* Adding QA registry back into self-host build pipeline
* switching order of the ACR signin
* Update build pipeline to follow same patterns as build-self-host and push to both Prod and QA registries
* Add Bitwarden QA registry to the PR clean up workflow
* Fix project name and path to dockerfile
* Add a publish branch check to the tag list generator
* Fix bash env var typo
* Abstract the publishing branch logic (to make it easier to add/remove custom branches)
* Fix the conditional syntax
* Another try to fix the conditional syntax
* Updating the publish branch logic
* Wow...it's been a while since I've written Actions
* test the reverse of the publish branch check
* Trying again
* Another test
* Actions uses single quotes...
* retest the publish check if the branch actually is correct
* Switching to using the ENV instead of outputs
* test no publish branch
* Switch all of the publish conditionals and remove the testing code
* Remove more test code
* Updated environment for deployments to not specify service name.
* Fixed linting errors.
(cherry picked from commit b40b0f57cc)
* Undid changes to QA deployment. This will be moved to the devops repo so no changes here are necessary.
* [EC-736] Revert change on OrganizationUserUserViewQuery
Revert a change that was causing the query to not return results when the OrganizationUser did not have a corresponding row on the Users table
* [EC-736] Update build to run bitwarden_license test projects
* Change to EventsProcessor
* COmment out for testing
* Comment out for testing
* Comment out branch check
* Comment version check
* Add info about origin registry
* FIx condition
* Uncomment after testing
* Release events
* [ENG-71] updated release job to have Github deployment
* [ENG-71] Updated to use commit instead of v2.
* [ENG-71] Updated to track each server deployment.
Co-authored-by: Todd Martin <>
* Updating the grep version check to be more strict on the new version convention
* updating the way we check the version with the new github release
* Fixed the release-type
* switching master branch name for commit
* enabling ACR images for feature branches
* fixing typo in docker tag name
* Adding a workflow that cleans up the docker images from a branch when it gets merged in.
* Updating job name
* Fixing trigger syntax issue
* adding a manual trigger
* Removing the copy + paste mistake
* Adding non-tty confirmation for the deletion of the image
* Un-paralellizing workflow
* fixing the yq options
* trying a different way to get the var data
* trying with quotes
* trying it for real
* adding in a message and testing deleting a tag that doesn't exist
* handling the case where the tag doesn't exist
* fixing a typo
* logging some vaules to try to get some answers
* trying a different way of passing the var into jq
* final cleanup and test
* fixing linting issues
* normalizing the ACR and Dockerhub pushes
* removing the manual trigger after done testing
* Update .github/workflows/build.yml
removing missed an added whitespace
Co-authored-by: Micaiah Martin <77340197+mimartin12@users.noreply.github.com>
* fixing the EventsProcessor docker repo issue
* switching repos for EventsProcessor
Co-authored-by: Micaiah Martin <77340197+mimartin12@users.noreply.github.com>
* Added version bump workflow
* Updated action to use newly merged PR version
* Formatted YAML
* Refactored workflow to reduce runtime and move away from third party actions
* fixing release workflow app service deploys
* adding the release branch as a conditional to the docker-stub build
* Add in missing 'if' statement for 'release' branch in Docker Stub step
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* Adding a contraint around the new release branch strategy
* Adding a constraint on what CI code can be used to release the release branch
* updating the self host docker image building and releasing
* removing master branch release ci code execution
* updating some verbiage
* SqlServer split manage collection permission
* Clarify names
* Test claims generation
* Test permission serialization
* Simplify claims building
* Use new collections permissions
* Throw on use of deprecated permissions
* Lower case all claims
* Remove todos
* Clean nonexistent project from test solution
* JsonIgnore for both system and newtonsoft json
* Make migrations more robust to multiple runs
* remove duplicate usings
* Remove obsolete permissions
* Test solutions separately to detect failures
* Handle dos line endings
* Fix collections create/update permissions
* Change restore cipher to edit permissions
* Improve formatting
* Simplify map
* Refactor test
* unzipping the build artifact before building docker image
* adding some debugging
* trying without the unzip. Seems to unzip itself
* fixing the two remaining issues
* disabling the docker image build step
Splitting out the build artifacts and the docker containers. Making the QA deploy more streamlined with the new build pipeline. Disabling the prod workflow, but keeping it until we fully migrate our deploy processes over to the new flow.
* removing branch check on the deploy and forcing the rc branch
* adding the branch check back in for the manual release portion
* removing the old branch check
* removing the unneeded branch check
* deploying directly to the production slot of the App Service
* Update Azure Service Bus package
* adding a app service shutdown to qa
* reverting QA env deploy change
* Update qa-deploy workflow with debugging statement
* Disable start/stop in QA deploy workflow
* Fix UserKdf and UserApiKey migrations to only update null values (#1494)
* Add proper New Relic NuGet package for .NET 5
* Test NewRelic changes
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* Add Organizations to provider views
Remove enabled/disabled toggle from provider. It's currently not used.
* Remove provider Delete
There are implications to deleting providers on the organizations they manage.
We want to think through this flow before allowing delete from the
admin portal.
* Use toastr to display production exception messages.
Update build actions to upgrade npm to v7.
Use a custom error handler in production which displays a toast of the
exception message and redirect to the offending page
* Clarify provider create error message
* moving the docker versioning into the deploy since it is an actual deploy push
* removing the unneeded branch constraints
* adding in different branch constraint to deploy
* Update workflow for db migrations
* Remove typo
* Updating qa-deploy workflow for database migrations
* Test DB migrations on test database
* Remove test code
* Test inputs as boolean
* Update if statements to properly test for truth value
* Fix typo
* Add if to deploy so that it will execute always after database steps
* adding the EventProcessor docker container
* fixing the matrix name in the setup step
* changing the name of the EventsProcessor application
* adding the missing docker repo login as well as changing how we are setting the docker trust environment variables
* updating the qa deploy to dynamically pull the publish profile instead of proxying it through a key vault
* fixing the download-artifact hash
* fixing typo
* trying out the custom keyvault getter
* fixing the new deploy matrix
* fixing the custom action path
* setting custom action commit hash
* paramaterized the deploy job
* adding the staging slot to the publish profiles
* trying a custom way to pull the publishing profile
* removing the publish profile altogether since it might not even be needed
* removing unnecessary publish profile stuff
* removing the subscription id from the qa deploy workflow
* adding auto swap for QA identity
* adding the rest of the webapp slot swapping automation
* fixing the job dependencies
* fixing the matrix name variable and adding some debugging code
* removing admin and identity out of the matrix swap
* switching the alive check
* fixing the identity endpoint
* fixing the while loops
* adding in sleeps to see if it is a matrix issue
* running the matrix sequentially to see if that rids us of the slot swapping conflits
* removing the sleep command in the matrix
* removing the sequential controller
* disabling the build and deploy for swapping tests
* changing the live test a bit
* fixing the identity status url
* adding in a fail safe if not hit the alive endpoint
* fixing the azure secret names
* removing the debugging code
* Update QA Deploy Workflow (#1387)
* Testing workflow
* Add whitespace to workflow
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* fix release asset upload
* adding Version to release name
* restricting QA deploys to only manual trigger
* constraining all releases to the rc branch
* removing the release message update
* Fix K8S-Proxy image build and tag
* Update build script to remove unused PUSH and TAG features
* Update workflows
- Remove build.sh from root of repo as it's no longer used
- Update workflows to use matrix feature for parallelization
* Add Docker image build step and other projects
* Remove csproj filenames from steps
* Fix typo
* Fix directory for k8s-proxy image
* Move Docker stub and uploads out of matrix
* Change to block-style sequence for service_name matrix
* Add missing quote character
* Fix working directories of Dotnet steps
* Update step name
* Add checkout repo step to Upload job
* Add 'dotnet tool restore' step
* Fix Swagger directory
* Fix Swagger build step
* Fix Swagger build step (again)
* removing the unneeded docker repo keys
* adding some testing code
* fixing notary install location
* installed notary in home directory without relying on the PATH var
* adding notary config for testing
