Skip to content

Commit 893cec8

Browse files
committed
Merge branch 'main' into vault/pm-24243/load-feature-flags-into-sdk
2 parents fd7a044 + 2de321d commit 893cec8

File tree

606 files changed

+39995
-8616
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

606 files changed

+39995
-8616
lines changed

.github/CODEOWNERS

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -101,6 +101,7 @@ libs/guid @bitwarden/team-platform-dev
101101
libs/client-type @bitwarden/team-platform-dev
102102
libs/core-test-utils @bitwarden/team-platform-dev
103103
libs/state @bitwarden/team-platform-dev
104+
libs/state-internal @bitwarden/team-platform-dev
104105
libs/state-test-utils @bitwarden/team-platform-dev
105106
# Web utils used across app and connectors
106107
apps/web/src/utils/ @bitwarden/team-platform-dev

.github/workflows/build-desktop.yml

Lines changed: 18 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1299,6 +1299,7 @@ jobs:
12991299
$package = Get-Content -Raw -Path electron-builder.json | ConvertFrom-Json
13001300
$package | Add-Member -MemberType NoteProperty -Name buildVersion -Value "$env:BUILD_NUMBER"
13011301
$package | ConvertTo-Json -Depth 32 | Set-Content -Path electron-builder.json
1302+
13021303
Write-Output "### MacOS App Store build number: $env:BUILD_NUMBER"
13031304
13041305
- name: Install Node dependencies
@@ -1374,6 +1375,23 @@ jobs:
13741375
CSC_FOR_PULL_REQUEST: true
13751376
run: npm run pack:mac:mas
13761377

1378+
- name: Create MacOS App Store build number artifact
1379+
shell: pwsh
1380+
env:
1381+
BUILD_NUMBER: ${{ needs.setup.outputs.build_number }}
1382+
run: |
1383+
$buildInfo = @{
1384+
buildNumber = $env:BUILD_NUMBER
1385+
}
1386+
$buildInfo | ConvertTo-Json | Set-Content -Path dist/macos-build-number.json
1387+
1388+
- name: Upload MacOS App Store build number artifact
1389+
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
1390+
with:
1391+
name: macos-build-number.json
1392+
path: apps/desktop/dist/macos-build-number.json
1393+
if-no-files-found: error
1394+
13771395
- name: Upload .pkg artifact
13781396
uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
13791397
with:

.github/workflows/chromatic.yml

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -11,6 +11,8 @@ on:
1111
branches:
1212
- "main"
1313

14+
permissions: {}
15+
1416
jobs:
1517
check-run:
1618
name: Check PR run

.github/workflows/lint.yml

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -102,3 +102,10 @@ jobs:
102102
run: cargo clippy --all-features --tests
103103
env:
104104
RUSTFLAGS: "-D warnings"
105+
106+
- name: Install cargo-sort
107+
run: cargo install cargo-sort --locked --git https://github.com/DevinR528/cargo-sort.git --rev f5047967021cbb1f822faddc355b3b07674305a1
108+
109+
- name: Cargo sort
110+
working-directory: ./apps/desktop/desktop_native
111+
run: cargo sort --workspace --check

.github/workflows/publish-desktop.yml

Lines changed: 105 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -18,10 +18,15 @@ on:
1818
type: string
1919
default: latest
2020
electron_rollout_percentage:
21-
description: 'Staged Rollout Percentage for Electron'
22-
required: true
21+
description: 'Staged Rollout Percentage for Electron (ignored if Electron publish disabled)'
22+
required: false
2323
default: '10'
2424
type: string
25+
electron_publish:
26+
description: 'Publish to Electron (auto-updater)'
27+
required: true
28+
default: true
29+
type: boolean
2530
snap_publish:
2631
description: 'Publish to Snap store'
2732
required: true
@@ -32,6 +37,15 @@ on:
3237
required: true
3338
default: true
3439
type: boolean
40+
mas_publish:
41+
description: 'Publish to Mac App Store'
42+
required: true
43+
default: true
44+
type: boolean
45+
release_notes:
46+
description: 'Release Notes'
47+
required: false
48+
type: string
3549

3650
jobs:
3751
setup:
@@ -71,7 +85,7 @@ jobs:
7185
echo "Release Version: ${{ inputs.version }}"
7286
echo "version=${{ inputs.version }}"
7387
74-
$TAG_NAME="desktop-v${{ inputs.version }}"
88+
TAG_NAME="desktop-v${{ inputs.version }}"
7589
7690
echo "Tag name: $TAG_NAME"
7791
echo "tag_name=$TAG_NAME" >> $GITHUB_OUTPUT
@@ -109,6 +123,7 @@ jobs:
109123
name: Electron blob publish
110124
runs-on: ubuntu-22.04
111125
needs: setup
126+
if: inputs.electron_publish
112127
permissions:
113128
contents: read
114129
packages: read
@@ -292,6 +307,92 @@ jobs:
292307
run: choco push --source=https://push.chocolatey.org/
293308
working-directory: apps/desktop/dist
294309

