Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-11-21 11:35:34 +01:00
Code Issues Projects Releases Wiki Activity

Migrate Web workflows from old repo (#2776)

Browse Source
This commit is contained in:
Micaiah Martin 2022-06-03 08:35:46 -06:00 committed by GitHub
parent 1e7a402b45
commit c609e8bb8f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 92 additions and 366 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

155
apps/web/.github/workflows/build.yml → .github/workflows/build-web.yml vendored
View File

@ -1,20 +1,24 @@
--- ---
name: Build name: Build Web
on: on:
workflow_dispatch: pull_request:
inputs:
custom_tag_extension:
description: "Custom image tag extension"
required: false
push:
branches-ignore: branches-ignore:
- "l10n_master" - 'l10n_master'
- "gh-pages" - 'gh-pages'
- "deploy" paths:
paths-ignore: - 'apps/web/**'
- '.github/workflows/**' - '.github/workflows/build-web.yml'
push:
branches:
- 'master'
- 'rc'
- 'hotfix-rc/**'
paths:
- 'apps/web/**'
- '.github/workflows/build-web.yml'
workflow_dispatch:
inputs: {}
jobs: jobs:
cloc: cloc:
@ -22,7 +26,7 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Set up cloc - name: Set up cloc
run: | run: |
@ -30,30 +34,10 @@ jobs:
sudo apt -y install cloc sudo apt -y install cloc
- name: Print lines of code - name: Print lines of code
working-directory: apps/web
run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git
lint:
name: Lint
runs-on: ubuntu-20.04
steps:
- name: Checkout repo
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
- name: Cache npm
id: npm-cache
uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6
with:
path: "~/.npm"
key: ${{ runner.os }}-npm-lint-${{ hashFiles('**/package-lock.json') }}
- name: Install dependencies
run: npm ci
- name: Run linter
run: npm run lint
setup: setup:
name: Setup name: Setup
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
@ -61,7 +45,7 @@ jobs:
version: ${{ steps.version.outputs.value }} version: ${{ steps.version.outputs.value }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Get GitHub sha as version - name: Get GitHub sha as version
id: version id: version
@ -73,15 +57,14 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
needs: needs:
- setup - setup
- lint
env: env:
_VERSION: ${{ needs.setup.outputs.version }} _VERSION: ${{ needs.setup.outputs.version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 uses: actions/setup-node@56337c425554a6be30cdef71bf441f15be286854 # v3.1.1
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -101,15 +84,16 @@ jobs:
run: npm ci run: npm ci
- name: Build OSS selfhost - name: Build OSS selfhost
working-directory: apps/web
run: | run: |
npm run dist:oss:selfhost npm run dist:oss:selfhost
zip -r web-$_VERSION-selfhosted-open-source.zip build zip -r web-$_VERSION-selfhosted-open-source.zip build
- name: Upload build artifact - name: Upload build artifact
uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0
with: with:
name: web-${{ env._VERSION }}-selfhosted-open-source.zip name: web-${{ env._VERSION }}-selfhosted-open-source.zip
path: ./web-${{ env._VERSION }}-selfhosted-open-source.zip path: apps/web/web-${{ env._VERSION }}-selfhosted-open-source.zip
if-no-files-found: error if-no-files-found: error
@ -118,15 +102,14 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
needs: needs:
- setup - setup
- lint
env: env:
_VERSION: ${{ needs.setup.outputs.version }} _VERSION: ${{ needs.setup.outputs.version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 uses: actions/setup-node@56337c425554a6be30cdef71bf441f15be286854 # v3.1.1
