bitwarden-browser/.github/workflows/deploy-eu-prod-web.yml

---
name: Deploy Web to EU-PRD Cloud

on:
  workflow_dispatch:
    inputs:
      tag:
        description: "Branch name to deploy (examples: 'master', 'feature/sm')"
        required: true
        type: string
        default: master

jobs:
  azure-deploy:
    name: Deploy to Azure
    runs-on: ubuntu-22.04
    env:
      _WEB_ARTIFACT: "web-*-cloud-euprd.zip"
    steps:
      - name: Login to Azure - EU Subscription
        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6
        with:
          creds: ${{ secrets.AZURE_KV_EU_PRD_SERVICE_PRINCIPAL }}

      - name: Retrieve Storage Account connection string
        id: retrieve-secrets
        uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375
        with:
          keyvault: webvault-westeurope-prod
          secrets: "sa-bitwarden-web-vault-dev-key-temp"

      - name: Download latest cloud asset
        uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375
        with:
          workflow: build-web.yml
          path: apps/web
          workflow_conclusion: success
          branch: ${{ github.event.inputs.tag }}
          artifacts: ${{ env._WEB_ARTIFACT }}

      - name: Unzip build asset
        working-directory: apps/web
        run: unzip ${{ env._WEB_ARTIFACT }}

      - name: Deploy to Azure Storage Account
        working-directory: apps/web
        run: |
          az storage blob upload-batch --source "./build" \
            --destination '$web' \
            --account-name "bwwebvault1itgprod" \
            --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \
            --overwrite \
            --no-progress
DEVOPS-1427 - Update Deploy EU Prod Web Workflow (#5637) 2023-06-20 20:42:29 +02:00			`---`
Add tag input to Deploy Web EU-PRD workflow (#5658) 2023-06-22 22:36:21 +02:00			`name: Deploy Web to EU-PRD Cloud`
DEVOPS-1427 - Update Deploy EU Prod Web Workflow (#5637) 2023-06-20 20:42:29 +02:00
			`on:`
			`workflow_dispatch:`
Add tag input to Deploy Web EU-PRD workflow (#5658) 2023-06-22 22:36:21 +02:00			`inputs:`
			`tag:`
			`description: "Branch name to deploy (examples: 'master', 'feature/sm')"`
			`required: true`
			`type: string`
			`default: master`
DEVOPS-1427 - Update Deploy EU Prod Web Workflow (#5637) 2023-06-20 20:42:29 +02:00
			`jobs:`
			`azure-deploy:`
			`name: Deploy to Azure`
			`runs-on: ubuntu-22.04`
			`env:`
			`_WEB_ARTIFACT: "web-*-cloud-euprd.zip"`
			`steps:`
			`- name: Login to Azure - EU Subscription`
			`uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.6`
			`with:`
			`creds: ${{ secrets.AZURE_KV_EU_PRD_SERVICE_PRINCIPAL }}`

			`- name: Retrieve Storage Account connection string`
			`id: retrieve-secrets`
Update bitwarden/gh-actions digest to 37ffa14 (#5589) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> 2023-06-22 22:37:42 +02:00			`uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375`
DEVOPS-1427 - Update Deploy EU Prod Web Workflow (#5637) 2023-06-20 20:42:29 +02:00			`with:`
			`keyvault: webvault-westeurope-prod`
			`secrets: "sa-bitwarden-web-vault-dev-key-temp"`

			`- name: Download latest cloud asset`
Update bitwarden/gh-actions digest to 37ffa14 (#5589) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> 2023-06-22 22:37:42 +02:00			`uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375`
DEVOPS-1427 - Update Deploy EU Prod Web Workflow (#5637) 2023-06-20 20:42:29 +02:00			`with:`
			`workflow: build-web.yml`
			`path: apps/web`
			`workflow_conclusion: success`
Add tag input to Deploy Web EU-PRD workflow (#5658) 2023-06-22 22:36:21 +02:00			`branch: ${{ github.event.inputs.tag }}`
DEVOPS-1427 - Update Deploy EU Prod Web Workflow (#5637) 2023-06-20 20:42:29 +02:00			`artifacts: ${{ env._WEB_ARTIFACT }}`

			`- name: Unzip build asset`
			`working-directory: apps/web`
			`run: unzip ${{ env._WEB_ARTIFACT }}`

			`- name: Deploy to Azure Storage Account`
			`working-directory: apps/web`
			`run: \|`
			`az storage blob upload-batch --source "./build" \`
			`--destination '$web' \`
			`--account-name "bwwebvault1itgprod" \`
			`--connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \`
			`--overwrite \`
			`--no-progress`