nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-04 20:50:21 -05:00
Code
5,623 Commits 374 Branches 196 Tags
Commit Graph

170 Commits

Author SHA1 Message Date
Matt Andreko
229aecb55c
Update SARIF upload to use proper branch (#5534) 2025-03-24 14:20:42 -04:00
renovate[bot]
148a631178
[deps]: Update github/codeql-action action to v3.28.8 (#5292) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-31 15:59:39 +01:00
renovate[bot]
a9ef475046
[deps]: Update github-action minor (#5296) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-21 10:56:17 -08:00
renovate[bot]
f265911526
[deps] BRE: Update gh minor (#5016) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-09 10:09:55 +01:00
renovate[bot]
4b2030de77
[deps] BRE: Update anchore/scan-action action to v6 (#5180) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2025-01-03 11:35:28 -05:00
MtnBurrit0
840ff00189
BRE-292: Sync ephemeral environment with GH workflow (#5174) 
* Add sync_environment call

* Put callable workflow in it's own job

* Switch to context for GitHub input

* Set requirements and inherit secrets

* Add the condition to the job

* Update .github/workflows/build.yml

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>

---------

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
 2025-01-02 13:58:32 -07:00
Michał Chęciński
16488091d2
Remove is_workflow_call input from build workflow (#5161) 2024-12-17 10:45:02 -05:00
Opeyemi
d0c72a34f1
Update SH Unified Build trigger (#5154) 
* Update SH Unified Build trigger

* make value a boolean
 2024-12-16 15:21:05 +01:00
Matt Bishop
c0a9c55891
Fix image path formation for Cosign (#5151) 2024-12-13 10:26:45 -05:00
Matt Bishop
11bdb93d1e
Sign main branch container builds with cosign (#5148) 
* Sign main branch container builds with cosign

* Properly label
 2024-12-13 09:41:17 -05:00
Michał Chęciński
470a12640e
Trigger unified build on rc and hotfix-rc branches (#5108) 2024-12-04 13:18:58 +00:00
Matt Bishop
eec4a77bda
Check run earlier during setup (#5022) 2024-11-11 13:19:20 -05:00
Alex Urbina
89be2f495a
Fix Hackerone Report ID 2830741 (#5010) 2024-11-08 20:41:58 +00:00
MtnBurrit0
a56f3a587c
Update logic to handle pull_request_target (#5008) 
- Removing the grep and create a conditional based on GITHUB_EVENT_NAME
 2024-11-08 11:58:07 -07:00
Matt Bishop
e7cbdaa469
Only build Unified on main branch pushes (#5006) 2024-11-08 10:31:18 -05:00
Matt Bishop
fcb706b9c5
Catch PR targets for certain build operations (#5003) 
* Catch PR targets for certain build operations

* Support EE
 2024-11-07 17:11:01 -05:00
Matt Bishop
f7957f7053
Check run permissions for secrets usage (#4992) 2024-11-07 09:56:57 -05:00
Matt Bishop
e7bd31c009
Check for secrets on Docker builds (#4985) 2024-11-06 13:56:12 -05:00
renovate[bot]
2abd37d2d7
[deps] DevOps: Update gh minor (#4945) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-30 11:23:50 -04:00
MtnBurrit0
724f2ee5e5
Secure inputs (#4927) 2024-10-22 10:29:57 -06:00
Opeyemi
c809794642
[BRE-372] - Clean up document start (#4915) 2024-10-21 13:11:59 +01:00
AJ
1fb366d42b
Replace github.ref with GITHUB_REF in build.yml scripts (#4857) 
Data should be separated from code where possible to avoid injection (CWE-78).

* https://docs.github.com/en/actions/security-for-github-actions/security-guides/security-hardening-for-github-actions#understanding-the-risk-of-script-injections
* https://docs.github.com/en/actions/writing-workflows/choosing-what-your-workflow-does/store-information-in-variables#default-environment-variables
 2024-10-17 11:50:31 -04:00
renovate[bot]
245e2e4d52
[deps] DevOps: Update gh minor (#4885) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-17 10:42:44 -04:00
renovate[bot]
8e62e9eb38
[deps] DevOps: Update anchore/scan-action action to v5 (#4892) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-10-17 10:42:26 -04:00
MtnBurrit0
96f58dc309
BRE-349: Call _update_ephemeral_tags workflow (#4850) 
* Kick off ephemeral environment updates