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -146,15 +129,16 @@ jobs:
run: npm ci run: npm ci
- name: Build Cloud - name: Build Cloud
working-directory: apps/web
run: | run: |
npm run dist:bit:cloud npm run dist:bit:cloud
zip -r web-$_VERSION-cloud-COMMERCIAL.zip build zip -r web-$_VERSION-cloud-COMMERCIAL.zip build
- name: Upload build artifact - name: Upload build artifact
uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0
with: with:
name: web-${{ env._VERSION }}-cloud-COMMERCIAL.zip name: web-${{ env._VERSION }}-cloud-COMMERCIAL.zip
path: ./web-${{ env._VERSION }}-cloud-COMMERCIAL.zip path: apps/web/web-${{ env._VERSION }}-cloud-COMMERCIAL.zip
if-no-files-found: error if-no-files-found: error
@ -163,15 +147,14 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
needs: needs:
- setup - setup
- lint
env: env:
_VERSION: ${{ needs.setup.outputs.version }} _VERSION: ${{ needs.setup.outputs.version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 uses: actions/setup-node@56337c425554a6be30cdef71bf441f15be286854 # v3.1.1
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -199,6 +182,7 @@ jobs:
run: npm ci run: npm ci
- name: Build - name: Build
working-directory: apps/web
run: | run: |
echo -e "# Building Web\n" echo -e "# Building Web\n"
echo "Building app" echo "Building app"
@ -208,13 +192,14 @@ jobs:
zip -r web-$_VERSION-selfhosted-COMMERCIAL.zip build zip -r web-$_VERSION-selfhosted-COMMERCIAL.zip build
- name: Upload build artifact - name: Upload build artifact
uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0
with: with:
name: web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip name: web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip
path: ./web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip path: apps/web/web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip
if-no-files-found: error if-no-files-found: error
- name: Build Docker image - name: Build Docker image
working-directory: apps/web
run: | run: |
echo -e "\nBuilding Docker image" echo -e "\nBuilding Docker image"
docker --version docker --version
@ -264,7 +249,7 @@ jobs:
echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV
- name: Login to Azure - QA Subscription - name: Login to Azure - QA Subscription
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1
with: with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
@ -292,13 +277,12 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
needs: needs:
- setup - setup
- lint
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 uses: actions/setup-node@56337c425554a6be30cdef71bf441f15be286854 # v3.1.1
with: with:
cache: 'npm' cache: 'npm'
cache-dependency-path: '**/package-lock.json' cache-dependency-path: '**/package-lock.json'
@ -315,7 +299,7 @@ jobs:
echo "GitHub event: $GITHUB_EVENT" echo "GitHub event: $GITHUB_EVENT"
- name: Login to Azure - name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1
with: with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
@ -326,6 +310,7 @@ jobs:
run: npm ci run: npm ci
- name: Build - name: Build
working-directory: apps/web
run: | run: |
echo -e "# Building Web\n" echo -e "# Building Web\n"
echo "Building app" echo "Building app"
@ -377,44 +362,6 @@ jobs:
- name: Log out of Docker - name: Log out of Docker
run: docker logout run: docker logout
windows:
name: Test code on Windows
runs-on: windows-2019
steps:
- name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
