Upstream/bitwarden-browser
1
0
Fork 0
mirror of https://github.com/bitwarden/browser.git synced 2024-09-29 04:17:41 +02:00
Code Issues Projects Releases Wiki Activity

DEVOPS-1016 - Fix Desktop/Browser pipelines to support hotfix process (#3828)

Browse Source
This commit is contained in:
Vince Grassia 2022-10-19 11:22:57 -04:00 committed by GitHub
parent 6dc6d2087d
commit ff3420d373
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 64 additions and 157 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

61
.github/workflows/build-browser.yml vendored
View File

@ -24,6 +24,8 @@ on:
- '!*.md' - '!*.md'
- '!*.txt' - '!*.txt'
- '.github/workflows/build-browser.yml' - '.github/workflows/build-browser.yml'
workflow_call:
inputs: {}
workflow_dispatch: workflow_dispatch:
inputs: {} inputs: {}
@ -139,12 +141,10 @@ jobs:
working-directory: ./ working-directory: ./
- name: Build - name: Build
run: | run: npm run dist
npm run dist
- name: Build Manifest v3 - name: Build Manifest v3
run: | run: npm run dist:mv3
npm run dist:mv3
- name: Gulp - name: Gulp
run: gulp ci run: gulp ci
@ -346,13 +346,13 @@ jobs:
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0 uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 # v3.0.0
- name: Login to Azure - name: Login to Azure
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "crowdin-api-token" secrets: "crowdin-api-token"
@ -369,47 +369,6 @@ jobs:
upload_sources: true upload_sources: true
upload_translations: false upload_translations: false
trigger-desktop-build:
name: Trigger desktop build
if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') || github.ref != 'refs/heads/hotfix-rc-browser' }}
runs-on: ubuntu-20.04
needs:
- build
- build-safari
steps:
- name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010
with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af
with:
keyvault: "bitwarden-prod-kv"
secrets: "github-pat-bitwarden-devops-bot-repo-scope"
- name: Extract branch name
id: extract_branch
shell: bash
run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
- name: Call GitHub API to trigger desktop build workflow
env:
TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
BRANCH_NAME: ${{ steps.extract_branch.outputs.branch }}
run: |
JSON_STRING=$(printf '{"ref":"%s"}' "$BRANCH_NAME")
curl \
-X POST \
-i -u bitwarden-devops-bot:$TOKEN \
-H "Accept: application/vnd.github.v3+json" \
https://api.github.com/repos/bitwarden/clients/actions/workflows/build-desktop.yml/dispatches \
-d $JSON_STRING
check-failures: check-failures:
name: Check for failures name: Check for failures
if: always() if: always()
@ -421,7 +380,6 @@ jobs:
- build - build
- build-safari - build-safari
- crowdin-push - crowdin-push
- trigger-desktop-build
steps: steps:
- name: Check if any job failed - name: Check if any job failed
if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }} if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }}
@ -432,7 +390,6 @@ jobs:
BUILD_STATUS: ${{ needs.build.result }} BUILD_STATUS: ${{ needs.build.result }}
SAFARI_BUILD_STATUS: ${{ needs.build-safari.result }} SAFARI_BUILD_STATUS: ${{ needs.build-safari.result }}
CROWDIN_PUSH_STATUS: ${{ needs.crowdin-push.result }} CROWDIN_PUSH_STATUS: ${{ needs.crowdin-push.result }}
TRIGGER_DESKTOP_BUILD_STATUS: ${{ needs.trigger-desktop-build.result }}
run: | run: |
if [ "$CLOC_STATUS" = "failure" ]; then if [ "$CLOC_STATUS" = "failure" ]; then
exit 1 exit 1
@ -446,12 +403,10 @@ jobs:
exit 1 exit 1
elif [ "$CROWDIN_PUSH_STATUS" = "failure" ]; then elif [ "$CROWDIN_PUSH_STATUS" = "failure" ]; then
exit 1 exit 1
elif [ "$TRIGGER_DESKTOP_BUILD_STATUS" = "failure" ]; then
exit 1
fi fi
- name: Login to Azure - Prod Subscription - name: Login to Azure - Prod Subscription
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
if: failure() if: failure()
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
@ -459,7 +414,7 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
if: failure() if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "devops-alerts-slack-webhook-url" secrets: "devops-alerts-slack-webhook-url"

