mirror of
https://github.com/bitwarden/server.git
synced 2024-12-22 16:57:36 +01:00
Workflow linting and test separation (#3684)
* Workflow linting and test separation * Name linting step * Few more renames * Database testing consolidation * Few more renames and tweaks
This commit is contained in:
parent
aeca1722fc
commit
c63db733e0
@ -1,7 +1,6 @@
|
||||
---
|
||||
|
||||
name: _move_finalization_db_scripts
|
||||
run-name: Move finalization db scripts
|
||||
run-name: Move finalization database scripts
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
@ -11,7 +10,6 @@ permissions:
|
||||
contents: write
|
||||
|
||||
jobs:
|
||||
|
||||
setup:
|
||||
name: Setup
|
||||
runs-on: ubuntu-22.04
|
||||
@ -19,7 +17,7 @@ jobs:
|
||||
migration_filename_prefix: ${{ steps.prefix.outputs.prefix }}
|
||||
copy_finalization_scripts: ${{ steps.check-finalization-scripts-existence.outputs.copy_finalization_scripts }}
|
||||
steps:
|
||||
- name: Login to Azure
|
||||
- name: Log in to Azure
|
||||
uses: Azure/login@de95379fe4dadc2defb305917eaa7e5dde727294 # v1.5.1
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||||
@ -31,7 +29,7 @@ jobs:
|
||||
keyvault: "bitwarden-ci"
|
||||
secrets: "github-pat-bitwarden-devops-bot-repo-scope"
|
||||
|
||||
- name: Checkout Branch
|
||||
- name: Check out branch
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
with:
|
||||
token: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
|
||||
@ -40,7 +38,7 @@ jobs:
|
||||
id: prefix
|
||||
run: echo "prefix=$(date +'%Y-%m-%d')" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Check if any files in db finalization
|
||||
- name: Check if any files in DB finalization directory
|
||||
id: check-finalization-scripts-existence
|
||||
run: |
|
||||
if [ -f util/Migrator/DbScripts_finalization/* ]; then
|
||||
@ -50,7 +48,7 @@ jobs:
|
||||
fi
|
||||
|
||||
move-finalization-db-scripts:
|
||||
name: Move finalization db scripts
|
||||
name: Move finalization database scripts
|
||||
runs-on: ubuntu-22.04
|
||||
needs: setup
|
||||
if: ${{ needs.setup.outputs.copy_finalization_scripts == 'true' }}
|
||||
@ -95,12 +93,12 @@ jobs:
|
||||
done
|
||||
echo "moved_files=$moved_files" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Login to Azure - Prod Subscription
|
||||
- name: Log in to Azure - production subscription
|
||||
uses: Azure/login@de95379fe4dadc2defb305917eaa7e5dde727294 # v1.5.1
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||||
|
||||
- name: Retrieve Secrets
|
||||
- name: Retrieve secrets
|
||||
id: retrieve-secrets
|
||||
uses: bitwarden/gh-actions/get-keyvault-secrets@main
|
||||
with:
|
||||
@ -140,7 +138,7 @@ jobs:
|
||||
BRANCH: ${{ steps.branch_name.outputs.branch_name }}
|
||||
GH_TOKEN: ${{ github.token }}
|
||||
MOVED_FILES: ${{ steps.move-files.outputs.moved_files }}
|
||||
TITLE: "Move finalization db scripts"
|
||||
TITLE: "Move finalization database scripts"
|
||||
run: |
|
||||
PR_URL=$(gh pr create --title "$TITLE" \
|
||||
--base "main" \
|
||||
|
@ -6,8 +6,8 @@ on:
|
||||
- labeled
|
||||
jobs:
|
||||
close-issue:
|
||||
name: 'Close issue with automatic response'
|
||||
runs-on: ubuntu-20.04
|
||||
name: Close issue with automatic response
|
||||
runs-on: ubuntu-22.04
|
||||
permissions:
|
||||
issues: write
|
||||
steps:
|
||||
@ -24,7 +24,7 @@ jobs:
|
||||
This issue will now be closed. Thanks!
|
||||
# Intended behavior
|
||||
- if: github.event.label.name == 'intended-behavior'
|
||||
name: Intended behaviour
|
||||
name: Intended behavior
|
||||
uses: peter-evans/close-issue@1373cadf1f0c96c1420bc000cfba2273ea307fd1 # v2.2.0
|
||||
with:
|
||||
comment: |
|
||||
|
100
.github/workflows/build.yml
vendored
100
.github/workflows/build.yml
vendored
@ -2,23 +2,23 @@
|
||||
name: Build
|
||||
|
||||
on:
|
||||
push:
|
||||
branches-ignore:
|
||||
- "l10n_master"
|
||||
- "gh-pages"
|
||||
paths-ignore:
|
||||
- ".github/workflows/**"
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- "main"
|
||||
- "rc"
|
||||
- "hotfix-rc"
|
||||
pull_request:
|
||||
|
||||
env:
|
||||
_AZ_REGISTRY: "bitwardenprod.azurecr.io"
|
||||
|
||||
jobs:
|
||||
cloc:
|
||||
name: CLOC
|
||||
name: Count lines of code
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Install cloc
|
||||
@ -33,62 +33,19 @@ jobs:
|
||||
name: Lint
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up dotnet
|
||||
- name: Set up .NET
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
|
||||
- name: Verify Format
|
||||
- name: Verify format
|
||||
run: dotnet format --verify-no-changes
|
||||
|
||||
testing:
|
||||
name: Testing
|
||||
runs-on: ubuntu-22.04
|
||||
env:
|
||||
NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up dotnet
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
|
||||
- name: Print environment
|
||||
run: |
|
||||
dotnet --info
|
||||
nuget help | grep Version
|
||||
echo "GitHub ref: $GITHUB_REF"
|
||||
echo "GitHub event: $GITHUB_EVENT"
|
||||
|
||||
- name: Remove SQL proj
|
||||
run: dotnet sln bitwarden-server.sln remove src/Sql/Sql.sqlproj
|
||||
|
||||
- name: Test OSS solution
|
||||
run: dotnet test ./test --configuration Release --logger "trx;LogFileName=oss-test-results.trx" /p:CoverletOutputFormatter="cobertura" --collect:"XPlat Code Coverage"
|
||||
|
||||
- name: Test Bitwarden solution
|
||||
run: dotnet test ./bitwarden_license/test --configuration Release --logger "trx;LogFileName=bw-test-results.trx" /p:CoverletOutputFormatter="cobertura" --collect:"XPlat Code Coverage"
|
||||
|
||||
- name: Report test results
|
||||
uses: dorny/test-reporter@c9b3d0e2bd2a4e96aaf424dbaa31c46b42318226 # v1.6.0
|
||||
if: always()
|
||||
with:
|
||||
name: Test Results
|
||||
path: "**/*-test-results.trx"
|
||||
reporter: dotnet-trx
|
||||
fail-on-error: true
|
||||
|
||||
- name: Upload to codecov.io
|
||||
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
|
||||
env:
|
||||
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
|
||||
|
||||
build-artifacts:
|
||||
name: Build artifacts
|
||||
runs-on: ubuntu-22.04
|
||||
needs:
|
||||
- testing
|
||||
- lint
|
||||
strategy:
|
||||
fail-fast: false
|
||||
@ -125,10 +82,10 @@ jobs:
|
||||
base_path: ./bitwarden_license/src
|
||||
node: true
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up dotnet
|
||||
- name: Set up .NET
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
|
||||
- name: Set up Node
|
||||
@ -228,7 +185,7 @@ jobs:
|
||||
base_path: ./bitwarden_license/src
|
||||
dotnet: true
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Check Branch to Publish
|
||||
@ -245,7 +202,7 @@ jobs:
|
||||
fi
|
||||
|
||||
########## ACRs ##########
|
||||
- name: Login to Azure - PROD Subscription
|
||||
- name: Log in to Azure - production subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
|
||||
@ -253,7 +210,7 @@ jobs:
|
||||
- name: Login to PROD ACR
|
||||
run: az acr login -n bitwardenprod
|
||||
|
||||
- name: Login to Azure - CI Subscription
|
||||
- name: Log in to Azure - CI subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||||
@ -275,7 +232,7 @@ jobs:
|
||||
fi
|
||||
echo "image_tag=$IMAGE_TAG" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Setup project name
|
||||
- name: Set up project name
|
||||
id: setup
|
||||
run: |
|
||||
PROJECT_NAME=$(echo "${{ matrix.project_name }}" | awk '{print tolower($0)}')
|
||||
@ -303,7 +260,7 @@ jobs:
|
||||
with:
|
||||
name: ${{ matrix.project_name }}.zip
|
||||
|
||||
- name: Setup build artifact
|
||||
- name: Set up build artifact
|
||||
if: ${{ matrix.dotnet }}
|
||||
run: |
|
||||
mkdir -p ${{ matrix.base_path}}/${{ matrix.project_name }}/obj/build-output/publish
|
||||
@ -326,13 +283,13 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
needs: build-docker
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up dotnet
|
||||
- name: Set up .NET
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
|
||||
- name: Login to Azure - PROD Subscription
|
||||
- name: Log in to Azure - production subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
|
||||
@ -445,7 +402,7 @@ jobs:
|
||||
if-no-files-found: error
|
||||
|
||||
build-mssqlmigratorutility:
|
||||
name: Build MsSqlMigratorUtility
|
||||
name: Build MSSQL migrator utility
|
||||
runs-on: ubuntu-22.04
|
||||
needs: lint
|
||||
defaults:
|
||||
@ -460,10 +417,10 @@ jobs:
|
||||
- linux-x64
|
||||
- win-x64
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up dotnet
|
||||
- name: Set up .NET
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
|
||||
- name: Print environment
|
||||
@ -478,7 +435,7 @@ jobs:
|
||||
dotnet publish -c "Release" -o obj/build-output/publish -r ${{ matrix.target }} -p:PublishSingleFile=true \
|
||||
-p:IncludeNativeLibrariesForSelfExtract=true --self-contained true
|
||||
|
||||
- name: Upload project artifact Windows
|
||||
- name: Upload project artifact for Windows
|
||||
if: ${{ contains(matrix.target, 'win') == true }}
|
||||
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||
with:
|
||||
@ -499,7 +456,7 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
needs: build-docker
|
||||
steps:
|
||||
- name: Login to Azure - CI Subscription
|
||||
- name: Log in to Azure - CI subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||||
@ -532,7 +489,7 @@ jobs:
|
||||
runs-on: ubuntu-22.04
|
||||
needs: build-docker
|
||||
steps:
|
||||
- name: Login to Azure - CI Subscription
|
||||
- name: Log in to Azure - CI subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||||
@ -567,7 +524,6 @@ jobs:
|
||||
needs:
|
||||
- cloc
|
||||
- lint
|
||||
- testing
|
||||
- build-artifacts
|
||||
- build-docker
|
||||
- upload
|
||||
@ -611,7 +567,7 @@ jobs:
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Login to Azure - CI subscription
|
||||
- name: Log in to Azure - CI subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
if: failure()
|
||||
with:
|
||||
|
18
.github/workflows/cleanup-after-pr.yml
vendored
18
.github/workflows/cleanup-after-pr.yml
vendored
@ -1,5 +1,5 @@
|
||||
---
|
||||
name: Clean After PR
|
||||
name: Container registry cleanup
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
@ -7,31 +7,31 @@ on:
|
||||
|
||||
jobs:
|
||||
build-docker:
|
||||
name: Remove feature branch docker images
|
||||
runs-on: ubuntu-20.04
|
||||
name: Remove branch-specific Docker images
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
########## ACR ##########
|
||||
- name: Login to Azure - QA Subscription
|
||||
- name: Log in to Azure - QA Subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
|
||||
|
||||
- name: Login to Azure ACR
|
||||
- name: Log in to Azure ACR
|
||||
run: az acr login -n bitwardenqa
|
||||
|
||||
- name: Login to Azure - PROD Subscription
|
||||
- name: Log in to Azure - production subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
|
||||
|
||||
- name: Login to Azure ACR
|
||||
- name: Log in to Azure ACR
|
||||
run: az acr login -n bitwardenprod
|
||||
|
||||
########## Remove Docker images ##########
|
||||
- name: Remove the docker image from ACR
|
||||
- name: Remove the Docker image from ACR
|
||||
env:
|
||||
REGISTRIES: |
|
||||
registries:
|
||||
|
12
.github/workflows/container-registry-purge.yml
vendored
12
.github/workflows/container-registry-purge.yml
vendored
@ -1,18 +1,18 @@
|
||||
---
|
||||
name: Container Registry Purge
|
||||
name: Container registry purge
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: '0 0 * * SUN'
|
||||
- cron: "0 0 * * SUN"
|
||||
workflow_dispatch:
|
||||
inputs: {}
|
||||
|
||||
jobs:
|
||||
purge:
|
||||
name: Purge old images
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Login to Azure
|
||||
- name: Log in to Azure
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
|
||||
@ -68,7 +68,7 @@ jobs:
|
||||
check-failures:
|
||||
name: Check for failures
|
||||
if: always()
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
needs:
|
||||
- purge
|
||||
steps:
|
||||
@ -84,7 +84,7 @@ jobs:
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Login to Azure - CI subscription
|
||||
- name: Log in to Azure - CI subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
if: failure()
|
||||
with:
|
||||
|
95
.github/workflows/database.yml
vendored
95
.github/workflows/database.yml
vendored
@ -1,95 +0,0 @@
|
||||
---
|
||||
name: Validate Database
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
branches-ignore:
|
||||
- 'l10n_master'
|
||||
- 'gh-pages'
|
||||
paths:
|
||||
- 'src/Sql/**'
|
||||
- 'util/Migrator/**'
|
||||
push:
|
||||
branches:
|
||||
- 'main'
|
||||
- 'rc'
|
||||
paths:
|
||||
- 'src/Sql/**'
|
||||
- 'util/Migrator/**'
|
||||
workflow_dispatch:
|
||||
inputs: {}
|
||||
|
||||
jobs:
|
||||
validate:
|
||||
name: Validate
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up dotnet
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
with:
|
||||
dotnet-version: '6.0.x'
|
||||
|
||||
- name: Print environment
|
||||
run: |
|
||||
dotnet --info
|
||||
nuget help | grep Version
|
||||
echo "GitHub ref: $GITHUB_REF"
|
||||
echo "GitHub event: $GITHUB_EVENT"
|
||||
|
||||
- name: Build DACPAC
|
||||
run: dotnet build src/Sql --configuration Release --verbosity minimal --output .
|
||||
shell: pwsh
|
||||
|
||||
- name: Upload DACPAC
|
||||
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||
with:
|
||||
name: sql.dacpac
|
||||
path: Sql.dacpac
|
||||
|
||||
- name: Docker Compose up
|
||||
working-directory: "dev"
|
||||
run: |
|
||||
cp .env.example .env
|
||||
docker compose --profile mssql up -d
|
||||
shell: pwsh
|
||||
|
||||
- name: Migrate
|
||||
working-directory: "dev"
|
||||
run: "pwsh ./migrate.ps1"
|
||||
shell: pwsh
|
||||
|
||||
- name: Diff sqlproj to migrations
|
||||
run: /usr/local/sqlpackage/sqlpackage /action:DeployReport /SourceFile:"Sql.dacpac" /TargetConnectionString:"Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True;" /OutputPath:"report.xml" /p:IgnoreColumnOrder=True /p:IgnoreComments=True
|
||||
shell: pwsh
|
||||
|
||||
- name: Generate SQL file
|
||||
run: /usr/local/sqlpackage/sqlpackage /action:Script /SourceFile:"Sql.dacpac" /TargetConnectionString:"Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True;" /OutputPath:"diff.sql" /p:IgnoreColumnOrder=True /p:IgnoreComments=True
|
||||
shell: pwsh
|
||||
|
||||
- name: Upload Report
|
||||
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||
with:
|
||||
name: report.xml
|
||||
path: |
|
||||
report.xml
|
||||
diff.sql
|
||||
|
||||
- name: Validate XML
|
||||
run: |
|
||||
if grep -q "<Operations>" "report.xml"; then
|
||||
echo
|
||||
echo "Migrations are out of sync with sqlproj!"
|
||||
exit 1
|
||||
else
|
||||
echo "Report looks good"
|
||||
fi
|
||||
shell: bash
|
||||
|
||||
- name: Docker compose down
|
||||
if: ${{ always() }}
|
||||
working-directory: "dev"
|
||||
run: docker compose down
|
||||
shell: pwsh
|
19
.github/workflows/enforce-labels.yml
vendored
19
.github/workflows/enforce-labels.yml
vendored
@ -2,15 +2,18 @@
|
||||
name: Enforce PR labels
|
||||
|
||||
on:
|
||||
workflow_call:
|
||||
pull_request:
|
||||
types: [labeled, unlabeled, opened, edited, synchronize]
|
||||
|
||||
types: [labeled, unlabeled, opened, reopened, synchronize]
|
||||
jobs:
|
||||
enforce-label:
|
||||
name: EnforceLabel
|
||||
runs-on: ubuntu-20.04
|
||||
if: ${{ contains(github.event.*.labels.*.name, 'hold') || contains(github.event.*.labels.*.name, 'needs-qa') || contains(github.event.*.labels.*.name, 'DB-migrations-changed') }}
|
||||
name: Enforce label
|
||||
runs-on: ubuntu-22.04
|
||||
|
||||
steps:
|
||||
- name: Enforce Label
|
||||