- name: Set up NuGet
uses: nuget/setup-nuget@04b0c2b8d1b97922f67eca497d7cf0bf17b8ffe1
with:
nuget-version: "latest"
- name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0
with:
cache: 'npm'
cache-dependency-path: '**/package-lock.json'
node-version: "16"
- name: Print environment
run: |
nuget help | grep Version
node --version
npm --version
echo "GitHub ref: $GITHUB_REF"
echo "GitHub event: $GITHUB_EVENT"
env:
GITHUB_REF: ${{ github.ref }}
GITHUB_EVENT: ${{ github.event_name }}
- name: Install dependencies
run: npm ci
- name: NPM build
run: npm run build:bit:cloud
crowdin-push: crowdin-push:
name: Crowdin Push name: Crowdin Push
if: github.ref == 'refs/heads/master' if: github.ref == 'refs/heads/master'
@ -428,27 +375,27 @@ jobs:
_CROWDIN_PROJECT_ID: "308189" _CROWDIN_PROJECT_ID: "308189"
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 # v2.3.4
- name: Login to Azure - name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f # v1.0.0
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "crowdin-api-token" secrets: "crowdin-api-token"
- name: Upload Sources - name: Upload Sources
uses: crowdin/github-action@e39093fd75daae7859c68eded4b43d42ec78d8ea # v1.3.2 uses: crowdin/github-action@a3160b9e5a9e00739392c23da5e580c6cabe526d # v1.4.8
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }} CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
with: with:
config: crowdin.yml config: apps/web/crowdin.yml
crowdin_branch_name: master crowdin_branch_name: master
upload_sources: true upload_sources: true
upload_translations: false upload_translations: false
@ -461,7 +408,6 @@ jobs:
needs: needs:
- cloc - cloc
- setup - setup
- lint
- build-oss-selfhost - build-oss-selfhost
- build-cloud - build-cloud
- build-commercial-selfhost - build-commercial-selfhost
@ -473,7 +419,6 @@ jobs:
if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }} if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }}
env: env:
CLOC_STATUS: ${{ needs.cloc.result }} CLOC_STATUS: ${{ needs.cloc.result }}
LINT_STATUS: ${{ needs.lint.result }}
SETUP_STATUS: ${{ needs.setup.result }} SETUP_STATUS: ${{ needs.setup.result }}
BUILD_OSS_SELFHOST_STATUS: ${{ needs.build-oss-selfhost.result }} BUILD_OSS_SELFHOST_STATUS: ${{ needs.build-oss-selfhost.result }}
BUILD_CLOUD_STATUS: ${{ needs.build-cloud.result }} BUILD_CLOUD_STATUS: ${{ needs.build-cloud.result }}
@ -484,8 +429,6 @@ jobs:
run: | run: |
if [ "$CLOC_STATUS" = "failure" ]; then if [ "$CLOC_STATUS" = "failure" ]; then
exit 1 exit 1
elif [ "$LINT_STATUS" = "failure" ]; then
exit 1
elif [ "$SETUP_STATUS" = "failure" ]; then elif [ "$SETUP_STATUS" = "failure" ]; then
exit 1 exit 1
elif [ "$BUILD_OSS_SELFHOST_STATUS" = "failure" ]; then elif [ "$BUILD_OSS_SELFHOST_STATUS" = "failure" ]; then
@ -503,21 +446,21 @@ jobs:
fi fi
- name: Login to Azure - Prod Subscription - name: Login to Azure - Prod Subscription
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1
if: failure() if: failure()
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f # v1.0.0
if: failure() if: failure()
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "devops-alerts-slack-webhook-url" secrets: "devops-alerts-slack-webhook-url"
- name: Notify Slack on failure - name: Notify Slack on failure
uses: act10ns/slack@e4e71685b9b239384b0f676a63c32367f59c2522 # v1.2.2 uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33 # v1.5.1
if: failure() if: failure()
env: env:
SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}

