--- name: Deploy Web to EU-QA Cloud on: workflow_dispatch: inputs: tag: description: "Branch name to deploy (examples: 'master', 'feature/sm')" required: true type: string default: master jobs: azure-deploy: name: Deploy to Azure runs-on: ubuntu-22.04 env: _WEB_ARTIFACT: "web-*-cloud-euqa.zip" steps: - name: Login to Azure - EU Subscription uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_KV_EU_QA_SERVICE_PRINCIPAL }} - name: Retrieve Storage Account connection string id: retrieve-secrets uses: bitwarden/gh-actions/get-keyvault-secrets@37ffa14164a7308bc273829edfe75c97cd562375 with: keyvault: webvaulteu-westeurope-qa secrets: "sa-bitwarden-web-vault-dev-key-temp" - name: Download latest cloud asset uses: bitwarden/gh-actions/download-artifacts@37ffa14164a7308bc273829edfe75c97cd562375 with: workflow: build-web.yml path: apps/web workflow_conclusion: success branch: ${{ github.event.inputs.tag }} artifacts: ${{ env._WEB_ARTIFACT }} - name: Unzip build asset working-directory: apps/web run: unzip ${{ env._WEB_ARTIFACT }} - name: Empty container in Storage Account run: | az storage blob delete-batch \ --source '$web' \ --pattern '*' \ --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" - name: Deploy to Azure Storage Account working-directory: apps/web run: | az storage blob upload-batch \ --source "./build" \ --destination '$web' \ --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \ --overwrite \ --no-progress