2023-06-28 22:03:30 +02:00
|
|
|
---
|
|
|
|
name: Deploy Web to EU-QA Cloud
|
|
|
|
|
|
|
|
on:
|
|
|
|
workflow_dispatch:
|
|
|
|
inputs:
|
|
|
|
tag:
|
|
|
|
description: "Branch name to deploy (examples: 'master', 'feature/sm')"
|
|
|
|
required: true
|
|
|
|
type: string
|
|
|
|
default: master
|
|
|
|
|
|
|
|
jobs:
|
|
|
|
azure-deploy:
|
|
|
|
name: Deploy to Azure
|
|
|
|
runs-on: ubuntu-22.04
|
|
|
|
env:
|
|
|
|
_WEB_ARTIFACT: "web-*-cloud-euqa.zip"
|
|
|
|
steps:
|
|
|
|
- name: Login to Azure - EU Subscription
|
2023-06-29 16:46:56 +02:00
|
|
|
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
2023-06-28 22:03:30 +02:00
|
|
|
with:
|
|
|
|
creds: ${{ secrets.AZURE_KV_EU_QA_SERVICE_PRINCIPAL }}
|
|
|
|
|
|
|
|
- name: Retrieve Storage Account connection string
|
|
|
|
id: retrieve-secrets
|
2023-11-08 19:08:34 +01:00
|
|
|
uses: bitwarden/gh-actions/get-keyvault-secrets@main
|
2023-06-28 22:03:30 +02:00
|
|
|
with:
|
|
|
|
keyvault: webvaulteu-westeurope-qa
|
|
|
|
secrets: "sa-bitwarden-web-vault-dev-key-temp"
|
|
|
|
|
|
|
|
- name: Download latest cloud asset
|
2023-11-08 19:08:34 +01:00
|
|
|
uses: bitwarden/gh-actions/download-artifacts@main
|
2023-06-28 22:03:30 +02:00
|
|
|
with:
|
|
|
|
workflow: build-web.yml
|
|
|
|
path: apps/web
|
|
|
|
workflow_conclusion: success
|
|
|
|
branch: ${{ github.event.inputs.tag }}
|
|
|
|
artifacts: ${{ env._WEB_ARTIFACT }}
|
|
|
|
|
|
|
|
- name: Unzip build asset
|
|
|
|
working-directory: apps/web
|
|
|
|
run: unzip ${{ env._WEB_ARTIFACT }}
|
|
|
|
|
|
|
|
- name: Empty container in Storage Account
|
|
|
|
run: |
|
|
|
|
az storage blob delete-batch \
|
|
|
|
--source '$web' \
|
|
|
|
--pattern '*' \
|
|
|
|
--connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}"
|
|
|
|
|
|
|
|
- name: Deploy to Azure Storage Account
|
|
|
|
working-directory: apps/web
|
|
|
|
run: |
|
|
|
|
az storage blob upload-batch \
|
|
|
|
--source "./build" \
|
|
|
|
--destination '$web' \
|
|
|
|
--connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \
|
|
|
|
--overwrite \
|
|
|
|
--no-progress
|
2023-11-02 17:30:17 +01:00
|
|
|
|
|
|
|
notify:
|
|
|
|
name: Notify Slack with result
|
|
|
|
runs-on: ubuntu-22.04
|
|
|
|
if: always()
|
|
|
|
needs: azure-deploy
|
|
|
|
steps:
|
2023-11-08 19:08:34 +01:00
|
|
|
- uses: bitwarden/gh-actions/report-deployment-status-to-slack@main
|
2023-11-02 17:30:17 +01:00
|
|
|
with:
|
|
|
|
project: Web
|
|
|
|
environment: EU QA Cloud
|
|
|
|
tag: ${{ github.event.inputs.tag }}
|
|
|
|
slack-channel: team-eng-qa-devops
|
|
|
|
failure: ${{ needs.azure-deploy.result == 'failure' }}
|
|
|
|
AZURE_KV_CI_SERVICE_PRINCIPAL: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|