* Fix missing ,

* Switch to head_ref

* Update to `main`
 2024-10-10 09:49:04 -06:00
renovate[bot]
793ef3aab8
[deps] DevOps: Update gh minor (#4828) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-30 11:36:51 +02:00
renovate[bot]
3381bca608
[deps] DevOps: Update gh minor (#4780) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-24 11:31:57 -04:00
renovate[bot]
8891540972
[deps] DevOps: Update gh minor (#4723) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-09-04 09:44:19 -04:00
renovate[bot]
8ad74ce5b1
[deps] DevOps: Update gh minor (#4652) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:47:52 -04:00
renovate[bot]
6dec1c6e04
[deps] DevOps: Update GitHub Artifact Actions to v4 (#4664) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:47:35 -04:00
renovate[bot]
0753cc9172
[deps] DevOps: Update actions/github-script action to v7 (#4666) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:47:10 -04:00
renovate[bot]
ee8716859f
[deps] DevOps: Update actions/setup-dotnet action to v4 (#4667) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:46:30 -04:00
renovate[bot]
e677344d7e
[deps] DevOps: Update actions/setup-node action to v4 (#4668) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 16:46:11 -04:00
renovate[bot]
7c50e4f2be
[deps] DevOps: Update docker/build-push-action action to v6 (#4670) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-26 11:41:49 -04:00
Daniel García
1a584b4477
[PM-9361] Generate Swagger specs in CI for the SDK (#4428) 
Co-authored-by: Oscar Hinton <Hinton@users.noreply.github.com>
 2024-08-20 15:34:22 +02:00
renovate[bot]
eaa386f3da
[deps] DevOps: Update gh minor (#4585) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-13 13:33:53 -04:00
renovate[bot]
31412db1a9
[deps] DevOps: Update anchore/scan-action action to v4 (#4606) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-08-08 16:12:22 -04:00
renovate[bot]
45b99336da
[deps] DevOps: Update gh minor (#4539) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-07-22 17:10:28 -04:00
renovate[bot]
2b38c49ff6
[deps] DevOps: Update gh minor (#3368) 
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
 2024-07-10 15:47:20 -04:00
Opeyemi
9d7e1ccc41
update failure stpes (#3870) 2024-03-05 20:14:50 +00:00
Matt Bishop
faf84f9aa9
Use primary tag for container scans (#3838) 
* Use local path for container scans

* Use a primary tag
 2024-02-23 16:09:51 -05:00
Matt Bishop
96d0ae9cf7
Consolidated scanning (#3832) 
* Consolidated security scanning

* Add quality scan

* Version bumps

* Add container scanning

* Check out repo for container scan

* Build need and dependent outputs

* Incremental SAST

* Sonar fixes

* Underscore

* Inherit secrets

* Qualify Docker image name outputs

* Try a login

* Remove build modifications as this doesn't work with a matrix

* Move container scanning closer to tbe Docker steps for better management
 2024-02-23 13:47:23 -05:00
Matt Bishop
ae5d6071ca
Remove CLOC job (#3796) 2024-02-13 12:42:01 -05:00
Vince Grassia
26ee43b770
Update logic for Docker image tag (#3695) 2024-01-23 21:03:11 +00:00
Matt Bishop
c63db733e0
Workflow linting and test separation (#3684) 
* Workflow linting and test separation

* Name linting step

* Few more renames

* Database testing consolidation

* Few more renames and tweaks
 2024-01-23 13:24:52 -05:00
Matt Bishop
1f8e2385db
Wire up code coverage (#3618) 2023-12-27 10:36:20 -05:00
Opeyemi
3f1f6b576a
[DEVOPS-1657] - UPDATE: Adds k8s deploy trigger on main branch (#3597) 2023-12-19 17:05:02 +00:00
Joseph Flinn
c120b7e867
Point workflows to main (#3549) 
* Point workflows to main

* Merge in master. Update new version-bump workflow changes
 2023-12-12 20:08:12 +00:00
Michał Chęciński
a589af3588
[DEVOPS-1654] Tag Server images in master with git commit (#3516) 
* Add image name with SHA

* Test

* Remove testing

* Change name

* Change to short SHA

* Test

* Fix

* Remove testing

* Test

* Remove testing
 2023-12-07 09:42:35 -05:00
Vince Grassia
6aa763a854
Update 'master' to 'main' (#3427) 2023-11-08 13:08:15 -05:00