nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-07-01 08:02:49 -05:00
Code Activity

Update qa env (#1504)

Browse Source 
* deploying directly to the production slot of the App Service

* Update Azure Service Bus package

* adding a app service shutdown to qa

* reverting QA env deploy change

* Update qa-deploy workflow with debugging statement

* Disable start/stop in QA deploy workflow

* Fix UserKdf and UserApiKey migrations to only update null values (#1494)

* Add proper New Relic NuGet package for .NET 5

* Test NewRelic changes

Co-authored-by: Vince Grassia <593223+vgrassia@users.noreply.github.com>
This commit is contained in:
Joseph Flinn
2021-08-10 11:15:16 -07:00
committed by GitHub
parent 842a1c2e37
commit 2e1df91232
16 changed files with 60 additions and 147 deletions
Download Patch File Download Diff File Expand all files Collapse all files

150
.github/workflows/qa-deploy.yml vendored
View File

@ -152,6 +152,7 @@ jobs:
run: |
echo "Running database migrations..."
for f in `ls -v ./*.sql`; do
echo "Executing file: ${f}..."
sqlcmd -S $MSSQL_HOST -d vault -U $MSSQL_USER -P $MSSQL_PASS -I -i $f
done;
@ -201,6 +202,12 @@ jobs:
echo "::add-mask::$webapp_name"
echo "::set-output name=webapp-name::$webapp_name"
- name: Stop App Service
if: false
env:
AZURE_RESOURCE_GROUP: "bw-qa-env"
run: az webapp stop --name ${{ steps.retrieve-secrets.outputs.webapp-name }} --resource-group $AZURE_RESOURCE_GROUP
- name: Deploy App
uses: azure/webapps-deploy@798e43877120eda6a2a690a4f212c545e586ae31
with:
@ -208,143 +215,8 @@ jobs:
slot-name: "staging"
package: ./${{ matrix.name }}.zip
swap-identity:
runs-on: ubuntu-latest
needs: deploy
steps:
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
- name: Start App Service
if: false
env:
VAULT_NAME: "bitwarden-qa-kv"
run: |
identity_webapp_name=$(az keyvault secret show --vault-name $VAULT_NAME --name appservices-identity-webapp-name --query value --output tsv)
echo "::add-mask::$identity_webapp_name"
echo "::set-output name=identity-webapp-name::$identity_webapp_name"
- name: Start staging slot
run: az webapp start --name ${{ steps.retrieve-secrets.outputs.identity-webapp-name }} --resource-group bitwarden-qa --slot staging
- name: Make sure staging endpoint is alive
run: |
SUCCESS="no"
while read OUTPUT
do
STATUS=$( curl -is https://${{ steps.retrieve-secrets.outputs.identity-webapp-name }}-staging.azurewebsites.net/.well-known/openid-configuration/jwks | head -1 )
if [[ "$STATUS" == *"200 OK"* ]]; then
echo "It is live!"
SUCCESS="yes"
break
fi
echo -e "STAUS=$STATUS\nRetrying: $OUTPUT"
sleep 4;
done < <(seq 15)
if [[ "$SUCCESS" == "no" ]]; then
exit 1
fi
- name: Swap Identity
run: az webapp deployment slot swap -g bitwarden-qa -n ${{ steps.retrieve-secrets.outputs.identity-webapp-name }} --slot staging --target-slot production
- name: Stop staging slot
run: az webapp stop --name ${{ steps.retrieve-secrets.outputs.identity-webapp-name }} --resource-group bitwarden-qa --slot staging
swap-slots:
runs-on: ubuntu-latest
needs: swap-identity
strategy:
fail-fast: false
matrix:
include:
- name: Api
- name: Billing
- name: Events
- name: Sso
- name: Portal
steps:
- name: Setup
id: setup
run: |
NAME_LOWER=$(echo "${{ matrix.name }}" | awk '{print tolower($0)}')
echo "::set-output name=name_lower::$NAME_LOWER"
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
env:
VAULT_NAME: "bitwarden-qa-kv"
run: |
webapp_name=$(az keyvault secret show --vault-name $VAULT_NAME --name appservices-${{ steps.setup.outputs.name_lower }}-webapp-name --query value --output tsv)
echo "::add-mask::$webapp_name"
echo "::set-output name=webapp-name::$webapp_name"
- name: Start staging slot
run: az webapp start --name ${{ steps.retrieve-secrets.outputs.webapp-name }} --resource-group bitwarden-qa --slot staging
- name: Make sure staging endpoint is alive
run: |
SUCCESS="no"
while read OUTPUT
do
STATUS=$( curl -is https://${{ steps.retrieve-secrets.outputs.webapp-name }}-staging.azurewebsites.net/alive | head -1 )
if [[ "$STATUS" == *"200 OK"* ]]; then
echo "It is live!"
SUCCESS="yes"
break
fi
echo -e "STAUS=$STATUS\nRetrying: $OUTPUT"
sleep 4;
done < <(seq 15)
if [[ "$SUCCESS" == "no" ]]; then
exit 1
fi
- name: Swap slots
run: az webapp deployment slot swap -g bitwarden-qa -n ${{ steps.retrieve-secrets.outputs.webapp-name }} --slot staging --target-slot production
- name: Stop staging slot
run: az webapp stop --name ${{ steps.retrieve-secrets.outputs.webapp-name }} --resource-group bitwarden-qa --slot staging
swap-admin:
runs-on: ubuntu-latest
needs: swap-slots
steps:
- name: Login to Azure
uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a
with:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Retrieve secrets
id: retrieve-secrets
env:
VAULT_NAME: "bitwarden-qa-kv"
run: |
admin_webapp_name=$(az keyvault secret show --vault-name $VAULT_NAME --name appservices-admin-webapp-name --query value --output tsv)
echo "::add-mask::$admin_webapp_name"
echo "::set-output name=admin-webapp-name::$admin_webapp_name"
- name: Start staging slot
run: az webapp start --name ${{ steps.retrieve-secrets.outputs.admin-webapp-name }} --resource-group bitwarden-qa --slot staging
- name: Make sure staging endpoint is alive
run: |
sleep 60 # I don't think the admin portal has an alive endpoint
- name: Swap Admin
run: az webapp deployment slot swap -g bitwarden-qa -n ${{ steps.retrieve-secrets.outputs.admin-webapp-name }} --slot staging --target-slot production
- name: Stop staging slot
run: az webapp stop --name ${{ steps.retrieve-secrets.outputs.admin-webapp-name }} --resource-group bitwarden-qa --slot staging
AZURE_RESOURCE_GROUP: "bw-qa-env"
run: az webapp start --name ${{ steps.retrieve-secrets.outputs.webapp-name }} --resource-group $AZURE_RESOURCE_GROUP