157
.github/workflows/build-desktop.yml vendored
View File

@ -131,7 +131,8 @@ jobs:
linux: linux:
name: Linux Build name: Linux Build
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
needs: setup needs:
- setup
env: env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
defaults: defaults:
@ -176,7 +177,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
id: cache id: cache
with: with:
path: | path: |
@ -245,7 +246,8 @@ jobs:
windows: windows:
name: Windows Build name: Windows Build
runs-on: windows-2019 runs-on: windows-2019
needs: setup needs:
- setup
defaults: defaults:
run: run:
shell: pwsh shell: pwsh
@ -272,9 +274,9 @@ jobs:
node-gyp install $(node -v) node-gyp install $(node -v)
- name: Install AST - name: Install AST
uses: bitwarden/gh-actions/install-ast@f135c42c8596cb535c5bcb7523c0b2eef89709ac uses: bitwarden/gh-actions/install-ast@471ae4aec27405f16c5b796e288f54262c406e5d
- name: Set up environment - name: Set up environmentF
run: choco install checksum --no-progress run: choco install checksum --no-progress
- name: Rust - name: Rust
@ -291,13 +293,13 @@ jobs:
rustup show rustup show
- name: Login to Azure - name: Login to Azure
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "code-signing-vault-url, secrets: "code-signing-vault-url,
@ -311,7 +313,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -320,8 +322,7 @@ jobs:
- name: Build Native Module - name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true' if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native working-directory: apps/desktop/desktop_native
run: | run: npm run build:cross-platform
npm run build:cross-platform
- name: Build & Sign (dev) - name: Build & Sign (dev)
env: env:
@ -459,7 +460,8 @@ jobs:
macos-build: macos-build:
name: MacOS Build name: MacOS Build
runs-on: macos-11 runs-on: macos-11
needs: setup needs:
- setup
env: env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
defaults: defaults:
@ -498,14 +500,14 @@ jobs:
- name: Cache Build - name: Cache Build
id: build-cache id: build-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Cache Safari - name: Cache Safari
id: safari-cache id: safari-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -583,7 +585,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -592,19 +594,26 @@ jobs:
- name: Build Native Module - name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true' if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native working-directory: apps/desktop/desktop_native
run: | run: npm run build:cross-platform
npm run build:cross-platform
- name: Build application (dev) - name: Build application (dev)
run: npm run build run: npm run build
browser-build:
name: Browser Build
needs: setup
uses: ./.github/workflows/build-browser.yml
secrets: inherit
macos-package-github: macos-package-github:
name: MacOS Package GitHub Release Assets name: MacOS Package GitHub Release Assets
runs-on: macos-11 runs-on: macos-11
needs: needs:
- setup - browser-build
- macos-build - macos-build
- setup
env: env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
defaults: defaults:
@ -643,14 +652,14 @@ jobs:
- name: Get Build Cache - name: Get Build Cache
id: build-cache id: build-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache - name: Setup Safari Cache
id: safari-cache id: safari-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -728,7 +737,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -737,38 +746,15 @@ jobs:
- name: Build Native Module - name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true' if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native working-directory: apps/desktop/desktop_native
run: | run: npm run build:cross-platform
npm run build:cross-platform
- name: Build - name: Build
if: steps.build-cache.outputs.cache-hit != 'true' if: steps.build-cache.outputs.cache-hit != 'true'
run: npm run build run: npm run build