84
apps/web/.github/workflows/release.yml → .github/workflows/release-web.yml vendored
View File

@ -1,5 +1,5 @@
--- ---
name: Release name: Release Web
on: on:
workflow_dispatch: workflow_dispatch:
@ -20,29 +20,31 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
outputs: outputs:
release_version: ${{ steps.version.outputs.version }} release_version: ${{ steps.version.outputs.version }}
tag_version: ${{ steps.version.outputs.version }} tag_version: ${{ steps.version.outputs.tag }}
branch_name: ${{ steps.branch.outputs.branch_name }} branch_name: ${{ steps.branch.outputs.branch_name }}
steps: steps:
- name: Branch check - name: Branch check
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
run: | run: |
if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc/* ]]; then
echo "===================================" echo "==================================="
echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches" echo "[!] Can only release from the 'rc' or 'hotfix-rc/*' branches"
echo "===================================" echo "==================================="
exit 1 exit 1
fi fi
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # 2.4.0 uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Check Release Version - name: Check Release Version
id: version id: version
uses: bitwarden/gh-actions/release-version-check@ea9fab01d76940267b4147cc1c4542431246b9f6 uses: bitwarden/gh-actions/release-version-check@8f055ef543c7433c967a1b9b04a0f230923233bb
with: with:
release-type: ${{ github.event.inputs.release_type }} release-type: ${{ github.event.inputs.release_type }}
project-type: ts project-type: ts
file: package.json file: apps/web/package.json
monorepo: true
monorepo-project: web
- name: Get branch name - name: Get branch name
id: branch id: branch
@ -69,7 +71,7 @@ jobs:
echo "Github Release Option: $_RELEASE_OPTION" echo "Github Release Option: $_RELEASE_OPTION"
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
########## DockerHub ########## ########## DockerHub ##########
- name: Setup DCT - name: Setup DCT
@ -87,16 +89,12 @@ jobs:
docker pull bitwarden/web:$_BRANCH_NAME docker pull bitwarden/web:$_BRANCH_NAME
fi fi
- name: Tag version and latest - name: Docker Tag version and latest image
run: | run: |
if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:$_RELEASE_VERSION
docker tag bitwarden/web:latest bitwarden/web:dryrun docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:latest
else
docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:$_RELEASE_VERSION
docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:latest
fi
- name: Push version and latest image - name: Docker Push version and latest image
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
env: env:
DOCKER_CONTENT_TRUST: 1 DOCKER_CONTENT_TRUST: 1
@ -112,7 +110,7 @@ jobs:
########## ACR ########## ########## ACR ##########
- name: Login to Azure - QA Subscription - name: Login to Azure - QA Subscription
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1
with: with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
@ -123,15 +121,11 @@ jobs:
env: env:
REGISTRY: bitwardenqa.azurecr.io REGISTRY: bitwardenqa.azurecr.io
run: | run: |
if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:$_RELEASE_VERSION
docker tag bitwarden/web:latest $REGISTRY/web:dryrun docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:latest
else
docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:$_RELEASE_VERSION
docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:latest
docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web-sh:$_RELEASE_VERSION docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web-sh:$_RELEASE_VERSION
docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web-sh:latest docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web-sh:latest
fi
- name: Push version and latest image - name: Push version and latest image
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@ -159,7 +153,7 @@ jobs:
_TAG_VERSION: ${{ needs.setup.outputs.tag_version }} _TAG_VERSION: ${{ needs.setup.outputs.tag_version }}
steps: steps:
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 # v2.4.0
with: with:
ref: gh-pages ref: gh-pages
@ -169,7 +163,7 @@ jobs:
git push -u origin gh-pages-deploy-$_TAG_VERSION git push -u origin gh-pages-deploy-$_TAG_VERSION
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 # v2.4.0
- name: Setup git config - name: Setup git config
run: | run: |
@ -181,22 +175,24 @@ jobs:
- name: Download latest cloud asset - name: Download latest cloud asset
uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8 uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8
with: with:
workflow: build.yml workflow: build-web.yml
path: apps/web
workflow_conclusion: success workflow_conclusion: success
branch: ${{ needs.setup.outputs.branch_name }} branch: ${{ needs.setup.outputs.branch_name }}
artifacts: web-*-cloud-COMMERCIAL.zip artifacts: web-*-cloud-COMMERCIAL.zip
# This should result in a build directory in the current working directory # This should result in a build directory in the current working directory
- name: Unzip build asset - name: Unzip build asset
working-directory: apps/web
run: unzip web-*-cloud-COMMERCIAL.zip run: unzip web-*-cloud-COMMERCIAL.zip
- name: Deploy GitHub Pages - name: Deploy GitHub Pages
