Version Bump #7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
--- | |
name: Version Bump | |
on: | |
workflow_dispatch: | |
inputs: | |
version_number: | |
description: "New Version" | |
required: true | |
jobs: | |
bump_version: | |
name: "Bump Version to ${{ github.event.inputs.version_number }}" | |
runs-on: ubuntu-22.04 | |
environment: Production | |
permissions: | |
contents: write | |
pull-requests: write | |
steps: | |
- name: Checkout Branch | |
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 | |
- name: Login to Azure - CI Subscription | |
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 | |
with: | |
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} | |
- name: Retrieve secrets | |
id: retrieve-secrets | |
uses: bitwarden/gh-actions/get-keyvault-secrets@master | |
with: | |
keyvault: "bitwarden-ci" | |
secrets: "github-gpg-private-key, github-gpg-private-key-passphrase" | |
- name: Import GPG key | |
uses: crazy-max/ghaction-import-gpg@82a020f1f7f605c65dd2449b392a52c3fcfef7ef # v6.0.0 | |
with: | |
gpg_private_key: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key }} | |
passphrase: ${{ steps.retrieve-secrets.outputs.github-gpg-private-key-passphrase }} | |
git_user_signingkey: true | |
git_commit_gpgsign: true | |
- name: "Create version_bump_${{ github.event.inputs.version_number }} branch" | |
run: git switch -c version_bump_${{ github.event.inputs.version_number }} | |
- name: Bump Version | |
uses: bitwarden/gh-actions/version-bump@master | |
with: | |
version: ${{ github.event.inputs.version_number }} | |
file_path: "charts/self-host/Chart.yaml" | |
- name: Setup git | |
run: | | |
git config --local user.email "[email protected]" | |
git config --local user.name "bitwarden-devops-bot" | |
- name: Check if version changed | |
id: version-changed | |
run: | | |
if [ -n "$(git status --porcelain)" ]; then | |
echo "changes_to_commit=TRUE" >> $GITHUB_OUTPUT | |
else | |
echo "changes_to_commit=FALSE" >> $GITHUB_OUTPUT | |
echo "No changes to commit!"; | |
fi | |
- name: Commit files | |
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }} | |
run: git commit -m "Bumped version to ${{ github.event.inputs.version_number }}" -a | |
- name: Push changes | |
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }} | |
run: git push -u origin version_bump_${{ github.event.inputs.version_number }} | |
- name: Create Version PR | |
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }} | |
env: | |
PR_BRANCH: "version_bump_${{ github.event.inputs.version_number }}" | |
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" | |
BASE_BRANCH: main | |
TITLE: "Bump version to ${{ github.event.inputs.version_number }}" | |
run: | | |
gh pr create --title "$TITLE" \ | |
--base "$BASE" \ | |
--head "$PR_BRANCH" \ | |
--label "version update" \ | |
--label "automated pr" \ | |
--body " | |
## Type of change | |
- [ ] Bug fix | |
- [ ] New feature development | |
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) | |
- [ ] Build/deploy pipeline (DevOps) | |
- [X] Other | |
## Objective | |
Automated version bump to ${{ github.event.inputs.version_number }}" |