nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Change Release workflow to allow releases from 'rc' and 'hotfix' branches (#1690)

Browse Source
This commit is contained in:
Vince Grassia 2021-11-08 13:39:32 -05:00 committed by GitHub
parent 5aa492e886
commit c07794e907
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 57 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
.github/workflows/build.yml vendored
View File

@ -260,7 +260,7 @@ jobs:
creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }}
- name: Log into Docker - name: Log into Docker
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/release' if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix'
env: env:
DOCKER_USERNAME: ${{ steps.retrieve-secrets.outputs.docker-username }} DOCKER_USERNAME: ${{ steps.retrieve-secrets.outputs.docker-username }}
DOCKER_PASSWORD: ${{ steps.retrieve-secrets.outputs.docker-password }} DOCKER_PASSWORD: ${{ steps.retrieve-secrets.outputs.docker-password }}
@ -272,7 +272,7 @@ jobs:
fi fi
- name: Setup Docker Trust - name: Setup Docker Trust
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/release' if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix'
env: env:
DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c" DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c"
DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }} DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }}
@ -299,7 +299,8 @@ jobs:
if: ${{ matrix.dotnet }} if: ${{ matrix.dotnet }}
run: | run: |
mkdir -p ${{ matrix.base_path}}/${{ matrix.service_name }}/obj/build-output/publish mkdir -p ${{ matrix.base_path}}/${{ matrix.service_name }}/obj/build-output/publish
unzip ${{ matrix.service_name }}.zip -d ${{ matrix.base_path }}/${{ matrix.service_name }}/obj/build-output/publish unzip ${{ matrix.service_name }}.zip \
-d ${{ matrix.base_path }}/${{ matrix.service_name }}/obj/build-output/publish
- name: Build Docker images - name: Build Docker images
run: | run: |
@ -317,45 +318,49 @@ jobs:
docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \ docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \
${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:rc ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:rc
- name: Tag hotfix
if: github.ref == 'refs/heads/hotfix'
run: |
docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \
${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:hotfix
- name: Tag dev - name: Tag dev
if: github.ref == 'refs/heads/master' if: github.ref == 'refs/heads/master'
run: | run: |
docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \ docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \
${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:dev ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:dev
- name: Tag latest
if: github.ref == 'refs/heads/release'
run: |
docker tag ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }} \
${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:latest
- name: List Docker images - name: List Docker images
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/release' if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix'
run: docker images run: docker images
- name: Docker Trust setup - name: Docker Trust setup
if: matrix.docker_repo == 'bitwarden' && (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/release') if: |
matrix.docker_repo == 'bitwarden'
&& (github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix')
env:
DCT_REPO_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}
run: | run: |
echo "DOCKER_CONTENT_TRUST=1" >> $GITHUB_ENV echo "DOCKER_CONTENT_TRUST=1" >> $GITHUB_ENV
echo "DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }}" >> $GITHUB_ENV echo "DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE=$DCT_REPO_PASSPHRASE" >> $GITHUB_ENV
- name: Push rc images - name: Push rc images
if: github.ref == 'refs/heads/rc' if: github.ref == 'refs/heads/rc'
run: | run: |
docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:rc docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:rc
- name: Push hotfix images
if: github.ref == 'refs/heads/hotfix'
run: |
docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:hotfix
- name: Push dev images - name: Push dev images
if: github.ref == 'refs/heads/master' if: github.ref == 'refs/heads/master'
run: | run: |
docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:dev docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:dev
- name: Push latest images
if: github.ref == 'refs/heads/release'
run: |
docker push ${{ matrix.docker_repo }}/${{ steps.setup.outputs.service_name }}:latest
- name: Log out of Docker - name: Log out of Docker
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/release' if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix'
run: docker logout run: docker logout
@ -371,12 +376,12 @@ jobs:
run: dotnet tool restore run: dotnet tool restore
- name: Make Docker stub - name: Make Docker stub
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/release' if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix'
run: | run: |
if [[ "${{ github.ref }}" == "rc" ]]; then if [[ "${{ github.ref }}" == "rc" ]]; then
SETUP_IMAGE="bitwarden/setup:rc" SETUP_IMAGE="bitwarden/setup:rc"
elif [[ "${{ github.ref }}" == "release" ]]; then elif [[ "${{ github.ref }}" == "hotfix" ]]; then
SETUP_IMAGE="bitwarden/setup:latest" SETUP_IMAGE="bitwarden/setup:hotfix"
else else
SETUP_IMAGE="bitwarden/setup:dev" SETUP_IMAGE="bitwarden/setup:dev"
fi fi
@ -391,7 +396,7 @@ jobs:
cd docker-stub; zip -r ../docker-stub.zip *; cd .. cd docker-stub; zip -r ../docker-stub.zip *; cd ..
- name: Upload Docker stub artifact - name: Upload Docker stub artifact
if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/release' if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix'
uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700
with: with:
name: docker-stub.zip name: docker-stub.zip
@ -434,7 +439,10 @@ jobs:
- upload - upload
steps: steps:
- name: Check if any job failed - name: Check if any job failed
if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }} if: |
github.ref == 'refs/heads/master'
|| github.ref == 'refs/heads/rc'
|| github.ref == 'refs/heads/hotfix'
env: env:
CLOC_STATUS: ${{ needs.cloc.result }} CLOC_STATUS: ${{ needs.cloc.result }}
TESTING_STATUS: ${{ needs.testing.result }} TESTING_STATUS: ${{ needs.testing.result }}

