Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Build and release workflows with tooling #21

Merged
merged 18 commits into from
Feb 5, 2025
Merged

Build and release workflows with tooling #21

merged 18 commits into from
Feb 5, 2025

Conversation

tgraupne
Copy link
Collaborator

This PR contains updated to our GitHUb Actions Workflows in preparation of the release of our terraform provider.
Example executions of the release-workflow triggered by pushing a tag can be found here:

https://github.com/bitwarden/terraform-provider-bitwarden-sm/actions/runs/10579959606

We followed hashicorps documentation about the manual release preparation:
https://developer.hashicorp.com/terraform/registry/providers/publishing#manually-preparing-a-release

The following things are still open:

we need to setup a signing key in order to sign the hashes of our binaries
we need to decide if we can use large hosted runners in GitHub Actions in order to provide a native ubuntu environment to build arm64 binaries

⏰ Reminders before review

  • Contributor guidelines followed
  • All formatters and local linters executed and passed
  • Written new unit and / or integration tests where applicable
  • Protected functional changes with optionality (feature flags)
  • Used internationalization (i18n) for all UI strings
  • CI builds passed
  • Communicated to DevOps any deployment requirements
  • Updated any necessary documentation (Confluence, contributing docs) or informed the documentation team

🦮 Reviewer guidelines

  • 👍 (:+1:) or similar for great changes
  • 📝 (:memo:) or ℹ️ (:information_source:) for notes or general info
  • ❓ (:question:) for questions
  • 🤔 (:thinking:) or 💭 (:thought_balloon:) for more open inquiry that's not quite a confirmed issue and could potentially benefit from discussion
  • 🎨 (:art:) for suggestions / improvements
  • ❌ (:x:) or ⚠️ (:warning:) for more significant problems or concerns needing attention
  • 🌱 (:seedling:) or ♻️ (:recycle:) for future improvements or indications of technical debt
  • ⛏ (:pick:) for minor or nitpick changes

@tgraupne tgraupne self-assigned this Aug 28, 2024
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 28, 2024
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailse6c04e46-eff5-467a-9814-9be4002c166e

New Issues (1)

Checkmarx found the following issues in this Pull Request

Severity Issue Source File / Package Checkmarx Insight
HIGH CVE-2024-45339 Go-github.com/golang/glog-v1.2.3 Vulnerable Package

withinfocus
withinfocus requested changes Aug 28, 2024
View reviewed changes
Copy link
Contributor

@withinfocus withinfocus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

BRE will really be the official reviewers here and can work on that final setup, but I saw a few things.

@withinfocus withinfocus changed the title feat(TR6): gh actions and release config Build and release workflows with tooling Aug 28, 2024
@tgraupne tgraupne requested a review from withinfocus August 29, 2024 09:49
@tgraupne
Copy link
Collaborator Author

Hi @withinfocus, thanks a lot for your feedback. I hope I was able to address all the remarks you made. There is just open follow-up question from my side regarding the the check-run step in the release workflow.

withinfocus
withinfocus reviewed Aug 29, 2024
View reviewed changes
Copy link
Contributor

@withinfocus withinfocus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Besides the optimization of the secrets-related steps in the workflows, I think I am good with this and BRE should get in for their review.

@tgraupne tgraupne force-pushed the TR6_adding_continuous_registry_deployment branch 3 times, most recently from 98cea93 to 201fd60 Compare October 1, 2024 14:53
@tgraupne tgraupne marked this pull request as ready for review October 1, 2024 14:54
@tgraupne tgraupne requested a review from a team as a code owner October 1, 2024 14:54
michalchecinski
michalchecinski requested changes Oct 7, 2024
View reviewed changes
@tgraupne tgraupne force-pushed the TR6_adding_continuous_registry_deployment branch from 201fd60 to f8f3ee5 Compare October 29, 2024 16:03
@michalchecinski
Copy link
Contributor

Closed and re-opened the PR to fire a new workflow linter. @tgraupne, please also fix the things indicated by it: https://github.com/bitwarden/terraform-provider-bitwarden-sm/actions/runs/12908630218/job/35994555617?pr=21

@tgraupne tgraupne force-pushed the TR6_adding_continuous_registry_deployment branch from 1cffc90 to ab606e4 Compare February 2, 2025 20:54
@tgraupne
Copy link
Collaborator Author

tgraupne commented Feb 2, 2025
edited
Loading

Hi @michalchecinski, I tried to incorporate all of your feedback and I create a little miro board showing the implemented GitHub Actions workflows. With that, I am trying to make sure that there are nor misunderstandings in the process we'd like to implement together. I am looking forward to your feedback.

Bitwarden Release Process.pdf

michalchecinski
michalchecinski requested changes Feb 3, 2025
View reviewed changes
withinfocus
withinfocus requested changes Feb 3, 2025
View reviewed changes
@tgraupne
incorporated PR feedback
7201c1a 
* since this file is not in scope, undo all
@tgraupne
incorporated PR feedback
3561cf7 
* updated release workflow
michalchecinski
michalchecinski requested changes Feb 4, 2025
View reviewed changes
@tgraupne
incorporated PR feedback
fbdb768 
* updated release workflow
@withinfocus withinfocus mentioned this pull request Feb 4, 2025
Merged
michalchecinski
michalchecinski requested changes Feb 5, 2025
View reviewed changes
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Feb 5, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@tgraupne tgraupne enabled auto-merge (squash) February 5, 2025 13:18
withinfocus
withinfocus approved these changes Feb 5, 2025
View reviewed changes
Copy link
Contributor

@withinfocus withinfocus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't want to hold anything up for merging. Can iterate if needed later and BRE really owns these flows.

@tgraupne tgraupne merged commit 06f3662 into main Feb 5, 2025
20 of 21 checks passed
@tgraupne tgraupne deleted the TR6_adding_continuous_registry_deployment branch February 5, 2025 13:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@withinfocus withinfocus withinfocus approved these changes

@tangowithfoxtrot tangowithfoxtrot tangowithfoxtrot approved these changes

@michalchecinski michalchecinski michalchecinski approved these changes

Assignees

@tgraupne tgraupne

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@tgraupne @michalchecinski @withinfocus @tangowithfoxtrot