* commenting out branch conditionals so that the pipeline will run a test on a non-master/rc branch
* trying to track down the docker trust files
* changing to the home directory to install notary
* testing with out all of the notary testing stuff
* uncommenting the code after testing
* updating the release workflow with the delegate-2 key
* initial success caching test
* updating status testing
* fixing the fail check
* fixing bash if syntax
* changing the way of testing since you can't change workflow inputs between re-runs
* trying out different bash syntax
* removing the export to env
* adding in last run status check
* switching up the last_run_status file handling since it doesn't look like it is working correctly
* adding push trigger
* fixing typo
* adding date to the cache key and adding a bit more logging
* fixing restore key
* trying a different way of logging both successes and failures
* fixing typo
* reorganizing the random success/fail
* trying different bash
* fixing binary operator
* adding in success flag checks
* increasing the odds of success
* trying to fix weird problem
* changing dquotes to squotes
* testing failure and always() flow
* adding in a release pipeline
* adding in the manual trigger for the release pipeline
* fixing the bash for loop for tagging and switching to the rc image for release
* adding docker trust to the pull task
* fixing bash array typo
* removing build task
* adding the dotnet tool restore back in to hopefully restore swagger
* adding an Api build to build the swagger docs
* working on build workflow
* testing cache between jobs
* Adding in steps
* fixing the last line
* updating the build workflow
* adding manual trigger for build workflow
* moving the matrix values to the env section of the task
* changing the envs
* using env template replacement
* removing the unique id since I don't think I need it
* testing the cache
* commenting out the docker push
* adding the env vars back to the cache task
* adding envs to test
* fixing the path issue
* resetting the build workflow back to serial build/docker
* Adding in the qa release workflow
* removing unneccessary dependency
* parameterizing the project file names
* forcing gulp install
* installing gulp globally
* reorganizing to see if gulp works
* removing the awkward paths
* fixing typo
* commenting out all non-api matrix for easier testing
* trying to zip the build for deploy
* adding in the base path for the test
* replacing the web app name
* adding a specific slotname
* adding the env into the package path for the deployment
* trying to fix the zip
* setting up all of the other deploys
* switching the secrets over to be environment secrets
* adding in production automation with the deploys commented out
* removing the master branch from the QA deploy
* adding in the dependancy on the setup
* changing the tag
* trying a different ref
* renaming the deployment slot to staging
* trying a different slot name
* resetting the qa deploy to the original
* moving the secrets
* updating the qa deploy with the db reset/update stubs
* updating the deploy task dependencies
* adding missing update-db command placeholder
* trying a string for the inputs
* moving the input check into the steps instead of the job level so that the job completes
* testing azure kv
* fixing typo
* Change id to retrieve-secrets
* Fix typo
* testing the rest of the QA app service deployments
* updating the name of the QA AZ creds secret and migrating the disabled prod deploy jobs to use the prod AZ secrets
* adding in the additional key vault secrets and fixing some other mistakes
* fixing one of the other preview versions
* removing newline for testing commit
* fixing typo
* fixing a secret name typo
* moving the secrets to the env to test their outputs
* adding missing k
* Update build workflow with environment variables for Docker Trust
* removing the unneeded env vars
* Update build and release workflow using Azure secrets as env variables
* Clean up output of NuGet version
* Fix capitalization
* Fix variable names for Docker Trust Setup
* fixing the dashes in the env ids
* switching the dev tag for qa when pushing
* commenting out the test for the pipeline testing
* removing all of the testing code and blockers
Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
* updating the Build Action to sign docker images
* moving the DCT env var placement
* adding in some temp_test values to build/push the dev images
* testing dev docker signing
* debugging missing file
* adding manual creation of ~/.docker/trust/private since we are not building with DCT enabled
* updating the secret name for the delegation key passphrase
* removing debugging code