Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-23 12:25:16 +01:00
Code Issues Projects Releases Wiki Activity
7439dd4fb1
bitwarden-server/.github/workflows/qa-deploy.yml

361 lines
10 KiB
YAML
Raw Normal View History

Automating Server Release/Deploy for QA Env (#1281) * initial success caching test * updating status testing * fixing the fail check * fixing bash if syntax * changing the way of testing since you can't change workflow inputs between re-runs * trying out different bash syntax * removing the export to env * adding in last run status check * switching up the last_run_status file handling since it doesn't look like it is working correctly * adding push trigger * fixing typo * adding date to the cache key and adding a bit more logging * fixing restore key * trying a different way of logging both successes and failures * fixing typo * reorganizing the random success/fail * trying different bash * fixing binary operator * adding in success flag checks * increasing the odds of success * trying to fix weird problem * changing dquotes to squotes * testing failure and always() flow * adding in a release pipeline * adding in the manual trigger for the release pipeline * fixing the bash for loop for tagging and switching to the rc image for release * adding docker trust to the pull task * fixing bash array typo * removing build task * adding the dotnet tool restore back in to hopefully restore swagger * adding an Api build to build the swagger docs * working on build workflow * testing cache between jobs * Adding in steps * fixing the last line * updating the build workflow * adding manual trigger for build workflow * moving the matrix values to the env section of the task * changing the envs * using env template replacement * removing the unique id since I don't think I need it * testing the cache * commenting out the docker push * adding the env vars back to the cache task * adding envs to test * fixing the path issue * resetting the build workflow back to serial build/docker * Adding in the qa release workflow * removing unneccessary dependency * parameterizing the project file names * forcing gulp install * installing gulp globally * reorganizing to see if gulp works * removing the awkward paths * fixing typo * commenting out all non-api matrix for easier testing * trying to zip the build for deploy * adding in the base path for the test * replacing the web app name * adding a specific slotname * adding the env into the package path for the deployment * trying to fix the zip * setting up all of the other deploys * switching the secrets over to be environment secrets * adding in production automation with the deploys commented out * removing the master branch from the QA deploy * adding in the dependancy on the setup * changing the tag * trying a different ref * renaming the deployment slot to staging * trying a different slot name * resetting the qa deploy to the original * moving the secrets * updating the qa deploy with the db reset/update stubs * updating the deploy task dependencies * adding missing update-db command placeholder * trying a string for the inputs * moving the input check into the steps instead of the job level so that the job completes * testing azure kv * fixing typo * Change id to retrieve-secrets * Fix typo * testing the rest of the QA app service deployments * updating the name of the QA AZ creds secret and migrating the disabled prod deploy jobs to use the prod AZ secrets * adding in the additional key vault secrets and fixing some other mistakes * fixing one of the other preview versions * removing newline for testing commit * fixing typo * fixing a secret name typo * moving the secrets to the env to test their outputs * adding missing k * Update build workflow with environment variables for Docker Trust * removing the unneeded env vars * Update build and release workflow using Azure secrets as env variables * Clean up output of NuGet version * Fix capitalization * Fix variable names for Docker Trust Setup * fixing the dashes in the env ids * switching the dev tag for qa when pushing * commenting out the test for the pipeline testing * removing all of the testing code and blockers Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
2021-05-04 22:41:49 +02:00
name: QA Deploy
on:
push:
branches:
- 'rc'
workflow_dispatch:
inputs:
migrateDb:
required: true
default: "true"
resetDb:
required: true
default: "false"
jobs:
build:
runs-on: ubuntu-latest
strategy:
fail-fast: false
matrix:
include:
- name: Api
base_path: .
- name: Admin
base_path: .
gulp: true
- name: Billing
base_path: .
- name: Events
base_path: .
- name: Notifications
base_path: .
- name: Sso
base_path: ./bitwarden_license
gulp: true
- name: Portal
base_path: ./bitwarden_license
gulp: true
- name: Identity
base_path: .
steps:
- name: Checkout repo
uses: actions/checkout@v2
- name: Set up Node
uses: actions/setup-node@v1
with:
node-version: '10.x'
- name: Print Environment
run: |
dotnet --info
node --version
npm --version
gulp --version
- name: load env vars
run: |
echo "Base Path: ${BASE_PATH}"
echo "Name: ${NAME}"
env:
BASE_PATH: ${{ matrix.base_path }}
NAME: ${{ matrix.name }}
- name: Build Service
run: |
work_dir=$(pwd)
dir=$BASE_PATH/src/$SERVICE_NAME
cd $dir
echo "Restore"
dotnet restore $SERVICE_NAME.csproj
echo "Clean"
dotnet clean $SERVICE_NAME.csproj -c "Release" -o obj/Azure/publish
if [ "$GULP" == "true" ]; then
npm install
npm install gulp
gulp --gulpfile gulpfile.js build
fi
echo "Publish"
dotnet publish $SERVICE_NAME.csproj -c "Release" -o obj/Azure/publish
cd obj/Azure/publish
zip -r $SERVICE_NAME.zip .
