mirror of
https://github.com/bitwarden/server.git
synced 2024-11-22 12:15:36 +01:00
f3b4363440
* update ::set-output to latest * update workflow for linter error
165 lines
5.3 KiB
YAML
165 lines
5.3 KiB
YAML
---
|
|
name: QA Deploy
|
|
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
migrateDb:
|
|
required: true
|
|
default: "true"
|
|
resetDb:
|
|
required: true
|
|
default: "false"
|
|
|
|
jobs:
|
|
reset-db:
|
|
name: Reset Database
|
|
if: ${{ github.event.inputs.resetDb == 'true' }}
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- name: Reset Test Data - Stub
|
|
run: |
|
|
echo "placeholder for cleaning DB"
|
|
echo "placeholder for loading test dataset"
|
|
|
|
|
|
update-db:
|
|
name: Update Database
|
|
if: ${{ github.event.inputs.migrateDb == 'true' }}
|
|
runs-on: ubuntu-20.04
|
|
steps:
|
|
- name: Checkout repo
|
|
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
|
|
|
|
- name: Login to Azure
|
|
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
|
|
with:
|
|
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
|
|
|
|
- name: Retrieve secrets
|
|
id: retrieve-secrets
|
|
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
|
|
with:
|
|
keyvault: "bitwarden-qa-kv"
|
|
secrets: "mssql-server-host,
|
|
mssql-admin-login,
|
|
mssql-admin-login-password"
|
|
|
|
- name: Migrate database
|
|
env:
|
|
MSSQL_HOST: ${{ steps.retrieve-secrets.outputs.mssql-server-host }}
|
|
MSSQL_USER: ${{ steps.retrieve-secrets.outputs.mssql-admin-login }}
|
|
MSSQL_PASS: ${{ steps.retrieve-secrets.outputs.mssql-admin-login-password }}
|
|
MSSQL_DATABASE: vault
|
|
MSSQL_MIGRATIONS_DIRECTORY: util/Migrator/DbScripts
|
|
run: |
|
|
echo "Running database migrations..."
|
|
$GITHUB_WORKSPACE/dev/helpers/mssql/run_migrations.sh -p
|
|
|
|
|
|
deploy:
|
|
name: Deploy
|
|
runs-on: ubuntu-20.04
|
|
if: always()
|
|
needs:
|
|
- reset-db
|
|
- update-db
|
|
strategy:
|
|
fail-fast: false
|
|
matrix:
|
|
include:
|
|
- name: Api
|
|
- name: Admin
|
|
- name: Billing
|
|
- name: Events
|
|
- name: Sso
|
|
- name: Identity
|
|
steps:
|
|
- name: Setup
|
|
id: setup
|
|
run: |
|
|
NAME_LOWER=$(echo "${{ matrix.name }}" | awk '{print tolower($0)}')
|
|
echo "Matrix name: ${{ matrix.name }}"
|
|
echo "NAME_LOWER: $NAME_LOWER"
|
|
echo "name_lower=$NAME_LOWER" >> $GITHUB_OUTPUT
|
|
|
|
BRANCH_NAME=$(echo "$GITHUB_REF" | sed "s#refs/heads/##g")
|
|
echo "GITHUB_REF: $GITHUB_REF"
|
|
echo "BRANCH_NAME: $BRANCH_NAME"
|
|
echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT
|
|
mkdir publish
|
|
|
|
- name: Create GitHub deployment for ${{ matrix.name }}
|
|
uses: chrnorm/deployment-action@1b599fe41a0ef1f95191e7f2eec4743f2d7dfc48
|
|
id: deployment
|
|
with:
|
|
token: '${{ secrets.GITHUB_TOKEN }}'
|
|
initial-status: 'in_progress'
|
|
environment: 'Server ${{ matrix.name }} - QA'
|
|
task: 'deploy'
|
|
description: 'Deploy from ${{ env.branch_name }} branch'
|
|
|
|
- name: Download latest ${{ matrix.name }} asset from ${{ env.branch_name }}
|
|
uses: bitwarden/gh-actions/download-artifacts@850faad0cf6c02a8c0dc46eddde2363fbd6c373a
|
|
env:
|
|
branch_name: ${{ steps.setup.outputs.branch_name }}
|
|
with:
|
|
workflow: build.yml
|
|
workflow_conclusion: success
|
|
branch: ${{ env.branch_name }}
|
|
artifacts: ${{ matrix.name }}.zip
|
|
|
|
- name: Login to Azure
|
|
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
|
|
with:
|
|
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
|
|
|
|
- name: Retrieve secrets
|
|
id: retrieve-secrets
|
|
env:
|
|
VAULT_NAME: "bitwarden-qa-kv"
|
|
run: |
|
|
webapp_name=$(
|
|
az keyvault secret show --vault-name $VAULT_NAME \
|
|
--name appservices-${{ steps.setup.outputs.name_lower }}-webapp-name \
|
|
--query value --output tsv
|
|
)
|
|
echo "::add-mask::$webapp_name"
|
|
echo "webapp-name=$webapp_name" >> $GITHUB_OUTPUT
|
|
|
|
- name: Stop App Service
|
|
env:
|
|
AZURE_RESOURCE_GROUP: "bw-qa-env"
|
|
run: |
|
|
az webapp stop --name ${{ steps.retrieve-secrets.outputs.webapp-name }} \
|
|
--resource-group $AZURE_RESOURCE_GROUP
|
|
|
|
- name: Deploy App
|
|
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
|
|
with:
|
|
app-name: ${{ steps.retrieve-secrets.outputs.webapp-name }}
|
|
package: ./${{ matrix.name }}.zip
|
|
|
|
- name: Start App Service
|
|
env:
|
|
AZURE_RESOURCE_GROUP: "bw-qa-env"
|
|
run: |
|
|
az webapp start --name ${{ steps.retrieve-secrets.outputs.webapp-name }} \
|
|
--resource-group $AZURE_RESOURCE_GROUP
|
|
|
|
- name: Update ${{ matrix.name }} deployment status to Success
|
|
if: ${{ success() }}
|
|
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
|
|
with:
|
|
token: '${{ secrets.GITHUB_TOKEN }}'
|
|
state: 'success'
|
|
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
|
|
|
|
- name: Update ${{ matrix.name }} deployment status to Failure
|
|
if: ${{ failure() }}
|
|
uses: chrnorm/deployment-status@07b3930847f65e71c9c6802ff5a402f6dfb46b86
|
|
with:
|
|
token: '${{ secrets.GITHUB_TOKEN }}'
|
|
state: 'failure'
|
|
deployment-id: ${{ steps.deployment.outputs.deployment_id }}
|