bitwarden_workflow_linter 0.7.0__tar.gz → 0.8.0__tar.gz

{bitwarden_workflow_linter-0.7.0 → bitwarden_workflow_linter-0.8.0}/.github/CODEOWNERS

@@ -6,3 +6,6 @@
 
 # Default file owners
 * @bitwarden/dept-bre
+
+# App-sec owns default_actions file
+src/bitwarden_workflow_linter/default_actions.json @bitwarden/team-appsec

bitwarden_workflow_linter-0.7.0/.github/workflows/update_actions.yml → bitwarden_workflow_linter-0.8.0/.github/workflows/bwwl_operations.yml

@@ -1,14 +1,30 @@
-name: Update Approved Actions
+name: Approved actions operations
 
 on:
+  workflow_dispatch:
+    inputs:
+      operation:
+        description: 'Operation to perform. ex: update, add'
+        required: true
+        type: string
+      action:
+        description: 'Single action to add. ex: actions/checkout'
+        required: false
+        type: string
   schedule:
-  - cron: '0 0 */14 * *'
+  - cron: '0 0 1 * *'
 
 jobs:
-  actions-update:
-    name: "Update Approved Actions"
+  actions-operation:
+    name: "Approved actions operations"
     runs-on: ubuntu-24.04
+    env:
+      _ACTION: ${{ inputs.action }}
     steps:
+      -  name: Check for action input
+         if: ${{ inputs.operation == 'add' && !env._ACTION }}
+         run: echo "Action input is required for operation 'add'" && exit 1
+
       - name: Login to Azure - CI Subscription
         uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
         with:
@@ -22,6 +38,9 @@ jobs:
           secrets: "github-gpg-private-key,
             github-gpg-private-key-passphrase"
 
+      - name: Checkout Branch
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+
       - name: Import GPG key
         uses: crazy-max/ghaction-import-gpg@cb9bde2e2525e640591a934b1fd28eef1dcaf5e5 # v6.2.0
         with:
@@ -35,9 +54,6 @@ jobs:
           git config --local user.email "106330231+bitwarden-devops-bot@users.noreply.github.com"
           git config --local user.name "bitwarden-devops-bot"
 
-      - name: Checkout Branch
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
-
       - name: Set up Python 3.11
         uses: actions/setup-python@42375524e23c412d93fb67b49958b491fce71c38 # v5.4.0
         with:
@@ -47,16 +63,30 @@ jobs:
         run: python -m pip install --upgrade bitwarden_workflow_linter
 
       - name: Create Branch
+        if: ${{ github.events_name == 'schedule' }} || ${{ inputs.operation == 'update' }}
         id: create-branch
         run: |
           NAME="update-actions-$(date +'%Y%m%d-%H%M%S')"
           git switch -c $NAME
           echo "name=$NAME" >> $GITHUB_OUTPUT
 
+      - name: Create Branch
+        if: ${{ inputs.operation == 'add' }}
+        id: create-branch
+        run: |
+          NAME= "add-action-$_ACTION"
+          git switch -c $NAME
+          echo "name=$NAME" >> $GITHUB_OUTPUT
+
       - name: Run bwwl update
+        if: ${{ github.events_name == 'schedule' }} || ${{ inputs.operation == 'update' }}
         run: bwwl actions update -o src/bitwarden_workflow_linter/default_actions.json
 
-      - name: Check if there are changes to commit
+      - name: Run bwwl add
+        if: ${{ inputs.operation == 'add' }}
+        run: bwwl actions add -o src/bitwarden_workflow_linter/default_actions.json "$_ACTION"
+
+      - name: Check for changes to commit
         id: new-changes
         run: |
           if [ -n "$(git status --porcelain)" ]; then
@@ -67,15 +97,15 @@ jobs:
           fi
 
       - name: Commit changes
-        if: steps.new-changes.outputs.new_changes == 'TRUE'
+        if: ${{ steps.new-changes.outputs.new_changes == 'TRUE' }}
         env:
-          PR_BRANCH: ${{ steps.create-branch.outputs.name }}
+          _PR_BRANCH: ${{ steps.create-branch.outputs.name }}
         run: |
           git commit -m "Update approved actions" -a
-          git push origin $PR_BRANCH
+          git push origin "$_PR_BRANCH"
 