- name: Download artifact from hotfix-rc-desktop - name: Download Browser artifact
if: github.ref == 'refs/heads/hotfix-rc-desktop' uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39
with: with:
workflow: build-browser.yml
workflow_conclusion: success
branch: hotfix-rc-desktop
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from rc
if: github.ref == 'refs/heads/rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: rc
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from master
if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc-desktop' }}
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: master
path: ${{ github.workspace }}/browser-build-artifacts path: ${{ github.workspace }}/browser-build-artifacts
- name: Unzip Safari artifact - name: Unzip Safari artifact
@ -821,8 +807,9 @@ jobs:
name: MacOS Package Prod Release Asset name: MacOS Package Prod Release Asset
runs-on: macos-11 runs-on: macos-11
needs: needs:
- setup - browser-build
- macos-build - macos-build
- setup
env: env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
defaults: defaults:
@ -861,14 +848,14 @@ jobs:
- name: Get Build Cache - name: Get Build Cache
id: build-cache id: build-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache - name: Setup Safari Cache
id: safari-cache id: safari-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -946,7 +933,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -955,38 +942,15 @@ jobs:
- name: Build Native Module - name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true' if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native working-directory: apps/desktop/desktop_native
run: | run: npm run build:cross-platform
npm run build:cross-platform
- name: Build - name: Build
if: steps.build-cache.outputs.cache-hit != 'true' if: steps.build-cache.outputs.cache-hit != 'true'
run: npm run build run: npm run build
- name: Download artifact from hotfix-rc-desktop - name: Download Browser artifact
if: github.ref == 'refs/heads/hotfix-rc-desktop' uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39
with: with:
workflow: build-browser.yml
workflow_conclusion: success
branch: hotfix-rc-desktop
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from rc
if: github.ref == 'refs/heads/rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: rc
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from master
if: ${{ github.ref != 'refs/heads/rc' && github.ref != 'refs/heads/hotfix-rc-desktop' }}
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: master
path: ${{ github.workspace }}/browser-build-artifacts path: ${{ github.workspace }}/browser-build-artifacts
- name: Unzip Safari artifact - name: Unzip Safari artifact
@ -1031,8 +995,9 @@ jobs:
if: false # We need to look into how code signing works for dev if: false # We need to look into how code signing works for dev
runs-on: macos-11 runs-on: macos-11
needs: needs:
- setup - browser-build
- macos-build - macos-build
- setup
env: env:
_PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
defaults: defaults:
@ -1066,14 +1031,14 @@ jobs:
- name: Get Build Cache - name: Get Build Cache
id: build-cache id: build-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with: with:
path: apps/desktop/build path: apps/desktop/build
key: ${{ runner.os }}-${{ github.run_id }}-build key: ${{ runner.os }}-${{ github.run_id }}-build
- name: Setup Safari Cache - name: Setup Safari Cache
id: safari-cache id: safari-cache
uses: actions/cache@937d24475381cd9c75ae6db12cb4e79714b926ed uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
with: with:
path: apps/browser/dist/Safari path: apps/browser/dist/Safari
key: ${{ runner.os }}-${{ github.run_id }}-safari-extension key: ${{ runner.os }}-${{ github.run_id }}-safari-extension
@ -1151,7 +1116,7 @@ jobs:
working-directory: ./ working-directory: ./
- name: Cache Native Module - name: Cache Native Module
uses: actions/cache@48af2dc4a9e8278b89d7fa154b955c30c6aaab09 uses: actions/cache@9b0c1fce7a93df8e3bb8926b0d6e9d89e92f20a7
id: cache id: cache
with: with:
path: apps/desktop/desktop_native/*.node path: apps/desktop/desktop_native/*.node
@ -1160,29 +1125,15 @@ jobs:
- name: Build Native Module - name: Build Native Module
if: steps.cache.outputs.cache-hit != 'true' if: steps.cache.outputs.cache-hit != 'true'
working-directory: apps/desktop/desktop_native working-directory: apps/desktop/desktop_native
run: | run: npm run build:cross-platform
npm run build:cross-platform
- name: Build - name: Build
if: steps.build-cache.outputs.cache-hit != 'true' if: steps.build-cache.outputs.cache-hit != 'true'
run: npm run build run: npm run build
- name: Download artifact from rc - name: Download Browser artifact
if: github.ref == 'refs/heads/rc' uses: actions/download-artifact@fb598a63ae348fa914e94cd0ff38f362e927b741
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39
with: with:
workflow: build-browser.yml
workflow_conclusion: success
branch: rc
path: ${{ github.workspace }}/browser-build-artifacts
- name: Download artifact from master
if: github.ref != 'refs/heads/rc'
uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39
with:
workflow: build-browser.yml
workflow_conclusion: success
branch: master
path: ${{ github.workspace }}/browser-build-artifacts path: ${{ github.workspace }}/browser-build-artifacts
- name: Unzip Safari artifact - name: Unzip Safari artifact
@ -1228,13 +1179,13 @@ jobs:
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
- name: Login to Azure - name: Login to Azure
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "crowdin-api-token" secrets: "crowdin-api-token"
@ -1259,6 +1210,7 @@ jobs:
needs: needs:
- cloc - cloc
- electron-verify - electron-verify
- browser-build
- setup - setup
- linux - linux
- windows - windows
@ -1272,6 +1224,7 @@ jobs:
env: env:
CLOC_STATUS: ${{ needs.cloc.result }} CLOC_STATUS: ${{ needs.cloc.result }}
ELECTRON_VERIFY_STATUS: ${{ needs.electron-verify.result }} ELECTRON_VERIFY_STATUS: ${{ needs.electron-verify.result }}
BROWSER_BUILD_STATUS: ${{ needs.browser-build.result }}
SETUP_STATUS: ${{ needs.setup.result }} SETUP_STATUS: ${{ needs.setup.result }}
LINUX_STATUS: ${{ needs.linux.result }} LINUX_STATUS: ${{ needs.linux.result }}
WINDOWS_STATUS: ${{ needs.windows.result }} WINDOWS_STATUS: ${{ needs.windows.result }}
@ -1284,6 +1237,8 @@ jobs:
exit 1 exit 1
elif [ "$ELECTRON_VERIFY_STATUS" = "failure" ]; then elif [ "$ELECTRON_VERIFY_STATUS" = "failure" ]; then
exit 1 exit 1
elif [ "$BROWSER_BUILD_STATUS" = "failure" ]; then
exit 1
elif [ "$SETUP_STATUS" = "failure" ]; then elif [ "$SETUP_STATUS" = "failure" ]; then
exit 1 exit 1
elif [ "$LINUX_STATUS" = "failure" ]; then elif [ "$LINUX_STATUS" = "failure" ]; then
@ -1301,7 +1256,7 @@ jobs:
fi fi
- name: Login to Azure - Prod Subscription - name: Login to Azure - Prod Subscription
uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2
if: failure() if: failure()
with: with:
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
@ -1309,7 +1264,7 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
if: failure() if: failure()
uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af uses: bitwarden/gh-actions/get-keyvault-secrets@471ae4aec27405f16c5b796e288f54262c406e5d
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "devops-alerts-slack-webhook-url" secrets: "devops-alerts-slack-webhook-url"

3
.github/workflows/staged-rollout-desktop.yml vendored
View File

@ -18,9 +18,6 @@ jobs:
rollout: rollout:
name: Update Rollout Percentage name: Update Rollout Percentage
runs-on: ubuntu-22.04 runs-on: ubuntu-22.04
outputs:
release-version: ${{ steps.version.outputs.version }}
release-channel: ${{ steps.release-channel.outputs.channel }}
steps: steps:
- name: Login to Azure - name: Login to Azure
uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010