uses: yogevbd/enforce-label-action@a3c219da6b8fa73f6ba62b68ff09c469b3a1c024 # 2.2.2
|
||||
with:
|
||||
BANNED_LABELS: "hold,DB-migrations-changed,needs-qa"
|
||||
- name: Check for label
|
||||
run: |
|
||||
echo "PRs with the hold or needs-qa labels cannot be merged"
|
||||
echo "### :x: PRs with the hold or needs-qa labels cannot be merged" >> $GITHUB_STEP_SUMMARY
|
||||
exit 1
|
||||
|
117
.github/workflows/infrastructure-tests.yml
vendored
117
.github/workflows/infrastructure-tests.yml
vendored
@ -1,117 +0,0 @@
|
||||
---
|
||||
name: Run Database Infrastructure Tests
|
||||
on:
|
||||
pull_request:
|
||||
branches-ignore:
|
||||
- 'l10n_master'
|
||||
- 'gh-pages'
|
||||
paths:
|
||||
- '.github/workflows/infrastructure-tests.yml' # This file
|
||||
- 'src/Sql/**' # SQL Server Database Changes
|
||||
- 'util/Migrator/**' # New SQL Server Migrations
|
||||
- 'util/MySqlMigrations/**' # Changes to MySQL
|
||||
- 'util/PostgresMigrations/**' # Changes to Postgres
|
||||
- 'util/SqliteMigrations/**' # Changes to Sqlite
|
||||
- 'src/Infrastructure.Dapper/**' # Changes to SQL Server Dapper Repository Layer
|
||||
- 'src/Infrastructure.EntityFramework/**' # Changes to Entity Framework Repository Layer
|
||||
- 'test/Infrastructure.IntegrationTest/**' # Any changes to the tests
|
||||
push:
|
||||
branches:
|
||||
- 'main'
|
||||
- 'rc'
|
||||
paths:
|
||||
- '.github/workflows/infrastructure-tests.yml' # This file
|
||||
- 'src/Sql/**' # SQL Server Database Changes
|
||||
- 'util/Migrator/**' # New SQL Server Migrations
|
||||
- 'util/MySqlMigrations/**' # Changes to MySQL
|
||||
- 'util/PostgresMigrations/**' # Changes to Postgres
|
||||
- 'util/SqliteMigrations/**' # Changes to Sqlite
|
||||
- 'src/Infrastructure.Dapper/**' # Changes to SQL Server Dapper Repository Layer
|
||||
- 'src/Infrastructure.EntityFramework/**' # Changes to Entity Framework Repository Layer
|
||||
- 'test/Infrastructure.IntegrationTest/**' # Any changes to the tests
|
||||
workflow_dispatch:
|
||||
inputs: {}
|
||||
|
||||
jobs:
|
||||
test:
|
||||
name: 'Run Infrastructure.IntegrationTest'
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up dotnet
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
with:
|
||||
dotnet-version: '6.0.x'
|
||||
|
||||
- name: Restore Tools
|
||||
run: dotnet tool restore
|
||||
|
||||
- name: Compose Databases
|
||||
working-directory: 'dev'
|
||||
# We could think about not using profiles and pulling images directly to cover multiple versions
|
||||
run: |
|
||||
cp .env.example .env
|
||||
docker compose --profile mssql --profile postgres --profile mysql up -d
|
||||
shell: pwsh
|
||||
|
||||
# I've seen the SQL Server container not be ready for commands right after starting up and just needing a bit longer to be ready
|
||||
- name: Sleep
|
||||
run: sleep 15s
|
||||
|
||||
- name: Migrate SQL Server
|
||||
working-directory: 'dev'
|
||||
run: "pwsh ./migrate.ps1"
|
||||
shell: pwsh
|
||||
|
||||
- name: Migrate MySQL
|
||||
working-directory: 'util/MySqlMigrations'
|
||||
run: 'dotnet ef database update --connection "$CONN_STR" -- --GlobalSettings:MySql:ConnectionString="$CONN_STR"'
|
||||
env:
|
||||
CONN_STR: "server=localhost;uid=root;pwd=SET_A_PASSWORD_HERE_123;database=vault_dev;Allow User Variables=true"
|
||||
|
||||
- name: Migrate Postgres
|
||||
working-directory: 'util/PostgresMigrations'
|
||||
run: 'dotnet ef database update --connection "$CONN_STR" -- --GlobalSettings:PostgreSql:ConnectionString="$CONN_STR"'
|
||||
env:
|
||||
CONN_STR: "Host=localhost;Username=postgres;Password=SET_A_PASSWORD_HERE_123;Database=vault_dev"
|
||||
|
||||
- name: Migrate Sqlite
|
||||
working-directory: 'util/SqliteMigrations'
|
||||
run: 'dotnet ef database update --connection "$CONN_STR" -- --GlobalSettings:Sqlite:ConnectionString="$CONN_STR"'
|
||||
env:
|
||||
CONN_STR: "Data Source=${{ runner.temp }}/test.db"
|
||||
|
||||
- name: Run Tests
|
||||
working-directory: 'test/Infrastructure.IntegrationTest'
|
||||
env:
|
||||
# Default Postgres:
|
||||
BW_TEST_DATABASES__0__TYPE: "Postgres"
|
||||
BW_TEST_DATABASES__0__CONNECTIONSTRING: "Host=localhost;Username=postgres;Password=SET_A_PASSWORD_HERE_123;Database=vault_dev"
|
||||
# Default MySql
|
||||
BW_TEST_DATABASES__1__TYPE: "MySql"
|
||||
BW_TEST_DATABASES__1__CONNECTIONSTRING: "server=localhost;uid=root;pwd=SET_A_PASSWORD_HERE_123;database=vault_dev"
|
||||
# Default Dapper SqlServer
|
||||
BW_TEST_DATABASES__2__TYPE: "SqlServer"
|
||||
BW_TEST_DATABASES__2__CONNECTIONSTRING: "Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True;"
|
||||
# Default Sqlite
|
||||
BW_TEST_DATABASES__3__TYPE: "Sqlite"
|
||||
BW_TEST_DATABASES__3__CONNECTIONSTRING: "Data Source=${{ runner.temp }}/test.db"
|
||||
run: dotnet test --logger "trx;LogFileName=infrastructure-test-results.trx"
|
||||
shell: pwsh
|
||||
|
||||
- name: Report test results
|
||||
uses: dorny/test-reporter@c9b3d0e2bd2a4e96aaf424dbaa31c46b42318226 # v1.6.0
|
||||
if: always()
|
||||
with:
|
||||
name: Test Results
|
||||
path: "**/*-test-results.trx"
|
||||
reporter: dotnet-trx
|
||||
fail-on-error: true
|
||||
|
||||
- name: Docker compose down
|
||||
if: always()
|
||||
working-directory: "dev"
