nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Update workflows with linter suggestions (#1562)

Browse Source 
* Update workflows with linter suggestions

* Update workflows with linter suggestions
This commit is contained in:
Vince Grassia 2021-09-02 16:03:28 -04:00 committed by GitHub
parent 97307c0852
commit 1d3c7cc936
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 61 additions and 50 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.github/workflows/build.yml vendored
View File

@ -1,3 +1,4 @@
---
name: Build name: Build
on: on:
@ -173,7 +174,7 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "docker-password, secrets: "docker-password,
docker-username, docker-username,
dct-delegate-2-repo-passphrase, dct-delegate-2-repo-passphrase,
dct-delegate-2-key" dct-delegate-2-key"

13
.github/workflows/linter.yml vendored
View File

@ -1,13 +1,14 @@
---
name: Workflow Linter name: Workflow Linter
on: on:
push: push:
branches: add-workflow-linter branches: add-workflow-linter
# branches-ignore: # branches-ignore:
# - 'l10n_master' # - 'l10n_master'
# - 'gh-pages' # - 'gh-pages'
# workflow_dispatch: # workflow_dispatch:
# inputs: {} # inputs: {}
jobs: jobs:
cloc: cloc:
@ -15,7 +16,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4
- name: Install cloc - name: Install cloc
run: | run: |

73
.github/workflows/prod-deploy.yml vendored
View File

@ -1,3 +1,4 @@
---
name: Prod Deploy name: Prod Deploy
on: on:
@ -12,6 +13,7 @@ on:
jobs: jobs:
setup: setup:
name: Setup
runs-on: ubuntu-latest runs-on: ubuntu-latest
outputs: outputs:
package_version: ${{ steps.create_tags.outputs.package_version }} package_version: ${{ steps.create_tags.outputs.package_version }}
@ -53,7 +55,7 @@ jobs:
env: env:
RELEASE_TAG_NAME_INPUT: ${{ github.event.inputs.release_tag_name_input }} RELEASE_TAG_NAME_INPUT: ${{ github.event.inputs.release_tag_name_input }}
- name: test outputs - name: Test outputs
run: | run: |
echo "Package Version: ${{ steps.create_tags.outputs.package_version }}" echo "Package Version: ${{ steps.create_tags.outputs.package_version }}"
echo "Tag Version: ${{ steps.create_tags.outputs.tag_version }}" echo "Tag Version: ${{ steps.create_tags.outputs.tag_version }}"
@ -82,8 +84,7 @@ jobs:
- setup - setup
- sso - sso
env: env:
PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }} _PACKAGE_VERSION: ${{ needs.setup.outputs.package_version }}
TAG_VERSION: ${{ needs.setup.outputs.tag_version }}
steps: steps:
- name: Print environment - name: Print environment
run: | run: |
@ -102,7 +103,7 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "docker-password, secrets: "docker-password,
docker-username, docker-username,
dct-delegate-2-repo-passphrase, dct-delegate-2-repo-passphrase,
dct-delegate-2-key" dct-delegate-2-key"
@ -121,7 +122,7 @@ jobs:
env: env:
DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c" DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c"
DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }} DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }}
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
@ -134,7 +135,7 @@ jobs:
- name: Re-tag Docker images - name: Re-tag Docker images
run: | run: |
docker tag bitwarden/${{ matrix.service_name }}:rc bitwarden/${{ matrix.service_name }}:latest docker tag bitwarden/${{ matrix.service_name }}:rc bitwarden/${{ matrix.service_name }}:latest
docker tag bitwarden/${{ matrix.service_name }}:rc bitwarden/${{ matrix.service_name }}:$PACKAGE_VERSION docker tag bitwarden/${{ matrix.service_name }}:rc bitwarden/${{ matrix.service_name }}:$_PACKAGE_VERSION
- name: List Docker images - name: List Docker images
run: docker images run: docker images
@ -142,7 +143,7 @@ jobs:
- name: Push Docker images - name: Push Docker images
run: | run: |
docker push bitwarden/${{ matrix.service_name }}:latest docker push bitwarden/${{ matrix.service_name }}:latest
docker push bitwarden/${{ matrix.service_name }}:$PACKAGE_VERSION docker push bitwarden/${{ matrix.service_name }}:$_PACKAGE_VERSION
env: env:
DOCKER_CONTENT_TRUST: 1 DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }} DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}
@ -152,6 +153,7 @@ jobs:
build: build:
name: Build
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: setup needs: setup
strategy: strategy:
@ -178,13 +180,12 @@ jobs:
- name: Identity - name: Identity
base_path: . base_path: .
env: env:
PKG_VERSION: ${{ needs.setup.outputs.package_version }} _TAG_VERSION: ${{ needs.setup.outputs.tag_version }}
TAG_VERSION: ${{ needs.setup.outputs.tag_version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
with: with:
ref: ${{ env.TAG_VERSION }} ref: ${{ env._TAG_VERSION }}
- name: Set up Node - name: Set up Node
uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea
@ -202,7 +203,7 @@ jobs:
npm --version npm --version
gulp --version gulp --version
- name: load env vars - name: Load env vars
run: | run: |
echo "Base Path: ${BASE_PATH}" echo "Base Path: ${BASE_PATH}"
echo "Name: ${NAME}" echo "Name: ${NAME}"
@ -255,6 +256,7 @@ jobs:
deploy-identity: deploy-identity:
name: Deploy Identity
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
steps: steps:
@ -273,19 +275,20 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "appservices-identity-webapp-name, secrets: "appservices-identity-webapp-name,
appservices-identity-webapp-publish-profile" appservices-identity-webapp-publish-profile"
- name: Deploy Identity - name: Deploy Identity
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31 uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with: with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-identity-webapp-name }} app-name: ${{ steps.retrieve-secrets.outputs.appservices-identity-webapp-name }}
slot-name: "staging" slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-identity-webapp-publish-profile }} publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-identity-webapp-publish-profile }}
package: ./Identity.zip package: ./Identity.zip
deploy-api: deploy-api:
name: Deploy API
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
steps: steps:
@ -304,19 +307,20 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "appservices-api-webapp-name, secrets: "appservices-api-webapp-name,
appservices-api-webapp-publish-profile" appservices-api-webapp-publish-profile"
- name: Deploy Api - name: Deploy Api
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31 uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with: with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-api-webapp-name }} app-name: ${{ steps.retrieve-secrets.outputs.appservices-api-webapp-name }}
slot-name: "staging" slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-api-webapp-publish-profile }} publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-api-webapp-publish-profile }}
package: ./Api.zip package: ./Api.zip
deploy-billing: deploy-billing:
name: Deploy Billing
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
steps: steps:
@ -335,19 +339,20 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "appservices-billing-webapp-name, secrets: "appservices-billing-webapp-name,
appservices-billing-webapp-publish-profile" appservices-billing-webapp-publish-profile"
- name: Deploy Billing - name: Deploy Billing
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31 uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with: with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-billing-webapp-name }} app-name: ${{ steps.retrieve-secrets.outputs.appservices-billing-webapp-name }}
slot-name: "staging" slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-billing-webapp-publish-profile }} publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-billing-webapp-publish-profile }}
package: ./Billing.zip package: ./Billing.zip
deploy-events: deploy-events:
name: Deploy Events
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
steps: steps:
@ -366,19 +371,20 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "appservices-events-webapp-name, secrets: "appservices-events-webapp-name,
appservices-events-webapp-publish-profile" appservices-events-webapp-publish-profile"
- name: Deploy Events - name: Deploy Events
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31 uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with: with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-events-webapp-name }} app-name: ${{ steps.retrieve-secrets.outputs.appservices-events-webapp-name }}
slot-name: "staging" slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-events-webapp-publish-profile }} publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-events-webapp-publish-profile }}
package: ./Events.zip package: ./Events.zip
deploy-sso: deploy-sso:
name: Deploy SSO
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
steps: steps:
@ -397,19 +403,20 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "appservices-sso-webapp-name, secrets: "appservices-sso-webapp-name,
appservices-sso-webapp-publish-profile" appservices-sso-webapp-publish-profile"
- name: Deploy SSO - name: Deploy SSO
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31 uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with: with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-sso-webapp-name }} app-name: ${{ steps.retrieve-secrets.outputs.appservices-sso-webapp-name }}
slot-name: "staging" slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-sso-webapp-publish-profile }} publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-sso-webapp-publish-profile }}
package: ./Sso.zip package: ./Sso.zip
deploy-portal: deploy-portal:
name: Deploy Portal
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
steps: steps:
@ -428,19 +435,20 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "appservices-portal-webapp-name, secrets: "appservices-portal-webapp-name,
appservices-portal-webapp-publish-profile" appservices-portal-webapp-publish-profile"
- name: Deploy Portal - name: Deploy Portal
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31 uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with: with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-portal-webapp-name }} app-name: ${{ steps.retrieve-secrets.outputs.appservices-portal-webapp-name }}
slot-name: "staging" slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-portal-webapp-publish-profile }} publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-portal-webapp-publish-profile }}
package: ./Portal.zip package: ./Portal.zip
deploy-admin: deploy-admin:
name: Deploy Admin
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: build needs: build
steps: steps:
@ -459,14 +467,13 @@ jobs:
uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "appservices-admin-webapp-name, secrets: "appservices-admin-webapp-name,
appservices-admin-webapp-publish-profile" appservices-admin-webapp-publish-profile"
- name: Deploy Admin - name: Deploy Admin
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31 uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with: with:
app-name: ${{ steps.retrieve-secrets.outputs.appservices-admin-webapp-name }} app-name: ${{ steps.retrieve-secrets.outputs.appservices-admin-webapp-name }}
slot-name: "staging" slot-name: "staging"
publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-admin-webapp-publish-profile }} publish-profile: ${{ steps.retrieve-secrets.outputs.appservices-admin-webapp-publish-profile }}
package: ./Admin.zip package: ./Admin.zip

13
.github/workflows/qa-deploy.yml vendored
View File

@ -1,8 +1,9 @@
---
name: QA Deploy name: QA Deploy
on: on:
workflow_dispatch: workflow_dispatch:
inputs: inputs:
migrateDb: migrateDb:
required: true required: true
default: "true" default: "true"
@ -12,6 +13,7 @@ on:
jobs: jobs:
build: build:
name: Build
runs-on: ubuntu-latest runs-on: ubuntu-latest
strategy: strategy:
fail-fast: false fail-fast: false
@ -154,13 +156,14 @@ jobs:
for f in `ls -v ./*.sql`; do for f in `ls -v ./*.sql`; do
echo "Executing file: ${f}..." echo "Executing file: ${f}..."
sqlcmd -S $MSSQL_HOST -d vault -U $MSSQL_USER -P $MSSQL_PASS -I -i $f sqlcmd -S $MSSQL_HOST -d vault -U $MSSQL_USER -P $MSSQL_PASS -I -i $f
done; done;
deploy: deploy:
name: Deploy
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: always() if: always()
needs: needs:
- reset-db - reset-db
- update-db - update-db
strategy: strategy:
@ -196,7 +199,7 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
env: env:
VAULT_NAME: "bitwarden-qa-kv" VAULT_NAME: "bitwarden-qa-kv"
run: | run: |
webapp_name=$(az keyvault secret show --vault-name $VAULT_NAME --name appservices-${{ steps.setup.outputs.name_lower }}-webapp-name --query value --output tsv) webapp_name=$(az keyvault secret show --vault-name $VAULT_NAME --name appservices-${{ steps.setup.outputs.name_lower }}-webapp-name --query value --output tsv)
echo "::add-mask::$webapp_name" echo "::add-mask::$webapp_name"
@ -205,5 +208,5 @@ jobs:
- name: Deploy App - name: Deploy App
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31 uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with: with:
app-name: ${{ steps.retrieve-secrets.outputs.webapp-name }} app-name: ${{ steps.retrieve-secrets.outputs.webapp-name }}
package: ./${{ matrix.name }}.zip package: ./${{ matrix.name }}.zip

9
.github/workflows/release.yml vendored
View File

@ -1,3 +1,4 @@
---
name: Release name: Release
on: on:
@ -13,7 +14,6 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
outputs: outputs:
release_upload_url: ${{ steps.create_release.outputs.upload_url }} release_upload_url: ${{ steps.create_release.outputs.upload_url }}
release_version: ${{ steps.create_tags.outputs.package_version }}
tag_version: ${{ steps.create_tags.outputs.tag_version }} tag_version: ${{ steps.create_tags.outputs.tag_version }}
steps: steps:
- name: Branch check - name: Branch check
@ -66,11 +66,10 @@ jobs:
upload: upload:
name: Upload name: Upload
runs-on: ubuntu-latest runs-on: ubuntu-latest
needs: needs:
- setup - setup
env: env:
RELEASE_VERSION: ${{ needs.setup.outputs.release_version }} _TAG_VERSION: ${{ needs.setup.outputs.tag_version }}
TAG_VERSION: ${{ needs.setup.outputs.tag_version }}
steps: steps:
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
@ -124,6 +123,6 @@ jobs:
-a ./swagger.json \ -a ./swagger.json \
-a ./docker-stub.zip \ -a ./docker-stub.zip \
-m "" \ -m "" \
$TAG_VERSION $_TAG_VERSION
env: env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}