       - name: Generate GH App token
-        if: steps.new-changes.outputs.new_changes == 'TRUE'
+        if: ${{ steps.new-changes.outputs.new_changes == 'TRUE' }}
         uses: actions/create-github-app-token@67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7 # v1.11.3
         id: app-token
         with:
@@ -84,16 +114,16 @@ jobs:
           owner: ${{ github.repository_owner }}
 
       - name: Create PR
-        if: steps.new-changes.outputs.new_changes == 'TRUE'
+        if: ${{ steps.new-changes.outputs.new_changes == 'TRUE' }}
         id: create-pr
         env:
           GH_TOKEN: ${{ steps.app-token.outputs.token }}
-          PR_BRANCH: ${{ steps.create-branch.outputs.name }}
-          TITLE: "Update bwwl Approved Actions"
+          _PR_BRANCH: ${{ steps.create-branch.outputs.name }}
+          _TITLE: "Update/Add bwwl approved actions"
         run: |
-          PR_URL=$(gh pr create --title "$TITLE" \
+          PR_URL=$(gh pr create --title "$_TITLE" \
             --base "main" \
-            --head "$PR_BRANCH" \
+            --head "$_PR_BRANCH" \
             --label "version:patch" \
             --label "automated pr" \
             --body "
@@ -107,12 +137,3 @@ jobs:
               ## Description
               - This PR updates the approved actions for the Bitwarden Workflow Linter.")
           echo "pr_number=${PR_URL##*/}" >> $GITHUB_OUTPUT
-
-      - name: Approve and Merge PR
-        if: ${{ steps.create-pr.outcome == 'success' }}
-        env:
-          GH_TOKEN: ${{ steps.app-token.outputs.token }}
-          PR_NUMBER: ${{ steps.create-pr.outputs.pr_number }}
-        run: |
-          gh pr review $PR_NUMBER --approve
-          gh pr merge $PR_NUMBER --squash --auto --delete-branch

{bitwarden_workflow_linter-0.7.0 → bitwarden_workflow_linter-0.8.0}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.4
 Name: bitwarden_workflow_linter
-Version: 0.7.0
+Version: 0.8.0
 Summary: Custom GitHub Action Workflow Linter
 Project-URL: Homepage, https://github.com/bitwarden/workflow-linter
 Project-URL: Issues, https://github.com/bitwarden/workflow-linter/issues

{bitwarden_workflow_linter-0.7.0 → bitwarden_workflow_linter-0.8.0}/src/bitwarden_workflow_linter/__about__.py

@@ -1,3 +1,3 @@
 """Metadata for Workflow Linter."""
 
-__version__ = "0.7.0"
+__version__ = "0.8.0"

{bitwarden_workflow_linter-0.7.0 → bitwarden_workflow_linter-0.8.0}/src/bitwarden_workflow_linter/default_actions.json

@@ -181,8 +181,8 @@
   },
   "codecov/codecov-action": {
     "name": "codecov/codecov-action",
-    "sha": "7f8b4b4bde536c465e797be725718b88c5d95e0e",
-    "version": "v5.1.1"
+    "sha": "1e68e06f1dbfde0e4cefc87efeba9e4643565303",
+    "version": "v5.1.2"
   },
   "codecov/test-results-action": {
     "name": "codecov/test-results-action",
@@ -379,11 +379,6 @@
     "sha": "7b4da11513bf3f43f9999e90eabced41ab8bb048",
     "version": "v2.2.0"
   },
-  "sonarsource/sonarcloud-github-action": {
-    "name": "sonarsource/sonarcloud-github-action",
-    "sha": "02ef91109b2d589e757aefcfb2854c2783fd7b19",
-    "version": "v4.0.0"
-  },
   "sonarsource/sonarqube-scan-action": {
     "name": "sonarsource/sonarqube-scan-action",
     "sha": "bfd4e558cda28cda6b5defafb9232d191be8c203",