bitwarden-server/.github/workflows/build.yml

name: Build

on:
  push:
    branches-ignore:
      - 'l10n_master'
      - 'gh-pages'
  workflow_dispatch:
    inputs: {}

jobs:
  cloc:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout repo
        uses: actions/checkout@v2

      - name: Set up cloc
        run: |
          sudo apt-get update
          sudo apt-get -y install cloc          

      - name: Print lines of code
        run: cloc --include-lang C#,SQL,Razor,"Bourne Shell",PowerShell,HTML,CSS,Sass,JavaScript,TypeScript --vcs git

  testing:
    runs-on: windows-latest
    steps:
      - name: Set up NuGet
        uses: nuget/setup-nuget@v1
        with:
          nuget-version: 'latest'

      - name: Set up MSBuild
        uses: microsoft/setup-msbuild@v1

      - name: Set up Node
        uses: actions/setup-node@v1
        with:
          node-version: '10.x'

      - name: Print environment
        run: |
          nuget help | grep "Version"
          msbuild -version
          dotnet --info
          node --version
          npm --version
          Write-Output "GitHub ref: $env:GITHUB_REF"
          Write-Output "GitHub event: $env:GITHUB_EVENT"          
        shell: pwsh
        env:
          GITHUB_REF: ${{ github.ref }}
          GITHUB_EVENT: ${{ github.event_name }}

      - name: Checkout repo
        uses: actions/checkout@v2

      - name: Restore
        run: msbuild /t:restore
        shell: pwsh

      - name: Build solution
        run: msbuild bitwarden-server.sln /p:Configuration=Debug /verbosity:minimal
        shell: pwsh

      - name: Test solution
        run: dotnet test .\test\Core.Test\Core.Test.csproj --configuration Debug --no-build
        shell: pwsh

  build:
    runs-on: ubuntu-latest
    needs: testing
    steps:
      - name: Set up Node
        uses: actions/setup-node@v1
        with:
          node-version: '10.x'

      - name: Set up gulp
        run: npm i -g gulp

      - name: Print environment
        run: |
          whoami
          dotnet --info
          node --version
          npm --version
          gulp --version
          docker --version
          Write-Output "GitHub ref: $env:GITHUB_REF"
          Write-Output "GitHub event: $env:GITHUB_EVENT"          
        shell: pwsh
        env:
          GITHUB_REF: ${{ github.ref }}
          GITHUB_EVENT: ${{ github.event_name }}

      - name: Login to Azure
        uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
        with:
          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}

      - name: Retrieve secrets
        id: retrieve-secrets
        uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
        with:
          keyvault: "bitwarden-prod-kv"
          secrets: "docker-password, 
                    docker-username,
                    dct-delegate-2-repo-passphrase,
                    dct-delegate-2-key"

      - name: Log into docker
        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
        run: echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin
        env:
          DOCKER_USERNAME: ${{ steps.retrieve-secrets.outputs.docker-username }}
          DOCKER_PASSWORD: ${{ steps.retrieve-secrets.outputs.docker-password }}

      - name: Setup Docker Trust
        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
        run: |
          mkdir -p ~/.docker/trust/private

          echo "$DCT_DELEGATE_KEY" > ~/.docker/trust/private/$DCT_DELEGATION_KEY_ID.key          
        env:
          DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c"
          DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }}

      - name: Checkout repo
        uses: actions/checkout@v2

      - name: Restore
        run: dotnet tool restore

      - name: Build
        run: |
          chmod +x ./build.sh
          ./build.sh          

      - name: Tag rc branch
        if: github.ref == 'refs/heads/rc'
        run: ./build.sh tag rc

      - name: Tag dev
        if: github.ref == 'refs/heads/master'
        run: ./build.sh tag dev

      - name: List docker images
        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
        run: docker images

      - name: Push rc images
        if: github.ref == 'refs/heads/rc'
        run: ./build.sh push rc 
        env:
          DOCKER_CONTENT_TRUST: 1
          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}

      - name: Push dev images
        if: github.ref == 'refs/heads/master'
        run: ./build.sh push dev
        env:
          DOCKER_CONTENT_TRUST: 1
          DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}

      - name: Make docker stub
        run: |
          STUB_OUTPUT=$(pwd)/docker-stub
          docker run -i --rm --name setup -v $STUB_OUTPUT:/bitwarden bitwarden/setup:dev \
            dotnet Setup.dll -stub 1 -install 1 -domain bitwarden.example.com -os lin
          sudo chown -R $(whoami):$(whoami) $STUB_OUTPUT
          rm -rf $STUB_OUTPUT/letsencrypt
          rm $STUB_OUTPUT/env/uid.env $STUB_OUTPUT/config.yml
          touch $STUB_OUTPUT/env/uid.env
          cd docker-stub; zip -r ../docker-stub.zip *; cd ..          

      - name: Upload docker stub artifact
        uses: actions/upload-artifact@v2
        with:
          name: docker-stub.zip
          path: ./docker-stub.zip

      - name: Build swagger
        run: |
          cd ./src/Api
          dotnet swagger tofile --output ../../swagger.json --host https://api.bitwarden.com `
            ./obj/Docker/publish/Api/Api.dll public
          cd ../..          
        shell: pwsh
        env:
          ASPNETCORE_ENVIRONMENT: Production
          swaggerGen: 'True'

      - name: Upload swagger artifact
        uses: actions/upload-artifact@v2
        with:
          name: swagger.json
          path: ./swagger.json

      - name: Log out of docker
        if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc'
        run: docker logout