39
.github/workflows/release.yml vendored
View File

@ -12,20 +12,19 @@ jobs:
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
outputs: outputs:
release_version: ${{ steps.version.outputs.package }} release_version: ${{ steps.version.outputs.package }}
branch-name: ${{ steps.branch.outputs.branch-name }}
steps: steps:
- name: Branch check - name: Branch check
run: | run: |
if [[ "$GITHUB_REF" != "refs/heads/release" ]]; then if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix" ]]; then
echo "===================================" echo "==================================="
echo "[!] Can only release from the 'release' branch" echo "[!] Can only release from the 'rc' or 'hotfix' branches"
echo "===================================" echo "==================================="
exit 1 exit 1
fi fi
- name: Checkout repo - name: Checkout repo
uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f
with:
ref: release
- name: Check Release Version - name: Check Release Version
id: version id: version
@ -42,6 +41,12 @@ jobs:
echo "::set-output name=package::$version" echo "::set-output name=package::$version"
- name: Get branch name
id: branch
run: |
BRANCH_NAME=$(basename ${{ github.ref }})
echo "::set-output name=branch-name::$BRANCH_NAME"
deploy: deploy:
name: Deploy name: Deploy
@ -72,7 +77,7 @@ jobs:
with: with:
workflow: build.yml workflow: build.yml
workflow_conclusion: success workflow_conclusion: success
branch: release branch: ${{ needs.setup.outputs.branch-name }}
artifacts: ${{ matrix.name }}.zip artifacts: ${{ matrix.name }}.zip
- name: Login to Azure - name: Login to Azure
@ -115,6 +120,7 @@ jobs:
needs: setup needs: setup
env: env:
_RELEASE_VERSION: ${{ needs.setup.outputs.release_version }} _RELEASE_VERSION: ${{ needs.setup.outputs.release_version }}
_BRANCH_NAME: ${{ needs.setup.outputs.branch-name }}
strategy: strategy:
fail-fast: false fail-fast: false
matrix: matrix:
@ -158,22 +164,29 @@ jobs:
echo "SERVICE_NAME: $SERVICE_NAME" echo "SERVICE_NAME: $SERVICE_NAME"
echo "::set-output name=service_name::$SERVICE_NAME" echo "::set-output name=service_name::$SERVICE_NAME"
- name: Pull latest selfhost Release image - name: Pull latest selfhost image
run: docker pull bitwarden/${{ steps.setup.outputs.service_name }}:latest env:
SERVICE_NAME: ${{ steps.setup.outputs.service_name }}
run: docker pull bitwarden/$SERVICE_NAME:$_BRANCH_NAME
- name: Tag version - name: Tag version and latest
env:
SERVICE_NAME: ${{ steps.setup.outputs.service_name }}
run: | run: |
docker tag bitwarden/${{ steps.setup.outputs.service_name }}:latest bitwarden/${{ steps.setup.outputs.service_name }}:$_RELEASE_VERSION docker tag bitwarden/$SERVICE_NAME:$_BRANCH_NAME bitwarden/$SERVICE_NAME:$_RELEASE_VERSION
docker tag bitwarden/$SERVICE_NAME:$_BRANCH_NAME bitwarden/$SERVICE_NAME:latest
- name: List Docker images - name: List Docker images
run: docker images run: docker images
- name: Push latest image - name: Push version and latest image
run: |
docker push bitwarden/${{ steps.setup.outputs.service_name }}:$_RELEASE_VERSION
env: env:
DOCKER_CONTENT_TRUST: 1 DOCKER_CONTENT_TRUST: 1
DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.setup-dct.outputs.dct-delegate-repo-passphrase }} DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.setup-dct.outputs.dct-delegate-repo-passphrase }}
SERVICE_NAME: ${{ steps.setup.outputs.service_name }}
run: |
docker push bitwarden/$SERVICE_NAME:$_RELEASE_VERSION
docker push bitwarden/$SERVICE_NAME:latest
- name: Log out of Docker - name: Log out of Docker
run: docker logout run: docker logout
@ -191,7 +204,7 @@ jobs:
with: with:
workflow: build.yml workflow: build.yml
workflow_conclusion: success workflow_conclusion: success
branch: release branch: ${{ needs.setup.outputs.branch-name }}
artifacts: "docker-stub.zip, artifacts: "docker-stub.zip,
swagger.json" swagger.json"