diff --git a/.github/workflows/build-self-host.yml b/.github/workflows/build-self-host.yml index f8e2ec07f8..090e8fb8a7 100644 --- a/.github/workflows/build-self-host.yml +++ b/.github/workflows/build-self-host.yml @@ -45,7 +45,7 @@ jobs: creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} - name: Login to Azure ACR - run: az acr login -n bitwardenqa + run: az acr login -n bitwardenprod - name: Login to Azure - Prod Subscription uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf @@ -108,9 +108,9 @@ jobs: IMAGE_TAG: ${{ steps.tag.outputs.image_tag }} run: | if [ "$IMAGE_TAG" = "dev" ] || [ "$IMAGE_TAG" = "beta" ]; then - echo "tags=bitwardenqa.azurecr.io/self-host:${IMAGE_TAG},bitwarden/self-host:${IMAGE_TAG}" >> $GITHUB_OUTPUT + echo "tags=bitwardenprod.azurecr.io/self-host:${IMAGE_TAG},bitwarden/self-host:${IMAGE_TAG}" >> $GITHUB_OUTPUT else - echo "tags=bitwardenqa.azurecr.io/self-host:${IMAGE_TAG}" >> $GITHUB_OUTPUT + echo "tags=bitwardenprod.azurecr.io/self-host:${IMAGE_TAG}" >> $GITHUB_OUTPUT fi - name: Build Docker image diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 9845c2ed2a..bc2cec89d1 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -191,65 +191,65 @@ jobs: include: - project_name: Admin base_path: ./src - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: Api base_path: ./src - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: Attachments base_path: ./util - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] - project_name: Events base_path: ./src - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: EventsProcessor base_path: ./src - docker_repos: [bitwardenqa.azurecr.io] + docker_repos: [bitwardenprod.azurecr.io] dotnet: true - project_name: Icons base_path: ./src - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: Identity base_path: ./src - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: MsSql base_path: ./util - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] - project_name: Nginx base_path: ./util - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] - project_name: Notifications base_path: ./src - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: Server base_path: ./util - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: Setup base_path: ./util - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: Sso base_path: ./bitwarden_license/src - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: Scim base_path: ./bitwarden_license/src - docker_repos: [bitwarden, bitwardenqa.azurecr.io] + docker_repos: [bitwarden, bitwardenprod.azurecr.io] dotnet: true - project_name: Billing base_path: ./src - docker_repos: [bitwardenqa.azurecr.io] + docker_repos: [bitwardenprod.azurecr.io] dotnet: true steps: - name: Checkout repo uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - + - name: Set up image tag run: | IMAGE_TAG=$(echo "${GITHUB_REF:11}" | sed "s#/#-#g") # slash safe branch name @@ -285,27 +285,6 @@ jobs: PROJECT_NAME: ${{ steps.setup.outputs.project_name }} run: docker build -t $PROJECT_NAME ${{ matrix.base_path }}/${{ matrix.project_name }} - ########## QA ACR ########## - - name: Login to Azure - QA Subscription - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf - with: - creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} - - - name: Login to QA ACR - run: az acr login -n bitwardenqa - - - name: Tag and push image to QA ACR - env: - PROJECT_NAME: ${{ steps.setup.outputs.project_name }} - REGISTRY: bitwardenqa.azurecr.io - run: | - docker tag $PROJECT_NAME \ - $REGISTRY/$PROJECT_NAME:${{ env.IMAGE_TAG }} - docker push $REGISTRY/$PROJECT_NAME:${{ env.IMAGE_TAG }} - - - name: Log out of Docker - run: docker logout - ########## PROD ACR ########## - name: Login to Azure - PROD Subscription uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf diff --git a/.github/workflows/cleanup-after-pr.yml b/.github/workflows/cleanup-after-pr.yml index 696d84c8f4..5fc34700fb 100644 --- a/.github/workflows/cleanup-after-pr.yml +++ b/.github/workflows/cleanup-after-pr.yml @@ -14,18 +14,18 @@ jobs: uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f ########## ACR ########## - - name: Login to Azure - QA Subscription + - name: Login to Azure - PROD Subscription uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a with: - creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} + creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Login to Azure ACR - run: az acr login -n bitwardenqa + run: az acr login -n bitwardenprod ########## Remove Docker images ########## - name: Remove the docker image from ACR env: - REGISTRY_NAME: bitwardenqa + REGISTRY_NAME: bitwardenprod SERVICES: | services: - Admin diff --git a/.github/workflows/container-registry-purge.yml b/.github/workflows/container-registry-purge.yml index 8c9db2cbbd..b00b627809 100644 --- a/.github/workflows/container-registry-purge.yml +++ b/.github/workflows/container-registry-purge.yml @@ -11,28 +11,15 @@ jobs: purge: name: Purge old images runs-on: ubuntu-20.04 - strategy: - fail-fast: false - matrix: - include: - - name: bitwardenqa - - name: bitwardenprod steps: - name: Login to Azure - if: matrix.name == 'bitwardenprod' uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - - name: Login to Azure - if: matrix.name == 'bitwardenqa' - uses: Azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf - with: - creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} - - name: Purge images env: - REGISTRY: ${{ matrix.name }} + REGISTRY: bitwardenprod AGO_DUR_VER: "180d" AGO_DUR: "30d" run: | diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 70f46ab4c7..fb1e5adc6d 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -188,7 +188,7 @@ jobs: origin_docker_repo: bitwarden - project_name: EventsProcessor prod_acr: true - origin_docker_repo: bitwardenqa.azurecr.io + origin_docker_repo: bitwardenprod.azurecr.io - project_name: Icons origin_docker_repo: bitwarden prod_acr: true @@ -209,7 +209,7 @@ jobs: - project_name: Scim origin_docker_repo: bitwarden - project_name: Billing - origin_docker_repo: bitwardenqa.azurecr.io + origin_docker_repo: bitwardenprod.azurecr.io steps: - name: Print environment env: @@ -277,31 +277,19 @@ jobs: docker logout echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV - ########## ACR QA ########## - - name: Login to Azure - QA Subscription + ########## ACR PROD ########## + - name: Login to Azure - PROD Subscription uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a with: - creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} + creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Login to Azure ACR - run: az acr login -n bitwardenqa - - - name: Pull latest project image - if: matrix.origin_docker_repo == 'bitwardenqa.azurecr.io' - env: - PROJECT_NAME: ${{ steps.setup.outputs.project_name }} - REGISTRY: bitwardenqa.azurecr.io - run: | - if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then - docker pull $REGISTRY/$PROJECT_NAME:latest - else - docker pull $REGISTRY/$PROJECT_NAME:$_BRANCH_NAME - fi + run: az acr login -n bitwardenprod - name: Tag version and latest env: PROJECT_NAME: ${{ steps.setup.outputs.project_name }} - REGISTRY: bitwardenqa.azurecr.io + REGISTRY: bitwardenprod.azurecr.io ORIGIN_REGISTRY: ${{ matrix.origin_docker_repo }} run: | if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then @@ -313,43 +301,6 @@ jobs: - name: Push version and latest image if: ${{ github.event.inputs.release_type != 'Dry Run' }} - env: - PROJECT_NAME: ${{ steps.setup.outputs.project_name }} - REGISTRY: bitwardenqa.azurecr.io - run: | - docker push $REGISTRY/$PROJECT_NAME:latest - docker push $REGISTRY/$PROJECT_NAME:$_RELEASE_VERSION - - - name: Log out of Docker - run: docker logout - - ########## ACR PROD ########## - - name: Login to Azure - PROD Subscription - if: matrix.prod_acr == true - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a - with: - creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - - - name: Login to Azure ACR - if: matrix.prod_acr == true - run: az acr login -n bitwardenprod - - - name: Tag version and latest - if: matrix.prod_acr == true - env: - PROJECT_NAME: ${{ steps.setup.outputs.project_name }} - REGISTRY: bitwardenprod.azurecr.io - ORIGIN_REGISTRY: ${{ matrix.origin_docker_repo }} - run: | - if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then - docker tag $ORIGIN_REGISTRY/$PROJECT_NAME:latest $REGISTRY/$PROJECT_NAME:dryrun - else - docker tag $ORIGIN_REGISTRY/$PROJECT_NAME:$_BRANCH_NAME $REGISTRY/$PROJECT_NAME:$_RELEASE_VERSION - docker tag $ORIGIN_REGISTRY/$PROJECT_NAME:$_BRANCH_NAME $REGISTRY/$PROJECT_NAME:latest - fi - - - name: Push version and latest image - if: ${{ github.event.inputs.release_type != 'Dry Run' && matrix.prod_acr == true }} env: PROJECT_NAME: ${{ steps.setup.outputs.project_name }} REGISTRY: bitwardenprod.azurecr.io @@ -358,7 +309,6 @@ jobs: docker push $REGISTRY/$PROJECT_NAME:latest - name: Log out of Docker - if: matrix.prod_acr == true run: docker logout release: