1
0
mirror of https://github.com/bitwarden/server.git synced 2024-11-22 12:15:36 +01:00
bitwarden-server/.github/workflows/qa-deploy.yml
Opeyemi f3b4363440
update ::set-output to latest (#2470)
* update ::set-output to latest

* update workflow for linter error
2022-12-05 16:12:42 +00:00

165 lines
5.3 KiB
YAML

---
name: QA Deploy
on:
workflow_dispatch:
inputs:
migrateDb:
required: true
default: "true"
resetDb:
required: true
default: "false"
jobs:
reset-db:
name: Reset Database
if: ${{ github.event.inputs.resetDb == 'true' }}
runs-on: ubuntu-20.04
steps:
- name: Reset Test Data - Stub
run: |
echo "placeholder for cleaning DB"
echo "placeholder for loading test dataset"
update-db:
name: Update Database
if: ${{ github.event.inputs.migrateDb == 'true' }}
runs-on: ubuntu-20.04
steps:
- name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with:
keyvault: "bitwarden-qa-kv"
secrets: "mssql-server-host,
mssql-admin-login,
mssql-admin-login-password"
- name: Migrate database
env:
MSSQL_HOST: ${{ steps.retrieve-secrets.outputs.mssql-server-host }}
MSSQL_USER: ${{ steps.retrieve-secrets.outputs.mssql-admin-login }}
MSSQL_PASS: ${{ steps.retrieve-secrets.outputs.mssql-admin-login-password }}
MSSQL_DATABASE: vault
MSSQL_MIGRATIONS_DIRECTORY: util/Migrator/DbScripts
run: |
echo "Running database migrations..."
$GITHUB_WORKSPACE/dev/helpers/mssql/run_migrations.sh -p
deploy:
name: Deploy
runs-on: ubuntu-20.04
if: always()
needs:
- reset-db
- update-db
strategy:
fail-fast: false
matrix:
include:
- name: Api
- name: Admin
- name: Billing
- name: Events
- name: Sso
- name: Identity
steps:
- name: Setup
id: setup
run: |
NAME_LOWER=$(echo "${{ matrix.name }}" | awk '{print tolower($0)}')
echo "Matrix name: ${{ matrix.name }}"
echo "NAME_LOWER: $NAME_LOWER"
echo "name_lower=$NAME_LOWER" >> $GITHUB_OUTPUT
BRANCH_NAME=$(echo "$GITHUB_REF" | sed "s#refs/heads/##g")
echo "GITHUB_REF: $GITHUB_REF"
echo "BRANCH_NAME: $BRANCH_NAME"
echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT
mkdir publish
- name: Create GitHub deployment for ${{ matrix.name }}
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
id: deployment
with:
token: '${{ secrets.GITHUB_TOKEN }}'
initial-status: 'in_progress'
environment: 'Server ${{ matrix.name }} - QA'
task: 'deploy'
description: 'Deploy from ${{ env.branch_name }} branch'
- name: Download latest ${{ matrix.name }} asset from ${{ env.branch_name }}
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a
env:
branch_name: ${{ steps.setup.outputs.branch_name }}
with:
workflow: build.yml
workflow_conclusion: success
branch: ${{ env.branch_name }}
artifacts: ${{ matrix.name }}.zip
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
env:
VAULT_NAME: "bitwarden-qa-kv"
run: |
webapp_name=$(
az keyvault secret show --vault-name $VAULT_NAME \
--name appservices-${{ steps.setup.outputs.name_lower }}-webapp-name \
--query value --output tsv
)
echo "::add-mask::$webapp_name"
echo "webapp-name=$webapp_name" >> $GITHUB_OUTPUT
- name: Stop App Service
env:
AZURE_RESOURCE_GROUP: "bw-qa-env"
run: |
az webapp stop --name ${{ steps.retrieve-secrets.outputs.webapp-name }} \
--resource-group $AZURE_RESOURCE_GROUP
- name: Deploy App
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with:
app-name: ${{ steps.retrieve-secrets.outputs.webapp-name }}
package: ./${{ matrix.name }}.zip
- name: Start App Service
env:
AZURE_RESOURCE_GROUP: "bw-qa-env"
run: |
az webapp start --name ${{ steps.retrieve-secrets.outputs.webapp-name }} \
--resource-group $AZURE_RESOURCE_GROUP
- name: Update ${{ matrix.name }} deployment status to Success
if: ${{ success() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'success'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
- name: Update ${{ matrix.name }} deployment status to Failure
if: ${{ failure() }}
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
with:
token: '${{ secrets.GITHUB_TOKEN }}'
state: 'failure'
deployment-id: ${{ steps.deployment.outputs.deployment_id }}