[deps]: Lock file maintenance #2631

Workflow file for this run

	---
	name: Build

	on:
	pull_request: {}
	push:
	branches:
	- "main"
	workflow_dispatch: {}

	jobs:
	cloc:
	name: CLOC
	runs-on: ubuntu-22.04
	steps:
	- name: Checkout repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Set up CLOC
	run: \|
	sudo apt update
	sudo apt -y install cloc

	- name: Print lines of code
	run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git


	setup:
	name: Setup
	runs-on: ubuntu-22.04
	outputs:
	package_version: ${{ steps.retrieve-version.outputs.package_version }}
	steps:
	- name: Checkout repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Get Package Version
	id: retrieve-version
	run: \|
	PKG_VERSION=$(jq -r .version package.json)
	echo "package_version=$PKG_VERSION" >> $GITHUB_OUTPUT


	linux-cli:
	name: Build Linux CLI
	runs-on: ubuntu-22.04
	needs: setup
	env:
	_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
	_PKG_FETCH_NODE_VERSION: 18.5.0
	_PKG_FETCH_VERSION: 3.4
	steps:
	- name: Checkout repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Set up Node
	uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
	with:
	cache: 'npm'
	cache-dependency-path: '**/package-lock.json'
	node-version: '18'

	- name: Update NPM
	run: \|
	npm install -g node-gyp
	node-gyp install $(node -v)

	- name: Get pkg-fetch
	run: \|
	cd $HOME
	fetchedUrl="https://github.com/vercel/pkg-fetch/releases/download/v$_PKG_FETCH_VERSION/node-v$_PKG_FETCH_NODE_VERSION-linux-x64"

	mkdir -p .pkg-cache/v$_PKG_FETCH_VERSION
	wget $fetchedUrl -O "./.pkg-cache/v$_PKG_FETCH_VERSION/fetched-v$_PKG_FETCH_NODE_VERSION-linux-x64"

	- name: Keytar
	run: \|
	keytarVersion=$(cat package.json \| jq -r '.dependencies.keytar')
	keytarTar="keytar-v$keytarVersion-napi-v3-linux-x64.tar"

	keytarTarGz="$keytarTar.gz"
	keytarUrl="https://github.com/atom/node-keytar/releases/download/v$keytarVersion/$keytarTarGz"

	mkdir -p ./keytar/linux
	wget $keytarUrl -O ./keytar/linux/$keytarTarGz
	tar -xvf ./keytar/linux/$keytarTarGz -C ./keytar/linux

	- name: Install
	run: npm install

	- name: Package CLI
	run: npm run dist:cli:lin

	- name: Zip
	run: zip -j dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip dist-cli/linux/bwdc keytar/linux/build/Release/keytar.node

	- name: Create checksums
	run: \|
	shasum -a 256 dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip \| \
	cut -d " " -f 1 > dist-cli/bwdc-linux-sha256-$_PACKAGE_VERSION.txt

	- name: Version Test
	run: \|
	sudo apt-get update
	sudo apt install libsecret-1-0 dbus-x11 gnome-keyring
	eval $(dbus-launch --sh-syntax)

	eval $(echo -n "" \| /usr/bin/gnome-keyring-daemon --login)
	eval $(/usr/bin/gnome-keyring-daemon --components=secrets --start)

	mkdir -p test/linux
	unzip ./dist-cli/bwdc-linux-$_PACKAGE_VERSION.zip -d ./test/linux

	testVersion=$(./test/linux/bwdc -v)

	echo "version: $_PACKAGE_VERSION"
	echo "testVersion: $testVersion"

	if [ "$testVersion" != "$_PACKAGE_VERSION" ]; then
	echo "Version test failed."
	exit 1
	fi

	- name: Upload Linux Zip to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: bwdc-linux-${{ env._PACKAGE_VERSION }}.zip
	path: ./dist-cli/bwdc-linux-${{ env._PACKAGE_VERSION }}.zip
	if-no-files-found: error

	- name: Upload Linux checksum to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt
	path: ./dist-cli/bwdc-linux-sha256-${{ env._PACKAGE_VERSION }}.txt
	if-no-files-found: error


	macos-cli:
	name: Build Mac CLI
	runs-on: macos-13
	needs: setup
	env:
	_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
	_PKG_FETCH_NODE_VERSION: 18.5.0
	_PKG_FETCH_VERSION: 3.4
	steps:
	- name: Checkout repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Set up Node
	uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
	with:
	cache: 'npm'
	cache-dependency-path: '**/package-lock.json'
	node-version: '18'

	- name: Update NPM
	run: \|
	npm install -g node-gyp
	node-gyp install $(node -v)

	- name: Get pkg-fetch
	run: \|
	cd $HOME
	fetchedUrl="https://github.com/vercel/pkg-fetch/releases/download/v$_PKG_FETCH_VERSION/node-v$_PKG_FETCH_NODE_VERSION-macos-x64"

	mkdir -p .pkg-cache/v$_PKG_FETCH_VERSION
	wget $fetchedUrl -O "./.pkg-cache/v$_PKG_FETCH_VERSION/fetched-v$_PKG_FETCH_NODE_VERSION-macos-x64"

	- name: Keytar
	run: \|
	keytarVersion=$(cat package.json \| jq -r '.dependencies.keytar')
	keytarTar="keytar-v$keytarVersion-napi-v3-darwin-x64.tar"

	keytarTarGz="$keytarTar.gz"
	keytarUrl="https://github.com/atom/node-keytar/releases/download/v$keytarVersion/$keytarTarGz"

	mkdir -p ./keytar/macos
	wget $keytarUrl -O ./keytar/macos/$keytarTarGz
	tar -xvf ./keytar/macos/$keytarTarGz -C ./keytar/macos

	- name: Install
	run: npm install

	- name: Package CLI
	run: npm run dist:cli:mac

	- name: Zip
	run: zip -j dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip dist-cli/macos/bwdc keytar/macos/build/Release/keytar.node

	- name: Create checksums
	run: \|
	shasum -a 256 dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip \| \
	cut -d " " -f 1 > dist-cli/bwdc-macos-sha256-$_PACKAGE_VERSION.txt

	- name: Version Test
	run: \|
	mkdir -p test/macos
	unzip ./dist-cli/bwdc-macos-$_PACKAGE_VERSION.zip -d ./test/macos

	testVersion=$(./test/macos/bwdc -v)

	echo "version: $_PACKAGE_VERSION"
	echo "testVersion: $testVersion"

	if [ "$testVersion" != "$_PACKAGE_VERSION" ]; then
	echo "Version test failed."
	exit 1
	fi

	- name: Upload Mac Zip to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: bwdc-macos-${{ env._PACKAGE_VERSION }}.zip
	path: ./dist-cli/bwdc-macos-${{ env._PACKAGE_VERSION }}.zip
	if-no-files-found: error

	- name: Upload Mac checksum to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt
	path: ./dist-cli/bwdc-macos-sha256-${{ env._PACKAGE_VERSION }}.txt
	if-no-files-found: error

	windows-cli:
	name: Build Windows CLI
	runs-on: windows-2022
	needs: setup
	env:
	_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
	_WIN_PKG_FETCH_VERSION: 18.5.0
	_WIN_PKG_VERSION: 3.4
	steps:
	- name: Checkout repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Setup Windows builder
	run: \|
	choco install checksum --no-progress
	choco install reshack --no-progress

	- name: Set up Node
	uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
	with:
	cache: 'npm'
	cache-dependency-path: '**/package-lock.json'
	node-version: '18'

	- name: Update NPM
	run: \|
	npm install -g node-gyp
	node-gyp install $(node -v)

	- name: Get pkg-fetch
	shell: pwsh
	run: \|
	cd $HOME
	$fetchedUrl = "https://github.com/vercel/pkg-fetch/releases/download/v$env:_WIN_PKG_VERSION/node-v$env:_WIN_PKG_FETCH_VERSION-win-x64"

	New-Item -ItemType directory -Path ./.pkg-cache
	New-Item -ItemType directory -Path ./.pkg-cache/v$env:_WIN_PKG_VERSION
	Invoke-RestMethod -Uri $fetchedUrl `
	-OutFile "./.pkg-cache/v$env:_WIN_PKG_VERSION/fetched-v$env:_WIN_PKG_FETCH_VERSION-win-x64"

	- name: Keytar
	shell: pwsh
	run: \|
	$keytarVersion = (Get-Content -Raw -Path ./package.json \| ConvertFrom-Json).dependencies.keytar
	$keytarTar = "keytar-v${keytarVersion}-napi-v3-{0}-x64.tar"
	$keytarTarGz = "${keytarTar}.gz"
	$keytarUrl = "https://github.com/atom/node-keytar/releases/download/v${keytarVersion}/${keytarTarGz}"

	New-Item -ItemType directory -Path ./keytar/windows \| Out-Null

	Invoke-RestMethod -Uri $($keytarUrl -f "win32") -OutFile "./keytar/windows/$($keytarTarGz -f "win32")"

	7z e "./keytar/windows/$($keytarTarGz -f "win32")" -o"./keytar/windows"

	7z e "./keytar/windows/$($keytarTar -f "win32")" -o"./keytar/windows"

	- name: Setup Version Info
	shell: pwsh
	run: \|
	$major, $minor, $patch = $env:_PACKAGE_VERSION.split('.')

	$versionInfo = @"

	1 VERSIONINFO
	FILEVERSION $major,$minor,$patch,0
	PRODUCTVERSION $major,$minor,$patch,0
	FILEOS 0x40004
	FILETYPE 0x1
	{
	BLOCK "StringFileInfo"
	{
	BLOCK "040904b0"
	{
	VALUE "CompanyName", "Bitwarden Inc."
	VALUE "ProductName", "Bitwarden"
	VALUE "FileDescription", "Bitwarden Directory Connector CLI"
	VALUE "FileVersion", "$env:_PACKAGE_VERSION"
	VALUE "ProductVersion", "$env:_PACKAGE_VERSION"
	VALUE "OriginalFilename", "bwdc.exe"
	VALUE "InternalName", "bwdc"
	VALUE "LegalCopyright", "Copyright Bitwarden Inc."
	}
	}

	BLOCK "VarFileInfo"
	{
	VALUE "Translation", 0x0409 0x04B0
	}
	}
	"@

	$versionInfo \| Out-File ./version-info.rc

	- name: Resource Hacker
	shell: cmd
	run: \|
	set PATH=%PATH%;C:\Program Files (x86)\Resource Hacker
	set WIN_PKG=C:\Users\runneradmin\.pkg-cache\v%_WIN_PKG_VERSION%\fetched-v%_WIN_PKG_FETCH_VERSION%-win-x64
	set WIN_PKG_BUILT=C:\Users\runneradmin\.pkg-cache\v%_WIN_PKG_VERSION%\built-v%_WIN_PKG_FETCH_VERSION%-win-x64

	ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action delete -mask ICONGROUP,1,
	ResourceHacker -open version-info.rc -save version-info.res -action compile
	ResourceHacker -open %WIN_PKG% -save %WIN_PKG% -action addoverwrite -resource version-info.res

	- name: Install
	run: npm install

	- name: Package CLI
	run: npm run dist:cli:win

	- name: Zip
	shell: cmd
	run: 7z a .\dist-cli\bwdc-windows-%_PACKAGE_VERSION%.zip .\dist-cli\windows\bwdc.exe .\keytar\windows\keytar.node

	- name: Version Test
	shell: pwsh
	run: \|
	Expand-Archive -Path "dist-cli\bwdc-windows-${{ env._PACKAGE_VERSION }}.zip" -DestinationPath "test\windows"
	$testVersion = Invoke-Expression '& .\test\windows\bwdc.exe -v'
	echo "version: ${env:_PACKAGE_VERSION}"
	echo "testVersion: $testVersion"
	if ($testVersion -ne ${env:_PACKAGE_VERSION}) {
	Throw "Version test failed."
	}

	- name: Create checksums
	run: \|
	checksum -f="./dist-cli/bwdc-windows-${env:_PACKAGE_VERSION}.zip" `
	-t sha256 \| Out-File ./dist-cli/bwdc-windows-sha256-${env:_PACKAGE_VERSION}.txt

	- name: Upload Windows Zip to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: bwdc-windows-${{ env._PACKAGE_VERSION }}.zip
	path: ./dist-cli/bwdc-windows-${{ env._PACKAGE_VERSION }}.zip
	if-no-files-found: error

	- name: Upload Windows checksum to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt
	path: ./dist-cli/bwdc-windows-sha256-${{ env._PACKAGE_VERSION }}.txt
	if-no-files-found: error


	windows-gui:
	name: Build Windows GUI
	runs-on: windows-2022
	needs: setup
	env:
	NODE_OPTIONS: --max_old_space_size=4096
	_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
	HUSKY: 0
	steps:
	- name: Checkout repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Set up Node
	uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
	with:
	cache: 'npm'
	cache-dependency-path: '**/package-lock.json'
	node-version: '18'

	- name: Update NPM
	run: \|
	npm install -g node-gyp
	node-gyp install $(node -v)

	- name: Print environment
	run: \|
	node --version
	npm --version

	- name: Install AST
	run: dotnet tool install --global AzureSignTool --version 4.0.1

	- name: Install Node dependencies
	run: npm install

	- name: Build & Sign
	run: npm run dist:win
	env:
	ELECTRON_BUILDER_SIGN: 1
	SIGNING_VAULT_URL: ${{ secrets.SIGNING_VAULT_URL }}
	SIGNING_CLIENT_ID: ${{ secrets.SIGNING_CLIENT_ID }}
	SIGNING_TENANT_ID: ${{ secrets.SIGNING_TENANT_ID }}
	SIGNING_CLIENT_SECRET: ${{ secrets.SIGNING_CLIENT_SECRET }}
	SIGNING_CERT_NAME: ${{ secrets.SIGNING_CERT_NAME }}

	- name: Upload Portable Executable to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: Bitwarden-Connector-Portable-${{ env._PACKAGE_VERSION }}.exe
	path: ./dist/Bitwarden-Connector-Portable-${{ env._PACKAGE_VERSION }}.exe
	if-no-files-found: error

	- name: Upload Installer Executable to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe
	path: ./dist/Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe
	if-no-files-found: error

	- name: Upload Installer Executable Blockmap to GitHub
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe.blockmap
	path: ./dist/Bitwarden-Connector-Installer-${{ env._PACKAGE_VERSION }}.exe.blockmap
	if-no-files-found: error

	- name: Upload latest auto-update artifact
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: latest.yml
	path: ./dist/latest.yml
	if-no-files-found: error


	linux-gui:
	name: Build Linux GUI
	runs-on: ubuntu-22.04
	needs: setup
	env:
	NODE_OPTIONS: --max_old_space_size=4096
	_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
	HUSKY: 0
	steps:
	- name: Checkout repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Set up Node
	uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
	with:
	cache: 'npm'
	cache-dependency-path: '**/package-lock.json'
	node-version: '18'

	- name: Update NPM
	run: \|
	npm install -g node-gyp
	node-gyp install $(node -v)

	- name: Set up environment
	run: \|
	sudo apt-get update
	sudo apt-get -y install pkg-config libxss-dev libsecret-1-dev
	sudo apt-get -y install rpm

	- name: NPM Install
	run: npm install

	- name: NPM Rebuild
	run: npm run rebuild

	- name: NPM Package
	run: npm run dist:lin

	- name: Upload AppImage
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
	path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-x86_64.AppImage
	if-no-files-found: error

	- name: Upload latest auto-update artifact
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: latest-linux.yml
	path: ./dist/latest-linux.yml
	if-no-files-found: error


	macos-gui:
	name: Build MacOS GUI
	runs-on: macos-13
	needs: setup
	env:
	NODE_OPTIONS: --max_old_space_size=4096
	_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
	HUSKY: 0
	steps:
	- name: Checkout repo
	uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7

	- name: Set up Node
	uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
	with:
	cache: 'npm'
	cache-dependency-path: '**/package-lock.json'
	node-version: '18'

	- name: Update NPM
	run: \|
	npm install -g node-gyp
	node-gyp install $(node -v)

	- name: Print environment
	run: \|
	node --version
	npm --version
	echo "GitHub ref: $GITHUB_REF"
	echo "GitHub event: $GITHUB_EVENT"

	- name: Login to Azure
	uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
	with:
	creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}

	- name: Get certificates
	run: \|
	mkdir -p $HOME/certificates

	az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/devid-app-cert \|
	jq -r .value \| base64 -d > $HOME/certificates/devid-app-cert.p12

	az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/devid-installer-cert \|
	jq -r .value \| base64 -d > $HOME/certificates/devid-installer-cert.p12

	az keyvault secret show --id https://bitwarden-ci.vault.azure.net/certificates/macdev-cert \|
	jq -r .value \| base64 -d > $HOME/certificates/macdev-cert.p12

	- name: Set up keychain
	env:
	KEYCHAIN_PASSWORD: ${{ secrets.KEYCHAIN_PASSWORD }}
	run: \|
	security create-keychain -p $KEYCHAIN_PASSWORD build.keychain
	security default-keychain -s build.keychain
	security unlock-keychain -p $KEYCHAIN_PASSWORD build.keychain
	security set-keychain-settings -lut 1200 build.keychain

	security import "$HOME/certificates/devid-app-cert.p12" -k build.keychain -P "" \
	-T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild

	security import "$HOME/certificates/devid-installer-cert.p12" -k build.keychain -P "" \
	-T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild

	security import "$HOME/certificates/macdev-cert.p12" -k build.keychain -P "" \
	-T /usr/bin/codesign -T /usr/bin/security -T /usr/bin/productbuild

	security set-key-partition-list -S apple-tool:,apple:,codesign: -s -k $KEYCHAIN_PASSWORD build.keychain

	- name: Load package version
	run: \|
	$rootPath = $env:GITHUB_WORKSPACE;
	$packageVersion = (Get-Content -Raw -Path $rootPath\package.json \| ConvertFrom-Json).version;

	Write-Output "Setting package version to $packageVersion";
	Write-Output "PACKAGE_VERSION=$packageVersion" \| Out-File -FilePath $env:GITHUB_ENV -Encoding utf8 -Append;
	shell: pwsh

	- name: Install Node dependencies
	run: npm install

	- name: Set up private auth key
	run: \|
	mkdir ~/private_keys
	cat << EOF > ~/private_keys/AuthKey_UFD296548T.p8
	${{ secrets.APP_STORE_CONNECT_AUTH_KEY }}
	EOF

	- name: Build application
	run: npm run dist:mac
	env:
	APP_STORE_CONNECT_TEAM_ISSUER: ${{ secrets.APP_STORE_CONNECT_TEAM_ISSUER }}
	APP_STORE_CONNECT_AUTH_KEY: UFD296548T
	APP_STORE_CONNECT_AUTH_KEY_PATH: ~/private_keys/AuthKey_UFD296548T.p8
	CSC_FOR_PULL_REQUEST: true

	- name: Upload .zip artifact
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip
	path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}-mac.zip
	if-no-files-found: error

	- name: Upload .dmg artifact
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg
	path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg
	if-no-files-found: error

	- name: Upload .dmg Blockmap artifact
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg.blockmap
	path: ./dist/Bitwarden-Connector-${{ env._PACKAGE_VERSION }}.dmg.blockmap
	if-no-files-found: error

	- name: Upload latest auto-update artifact
	uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
	with:
	name: latest-mac.yml
	path: ./dist/latest-mac.yml
	if-no-files-found: error


	check-failures:
	name: Check for failures
	runs-on: ubuntu-22.04
	needs:
	- cloc
	- setup
	- linux-cli
	- macos-cli
	- windows-cli
	- windows-gui
	- linux-gui
	- macos-gui
	steps:
	- name: Check if any job failed
	if: github.ref == 'refs/heads/main' && contains(needs.*.result, 'failure')
	run: exit 1

	- name: Login to Azure - CI subscription
	uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
	if: failure()
	with:
	creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}

	- name: Retrieve secrets
	id: retrieve-secrets
	uses: bitwarden/gh-actions/get-keyvault-secrets@main
	if: failure()
	with:
	keyvault: "bitwarden-ci"
	secrets: "devops-alerts-slack-webhook-url"

	- name: Notify Slack on failure
	uses: act10ns/slack@44541246747a30eb3102d87f7a4cc5471b0ffb7d # v2.1.0
	if: failure()
	env:
	SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}
	with:
	status: ${{ job.status }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[deps]: Lock file maintenance #2631

Workflow file

[deps]: Lock file maintenance #2631

Jobs

Run details

Workflow file for this run