Upstream/bitwarden-server
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
Code Issues Projects Releases Wiki Activity

Change protected release branch to release (#1656)

Browse Source 
* Adding a contraint around the new release branch strategy

* Adding a constraint on what CI code can be used to release the release branch

* updating the self host docker image building and releasing

* removing master branch release ci code execution

* updating some verbiage
This commit is contained in:
Joseph Flinn 2021-10-22 08:41:38 -07:00 committed by GitHub
parent 7da15af92f
commit f3d6a43025
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 98 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
.github/workflows/build.yml vendored
View File

@ -298,8 +298,8 @@ jobs:
- name: Setup build artifact - name: Setup build artifact
if: ${{ matrix.dotnet }} if: ${{ matrix.dotnet }}
run: | run: |
mkdir -p ${{ matrix.base_path}}/${{ matrix.service_name}}/obj/build-output/publish mkdir -p ${{ matrix.base_path}}/${{ matrix.service_name }}/obj/build-output/publish
unzip ${{ matrix.service_name }}.zip -d ${{ matrix.base_path}}/${{ matrix.service_name}}/obj/build-output/publish unzip ${{ matrix.service_name }}.zip -d ${{ matrix.base_path }}/${{ matrix.service_name }}/obj/build-output/publish
- name: Build Docker images - name: Build Docker images
run: | run: |
@ -323,6 +323,12 @@ jobs:
docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \ docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \
${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:dev ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:dev
- name: Tag latest
if: github.ref == 'refs/heads/release'
run: |
docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \
${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:latest
- name: List Docker images - name: List Docker images
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
run: docker images run: docker images
@ -343,6 +349,11 @@ jobs:
run: | run: |
docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:dev docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:dev
- name: Push latest images
if: github.ref == 'refs/heads/release'
run: |
docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:latest
- name: Log out of Docker - name: Log out of Docker
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
run: docker logout run: docker logout

95
.github/workflows/release.yml vendored
View File

@ -3,11 +3,7 @@ name: Release
on: on:
workflow_dispatch: workflow_dispatch:
inputs: inputs: {}
release_branch:
description: "branch to release from"
required: true
default: "rc"
jobs: jobs:
@ -17,10 +13,19 @@ jobs:
outputs: outputs:
release_version: ${{ steps.version.outputs.package }} release_version: ${{ steps.version.outputs.package }}
steps: steps:
- name: Branch check
run: |
if [[ "$GITHUB_REF" != "refs/heads/release" ]]; then
echo "==================================="
echo "[!] Can only release from the 'release' branch"
echo "==================================="
exit 1
fi
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
with: with:
ref: ${{ github.event.inputs.release_branch }} ref: release
- name: Check Release Version - name: Check Release Version
id: version id: version
@ -62,12 +67,12 @@ jobs:
echo "NAME_LOWER: $NAME_LOWER" echo "NAME_LOWER: $NAME_LOWER"
echo "::set-output name=name_lower::$NAME_LOWER" echo "::set-output name=name_lower::$NAME_LOWER"
- name: Download latest ${{ github.event.inputs.release_branch }} ${{ matrix.name }} asset - name: Download latest Release ${{ matrix.name }} asset
uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783 uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783
with: with:
workflow: build.yml workflow: build.yml
workflow_conclusion: success workflow_conclusion: success
branch: ${{ github.event.inputs.release_branch }} branch: release
artifacts: ${{ matrix.name }}.zip artifacts: ${{ matrix.name }}.zip
- name: Login to Azure - name: Login to Azure
@ -96,6 +101,76 @@ jobs:
slot: "staging" slot: "staging"
release-docker:
name: Build Docker images
runs-on: ubuntu-20.04
needs: build-artifacts
env:
_RELEASE_VERSION: ${{ needs.setup.outputs.release_version }}
strategy:
fail-fast: false
matrix:
include:
- service_name: Admin
- service_name: Api
- service_name: Attachments
- service_name: Events
- service_name: Icons
- service_name: Identity
- service_name: K8S-Proxy
- service_name: MsSql
- service_name: Nginx
- service_name: Notifications
- service_name: Server
- service_name: Setup
- service_name: Sso
steps:
- name: Print environment
run: |
whoami
docker --version
echo "GitHub ref: $GITHUB_REF"
echo "GitHub event: $GITHUB_EVENT"
- name: Setup DCT
id: setup-dct
uses: bitwarden/gh-actions/setup-docker-trust@a8c384a05a974c05c48374c818b004be221d43ff
with:
azure-creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
azure-keyvault-name: "bitwarden-prod-kv"
- name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
- name: Setup service name
id: setup
run: |
SERVICE_NAME=$(echo "${{ matrix.service_name }}" | awk '{print tolower($0)}')
echo "Matrix name: ${{ matrix.service_name }}"
echo "SERVICE_NAME: $SERVICE_NAME"
echo "::set-output name=service_name::$SERVICE_NAME"
- name: Pull latest selfhost Release image
run: docker pull bitwarden/${{ steps.setup.outputs.service_name }}:latest
- name: Tag version
run: |
docker tag bitwarden/${{ steps.setup.outputs.service_name }}:latest bitwarden/${{ steps.setup.outputs.service_name }}:$_RELEASE_VERSION
- name: List Docker images
run: docker images
- name: Push latest image
run: |
docker push bitwarden/${{ steps.setup.outputs.service_name }}:$_RELEASE_VERSION
env:
DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.setup-dct.outputs.dct-delegate-repo-passphrase }}
- name: Log out of Docker
run: docker logout
release: release:
name: Create GitHub Release name: Create GitHub Release
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
@ -103,12 +178,12 @@ jobs:
- setup - setup
- deploy - deploy
steps: steps:
- name: Download latest ${{ github.event.inputs.release_branch }} docker-stub - name: Download latest Release docker-stub
uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783 uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783
with: with:
workflow: build.yml workflow: build.yml
workflow_conclusion: success workflow_conclusion: success
branch: ${{ github.event.inputs.release_branch }} branch: release
artifacts: "docker-stub.zip, artifacts: "docker-stub.zip,
swagger.json" swagger.json"