Skip to content

[BRE-1935] Migrate workflow: github-release.yml#2874

Open
AmyLGalles wants to merge 1 commit into
mainfrom
agalles/BRE-1935-ios-github-release
Open

[BRE-1935] Migrate workflow: github-release.yml#2874
AmyLGalles wants to merge 1 commit into
mainfrom
agalles/BRE-1935-ios-github-release

Conversation

@AmyLGalles

Copy link
Copy Markdown
Contributor

Summary

This PR completes the finalize-source stage of migrating github-release.yml to bitwarden/deploy.

The workflow has been replaced with a trigger-actions caller that forwards to release-ios.yml in bitwarden/deploy. This preserves the same developer interface while centralizing release orchestration.

Changes

  • Replace github-release.yml implementation with trigger-actions caller
  • Preserves workflow_dispatch trigger with same inputs (artifact-run-id, release-ticket-id)
  • Forwards inputs via data payload to release-ios.yml task in bitwarden/deploy

Developer Impact

Developers can continue to trigger releases the same way:

gh workflow run github-release.yml --repo bitwarden/ios \
  -f artifact-run-id=<run-id> \
  -f release-ticket-id=<ticket-id>

The workflow now routes through bitwarden/deploy's release-ios.yml for execution.

Related

  • draft PR: The migrated workflow in bitwarden/deploy (release-ios.yml) is already merged to main
  • Next step: After this merges, run /migrate-workflow-full ios github-release.yml wire-trigger to add the receiver job to trigger-actions.yml

Testing

After merge, test with:

gh workflow run github-release.yml --repo bitwarden/ios \
  -f artifact-run-id=<valid-run-id> \
  -f release-ticket-id=RELEASE-XXXX

Verify that it triggers release-ios.yml in bitwarden/deploy successfully.

Replace workflow implementation with trigger-actions caller that forwards
to release-ios.yml in bitwarden/deploy. Preserves the same interface for
developers: workflow_dispatch with artifact-run-id and release-ticket-id
inputs.

The workflow can still be triggered from the ios repo using:
  gh workflow run github-release.yml --repo bitwarden/ios

The actual release logic now runs in bitwarden/deploy for centralized
release orchestration across products.
@AmyLGalles AmyLGalles added app:password-manager Bitwarden Password Manager app context app:authenticator Bitwarden Authenticator app context labels Jul 9, 2026
@codecov

codecov Bot commented Jul 10, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 78.98%. Comparing base (e9514dc) to head (8803215).

Additional details and impacted files
@@            Coverage Diff             @@
##             main    #2874      +/-   ##
==========================================
- Coverage   81.24%   78.98%   -2.27%     
==========================================
  Files        1028     1151     +123     
  Lines       66164    73459    +7295     
==========================================
+ Hits        53756    58022    +4266     
- Misses      12408    15437    +3029     

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@AmyLGalles AmyLGalles added the hold This shouldn't be merged yet label Jul 10, 2026
@AmyLGalles AmyLGalles marked this pull request as ready for review July 10, 2026 18:25
@AmyLGalles AmyLGalles requested a review from a team as a code owner July 10, 2026 18:25
@github-actions

github-actions Bot commented Jul 10, 2026

Copy link
Copy Markdown
Contributor

🤖 Bitwarden Claude Code Review

Overall Assessment: APPROVE

Reviewed the migration of .github/workflows/github-release.yml from an in-repo release implementation to a bitwarden/deploy trigger-actions caller. The change preserves the workflow_dispatch interface (artifact-run-id, release-ticket-id) and forwards inputs to the release-ios task. Verified that the removed scripts (download-artifacts.sh, jira-get-release-notes, log-inputs) remain referenced by other workflows and are not orphaned, and that the new top-level permissions: {} with a scoped deployments: write job permission tightens the workflow's token scope. No security, correctness, or breaking-change findings met the confidence bar for inline comments.

Code Review Details

No blocking findings.

Notes for the author (non-blocking, no action required):

  • The branch: ${{ github.ref_name }} input replaces the original logic that derived the release branch from the artifact run's headBranch (including the main/release/* protection check). This behavior now depends on the receiving release-ios.yml in bitwarden/deploy; worth confirming the receiver enforces the equivalent branch validation.
  • The hold label is present, consistent with the PR description noting the receiver job must be wired in trigger-actions.yml before this can merge.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

app:authenticator Bitwarden Authenticator app context app:password-manager Bitwarden Password Manager app context hold This shouldn't be merged yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant