nhyatt/bitwarden
1
0
Fork 0
mirror of https://github.com/bitwarden/server.git synced 2025-04-05 05:00:19 -05:00
Code

Switch to using get-keyvault-secrets action from our gh-actions repo (#2328)

Browse Source
This commit is contained in:
Vince Grassia 2022-10-04 17:23:43 -04:00 committed by GitHub
parent b59cc71424
commit c6b2f19cd6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 15 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
.github/workflows/build.yml vendored
View File

@ -4,10 +4,10 @@ name: Build
on: on:
push: push:
branches-ignore: branches-ignore:
- 'l10n_master' - "l10n_master"
- 'gh-pages' - "gh-pages"
paths-ignore: paths-ignore:
- '.github/workflows/**' - ".github/workflows/**"
workflow_dispatch: workflow_dispatch:
inputs: {} inputs: {}
@ -27,7 +27,6 @@ jobs:
- name: Print lines of code - name: Print lines of code
run: cloc --include-lang C#,SQL,Razor,"Bourne Shell",PowerShell,HTML,CSS,Sass,JavaScript,TypeScript --vcs git run: cloc --include-lang C#,SQL,Razor,"Bourne Shell",PowerShell,HTML,CSS,Sass,JavaScript,TypeScript --vcs git
lint: lint:
name: Lint name: Lint
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
@ -38,7 +37,6 @@ jobs:
- name: Verify Format - name: Verify Format
run: dotnet format --verify-no-changes run: dotnet format --verify-no-changes
testing: testing:
name: Testing name: Testing
runs-on: windows-2022 runs-on: windows-2022
@ -48,7 +46,7 @@ jobs:
- name: Set up dotnet - name: Set up dotnet
uses: actions/setup-dotnet@9211491ffb35dd6a6657ca4f45d43dfe6e97c829 uses: actions/setup-dotnet@9211491ffb35dd6a6657ca4f45d43dfe6e97c829
with: with:
dotnet-version: '6.0.x' dotnet-version: "6.0.x"
- name: Set up MSBuild - name: Set up MSBuild
uses: microsoft/setup-msbuild@ab534842b4bdf384b8aaf93765dc6f721d9f5fab uses: microsoft/setup-msbuild@ab534842b4bdf384b8aaf93765dc6f721d9f5fab
@ -83,7 +81,6 @@ jobs:
run: dotnet test ./bitwarden_license/test/Commercial.Core.Test --configuration Debug --no-build run: dotnet test ./bitwarden_license/test/Commercial.Core.Test --configuration Debug --no-build
shell: pwsh shell: pwsh
build-artifacts: build-artifacts:
name: Build artifacts name: Build artifacts
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
@ -126,11 +123,11 @@ jobs:
uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846
- name: Set up Node - name: Set up Node
uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a
with: with:
cache: 'npm' cache: "npm"
cache-dependency-path: '**/package-lock.json' cache-dependency-path: "**/package-lock.json"
node-version: '16' node-version: "16"
- name: Print environment - name: Print environment
run: | run: |
@ -176,7 +173,6 @@ jobs:
path: ${{ matrix.base_path }}/${{ matrix.service_name }}/${{ matrix.service_name }}.zip path: ${{ matrix.base_path }}/${{ matrix.service_name }}/${{ matrix.service_name }}.zip
if-no-files-found: error if-no-files-found: error
build-docker: build-docker:
name: Build Docker images name: Build Docker images
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
@ -321,13 +317,13 @@ jobs:
github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/rc' ||
github.ref == 'refs/heads/hotfix-rc') github.ref == 'refs/heads/hotfix-rc')
id: retrieve-secrets id: retrieve-secrets
uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "docker-password, secrets: "docker-password,
docker-username, docker-username,
dct-delegate-2-repo-passphrase, dct-delegate-2-repo-passphrase,
dct-delegate-2-key" dct-delegate-2-key"
- name: Log into Docker - name: Log into Docker
if: | if: |
@ -385,7 +381,6 @@ jobs:
docker logout docker logout
echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV
upload: upload:
name: Upload name: Upload
runs-on: ubuntu-20.04 runs-on: ubuntu-20.04
@ -454,7 +449,7 @@ jobs:
cd ../.. cd ../..
env: env:
ASPNETCORE_ENVIRONMENT: Production ASPNETCORE_ENVIRONMENT: Production
swaggerGen: 'True' swaggerGen: "True"
DOTNET_ROLL_FORWARD_ON_NO_CANDIDATE_FX: 2 DOTNET_ROLL_FORWARD_ON_NO_CANDIDATE_FX: 2
- name: Upload Swagger artifact - name: Upload Swagger artifact
@ -464,7 +459,6 @@ jobs:
path: swagger.json path: swagger.json
if-no-files-found: error if-no-files-found: error
check-failures: check-failures:
name: Check for failures name: Check for failures
if: always() if: always()
@ -512,14 +506,14 @@ jobs:
- name: Retrieve secrets - name: Retrieve secrets
id: retrieve-secrets id: retrieve-secrets
uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f uses: bitwarden/gh-actions/get-keyvault-secrets@c3b3285993151c5af47cefcb3b9134c28ab479af
if: failure() if: failure()
with: with:
keyvault: "bitwarden-prod-kv" keyvault: "bitwarden-prod-kv"
secrets: "devops-alerts-slack-webhook-url" secrets: "devops-alerts-slack-webhook-url"
- name: Notify Slack on failure - name: Notify Slack on failure
uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33 # v1.2.2 uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33
if: failure() if: failure()
env: env:
SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }}