bitwarden · mimartin12 · Sep 18, 2023 · Oct 5, 2023 · Oct 5, 2023 · Oct 9, 2023
@@ -0,0 +1,143 @@
+---
+name: Build Swift Package
+
+on:
+  push:
+    branches:
+      - "rc"
+      - "hotfix-rc-swift"
+    paths:
+      - "languages/swift/**"
+
+jobs:
+  version:
+    name: Get Version
+    runs-on: ubuntu-22.04
+    outputs:
+      package_version: ${{ steps.retrieve-version.outputs.package_version }}
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+
+      - name: Get Package Version
+        id: retrieve-version
+        run: |
+          VERSION=$(grep -o '^version = ".*"' crates/bitwarden/Cargo.toml | grep -Eo "[0-9]+\.[0-9]+\.[0-9]+")
+          echo "package_version=$VERSION" >> $GITHUB_OUTPUT
+
+  build:
+    runs-on: macos-13
+    strategy:
+      fail-fast: false
+      matrix:
+        settings:
+          - target: aarch64-apple-ios-sim
+          - target: aarch64-apple-ios
+          - target: x86_64-apple-ios
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+
+      - name: Install rust
+        uses: dtolnay/rust-toolchain@5cb429dd810e16ff67df78472fa81cf760f4d1c0 # stable
+        with:
+          toolchain: 1.70.0
+
+      - name: Cache cargo registry
+        uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0
+        with:
+          key: ${{ matrix.settings.target }}-cargo
+
+      - name: Rustup target
+        run: rustup target install ${{ matrix.settings.target }}
+
+      - name: Build native library
+        env:
+          IPHONEOS_DEPLOYMENT_TARGET: 13.0
+          RUSTFLAGS: "-C link-arg=-Wl,-application_extension"
+        run: cargo build --package bitwarden-uniffi --target ${{ matrix.settings.target }} --release
+        working-directory: languages/swift
+
+      - name: Upload libbitwarden_uniffi.a artifact
+        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        with:
+          name: libbitwarden_uniffi.a-${{ matrix.settings.target }}
+          path: ./target/${{ matrix.settings.target }}/release/libbitwarden_uniffi.a
+          if-no-files-found: error
+
+      - name: Upload libbitwarden_uniffi.dylib artifact
+        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        with:
+          name: libbitwarden_uniffi.dylib-${{ matrix.settings.target }}
+          path: ./target/${{ matrix.settings.target }}/release/libbitwarden_uniffi.dylib
+          if-no-files-found: error
+
+  package:
+    name: Package
+    runs-on: macos-13
+    needs:
+      - build
+      - version
+    env:
+      _PKG_VERSION: ${{ needs.version.outputs.package_version }}
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+
+      - name: Install rust
+        uses: dtolnay/rust-toolchain@5cb429dd810e16ff67df78472fa81cf760f4d1c0 # stable
+        with:
+          toolchain: 1.70.0
+
+      - name: Cache cargo registry
+        uses: Swatinem/rust-cache@a95ba195448af2da9b00fb742d14ffaaf3c21f43 # v2.7.0
+        with:
+          key: cargo-combine-cache
+
+      - name: Download artifacts
+        uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+        with:
+          path: ./languages/swift/target
+
+      - name: Create universal libraries
+        working-directory: ./languages/swift
+        run: |
+          mkdir -p ${{ github.workspace	}}/universal-ios-sim/release
+          lipo -create -output ${{ github.workspace	}}/universal-ios-sim/release/libbitwarden_uniffi.a \
+            ./target/libbitwarden_uniffi.a-aarch64-apple-ios-sim/libbitwarden_uniffi.a \
+            ./target/libbitwarden_uniffi.a-x86_64-apple-ios/libbitwarden_uniffi.a
+
+      - name: Generate Swift bindings
+        working-directory: ./languages/swift
+        run: |
+          cargo run -p uniffi-bindgen generate \
+            ./target/libbitwarden_uniffi.dylib-aarch64-apple-ios-sim/libbitwarden_uniffi.dylib \
+            --library \
+            --language swift \
+            --no-format \
+            --out-dir ./bindings
+
+      - name: Fit bindings for xcframework
+        working-directory: ./languages/swift
+        run: |
+          mkdir ./Headers
+          mv ./bindings/BitwardenFFI.h ./Headers/
+          mv ./bindings/BitwardenCoreFFI.h ./Headers/
+          cat ./bindings/BitwardenFFI.modulemap ./bindings/BitwardenCoreFFI.modulemap > ./Headers/module.modulemap
+
+      - name: Build xcframework
+        working-directory: ./languages/swift
+        run: |
+          xcodebuild -create-xcframework \
+            -library ./target/libbitwarden_uniffi.a-aarch64-apple-ios/libbitwarden_uniffi.a \
+            -headers ./Headers \
+            -library ${{ github.workspace	}}/universal-ios-sim/release/libbitwarden_uniffi.a \
+            -headers ./Headers \
+            -output ./BitwardenFFI.xcframework
+
+      - name: Upload xcframework artifact
+        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        with:
+          name: BitwardenFFI-${{ env._PKG_VERSION }}.xcframework
+          path: ./languages/swift/BitwardenFFI.xcframework
+          if-no-files-found: error
@@ -0,0 +1,148 @@
+---
+name: Release Swift Package
+run-name: Release Swift Package ${{ inputs.release_type }}
+
+on:
+  workflow_dispatch:
+    inputs:
+      release_type:
+        description: "Release Options"
+        required: true
+        default: "Initial Release"
+        type: choice
+        options:
+          - Initial Release
+          - Redeploy
+          - Dry Run
+
+jobs:
+  validate:
+    name: Validate Branch - Set Version
+    runs-on: ubuntu-22.04
+    outputs:
+      version: ${{ steps.version.outputs.version }}
+    steps:
+      - name: Checkout repo
+        uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
+
+      - name: Branch check
+        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
+        run: |
+          if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc-swift" ]]; then
+            echo "==================================="
+            echo "[!] Can only release from the 'rc' or 'hotfix-rc-cli' branches"
+            echo "==================================="
+            exit 1
+          fi
+
+      - name: Get version
+        id: version
+        run: |
+          VERSION=$(grep -o '^version = ".*"' crates/bitwarden/Cargo.toml | grep -Eo "[0-9]+\.[0-9]+\.[0-9]+")
+          echo "version=$VERSION" >> $GITHUB_OUTPUT
+
+  github-release:
+    name: GitHub Release
+    runs-on: ubuntu-22.04
+    needs: validate
+    env:
+      _PKG_VERSION: ${{ needs.validate.outputs.version }}
+    steps:
+      - name: Download BitwardenEFI artifact
+        uses: bitwarden/gh-actions/download-artifacts@62d1bf7c3e31c458cc7236b1e69a475d235cd78f
+        with:
+          workflow: build-swift.yml
+          artifacts: BitwardenFFI-${{ env._PKG_VERSION }}.xcframework
+          path: packages
+          workflow_conclusion: success
+          branch: ${{ github.event.inputs.release_type == 'Dry Run' && 'master' || github.ref_name }}
+
+      - name: Create release
+        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
+        uses: ncipollo/release-action@6c75be85e571768fa31b40abf38de58ba0397db5 # v1.13.0
+        with:
+          artifacts: "packages/BitwardenFFI-${{ env._PKG_VERSION }}.xcframework"
+          commit: ${{ github.sha }}
+          tag: BitwardenFFI-v${{ env._PKG_VERSION }}
+          name: BitwardenFFI v${{ env._PKG_VERSION }}
+          body: "<insert release notes here>"
+          token: ${{ secrets.GITHUB_TOKEN }}
+          draft: true
+
+  repo-sync:
+    name: Push changed files to SDK Swift repo
+    runs-on: ubuntu-22.04
+    needs: validate
+    env:
+      _KEY_VAULT: "bitwarden-ci"
+      _BOT_EMAIL: 106330231+bitwarden-devops-bot@users.noreply.github.com
+      _BOT_NAME: bitwarden-devops-bot
+      _PKG_VERSION: ${{ needs.validate.outputs.version }}
+    steps:
+      - name: Checkout SDK repo
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        with:
+          path: sdk
+
+      - name: Checkout SDK-Swift repo
+        uses: actions/checkout@3df4ab11eba7bda6032a0b82a6bb43b11571feac # v4.0.0
+        with:
+          repository: bitwarden/sdk-swift
+          path: sdk-swift
+          ref: main
+
+      - name: Login to Azure - Prod Subscription
+        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
+        with:
+          creds: ${{ secrets.AZURE_CI_SERVICE_PRINCIPAL }}
+
+      - name: Retrieve secrets
+        id: retrieve-secrets
+        uses: bitwarden/gh-actions/get-keyvault-secrets@62d1bf7c3e31c458cc7236b1e69a475d235cd78f
+        with:
+          keyvault: ${{ env._KEY_VAULT }}
+          secrets: "github-pat-bitwarden-devops-bot-repo-scope"
+
+      - name: Setup Git
+        working-directory: sdk-swift
+        run: |
+          git config --local user.email "${{ env._BOT_EMAIL }}"
+          git config --local user.name "${{ env._BOT_NAME }}"
+
+      - name: Update files
+        run: |
+          cp --verbose -rf sdk/languages/swift/README.md sdk-swift/README.md
+          cp --verbose -rf sdk/languages/swift/Package.swift sdk-swift/Package.swift
+          cp --verbose -rf sdk/languages/swift/Sources sdk-swift/Sources
+          cp --verbose -rf sdk/languages/swift/Tests sdk-swift/Tests
+
+      - name: Push changes
+        working-directory: sdk-swift
+        run: |
+          git add .
+          git commit -m "Update Swift SDK to ${{ github.sha }}"
+
+          if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then
+            echo "==================================="
+            echo "[!] Dry Run - Skipping push"
+            echo "==================================="
+            git ls-files -m
+            exit 0
+          else 
+            git push origin main
+          fi
+
+      - name: Create release tag on SDK Swift repo
+        if: ${{ github.event.inputs.release_type != 'Dry Run' }}
+        working-directory: sdk-swift
+        run: |
+          # Check if tag exists, set output then exit 0 if true.
+          if git log v${{ env._PKG_VERSION }} >/dev/null 2>&1; then
+            echo "==================================="
+            echo "[!] Tag v${{ env._PKG_VERSION }} already exists"
+            echo "==================================="
+            exit 1
+          fi
+
+          git tag v${{ env._PKG_VERSION }}
+          git push origin v${{ env._PKG_VERSION }}