uses: crazy-max/ghaction-github-pages@a117e4aa1fb4854d021546d2abdfac95be568a3a # v2.6.0 uses: crazy-max/ghaction-github-pages@eb08c35b9fab86751edfff4e55cd5cde35ff0e52 # v3.0.0
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with: with:
target_branch: gh-pages-deploy-${{ needs.setup.outputs.tag_version }} target_branch: gh-pages-deploy-${{ needs.setup.outputs.tag_version }}
build_dir: build build_dir: apps/web/build
keep_history: true keep_history: true
commit_message: "Staging deploy ${{ needs.setup.outputs.release_version }}" commit_message: "Staging deploy ${{ needs.setup.outputs.release_version }}"
dry_run: ${{ github.event.inputs.release_type == 'Dry Run' }} dry_run: ${{ github.event.inputs.release_type == 'Dry Run' }}
@ -224,22 +220,24 @@ jobs:
_TAG_VERSION: ${{ needs.setup.outputs.tag_version }} _TAG_VERSION: ${{ needs.setup.outputs.tag_version }}
steps: steps:
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Download latest cloud asset - name: Download latest cloud asset
uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8 uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8
with: with:
workflow: build.yml workflow: build-web.yml
path: apps/web
workflow_conclusion: success workflow_conclusion: success
branch: ${{ needs.setup.outputs.branch_name }} branch: ${{ needs.setup.outputs.branch_name }}
artifacts: web-*-cloud-COMMERCIAL.zip artifacts: web-*-cloud-COMMERCIAL.zip
# This should result in a build directory in the current working directory # This should result in a build directory in the current working directory
- name: Unzip build asset - name: Unzip build asset
working-directory: apps/web
run: unzip web-*-cloud-COMMERCIAL.zip run: unzip web-*-cloud-COMMERCIAL.zip
- name: Checkout Repo - name: Checkout Repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
with: with:
ref: deploy ref: deploy
path: deployment path: deployment
@ -254,7 +252,7 @@ jobs:
- name: Deploy CloudFlare Pages - name: Deploy CloudFlare Pages
run: | run: |
rm -rf ./* rm -rf ./*
cp -R ../build/* . cp -R apps/web/build/* .
working-directory: deployment working-directory: deployment
- name: Create cf-pages-deploy branch - name: Create cf-pages-deploy branch
@ -263,7 +261,7 @@ jobs:
git add . git add .
git commit -m "Staging deploy ${{ needs.setup.outputs.release_version }}" git commit -m "Staging deploy ${{ needs.setup.outputs.release_version }}"
git push -u origin cf-pages-deploy-$_TAG_VERSION git push -u origin cf-pages-deploy-$_TAG_VERSION
working-directory: deployment working-directory: deployment
- name: Create CloudFlare Pages Deploy PR - name: Create CloudFlare Pages Deploy PR
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
@ -287,29 +285,31 @@ jobs:
- cfpages-deploy - cfpages-deploy
steps: steps:
- name: Download latest build artifacts - name: Download latest build artifacts
uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783 uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8
with: with:
workflow: build.yml workflow: build-web.yml
path: apps/web/artifacts
workflow_conclusion: success workflow_conclusion: success
branch: ${{ needs.setup.outputs.branch_name }} branch: ${{ needs.setup.outputs.branch_name }}
artifacts: "web-*-selfhosted-COMMERCIAL.zip, artifacts: "web-*-selfhosted-COMMERCIAL.zip,
web-*-selfhosted-open-source.zip" web-*-selfhosted-open-source.zip"
- name: Rename assets - name: Rename assets
working-directory: apps/web/artifacts
run: | run: |
mv web-*-selfhosted-COMMERCIAL.zip web-${{ needs.setup.outputs.release_version }}-selfhosted-COMMERCIAL.zip mv web-*-selfhosted-COMMERCIAL.zip web-${{ needs.setup.outputs.release_version }}-selfhosted-COMMERCIAL.zip
mv web-*-selfhosted-open-source.zip web-${{ needs.setup.outputs.release_version }}-selfhosted-open-source.zip mv web-*-selfhosted-open-source.zip web-${{ needs.setup.outputs.release_version }}-selfhosted-open-source.zip
- name: Create release - name: Create release
if: ${{ github.event.inputs.release_type != 'Dry Run' }} if: ${{ github.event.inputs.release_type != 'Dry Run' }}
uses: ncipollo/release-action@40bb172bd05f266cf9ba4ff965cb61e9ee5f6d01 uses: ncipollo/release-action@58ae73b360456532aafd58ee170c045abbeaee37 # v1.10.0
with: with:
name: "Version ${{ needs.setup.outputs.release_version }}" name: "Version v${{ needs.setup.outputs.release_version }}"
commit: ${{ github.sha }} commit: ${{ github.sha }}
tag: "${{ needs.setup.outputs.tag_version }}" tag: "${{ needs.setup.outputs.tag_version }}"
body: "<insert release notes here>" body: "<insert release notes here>"
artifacts: "web-${{ needs.setup.outputs.release_version }}-selfhosted-COMMERCIAL.zip, artifacts: "apps/web/artifacts/web-${{ needs.setup.outputs.release_version }}-selfhosted-COMMERCIAL.zip,
web-${{ needs.setup.outputs.release_version }}-selfhosted-open-source.zip" apps/web/artifacts/web-${{ needs.setup.outputs.release_version }}-selfhosted-open-source.zip"
token: ${{ secrets.GITHUB_TOKEN }} token: ${{ secrets.GITHUB_TOKEN }}
draft: true draft: true
@ -325,7 +325,7 @@ jobs:
- release - release
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # 2.4.0 uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2
- name: Remove gh-pages-deploy branch - name: Remove gh-pages-deploy branch
run: git push origin --delete gh-pages-deploy-$_TAG_VERSION run: git push origin --delete gh-pages-deploy-$_TAG_VERSION