310+
mas:
311+
name: Deploy Mac App Store
312+
runs-on: macos-15
313+
needs: setup
314+
permissions:
315+
contents: read
316+
id-token: write
317+
if: inputs.mas_publish
318+
env:
319+
_PKG_VERSION: ${{ needs.setup.outputs.release_version }}
320+
_RELEASE_TAG: ${{ needs.setup.outputs.tag_name }}
321+
steps:
322+
- name: Checkout repo
323+
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
324+
325+
- name: Validate release notes for MAS
326+
if: inputs.mas_publish && (inputs.release_notes == '' || inputs.release_notes == null)
327+
run: |
328+
echo "❌ Release notes are required when publishing to Mac App Store"
329+
echo "Please provide release notes using the 'Release Notes' input field"
330+
exit 1
331+
332+
- name: Download MacOS App Store build number
333+
working-directory: apps/desktop
334+
run: wget https://github.com/bitwarden/clients/releases/download/${{ env._RELEASE_TAG }}/macos-build-number.json
335+
336+
- name: Setup Ruby and Install Fastlane
337+
uses: ruby/setup-ruby@ca041f971d66735f3e5ff1e21cc13e2d51e7e535 # v1.233.0
338+
with:
339+
ruby-version: '3.0'
340+
bundler-cache: false
341+
working-directory: apps/desktop
342+
343+
- name: Install Fastlane
344+
working-directory: apps/desktop
345+
run: gem install fastlane
346+
347+
- name: Log in to Azure
348+
uses: bitwarden/gh-actions/azure-login@main
349+
with:
350+
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
351+
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
352+
client_id: ${{ secrets.AZURE_CLIENT_ID }}
353+
354+
- name: Get Azure Key Vault secrets
355+
id: get-kv-secrets
356+
uses: bitwarden/gh-actions/get-keyvault-secrets@main
357+
with:
358+
keyvault: gh-clients
359+
secrets: "APP-STORE-CONNECT-AUTH-KEY,APP-STORE-CONNECT-TEAM-ISSUER"
360+
361+
- name: Log out from Azure
362+
uses: bitwarden/gh-actions/azure-logout@main
363+
364+
- name: Publish to App Store
365+
env:
366+
APP_STORE_CONNECT_TEAM_ISSUER: ${{ steps.get-kv-secrets.outputs.APP-STORE-CONNECT-TEAM-ISSUER }}
367+
APP_STORE_CONNECT_AUTH_KEY: ${{ steps.get-kv-secrets.outputs.APP-STORE-CONNECT-AUTH-KEY }}
368+
working-directory: apps/desktop
369+
run: |
370+
BUILD_NUMBER=$(jq -r '.buildNumber' macos-build-number.json)
371+
CHANGELOG="${{ inputs.release_notes }}"
372+
IS_DRY_RUN="${{ inputs.publish_type == 'Dry Run' }}"
373+
374+
if [ "$IS_DRY_RUN" = "true" ]; then
375+
echo "🧪 DRY RUN MODE - Testing without actual App Store submission"
376+
echo "📦 Would publish build $BUILD_NUMBER to Mac App Store"
377+
else
378+
echo "🚀 PRODUCTION MODE - Publishing to Mac App Store"
379+
echo "📦 Publishing build $BUILD_NUMBER to Mac App Store"
380+
fi
381+
382+
echo "📝 Release notes (${#CHANGELOG} chars): ${CHANGELOG:0:100}..."
383+
384+
# Validate changelog length (App Store limit is 4000 chars)
385+
if [ ${#CHANGELOG} -gt 4000 ]; then
386+
echo "❌ Release notes too long: ${#CHANGELOG} characters (max 4000)"
387+
exit 1
388+
fi
389+
390+
fastlane publish --verbose \
391+
app_version:"${{ env._PKG_VERSION }}" \
392+
build_number:$BUILD_NUMBER \
393+
changelog:"$CHANGELOG" \
394+
dry_run:$IS_DRY_RUN
395+
295396
update-deployment:
296397
name: Update Deployment Status
297398
runs-on: ubuntu-22.04
@@ -300,6 +401,7 @@ jobs:
300401
- electron-blob
301402
- snap
302403
- choco
404+
- mas
303405
permissions:
304406
contents: read
305407
deployments: write

0 commit comments

Comments
 (0)