mirror of
https://github.com/bitwarden/browser.git
synced 2024-09-19 02:51:14 +02:00
90 lines
3.3 KiB
YAML
90 lines
3.3 KiB
YAML
---
|
||
name: Staged Rollout Desktop
|
||
|
||
on:
|
||
workflow_dispatch:
|
||
inputs:
|
||
rollout_percentage:
|
||
description: 'Staged Rollout Percentage'
|
||
required: true
|
||
default: '10'
|
||
type: string
|
||
|
||
defaults:
|
||
run:
|
||
shell: bash
|
||
|
||
jobs:
|
||
rollout:
|
||
name: Update Rollout Percentage
|
||
runs-on: ubuntu-22.04
|
||
steps:
|
||
- name: Login to Azure
|
||
uses: Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
|
||
with:
|
||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||
|
||
- name: Retrieve secrets
|
||
id: retrieve-secrets
|
||
uses: bitwarden/gh-actions/get-keyvault-secrets@main
|
||
with:
|
||
keyvault: "bitwarden-ci"
|
||
secrets: "aws-electron-access-id,
|
||
aws-electron-access-key,
|
||
aws-electron-bucket-name"
|
||
|
||
- name: Download channel update info files from S3
|
||
env:
|
||
AWS_ACCESS_KEY_ID: ${{ steps.retrieve-secrets.outputs.aws-electron-access-id }}
|
||
AWS_SECRET_ACCESS_KEY: ${{ steps.retrieve-secrets.outputs.aws-electron-access-key }}
|
||
AWS_DEFAULT_REGION: 'us-west-2'
|
||
AWS_S3_BUCKET_NAME: ${{ steps.retrieve-secrets.outputs.aws-electron-bucket-name }}
|
||
run: |
|
||
aws s3 cp $AWS_S3_BUCKET_NAME/desktop/latest.yml . \
|
||
--quiet
|
||
aws s3 cp $AWS_S3_BUCKET_NAME/desktop/latest-linux.yml . \
|
||
--quiet
|
||
aws s3 cp $AWS_S3_BUCKET_NAME/desktop/latest-mac.yml . \
|
||
--quiet
|
||
|
||
- name: Check new rollout percentage
|
||
env:
|
||
NEW_PCT: ${{ github.event.inputs.rollout_percentage }}
|
||
run: |
|
||
CURRENT_PCT=$(sed -r -n "s/stagingPercentage:\s([0-9]+)/\1/p" latest.yml)
|
||
echo "Current percentage: ${CURRENT_PCT}"
|
||
echo "New percentage: ${NEW_PCT}"
|
||
echo
|
||
if [ "$NEW_PCT" -le "$CURRENT_PCT" ]; then
|
||
echo "New percentage (${NEW_PCT}) must be higher than current percentage (${CURRENT_PCT})!"
|
||
echo
|
||
echo "If you want to pull a staged release because it hasn’t gone well, you must increment the version \
|
||
number higher than your broken release. Because some of your users will be on the broken 1.0.1, \
|
||
releasing a new 1.0.1 would result in them staying on a broken version."
|
||
exit 1
|
||
fi
|
||
|
||
- name: Set staged rollout percentage
|
||
env:
|
||
ROLLOUT_PCT: ${{ github.event.inputs.rollout_percentage }}
|
||
run: |
|
||
sed -i -r "/stagingPercentage/s/[0-9]+/${ROLLOUT_PCT}/" latest.yml
|
||
sed -i -r "/stagingPercentage/s/[0-9]+/${ROLLOUT_PCT}/" latest-linux.yml
|
||
sed -i -r "/stagingPercentage/s/[0-9]+/${ROLLOUT_PCT}/" latest-mac.yml
|
||
|
||
- name: Publish channel update info files to S3
|
||
env:
|
||
AWS_ACCESS_KEY_ID: ${{ steps.retrieve-secrets.outputs.aws-electron-access-id }}
|
||
AWS_SECRET_ACCESS_KEY: ${{ steps.retrieve-secrets.outputs.aws-electron-access-key }}
|
||
AWS_DEFAULT_REGION: 'us-west-2'
|
||
AWS_S3_BUCKET_NAME: ${{ steps.retrieve-secrets.outputs.aws-electron-bucket-name }}
|
||
run: |
|
||
aws s3 cp latest.yml $AWS_S3_BUCKET_NAME/desktop/ \
|
||
--acl "public-read"
|
||
|
||
aws s3 cp latest-linux.yml $AWS_S3_BUCKET_NAME/desktop/ \
|
||
--acl "public-read"
|
||
|
||
aws s3 cp latest-mac.yml $AWS_S3_BUCKET_NAME/desktop/ \
|
||
--acl "public-read"
|