pc-windows-msvc artifact
uses: bitwarden/gh-actions/download-artifacts@main
with:
workflow: build-rust-cross-platform.yml
workflow_conclusion: success
branch: rc # ${{ github.event.inputs.release_type == 'Dry Run' && 'main' || github.ref_name }}
artifacts: libbitwarden_c_files-x86_64-pc-windows-msvc
path: temp/windows-x64
- name: Copy lib files
run: |
mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/macos-arm64
mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/linux-x64
mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/macos-x64
mkdir -p languages/ruby/bitwarden_sdk_secrets/lib/windows-x64
platforms=("macos-arm64" "linux-x64" "macos-x64" "windows-x64")
files=("libbitwarden_c.dylib" "libbitwarden_c.so" "libbitwarden_c.dylib" "bitwarden_c.dll")
for ((i=0; i<${#platforms[@]}; i++)); do
cp "temp/${platforms[$i]}/${files[$i]}" "languages/ruby/bitwarden_sdk_secrets/lib/${platforms[$i]}/${files[$i]}"
done
- name: Login to Azure
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "rubygem-api-key"
- name: bundle install
run: bundle install
working-directory: languages/ruby/bitwarden_sdk_secrets
- name: Build gem
run: gem build bitwarden-sdk-secrets.gemspec
working-directory: languages/ruby/bitwarden_sdk_secrets
- name: Push gem to Rubygems
run: |
mkdir -p $HOME/.gem
touch $HOME/.gem/credentials
chmod 0600 $HOME/.gem/credentials
printf -- "---\n:rubygems_api_key: ${GEM_HOST_API_KEY}\n" > $HOME/.gem/credentials
gem push *.gem
env:
GEM_HOST_API_KEY: ${{ steps.retrieve-secrets.outputs.rubygem-api-key }}
working-directory: languages/ruby/bitwarden_sdk_secrets
# - name: Set remote URL
# run: |
# # Attribute commits to the last committer on HEAD
# git config --global user.email "[email protected]"
# git config --global user.name "bitwarden-devops-bot"
# git remote set-url origin "https://x-access-token:${{ github.token }}@github.com/$GITHUB_REPOSITORY"
# - name: Configure trusted publishing credentials
# uses: rubygems/configure-rubygems-credentials@bc6dd217f8a4f919d6835fcfefd470ef821f5c44 # v1.0.0
# - name: Run release rake task
# if: ${{ inputs.release_type == 'Release' }}
# run: bundle exec rake release
# working-directory: languages/ruby/bitwarden_sdk_secrets
# - name: Wait for release to propagate
# if: ${{ inputs.release_type == 'Release' }}
# run: gem exec rubygems-await pkg/*.gem
# working-directory: languages/ruby/bitwarden_sdk_secrets