|
||||
run: docker compose down
|
||||
shell: pwsh
|
7
.github/workflows/protect-files.yml
vendored
7
.github/workflows/protect-files.yml
vendored
@ -2,8 +2,7 @@
|
||||
# Starts a matrix job to check for modified files, then sets output based on the results.
|
||||
# The input decides if the label job is ran, adding a label to the PR.
|
||||
---
|
||||
|
||||
name: Protect Files
|
||||
name: Protect files
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
@ -17,7 +16,7 @@ on:
|
||||
jobs:
|
||||
changed-files:
|
||||
name: Check for file changes
|
||||
runs-on: ubuntu-20.04
|
||||
runs-on: ubuntu-22.04
|
||||
outputs:
|
||||
changes: ${{steps.check-changes.outputs.changes_detected}}
|
||||
|
||||
@ -29,7 +28,7 @@ jobs:
|
||||
path: util/Migrator/DbScripts
|
||||
label: "DB-migrations-changed"
|
||||
steps:
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
with:
|
||||
fetch-depth: 2
|
||||
|
34
.github/workflows/release.yml
vendored
34
.github/workflows/release.yml
vendored
@ -16,7 +16,7 @@ on:
|
||||
- Dry Run
|
||||
|
||||
env:
|
||||
_AZ_REGISTRY: 'bitwardenprod.azurecr.io'
|
||||
_AZ_REGISTRY: "bitwardenprod.azurecr.io"
|
||||
|
||||
jobs:
|
||||
setup:
|
||||
@ -36,10 +36,10 @@ jobs:
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Check Release Version
|
||||
- name: Check release version
|
||||
id: version
|
||||
uses: bitwarden/gh-actions/release-version-check@main
|
||||
with:
|
||||
@ -87,7 +87,7 @@ jobs:
|
||||
task: "deploy"
|
||||
description: "Deploy from ${{ needs.setup.outputs.branch-name }} branch"
|
||||
|
||||
- name: Download latest Release ${{ matrix.name }} asset
|
||||
- name: Download latest release ${{ matrix.name }} asset
|
||||
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
|
||||
uses: bitwarden/gh-actions/download-artifacts@main
|
||||
with:
|
||||
@ -96,7 +96,7 @@ jobs:
|
||||
branch: ${{ needs.setup.outputs.branch-name }}
|
||||
artifacts: ${{ matrix.name }}.zip
|
||||
|
||||
- name: Dry Run - Download latest Release ${{ matrix.name }} asset
|
||||
- name: Dry run - Download latest release ${{ matrix.name }} asset
|
||||
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
|
||||
uses: bitwarden/gh-actions/download-artifacts@main
|
||||
with:
|
||||
@ -105,7 +105,7 @@ jobs:
|
||||
branch: main
|
||||
artifacts: ${{ matrix.name }}.zip
|
||||
|
||||
- name: Login to Azure - CI subscription
|
||||
- name: Log in to Azure - CI subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||||
@ -130,12 +130,12 @@ jobs:
|
||||
echo "::add-mask::$publish_profile"
|
||||
echo "publish-profile=$publish_profile" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Login to Azure
|
||||
- name: Log in to Azure
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
|
||||
|
||||
- name: Deploy App
|
||||
- name: Deploy app
|
||||
uses: azure/webapps-deploy@4bca689e4c7129e55923ea9c45401b22dc6aa96f # v2.2.11
|
||||
with:
|
||||
app-name: ${{ steps.retrieve-secrets.outputs.webapp-name }}
|
||||
@ -156,7 +156,7 @@ jobs:
|
||||
fi
|
||||
az webapp start -n $WEBAPP_NAME -g $RESOURCE_GROUP -s staging
|
||||
|
||||
- name: Update ${{ matrix.name }} deployment status to Success
|
||||
- name: Update ${{ matrix.name }} deployment status to success
|
||||
if: ${{ github.event.inputs.release_type != 'Dry Run' && success() }}
|
||||
uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
|
||||
with:
|
||||
@ -164,7 +164,7 @@ jobs:
|
||||
state: "success"
|
||||
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
|
||||
|
||||
- name: Update ${{ matrix.name }} deployment status to Failure
|
||||
- name: Update ${{ matrix.name }} deployment status to failure
|
||||
if: ${{ github.event.inputs.release_type != 'Dry Run' && failure() }}
|
||||
uses: chrnorm/deployment-status@2afb7d27101260f4a764219439564d954d10b5b0 # v2.0.1
|
||||
with:
|
||||
@ -210,10 +210,10 @@ jobs:
|
||||
echo "GitHub event: $GITHUB_EVENT"
|
||||
echo "Github Release Option: $RELEASE_OPTION"
|
||||
|
||||
- name: Checkout repo
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Setup project name
|
||||
- name: Set up project name
|
||||
id: setup
|
||||
run: |
|
||||
PROJECT_NAME=$(echo "${{ matrix.project_name }}" | awk '{print tolower($0)}')
|
||||
@ -222,12 +222,12 @@ jobs:
|
||||
echo "project_name=$PROJECT_NAME" >> $GITHUB_OUTPUT
|
||||
|
||||
########## ACR PROD ##########
|
||||
- name: Login to Azure - PROD Subscription
|
||||
- name: Log in to Azure - production subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
|
||||
|
||||
- name: Login to Azure ACR
|
||||
- name: Log in to Azure ACR
|
||||
run: az acr login -n $_AZ_REGISTRY --only-show-errors
|
||||
|
||||
- name: Pull latest project image
|
||||
@ -266,13 +266,13 @@ jobs:
|
||||
run: docker logout
|
||||
|
||||
release:
|
||||
name: Create GitHub Release
|
||||
name: Create GitHub release
|
||||
runs-on: ubuntu-22.04
|
||||
needs:
|
||||
- setup
|
||||
- deploy
|
||||
steps:
|
||||
- name: Download latest Release Docker Stubs
|
||||
- name: Download latest release Docker stubs
|
||||
if: ${{ github.event.inputs.release_type != 'Dry Run' }}
|
||||
uses: bitwarden/gh-actions/download-artifacts@main
|
||||
with:
|
||||
@ -285,7 +285,7 @@ jobs:
|
||||
docker-stub-EU-sha256.txt,
|
||||
swagger.json"
|
||||
|
||||
- name: Dry Run - Download latest Release Docker Stubs
|
||||
- name: Dry Run - Download latest release Docker stubs
|
||||
if: ${{ github.event.inputs.release_type == 'Dry Run' }}
|
||||
uses: bitwarden/gh-actions/download-artifacts@main
|
||||
with:
|
||||
|
22
.github/workflows/stale-bot.yml
vendored
22
.github/workflows/stale-bot.yml
vendored
@ -1,23 +1,23 @@
|
||||
---
|
||||
name: 'Close stale issues and PRs'
|
||||
name: Staleness
|
||||
on:
|
||||
workflow_dispatch:
|
||||
schedule: # Run once a day at 5.23am (arbitrary but should avoid peak loads on the hour)
|
||||
- cron: '23 5 * * *'
|
||||
schedule: # Run once a day at 5.23am (arbitrary but should avoid peak loads on the hour)
|
||||
- cron: "23 5 * * *"
|
||||
|
||||
jobs:
|
||||
stale:
|
||||
name: 'Check for stale issues and PRs'
|
||||
runs-on: ubuntu-20.04
|
||||
name: Check for stale issues and PRs
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: 'Run stale action'
|
||||
- name: Check
|
||||
uses: actions/stale@1160a2240286f5da8ec72b1c0816ce2481aabf84 # v8.0.0
|
||||
with:
|
||||
stale-issue-label: 'needs-reply'
|
||||
stale-pr-label: 'needs-changes'
|
||||
days-before-stale: -1 # Do not apply the stale labels automatically, this is a manual process
|
||||
days-before-issue-close: 14 # Close issue if no further activity after X days
|
||||
days-before-pr-close: 21 # Close PR if no further activity after X days
|
||||
stale-issue-label: "needs-reply"
|
||||
stale-pr-label: "needs-changes"
|
||||
days-before-stale: -1 # Do not apply the stale labels automatically, this is a manual process
|
||||
days-before-issue-close: 14 # Close issue if no further activity after X days
|
||||
days-before-pr-close: 21 # Close PR if no further activity after X days
|
||||
close-issue-message: |
|
||||
We need more information before we can help you with your problem. As we haven’t heard from you recently, this issue will be closed.
|
||||
|
||||
|
10
.github/workflows/stop-staging-slots.yml
vendored
10
.github/workflows/stop-staging-slots.yml
vendored
@ -1,5 +1,5 @@
|
||||
---
|
||||
name: Stop Staging Slots
|
||||
name: Stop staging slots
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
@ -7,8 +7,8 @@ on:
|
||||
|
||||
jobs:
|
||||
stop-slots:
|
||||
name: Stop Slots
|
||||
runs-on: ubuntu-20.04
|
||||
name: Stop slots
|
||||
runs-on: ubuntu-22.04
|
||||
strategy:
|
||||
fail-fast: false
|
||||
matrix:
|
||||
@ -28,7 +28,7 @@ jobs:
|
||||
echo "NAME_LOWER: $NAME_LOWER"
|
||||
echo "name_lower=$NAME_LOWER" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Login to Azure - CI Subscription
|
||||
- name: Log in to Azure - CI subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||||
@ -46,7 +46,7 @@ jobs:
|
||||
echo "::add-mask::$webapp_name"
|
||||
echo "webapp-name=$webapp_name" >> $GITHUB_OUTPUT
|
||||
|
||||
- name: Login to Azure
|
||||
- name: Log in to Azure
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
|
||||
|
185
.github/workflows/test-database.yml
vendored
Normal file
185
.github/workflows/test-database.yml
vendored
Normal file
@ -0,0 +1,185 @@
|
||||
---
|
||||
name: Database testing
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- "main"
|
||||
- "rc"
|
||||
- "hotfix-rc"
|
||||
paths:
|
||||
- ".github/workflows/infrastructure-tests.yml" # This file
|
||||
- "src/Sql/**" # SQL Server Database Changes
|
||||
- "util/Migrator/**" # New SQL Server Migrations
|
||||
- "util/MySqlMigrations/**" # Changes to MySQL
|
||||
- "util/PostgresMigrations/**" # Changes to Postgres
|
||||
- "util/SqliteMigrations/**" # Changes to Sqlite
|
||||
- "src/Infrastructure.Dapper/**" # Changes to SQL Server Dapper Repository Layer
|
||||
- "src/Infrastructure.EntityFramework/**" # Changes to Entity Framework Repository Layer
|
||||
- "test/Infrastructure.IntegrationTest/**" # Any changes to the tests
|
||||
pull_request:
|
||||
paths:
|
||||
- ".github/workflows/infrastructure-tests.yml" # This file
|
||||
- "src/Sql/**" # SQL Server Database Changes
|
||||
- "util/Migrator/**" # New SQL Server Migrations
|
||||
- "util/MySqlMigrations/**" # Changes to MySQL
|
||||
- "util/PostgresMigrations/**" # Changes to Postgres
|
||||
- "util/SqliteMigrations/**" # Changes to Sqlite
|
||||
- "src/Infrastructure.Dapper/**" # Changes to SQL Server Dapper Repository Layer
|
||||
- "src/Infrastructure.EntityFramework/**" # Changes to Entity Framework Repository Layer
|
||||
- "test/Infrastructure.IntegrationTest/**" # Any changes to the tests
|
||||
|
||||
jobs:
|
||||
test:
|
||||
name: Run tests
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up .NET
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