mv $SERVICE_NAME.zip ../../../
env:
SERVICE_NAME: ${{ matrix.name }}
BASE_PATH: ${{ matrix.base_path }}
GULP: ${{ matrix.gulp }}
- name: Upload build artifact
uses: actions/upload-artifact@v2
with:
name: ${{ env.SERVICE_NAME }}.zip
path: ${{ env.BASE_PATH }}/src/${{ env.SERVICE_NAME }}/${{ env.SERVICE_NAME }}.zip
env:
BASE_PATH: ${{ matrix.base_path }}
SERVICE_NAME: ${{ matrix.name }}
- name: Test build dir
run: ls $BASE_PATH/src/$SERVICE_NAME
env:
SERVICE_NAME: ${{ matrix.name }}
BASE_PATH: ${{ matrix.base_path }}
reset-db:
runs-on: ubuntu-latest
needs: build
steps:
- name: Reset Test Data - Stub
if: ${{ github.events.inputs.resetDb }} == "true"
run: |
echo "placeholder for cleaning DB"
echo "placeholder for loading test dataset"
update-db:
if: ${{ github.events.inputs.migrateDb }} == "true"
runs-on: ubuntu-latest
needs: build
steps:
- name: migrate db
if: ${{ github.events.inputs.resetDb }} == "true"
run: |
echo "placeholder for updateing DB"
deploy-identity:
runs-on: ubuntu-latest
needs:
- reset-db
- update-db
steps:
- name: Download aritifacts
uses: actions/download-artifact@v2
with:
name: Identity.zip
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "appservices-identity-webapp-name,
appservices-identity-webapp-publish-profile"
- name: Deploy Identity
uses: azure/webapps-deploy@v2
with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-identity-webapp-name }}
slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-identity-webapp-publish-profile }}
package: ./Identity.zip
deploy-api:
runs-on: ubuntu-latest
needs:
- reset-db
- update-db
steps:
- name: Download aritifacts
uses: actions/download-artifact@v2
with:
name: Api.zip
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "appservices-api-webapp-name,
appservices-api-webapp-publish-profile"
- name: Deploy Api
uses: azure/webapps-deploy@v2
with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-api-webapp-name }}
slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-api-webapp-publish-profile }}
package: ./Api.zip
deploy-billing:
runs-on: ubuntu-latest
needs:
- reset-db
- update-db
steps:
- name: Download aritifacts
uses: actions/download-artifact@v2
with:
name: Billing.zip
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "appservices-billing-webapp-name,
appservices-billing-webapp-publish-profile"
- name: Deploy Billing
uses: azure/webapps-deploy@v2
with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-billing-webapp-name }}
slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-billing-webapp-publish-profile }}
package: ./Billing.zip
deploy-events:
runs-on: ubuntu-latest
needs:
- reset-db
- update-db
steps:
- name: Download aritifacts
uses: actions/download-artifact@v2
with:
name: Events.zip
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "appservices-events-webapp-name,
appservices-events-webapp-publish-profile"
- name: Deploy Events
uses: azure/webapps-deploy@v2
with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-events-webapp-name }}
slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-events-webapp-publish-profile }}
package: ./Events.zip
deploy-sso:
runs-on: ubuntu-latest
needs:
- reset-db
- update-db
steps:
- name: Download aritifacts
uses: actions/download-artifact@v2
with:
name: Sso.zip
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "appservices-sso-webapp-name,
appservices-sso-webapp-publish-profile"
- name: Deploy SSO
uses: azure/webapps-deploy@v2
with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-sso-webapp-name }}
slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-sso-webapp-publish-profile }}
package: ./Sso.zip
deploy-portal:
runs-on: ubuntu-latest
needs:
- reset-db
- update-db
steps:
- name: Download aritifacts
uses: actions/download-artifact@v2
with:
name: Portal.zip
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "appservices-portal-webapp-name,
appservices-portal-webapp-publish-profile"
- name: Deploy Portal
uses: azure/webapps-deploy@v2
with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-portal-webapp-name }}
slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-portal-webapp-publish-profile }}
package: ./Portal.zip
deploy-admin:
runs-on: ubuntu-latest
needs:
- reset-db
- update-db
steps:
- name: Download aritifacts
uses: actions/download-artifact@v2
with:
name: Admin.zip
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "appservices-admin-webapp-name,
appservices-admin-webapp-publish-profile"
- name: Deploy Admin
uses: azure/webapps-deploy@v2
with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-admin-webapp-name }}
slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-admin-webapp-publish-profile }}
package: ./Admin.zip
Reference in New Issue Copy Permalink