evergreen
evergreen copied to clipboard
Update Bitwarden repository url
This fixes #365
However note unfortunately the new combined Bitwarden client repository doesn't always tag the latest releases for reach client as "latest" so the full releases feed is used. This has the unfortunate side-effect of returning not just the current release but all releases and assets that match the filters in the manifest.
One of the "correct" solutions to this would be refactoring Get-GitHubRepoRelease
to accept a filter for VersionTag
and filter on the "desktop-" prefix and stop returning output when the version changes.
I haven't done this as:
- From a quick search OpenJDK is also "broken" in this way returning multiple versions
- There are many ways to refactor
Get-GitHubRepoRelease
and didn't want to start making decisions about this unilaterally without discussion
I don't want to make changes to Get-GitHubRepoRelease
for one app. It does currently expect that the repo has the available binaries on the latest release.
This URL is available which might be able to be used to grab the latest version and installer: https://vault.bitwarden.com/download/?app=desktop&platform=windows
.
This resolves to a pretty messy URL though - https://objects.githubusercontent.com/github-production-release-asset-2e65be/53538899/7d83e8b2-55d7-451b-90ad-b173c46c245a?X-Amz-Algorithm=AWS4-HMAC-SHA256&X-Amz-Credential=AKIAIWNJYAX4CSVEH53A%2F20220807%2Fus-east-1%2Fs3%2Faws4_request&X-Amz-Date=20220807T141735Z&X-Amz-Expires=300&X-Amz-Signature=eb01a30df174dd1ffb60bbf57b1af12b0c6d08db5bbf3eb98fd58bdb1f940e4e&X-Amz-SignedHeaders=host&actor_id=8227455&key_id=0&repo_id=53538899&response-content-disposition=attachment%3B%20filename%3DBitwarden-Installer-2022.6.2.exe&response-content-type=application%2Foctet-stream
Another approach might be to see what the app does and how it determines available updates.
Completely understand about Get-GitHubRepoRelease
which is why I didn't even get started. Though even with it expecting binaries on the latest release it still "works" in the current form with the new repository and the the /releases
rather than /releases/latest
it just returns additional older versions assets as well like the OpenJDK
package...
That all said a bit of digging has revealed: https://artifacts.bitwarden.com/desktop/latest.yml
The download URLs appear to relative e.g https://artifacts.bitwarden.com/desktop/Bitwarden-Installer-2022.6.2.exe seems to work. The only downside to this appears to be the loss of the "portable" version that was in the GitHub assets. Though I suppose you could get the latest version from https://artifacts.bitwarden.com/desktop/latest.yml and then feed that into the GitHub api as a release tag e.g https://api.github.com/repos/bitwarden/clients/releases/tags/desktop-v2022.6.2
For simplicities sake I have update this PR with the less convoluted option though if you think we should go for the above two stage approach using both the latest.yml
and GitHub happy to change things further.
Also apologies for the horrifically hacky "parsing" of the YAML given I was only after the version number it seemed inappropriate to load a whole YAML parsing package to do something a RegEx could (but perhaps shouldn't :D) do
As an FYI the UserAgent seems to be required else there is a 403 forbidden error.
🤦♂️ Seems Bitwarden look up their own repo to find the latest version: https://github.com/bitwarden/clients/blob/bc639688e84c1a997019194312e9c4a8a826479d/libs/node/src/cli/commands/update.command.ts
For the non CLI clients they appear to use electron-updater
and this config lead to the latest.yml
:
https://github.com/bitwarden/clients/blob/master/apps/desktop/electron-builder.json#L26