|
||||
- name: Restore tools
|
||||
run: dotnet tool restore
|
||||
|
||||
- name: Docker Compose databases
|
||||
working-directory: "dev"
|
||||
# We could think about not using profiles and pulling images directly to cover multiple versions
|
||||
run: |
|
||||
cp .env.example .env
|
||||
docker compose --profile mssql --profile postgres --profile mysql up -d
|
||||
shell: pwsh
|
||||
|
||||
# I've seen the SQL Server container not be ready for commands right after starting up and just needing a bit longer to be ready
|
||||
- name: Sleep
|
||||
run: sleep 15s
|
||||
|
||||
- name: Migrate SQL Server
|
||||
working-directory: "dev"
|
||||
run: "./migrate.ps1"
|
||||
shell: pwsh
|
||||
|
||||
- name: Migrate MySQL
|
||||
working-directory: "util/MySqlMigrations"
|
||||
run: 'dotnet ef database update --connection "$CONN_STR" -- --GlobalSettings:MySql:ConnectionString="$CONN_STR"'
|
||||
env:
|
||||
CONN_STR: "server=localhost;uid=root;pwd=SET_A_PASSWORD_HERE_123;database=vault_dev;Allow User Variables=true"
|
||||
|
||||
- name: Migrate Postgres
|
||||
working-directory: "util/PostgresMigrations"
|
||||
run: 'dotnet ef database update --connection "$CONN_STR" -- --GlobalSettings:PostgreSql:ConnectionString="$CONN_STR"'
|
||||
env:
|
||||
CONN_STR: "Host=localhost;Username=postgres;Password=SET_A_PASSWORD_HERE_123;Database=vault_dev"
|
||||
|
||||
- name: Migrate SQLite
|
||||
working-directory: "util/SqliteMigrations"
|
||||
run: 'dotnet ef database update --connection "$CONN_STR" -- --GlobalSettings:Sqlite:ConnectionString="$CONN_STR"'
|
||||
env:
|
||||
CONN_STR: "Data Source=${{ runner.temp }}/test.db"
|
||||
|
||||
- name: Run tests
|
||||
working-directory: "test/Infrastructure.IntegrationTest"
|
||||
env:
|
||||
# Default Postgres:
|
||||
BW_TEST_DATABASES__0__TYPE: "Postgres"
|
||||
BW_TEST_DATABASES__0__CONNECTIONSTRING: "Host=localhost;Username=postgres;Password=SET_A_PASSWORD_HERE_123;Database=vault_dev"
|
||||
# Default MySql
|
||||
BW_TEST_DATABASES__1__TYPE: "MySql"
|
||||
BW_TEST_DATABASES__1__CONNECTIONSTRING: "server=localhost;uid=root;pwd=SET_A_PASSWORD_HERE_123;database=vault_dev"
|
||||
# Default Dapper SqlServer
|
||||
BW_TEST_DATABASES__2__TYPE: "SqlServer"
|
||||
BW_TEST_DATABASES__2__CONNECTIONSTRING: "Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True;"
|
||||
# Default Sqlite
|
||||
BW_TEST_DATABASES__3__TYPE: "Sqlite"
|
||||
BW_TEST_DATABASES__3__CONNECTIONSTRING: "Data Source=${{ runner.temp }}/test.db"
|
||||
run: dotnet test --logger "trx;LogFileName=infrastructure-test-results.trx"
|
||||
shell: pwsh
|
||||
|
||||
- name: Report test results
|
||||
uses: dorny/test-reporter@c9b3d0e2bd2a4e96aaf424dbaa31c46b42318226 # v1.6.0
|
||||
if: always()
|
||||
with:
|
||||
name: Test Results
|
||||
path: "**/*-test-results.trx"
|
||||
reporter: dotnet-trx
|
||||
fail-on-error: true
|
||||
|
||||
- name: Docker Compose down
|
||||
if: always()
|
||||
working-directory: "dev"
|
||||
run: docker compose down
|
||||
shell: pwsh
|
||||
|
||||
validate:
|
||||
name: Run validation
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up .NET
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
|
||||
- name: Print environment
|
||||
run: |
|
||||
dotnet --info
|
||||
nuget help | grep Version
|
||||
echo "GitHub ref: $GITHUB_REF"
|
||||
echo "GitHub event: $GITHUB_EVENT"
|
||||
|
||||
- name: Build DACPAC
|
||||
run: dotnet build src/Sql --configuration Release --verbosity minimal --output .
|
||||
shell: pwsh
|
||||
|
||||
- name: Upload DACPAC
|
||||
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||
with:
|
||||
name: sql.dacpac
|
||||
path: Sql.dacpac
|
||||
|
||||
- name: Docker Compose up
|
||||
working-directory: "dev"
|
||||
run: |
|
||||
cp .env.example .env
|
||||
docker compose --profile mssql up -d
|
||||
shell: pwsh
|
||||
|
||||
- name: Migrate
|
||||
working-directory: "dev"
|
||||
run: "./migrate.ps1"
|
||||
shell: pwsh
|
||||
|
||||
- name: Diff .sqlproj to migrations
|
||||
run: /usr/local/sqlpackage/sqlpackage /action:DeployReport /SourceFile:"Sql.dacpac" /TargetConnectionString:"Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True;" /OutputPath:"report.xml" /p:IgnoreColumnOrder=True /p:IgnoreComments=True
|
||||
shell: pwsh
|
||||
|
||||
- name: Generate SQL file
|
||||
run: /usr/local/sqlpackage/sqlpackage /action:Script /SourceFile:"Sql.dacpac" /TargetConnectionString:"Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True;" /OutputPath:"diff.sql" /p:IgnoreColumnOrder=True /p:IgnoreComments=True
|
||||
shell: pwsh
|
||||
|
||||
- name: Report validation results
|
||||
uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
|
||||
with:
|
||||
name: report.xml
|
||||
path: |
|
||||
report.xml
|
||||
diff.sql
|
||||
|
||||
- name: Validate XML
|
||||
run: |
|
||||
if grep -q "<Operations>" "report.xml"; then
|
||||
echo
|
||||
echo "Migrations are out of sync with sqlproj!"
