Agalles/create deploy workflow trigger#7093
Conversation
Code Review SummaryScope: 1 file changed ( This PR replaces the in-repo GitHub Release creation pipeline (artifact download, version parsing, Jira release notes, Findings
Observations (non-blocking)
VerdictA clean, well-scoped migration. No blocking issues. The branch-protection question is the only item worth an explicit confirmation before merge. |
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## main #7093 +/- ##
==========================================
- Coverage 86.80% 86.24% -0.57%
==========================================
Files 911 927 +16
Lines 65392 66120 +728
Branches 9353 9383 +30
==========================================
+ Hits 56762 57022 +260
- Misses 5405 5862 +457
- Partials 3225 3236 +11
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Harness. 🚀 New features to boost your workflow:
|
| artifact_run_id: ${{ github.event.inputs.artifact-run-id }} | ||
| release_ticket_id: ${{ github.event.inputs.release-ticket-id }} |
There was a problem hiding this comment.
🔵 SUGGESTED: For workflow_dispatch inputs, the rest of this repo's workflows use the shorter inputs.<name> context rather than github.event.inputs.<name> (see build.yml, _version.yml, release-branch.yml). Consider aligning for consistency:
| artifact_run_id: ${{ github.event.inputs.artifact-run-id }} | |
| release_ticket_id: ${{ github.event.inputs.release-ticket-id }} | |
| artifact_run_id: ${{ inputs.artifact-run-id }} | |
| release_ticket_id: ${{ inputs.release-ticket-id }} |
| - name: Trigger publish | ||
| uses: bitwarden/gh-actions/trigger-actions@main |
There was a problem hiding this comment.
❓ QUESTION: The previous version of this workflow enforced a branch-protection guard before creating a release — it rejected the run unless the artifact's headBranch was main or matched release/* ("Releases must be created from protected branches"). That check is removed here. Is that guard now enforced downstream in bitwarden/gh-actions/trigger-actions / the release-android task in the deploy repo? Just want to confirm we're not dropping the protection that releases only originate from protected branches.
🎟️ Tracking
Creating a workflow trigger for deploy release github workflow
https://github.com/bitwarden/deploy/pull/211
📔 Objective
📸 Screenshots