Merge remote-tracking branch 'origin/main' into BRE-224-Create-a-GitH…

…ub-Release-workflows-for-SDK
bitwarden · Sep 25, 2024 · 177aafe · 177aafe
2 parents 6da6fb0 + ae05bd0
commit 177aafe
Show file tree

Hide file tree

Showing 15 changed files with 111 additions and 120 deletions.
diff --git a/.github/workflows/build-android.yml b/.github/workflows/build-android.yml
@@ -80,7 +80,7 @@ jobs:
           key: cargo-combine-cache
 
       - name: Setup Java
-        uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
+        uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
         with:
           distribution: temurin
           java-version: 17
@@ -102,7 +102,7 @@ jobs:
         run: ./build-schemas.sh
 
       - name: Setup gradle
-        uses: gradle/actions/setup-gradle@16bf8bc8fe830fa669c3c9f914d3eb147c629707 # v4.0.1
+        uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0
 
       - name: Publish
         run: ./gradlew sdk:publish

diff --git a/.github/workflows/build-java.yml b/.github/workflows/build-java.yml
@@ -34,7 +34,7 @@ jobs:
           path: languages/java/src/main/java/bit/sdk/schema/
 
       - name: Setup Java
-        uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
+        uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
         with:
           distribution: temurin
           java-version: 17

diff --git a/.github/workflows/build-napi.yml b/.github/workflows/build-napi.yml
@@ -54,7 +54,7 @@ jobs:
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Setup Node
-        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           node-version: 18
           cache: "npm"

diff --git a/.github/workflows/build-python-wheels.yml b/.github/workflows/build-python-wheels.yml
@@ -66,7 +66,7 @@ jobs:
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Setup Node
-        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           node-version: 18
 

diff --git a/.github/workflows/build-wasm.yml b/.github/workflows/build-wasm.yml
@@ -25,7 +25,7 @@ jobs:
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Setup Node
-        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           node-version: 18
           registry-url: "https://npm.pkg.github.com"

diff --git a/.github/workflows/generate_schemas.yml b/.github/workflows/generate_schemas.yml
@@ -27,7 +27,7 @@ jobs:
           toolchain: stable
 
       - name: Set up Node
-        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: "npm"
           cache-dependency-path: "package-lock.json"

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -45,12 +45,12 @@ jobs:
           RUSTFLAGS: "-D warnings"
 
       - name: Upload Clippy results to GitHub
-        uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
+        uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8
         with:
           sarif_file: clippy_result.sarif
 
       - name: Set up Node
-        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+        uses: actions/setup-node@0a44ba7841725637a19e28fa30b79a866c81b0a6 # v4.0.4
         with:
           cache: "npm"
           cache-dependency-path: "package-lock.json"

diff --git a/.github/workflows/publish-java.yml b/.github/workflows/publish-java.yml
@@ -81,13 +81,13 @@ jobs:
             maven-sonartype-ossrh-password"
 
       - name: Setup java
-        uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2
+        uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
         with:
           distribution: temurin
           java-version: 17
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@16bf8bc8fe830fa669c3c9f914d3eb147c629707 # v4.0.1
+        uses: gradle/actions/setup-gradle@d156388eb19639ec20ade50009f3d199ce1e2808 # v4.1.0
 
       - name: Publish package to GitHub Packages
         if: ${{ inputs.release_type != 'Dry Run' }}

diff --git a/.github/workflows/publish-php.yml b/.github/workflows/publish-php.yml
@@ -1,3 +1,4 @@
+---
 name: Publish PHP SDK
 run-name: Publish PHP SDK ${{ inputs.release_type }}
 
@@ -29,9 +30,9 @@ jobs:
       - name: Branch check
         if: ${{ inputs.release_type != 'Dry Run' }}
         run: |
-          if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then
+          if [[ "$GITHUB_REF" != "refs/heads/main" ]]; then
             echo "==================================="
-            echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches"
+            echo "[!] Can only release from the 'main' branch"
             echo "==================================="
             exit 1
           fi
@@ -123,7 +124,7 @@ jobs:
         working-directory: sm-sdk-php
         run: |
           git add .
-          git commit -m "Update Go SDK to ${{ github.sha }}"
+          git commit -m "Update PHP SDK to ${{ github.sha }}"
 
           if [[ "${{ inputs.release_type }}" == "Dry Run" ]]; then
             echo "==================================="
@@ -135,7 +136,7 @@ jobs:
             git push origin main
           fi
 
-      - name: Create release tag on SDK Go repo
+      - name: Create release tag on PHP SDK repo
         if: ${{ inputs.release_type != 'Dry Run' }}
         working-directory: sm-sdk-php
         run: |
@@ -177,7 +178,7 @@ jobs:
         with:
           workflow: build-rust-cross-platform.yml
           workflow_conclusion: success
-          branch: ${{ inputs.release_type == 'Dry Run' && 'main' ||  github.ref_name }}
+          branch: main
           artifacts: libbitwarden_c_files-x86_64-apple-darwin
           skip_unpack: true
 
@@ -186,7 +187,7 @@ jobs:
         with:
           workflow: build-rust-cross-platform.yml
           workflow_conclusion: success
-          branch: ${{ inputs.release_type == 'Dry Run' && 'main' ||  github.ref_name }}
+          branch: main
           artifacts: libbitwarden_c_files-aarch64-apple-darwin
           skip_unpack: true
 
@@ -195,7 +196,7 @@ jobs:
         with:
           workflow: build-rust-cross-platform.yml
           workflow_conclusion: success
-          branch: ${{ inputs.release_type == 'Dry Run' && 'main' ||  github.ref_name }}
+          branch: main
           artifacts: libbitwarden_c_files-x86_64-unknown-linux-gnu
           skip_unpack: true
 
@@ -204,7 +205,7 @@ jobs:
         with:
           workflow: build-rust-cross-platform.yml
           workflow_conclusion: success
-          branch: ${{ inputs.release_type == 'Dry Run' && 'main' ||  github.ref_name }}
+          branch: main
           artifacts: libbitwarden_c_files-x86_64-pc-windows-msvc
           skip_unpack: true
 

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -31,7 +31,7 @@ jobs:
           ref: ${{  github.event.pull_request.head.sha }}
 
       - name: Scan with Checkmarx
-        uses: checkmarx/ast-github-action@1fe318de2993222574e6249750ba9000a4e2a6cd # 2.0.33
+        uses: checkmarx/ast-github-action@9fda5a4a2c297608117a5a56af424502a9192e57 # 2.0.34
         env:
           INCREMENTAL: "${{ contains(github.event_name, 'pull_request') && '--sast-incremental' || '' }}"
         with:
@@ -46,7 +46,7 @@ jobs:
             --output-path . ${{ env.INCREMENTAL }}
 
       - name: Upload Checkmarx results to GitHub
-        uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
+        uses: github/codeql-action/upload-sarif@294a9d92911152fe08befb9ec03e240add280cb3 # v3.26.8
         with:
           sarif_file: cx_result.sarif