|
||||
exit 1
|
||||
else
|
||||
echo "Report looks good"
|
||||
fi
|
||||
shell: bash
|
||||
|
||||
- name: Docker Compose down
|
||||
if: ${{ always() }}
|
||||
working-directory: "dev"
|
||||
run: docker compose down
|
||||
shell: pwsh
|
57
.github/workflows/test.yml
vendored
Normal file
57
.github/workflows/test.yml
vendored
Normal file
@ -0,0 +1,57 @@
|
||||
---
|
||||
name: Testing
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
push:
|
||||
branches:
|
||||
- "main"
|
||||
- "rc"
|
||||
- "hotfix-rc"
|
||||
pull_request:
|
||||
|
||||
env:
|
||||
_AZ_REGISTRY: "bitwardenprod.azurecr.io"
|
||||
|
||||
jobs:
|
||||
testing:
|
||||
name: Run tests
|
||||
runs-on: ubuntu-22.04
|
||||
env:
|
||||
NUGET_PACKAGES: ${{ github.workspace }}/.nuget/packages
|
||||
steps:
|
||||
- name: Check out repo
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
|
||||
- name: Set up .NET
|
||||
uses: actions/setup-dotnet@3447fd6a9f9e57506b15f895c5b76d3b197dc7c2 # v3.2.0
|
||||
|
||||
- name: Print environment
|
||||
run: |
|
||||
dotnet --info
|
||||
nuget help | grep Version
|
||||
echo "GitHub ref: $GITHUB_REF"
|
||||
echo "GitHub event: $GITHUB_EVENT"
|
||||
|
||||
- name: Remove SQL project
|
||||
run: dotnet sln bitwarden-server.sln remove src/Sql/Sql.sqlproj
|
||||
|
||||
- name: Test OSS solution
|
||||
run: dotnet test ./test --configuration Debug --logger "trx;LogFileName=oss-test-results.trx" /p:CoverletOutputFormatter="cobertura" --collect:"XPlat Code Coverage"
|
||||
|
||||
- name: Test Bitwarden solution
|
||||
run: dotnet test ./bitwarden_license/test --configuration Debug --logger "trx;LogFileName=bw-test-results.trx" /p:CoverletOutputFormatter="cobertura" --collect:"XPlat Code Coverage"
|
||||
|
||||
- name: Report test results
|
||||
uses: dorny/test-reporter@c9b3d0e2bd2a4e96aaf424dbaa31c46b42318226 # v1.6.0
|
||||
if: always()
|
||||
with:
|
||||
name: Test Results
|
||||
path: "**/*-test-results.trx"
|
||||
reporter: dotnet-trx
|
||||
fail-on-error: true
|
||||
|
||||
- name: Upload to codecov.io
|
||||
uses: codecov/codecov-action@eaaf4bedf32dbdc6b720b63067d99c4d77d6047d # v3.1.4
|
||||
env:
|
||||
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
|
23
.github/workflows/version-bump.yml
vendored
23
.github/workflows/version-bump.yml
vendored
@ -1,6 +1,6 @@
|
||||
---
|
||||
name: Version Bump
|
||||
run-name: Version Bump - v${{ inputs.version_number }}
|
||||
name: Bump version
|
||||
run-name: Bump version to ${{ inputs.version_number }}
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
@ -16,10 +16,10 @@ on:
|
||||
|
||||
jobs:
|
||||
bump_version:
|
||||
name: "Bump Version to v${{ inputs.version_number }}"
|
||||
name: Bump
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Login to Azure - CI Subscription
|
||||
- name: Log in to Azure - CI subscription
|
||||
uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
|
||||
with:
|
||||
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
|
||||
@ -33,7 +33,7 @@ jobs:
|
||||
github-gpg-private-key-passphrase,
|
||||
github-pat-bitwarden-devops-bot-repo-scope"
|
||||
|
||||
- name: Checkout Branch
|
||||
- name: Check out branch
|
||||
uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
|
||||
with:
|
||||
ref: main
|
||||
@ -47,7 +47,7 @@ jobs:
|
||||
git_user_signingkey: true
|
||||
git_commit_gpgsign: true
|
||||
|
||||
- name: Create Version Branch
|
||||
- name: Create version branch
|
||||
id: create-branch
|
||||
run: |
|
||||
NAME=version_bump_${{ github.ref_name }}_${{ inputs.version_number }}
|
||||
@ -78,13 +78,13 @@ jobs:
|
||||
exit 1
|
||||
fi
|
||||
|
||||
- name: Bump Version - Props
|
||||
- name: Bump version props
|
||||
uses: bitwarden/gh-actions/version-bump@main
|
||||
with:
|
||||
version: ${{ inputs.version_number }}
|
||||
file_path: "Directory.Build.props"
|
||||
|
||||
- name: Setup git
|
||||
- name: Set up Git
|
||||
run: |
|
||||
git config --local user.email "106330231+bitwarden-devops-bot@users.noreply.github.com"
|
||||
git config --local user.name "bitwarden-devops-bot"
|
||||
@ -109,7 +109,7 @@ jobs:
|
||||
PR_BRANCH: ${{ steps.create-branch.outputs.name }}
|
||||
run: git push -u origin $PR_BRANCH
|
||||
|
||||
- name: Create Version PR
|
||||
- name: Create version PR
|
||||
if: ${{ steps.version-changed.outputs.changes_to_commit == 'TRUE' }}
|
||||
id: create-pr
|
||||
env:
|
||||
@ -152,7 +152,7 @@ jobs:
|
||||
if: ${{ inputs.cut_rc_branch == true }}
|
||||
runs-on: ubuntu-22.04
|
||||
steps:
|
||||
- name: Checkout Branch
|
||||
- name: Check out branch
|
||||
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
|
||||
with:
|
||||
ref: main
|
||||
@ -171,9 +171,8 @@ jobs:
|
||||
git switch --quiet --create rc
|
||||
git push --quiet --set-upstream origin rc
|
||||
|
||||
|
||||
move-future-db-scripts:
|
||||
name: Move future DB scripts
|
||||
name: Move finalization database scripts
|
||||
needs: cut_rc
|
||||
uses: ./.github/workflows/_move_finalization_db_scripts.yml
|
||||
secrets: inherit
|
||||
|
3
.github/workflows/workflow-linter.yml
vendored
3
.github/workflows/workflow-linter.yml
vendored
@ -1,5 +1,5 @@
|
||||
---
|
||||
name: Workflow Linter
|
||||
name: Workflow linter
|
||||
|
||||
on:
|
||||
pull_request:
|
||||
@ -8,4 +8,5 @@ on:
|
||||
|
||||
jobs:
|
||||
call-workflow:
|
||||
name: Lint
|
||||
uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@main
|
||||
|
Loading…
Reference in New Issue
Block a user