Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-12-01 13:13:36 +01:00
Code Issues Projects Releases Wiki Activity

DEVOPS-1826 Add sync-delete-destination-files flag to stop deleting remote files in Storage Accounts (#8200)

Browse Source 
* DEVOPS-1826 ADD: sync-not-delete-destination-files flag to deployment workflow

* DEVOPS-1826 REFACTOR: sync utility to delete destination files

* DEVOPS-1826 FIX: sync-delete-destination-files step in deploy-web.yml

* DEVOPS-1826 ADD: invert-sync-delete-destination-files option to deploy-web.yml

* DEVOPS-1826 REFACTOR: deploy-web.yml with invert-default-sync-delete-destination-files-value

* DEVOPS-1826 REFACTOR: sync-delete-destination-files value in deploy-web.yml

* DEVOPS-1826 REFACTOR: debug mode default value
This commit is contained in:
Alex Urbina 2024-03-05 17:03:49 -06:00 committed by GitHub
parent 8e3a723908
commit ed2bd7c900
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 29 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

32
.github/workflows/deploy-web.yml vendored
View File

@ -19,6 +19,10 @@ on:
description: "Branch or Tag name to deploy (examples: 'main', 'feature/sm', 'web-v2023.12.0')" description: "Branch or Tag name to deploy (examples: 'main', 'feature/sm', 'web-v2023.12.0')"
type: string type: string
default: main default: main
invert-default-sync-delete-destination-files-value:
description: "Invert the default sync-delete-destination-files value"
type: boolean
default: false
debug: debug:
description: "Debug mode" description: "Debug mode"
type: boolean type: boolean
@ -34,10 +38,14 @@ on:
description: "Branch or Tag name to deploy (examples: 'main', 'feature/sm', 'web-v2023.12.0')" description: "Branch or Tag name to deploy (examples: 'main', 'feature/sm', 'web-v2023.12.0')"
type: string type: string
default: main default: main
invert-default-sync-delete-destination-files-value:
description: "Invert the default sync-delete-destination-files value"
type: boolean
default: false
debug: debug:
description: "Debug mode" description: "Debug mode"
type: boolean type: boolean
default: false default: true
permissions: permissions:
deployments: write deployments: write
@ -54,6 +62,7 @@ jobs:
azure-login-creds: ${{ steps.config.outputs.azure-login-creds }} azure-login-creds: ${{ steps.config.outputs.azure-login-creds }}
retrieve-secrets-keyvault: ${{ steps.config.outputs.retrieve-secrets-keyvault }} retrieve-secrets-keyvault: ${{ steps.config.outputs.retrieve-secrets-keyvault }}
sync-utility: ${{ steps.config.outputs.sync-utility }} sync-utility: ${{ steps.config.outputs.sync-utility }}
sync-delete-destination-files: ${{ steps.config.outputs.sync-delete-destination-files }}
steps: steps:
- name: Configure - name: Configure
id: config id: config
@ -61,6 +70,15 @@ jobs:
ENV_NAME_LOWER=$(echo "${{ inputs.environment }}" | awk '{print tolower($0)}') ENV_NAME_LOWER=$(echo "${{ inputs.environment }}" | awk '{print tolower($0)}')
echo "configuring the Web deploy for ${{ inputs.environment }}" echo "configuring the Web deploy for ${{ inputs.environment }}"
echo "environment=${{ inputs.environment }}" >> $GITHUB_OUTPUT echo "environment=${{ inputs.environment }}" >> $GITHUB_OUTPUT
# Invert the default value for sync-delete-destination-files
if [ ${{ inputs.invert-default-sync-delete-destination-files-value }} ]; then
echo "sync-delete-destination-files=true" >> $GITHUB_OUTPUT
else
# This is the default value for USQA, EUQA, USPROD, and EUPROD
echo "sync-delete-destination-files=false" >> $GITHUB_OUTPUT
fi
case ${{ inputs.environment }} in case ${{ inputs.environment }} in
"USQA") "USQA")
echo "azure-login-creds=AZURE_KV_US_QA_SERVICE_PRINCIPAL" >> $GITHUB_OUTPUT echo "azure-login-creds=AZURE_KV_US_QA_SERVICE_PRINCIPAL" >> $GITHUB_OUTPUT
@ -96,6 +114,13 @@ jobs:
echo "environment-artifact=web-*-cloud-usdev.zip" >> $GITHUB_OUTPUT echo "environment-artifact=web-*-cloud-usdev.zip" >> $GITHUB_OUTPUT
echo "environment-name=Web Vault - US Development Cloud" >> $GITHUB_OUTPUT echo "environment-name=Web Vault - US Development Cloud" >> $GITHUB_OUTPUT
echo "environment-url=http://vault.$ENV_NAME_LOWER.bitwarden.pw" >> $GITHUB_OUTPUT echo "environment-url=http://vault.$ENV_NAME_LOWER.bitwarden.pw" >> $GITHUB_OUTPUT
if [ ${{ inputs.invert-default-sync-delete-destination-files-value }} ]; then
echo "sync-delete-destination-files=false" >> $GITHUB_OUTPUT
else
# This is the default value for USDEV
echo "sync-delete-destination-files=true" >> $GITHUB_OUTPUT
fi
;; ;;
esac esac
# Set the sync utility to use for deployment to the environment (az-sync or azcopy) # Set the sync utility to use for deployment to the environment (az-sync or azcopy)
@ -259,7 +284,8 @@ jobs:
az storage blob sync \ az storage blob sync \
--source "./build" \ --source "./build" \
--container '$web' \ --container '$web' \
--connection-string "${{ steps.retrieve-secrets-az-sync.outputs.sa-bitwarden-web-vault-dev-key-temp }}" --connection-string "${{ steps.retrieve-secrets-az-sync.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \
--delete-destination=${{ needs.setup.outputs.sync-delete-destination-files }}
- name: Sync to Azure Storage Account using azcopy - name: Sync to Azure Storage Account using azcopy
if: ${{ needs.setup.outputs.sync-utility == 'azcopy' }} if: ${{ needs.setup.outputs.sync-utility == 'azcopy' }}
@ -271,7 +297,7 @@ jobs:
AZCOPY_TENANT_ID: ${{ steps.retrieve-secrets-azcopy.outputs.sp-bitwarden-web-vault-tenant }} AZCOPY_TENANT_ID: ${{ steps.retrieve-secrets-azcopy.outputs.sp-bitwarden-web-vault-tenant }}
run: | run: |
azcopy sync ./build 'https://${{ steps.retrieve-secrets-azcopy.outputs.sa-bitwarden-web-vault-name }}.blob.core.windows.net/$web/' \ azcopy sync ./build 'https://${{ steps.retrieve-secrets-azcopy.outputs.sa-bitwarden-web-vault-name }}.blob.core.windows.net/$web/' \
--delete-destination=true --delete-destination=${{ needs.setup.outputs.sync-delete-destination-files }}
- name: Debug sync logs - name: Debug sync logs
if: ${{ inputs.debug }} if: ${{ inputs.debug }}