--- name: QA - Web Release on: workflow_dispatch: inputs: image_extension: description: "Image tag extension" required: false env: _QA_CLUSTER_RESOURCE_GROUP: "bw-env-qa" _QA_CLUSTER_NAME: "bw-aks-qa" _QA_K8S_NAMESPACE: "bw-qa" _QA_K8S_APP_NAME: "bw-web" jobs: deploy: name: Deploy QA Web runs-on: ubuntu-20.04 steps: - name: Checkout Repo uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Setup run: export PATH=$PATH:~/work/web/web - name: Login to Azure uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 with: creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} - name: Retrieve secrets id: retrieve-secrets uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f # v1 with: keyvault: "bitwarden-qa-kv" secrets: "qa-aks-kubectl-credentials" - name: Login with qa-aks-kubectl-credentials SP uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 with: creds: ${{ env.qa-aks-kubectl-credentials }} - name: Setup AKS access run: | echo "---az install---" az aks install-cli --install-location ./kubectl --kubelogin-install-location ./kubelogin echo "---az get-creds---" az aks get-credentials -n $_QA_CLUSTER_NAME -g $_QA_CLUSTER_RESOURCE_GROUP - name: Get image tag id: image_tag run: | IMAGE_TAG=$(echo "${GITHUB_REF:11}" | sed "s#/#-#g") TAG_EXTENSION=${{ github.event.inputs.image_extension }} if [[ $TAG_EXTENSION ]]; then IMAGE_TAG=$IMAGE_TAG-$TAG_EXTENSION fi echo "::set-output name=value::$IMAGE_TAG" - name: Deploy Web image env: IMAGE_TAG: ${{ steps.image_tag.outputs.value }} run: | kubectl set image -n $_QA_K8S_NAMESPACE deployment/web web=bitwardenqa.azurecr.io/web:$IMAGE_TAG --record kubectl rollout restart -n $_QA_K8S_NAMESPACE deployment/web kubectl rollout status deployment/web -n $_QA_K8S_NAMESPACE cfpages-deploy: name: Deploy Web Vault to QA CloudFlare Pages branch runs-on: ubuntu-20.04 steps: - name: Create GitHub deployment uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48 id: deployment with: token: '${{ secrets.GITHUB_TOKEN }}' initial-status: 'in_progress' environment-url: http://vault.qa.bitwarden.pw environment: 'Web Vault - QA' description: 'Deployment from branch ${{ github.ref_name }}' - name: Update deployment status to In Progress uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 with: token: '${{ secrets.GITHUB_TOKEN }}' environment-url: http://vault.qa.bitwarden.pw state: 'in_progress' deployment-id: ${{ steps.deployment.outputs.deployment_id }} - name: Checkout Repo uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Download latest cloud asset uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a with: workflow: build-web.yml path: apps/web workflow_conclusion: success branch: ${{ github.ref_name }} artifacts: web-*-cloud-COMMERCIAL.zip # This should result in a build directory in the current working directory - name: Unzip build asset working-directory: apps/web run: unzip web-*-cloud-COMMERCIAL.zip - name: Checkout Repo uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 with: ref: cf-pages-qa path: deployment - name: Setup git config run: | git config --global user.name "GitHub Action Bot" git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" git config --global url."https://github.com/".insteadOf ssh://git@github.com/ git config --global url."https://".insteadOf ssh:// - name: Deploy CloudFlare Pages run: | rm -rf ./* cp -R ../apps/web/build/* . working-directory: deployment - name: Push new ver to cf-pages-qa run: | if [ -n "$(git status --porcelain)" ]; then git add . git commit -m "Deploy ${{ github.ref_name }} to QA Cloudflare pages" git push -u origin cf-pages-qa else echo "No changes to commit!"; fi working-directory: deployment - name: Update deployment status to Success if: ${{ success() }} uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 with: token: '${{ secrets.GITHUB_TOKEN }}' environment-url: http://vault.qa.bitwarden.pw state: 'success' deployment-id: ${{ steps.deployment.outputs.deployment_id }} - name: Update deployment status to Failure if: ${{ failure() }} uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86 with: token: '${{ secrets.GITHUB_TOKEN }}' environment-url: http://vault.qa.bitwarden.pw state: 'failure' deployment-id: ${{ steps.deployment.outputs.deployment_id }}