1
.gitignore vendored
View File

@ -1,2 +1,3 @@
node_modules/ node_modules/
**/coverage/ **/coverage/
.github/workflows/act

49
apps/web/.github/workflows/crowdin-pull.yml vendored
View File

@ -1,49 +0,0 @@
---
name: Crowdin Pull
on:
workflow_dispatch:
inputs: {}
schedule:
- cron: "0 0 * * 5"
jobs:
crowdin-pull:
name: Pull
runs-on: ubuntu-20.04
env:
_CROWDIN_PROJECT_ID: "308189"
steps:
- name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-prod-kv"
secrets: "crowdin-api-token"
- name: Download translations
uses: crowdin/github-action@e39093fd75daae7859c68eded4b43d42ec78d8ea # v1.3.2
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }}
with:
config: crowdin.yml
crowdin_branch_name: master
upload_sources: false
upload_translations: false
download_translations: true
github_user_name: "github-actions"
github_user_email: "<>"
commit_message: "Autosync the updated translations"
localization_branch_name: crowdin-auto-sync
create_pull_request: true
pull_request_title: "Autosync Crowdin Translations"
pull_request_body: "Autosync the updated translations"

16
apps/web/.github/workflows/enforce-labels.yml vendored
View File

@ -1,16 +0,0 @@
---
name: Enforce PR labels
on:
pull_request:
types: [labeled, unlabeled, opened, edited, synchronize]
jobs:
enforce-label:
name: EnforceLabel
runs-on: ubuntu-20.04
steps:
- name: Enforce Label
uses: yogevbd/enforce-label-action@8d1e1709b1011e6d90400a0e6cf7c0b77aa5efeb
with:
BANNED_LABELS: "hold"
BANNED_LABELS_DESCRIPTION: "PRs on hold cannot be merged"

71
apps/web/.github/workflows/qa-deploy.yml vendored
View File

@ -1,71 +0,0 @@
---
name: QA Deploy
on:
workflow_dispatch:
inputs:
image_extension:
description: "Image tag extension"
required: false
env:
_QA_CLUSTER_RESOURCE_GROUP: "bw-env-qa"
_QA_CLUSTER_NAME: "bw-aks-qa"
_QA_K8S_NAMESPACE: "bw-qa"
_QA_K8S_APP_NAME: "bw-web"
jobs:
deploy:
name: Deploy QA Web
runs-on: ubuntu-20.04
steps:
- name: Checkout Repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
- name: Setup
run: export PATH=$PATH:~/work/web/web
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "qa-aks-kubectl-credentials"
- name: Login with qa-aks-kubectl-credentials SP
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ env.qa-aks-kubectl-credentials }}
- name: Setup AKS access
#env:
# USER_ID: ${{ env.qa-kubectl-managed-identity-clientId }}
run: |
echo "---az install---"
az aks install-cli --install-location ./kubectl --kubelogin-install-location ./kubelogin
echo "---az get-creds---"
az aks get-credentials -n $_QA_CLUSTER_NAME -g $_QA_CLUSTER_RESOURCE_GROUP
- name: Get image tag
id: image_tag
run: |
IMAGE_TAG=$(echo "${GITHUB_REF:11}" | sed "s#/#-#g")
TAG_EXTENSION=${{ github.event.inputs.image_extension }}
if [[ $TAG_EXTENSION ]]; then
IMAGE_TAG=$IMAGE_TAG-$TAG_EXTENSION
fi
echo "::set-output name=value::$IMAGE_TAG"
- name: Deploy Web image
env:
IMAGE_TAG: ${{ steps.image_tag.outputs.value }}
run: |
kubectl set image -n $_QA_K8S_NAMESPACE deployment/web web=bitwardenqa.azurecr.io/web:$IMAGE_TAG --record
kubectl rollout restart -n $_QA_K8S_NAMESPACE deployment/web
kubectl rollout status deployment/web -n $_QA_K8S_NAMESPACE

71
apps/web/.github/workflows/version-bump.yml vendored
View File

@ -1,71 +0,0 @@
---
name: Version Bump
on:
workflow_dispatch:
inputs:
version_number:
description: "New Version"
required: true
jobs:
bump_props_version:
name: "Create version_bump_${{ github.event.inputs.version_number }} branch"
runs-on: ubuntu-20.04
steps:
- name: Checkout Branch
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
- name: Create Version Branch
run: |
git switch -c version_bump_${{ github.event.inputs.version_number }}
git push -u origin version_bump_${{ github.event.inputs.version_number }}
- name: Checkout Version Branch
uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579
with:
ref: version_bump_${{ github.event.inputs.version_number }}
- name: Bump Version - package.json
uses: bitwarden/gh-actions/version-bump@03ad9a873c39cdc95dd8d77dbbda67f84db43945
with:
version: ${{ github.event.inputs.version_number }}
file_path: "./package.json"
- name: Bump Version - package-lock.json
uses: bitwarden/gh-actions/version-bump@03ad9a873c39cdc95dd8d77dbbda67f84db43945
with:
version: ${{ github.event.inputs.version_number }}
file_path: "./package-lock.json"
- name: Commit files
run: |
git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com"
git config --local user.name "github-actions[bot]"
git commit -m "Bumped version to ${{ github.event.inputs.version_number }}" -a
- name: Push changes
run: git push -u origin version_bump_${{ github.event.inputs.version_number }}
- name: Create Version PR
env:
PR_BRANCH: "version_bump_${{ github.event.inputs.version_number }}"
GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
BASE_BRANCH: master
TITLE: "Bump version to ${{ github.event.inputs.version_number }}"
run: |
gh pr create --title "$TITLE" \
--base "$BASE" \
--head "$PR_BRANCH" \
--label "version update" \
--label "automated pr" \
--body "
## Type of change
- [ ] Bug fix
- [ ] New feature development
- [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc)
- [ ] Build/deploy pipeline (DevOps)
- [X] Other
## Objective
Automated version bump to ${{ github.event.inputs.version_number }}"

11
apps/web/.github/workflows/workflow-linter.yml vendored
View File

@ -1,11 +0,0 @@
---
name: Workflow Linter
on:
pull_request:
paths:
- .github/workflows/**
jobs:
call-workflow:
uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@master