diff --git a/apps/web/.github/workflows/build.yml b/.github/workflows/build-web.yml similarity index 75% rename from apps/web/.github/workflows/build.yml rename to .github/workflows/build-web.yml index 16f0a3bd70..a7ec1ab69b 100644 --- a/apps/web/.github/workflows/build.yml +++ b/.github/workflows/build-web.yml @@ -1,20 +1,24 @@ --- -name: Build +name: Build Web on: - workflow_dispatch: - inputs: - custom_tag_extension: - description: "Custom image tag extension" - required: false - push: + pull_request: branches-ignore: - - "l10n_master" - - "gh-pages" - - "deploy" - paths-ignore: - - '.github/workflows/**' - + - 'l10n_master' + - 'gh-pages' + paths: + - 'apps/web/**' + - '.github/workflows/build-web.yml' + push: + branches: + - 'master' + - 'rc' + - 'hotfix-rc/**' + paths: + - 'apps/web/**' + - '.github/workflows/build-web.yml' + workflow_dispatch: + inputs: {} jobs: cloc: @@ -22,7 +26,7 @@ jobs: runs-on: ubuntu-20.04 steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Set up cloc run: | @@ -30,30 +34,10 @@ jobs: sudo apt -y install cloc - name: Print lines of code + working-directory: apps/web run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git - lint: - name: Lint - runs-on: ubuntu-20.04 - steps: - - name: Checkout repo - uses: actions/checkout@a12a3943b4bdde767164f792f33f40b04645d846 - - - name: Cache npm - id: npm-cache - uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 - with: - path: "~/.npm" - key: ${{ runner.os }}-npm-lint-${{ hashFiles('**/package-lock.json') }} - - - name: Install dependencies - run: npm ci - - - name: Run linter - run: npm run lint - - setup: name: Setup runs-on: ubuntu-20.04 @@ -61,7 +45,7 @@ jobs: version: ${{ steps.version.outputs.value }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Get GitHub sha as version id: version @@ -73,15 +57,14 @@ jobs: runs-on: ubuntu-20.04 needs: - setup - - lint env: _VERSION: ${{ needs.setup.outputs.version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Set up Node - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 + uses: actions/setup-node@56337c425554a6be30cdef71bf441f15be286854 # v3.1.1 with: cache: 'npm' cache-dependency-path: '**/package-lock.json' @@ -101,15 +84,16 @@ jobs: run: npm ci - name: Build OSS selfhost + working-directory: apps/web run: | npm run dist:oss:selfhost zip -r web-$_VERSION-selfhosted-open-source.zip build - name: Upload build artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 with: name: web-${{ env._VERSION }}-selfhosted-open-source.zip - path: ./web-${{ env._VERSION }}-selfhosted-open-source.zip + path: apps/web/web-${{ env._VERSION }}-selfhosted-open-source.zip if-no-files-found: error @@ -118,15 +102,14 @@ jobs: runs-on: ubuntu-20.04 needs: - setup - - lint env: _VERSION: ${{ needs.setup.outputs.version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Set up Node - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 + uses: actions/setup-node@56337c425554a6be30cdef71bf441f15be286854 # v3.1.1 with: cache: 'npm' cache-dependency-path: '**/package-lock.json' @@ -146,15 +129,16 @@ jobs: run: npm ci - name: Build Cloud + working-directory: apps/web run: | npm run dist:bit:cloud zip -r web-$_VERSION-cloud-COMMERCIAL.zip build - name: Upload build artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 with: name: web-${{ env._VERSION }}-cloud-COMMERCIAL.zip - path: ./web-${{ env._VERSION }}-cloud-COMMERCIAL.zip + path: apps/web/web-${{ env._VERSION }}-cloud-COMMERCIAL.zip if-no-files-found: error @@ -163,15 +147,14 @@ jobs: runs-on: ubuntu-20.04 needs: - setup - - lint env: _VERSION: ${{ needs.setup.outputs.version }} steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Set up Node - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 + uses: actions/setup-node@56337c425554a6be30cdef71bf441f15be286854 # v3.1.1 with: cache: 'npm' cache-dependency-path: '**/package-lock.json' @@ -199,6 +182,7 @@ jobs: run: npm ci - name: Build + working-directory: apps/web run: | echo -e "# Building Web\n" echo "Building app" @@ -208,13 +192,14 @@ jobs: zip -r web-$_VERSION-selfhosted-COMMERCIAL.zip build - name: Upload build artifact - uses: actions/upload-artifact@ee69f02b3dfdecd58bb31b4d133da38ba6fe3700 # v2.2.3 + uses: actions/upload-artifact@6673cd052c4cd6fcf4b4e6e60ea986c889389535 # v3.0.0 with: name: web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip - path: ./web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip + path: apps/web/web-${{ env._VERSION }}-selfhosted-COMMERCIAL.zip if-no-files-found: error - name: Build Docker image + working-directory: apps/web run: | echo -e "\nBuilding Docker image" docker --version @@ -264,7 +249,7 @@ jobs: echo "DOCKER_CONTENT_TRUST=0" >> $GITHUB_ENV - name: Login to Azure - QA Subscription - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a + uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 with: creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} @@ -292,13 +277,12 @@ jobs: runs-on: ubuntu-20.04 needs: - setup - - lint steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Set up Node - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 + uses: actions/setup-node@56337c425554a6be30cdef71bf441f15be286854 # v3.1.1 with: cache: 'npm' cache-dependency-path: '**/package-lock.json' @@ -315,7 +299,7 @@ jobs: echo "GitHub event: $GITHUB_EVENT" - name: Login to Azure - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a + uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 with: creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} @@ -326,6 +310,7 @@ jobs: run: npm ci - name: Build + working-directory: apps/web run: | echo -e "# Building Web\n" echo "Building app" @@ -377,44 +362,6 @@ jobs: - name: Log out of Docker run: docker logout - - windows: - name: Test code on Windows - runs-on: windows-2019 - steps: - - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - - - name: Set up NuGet - uses: nuget/setup-nuget@04b0c2b8d1b97922f67eca497d7cf0bf17b8ffe1 - with: - nuget-version: "latest" - - - name: Set up Node - uses: actions/setup-node@9ced9a43a244f3ac94f13bfd896db8c8f30da67a # v3.0.0 - with: - cache: 'npm' - cache-dependency-path: '**/package-lock.json' - node-version: "16" - - - name: Print environment - run: | - nuget help | grep Version - node --version - npm --version - echo "GitHub ref: $GITHUB_REF" - echo "GitHub event: $GITHUB_EVENT" - env: - GITHUB_REF: ${{ github.ref }} - GITHUB_EVENT: ${{ github.event_name }} - - - name: Install dependencies - run: npm ci - - - name: NPM build - run: npm run build:bit:cloud - - crowdin-push: name: Crowdin Push if: github.ref == 'refs/heads/master' @@ -428,27 +375,27 @@ jobs: _CROWDIN_PROJECT_ID: "308189" steps: - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 # v2.3.4 - name: Login to Azure - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a + uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Retrieve secrets id: retrieve-secrets - uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 + uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f # v1.0.0 with: keyvault: "bitwarden-prod-kv" secrets: "crowdin-api-token" - name: Upload Sources - uses: crowdin/github-action@e39093fd75daae7859c68eded4b43d42ec78d8ea # v1.3.2 + uses: crowdin/github-action@a3160b9e5a9e00739392c23da5e580c6cabe526d # v1.4.8 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }} with: - config: crowdin.yml + config: apps/web/crowdin.yml crowdin_branch_name: master upload_sources: true upload_translations: false @@ -461,7 +408,6 @@ jobs: needs: - cloc - setup - - lint - build-oss-selfhost - build-cloud - build-commercial-selfhost @@ -473,7 +419,6 @@ jobs: if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }} env: CLOC_STATUS: ${{ needs.cloc.result }} - LINT_STATUS: ${{ needs.lint.result }} SETUP_STATUS: ${{ needs.setup.result }} BUILD_OSS_SELFHOST_STATUS: ${{ needs.build-oss-selfhost.result }} BUILD_CLOUD_STATUS: ${{ needs.build-cloud.result }} @@ -484,8 +429,6 @@ jobs: run: | if [ "$CLOC_STATUS" = "failure" ]; then exit 1 - elif [ "$LINT_STATUS" = "failure" ]; then - exit 1 elif [ "$SETUP_STATUS" = "failure" ]; then exit 1 elif [ "$BUILD_OSS_SELFHOST_STATUS" = "failure" ]; then @@ -503,21 +446,21 @@ jobs: fi - name: Login to Azure - Prod Subscription - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a + uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 if: failure() with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Retrieve secrets id: retrieve-secrets - uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 + uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f # v1.0.0 if: failure() with: keyvault: "bitwarden-prod-kv" secrets: "devops-alerts-slack-webhook-url" - name: Notify Slack on failure - uses: act10ns/slack@e4e71685b9b239384b0f676a63c32367f59c2522 # v1.2.2 + uses: act10ns/slack@da3191ebe2e67f49b46880b4633f5591a96d1d33 # v1.5.1 if: failure() env: SLACK_WEBHOOK_URL: ${{ steps.retrieve-secrets.outputs.devops-alerts-slack-webhook-url }} diff --git a/apps/web/.github/workflows/release.yml b/.github/workflows/release-web.yml similarity index 77% rename from apps/web/.github/workflows/release.yml rename to .github/workflows/release-web.yml index af81eb7398..4b508bfee6 100644 --- a/apps/web/.github/workflows/release.yml +++ b/.github/workflows/release-web.yml @@ -1,5 +1,5 @@ --- -name: Release +name: Release Web on: workflow_dispatch: @@ -20,29 +20,31 @@ jobs: runs-on: ubuntu-20.04 outputs: release_version: ${{ steps.version.outputs.version }} - tag_version: ${{ steps.version.outputs.version }} + tag_version: ${{ steps.version.outputs.tag }} branch_name: ${{ steps.branch.outputs.branch_name }} steps: - name: Branch check if: ${{ github.event.inputs.release_type != 'Dry Run' }} run: | - if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ "$GITHUB_REF" != "refs/heads/hotfix-rc" ]]; then + if [[ "$GITHUB_REF" != "refs/heads/rc" ]] && [[ $GITHUB_REF != refs/heads/hotfix-rc/* ]]; then echo "===================================" - echo "[!] Can only release from the 'rc' or 'hotfix-rc' branches" + echo "[!] Can only release from the 'rc' or 'hotfix-rc/*' branches" echo "===================================" exit 1 fi - name: Checkout repo - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # 2.4.0 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Check Release Version id: version - uses: bitwarden/gh-actions/release-version-check@ea9fab01d76940267b4147cc1c4542431246b9f6 + uses: bitwarden/gh-actions/release-version-check@8f055ef543c7433c967a1b9b04a0f230923233bb with: release-type: ${{ github.event.inputs.release_type }} project-type: ts - file: package.json + file: apps/web/package.json + monorepo: true + monorepo-project: web - name: Get branch name id: branch @@ -69,7 +71,7 @@ jobs: echo "Github Release Option: $_RELEASE_OPTION" - name: Checkout repo - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 ########## DockerHub ########## - name: Setup DCT @@ -87,16 +89,12 @@ jobs: docker pull bitwarden/web:$_BRANCH_NAME fi - - name: Tag version and latest + - name: Docker Tag version and latest image run: | - if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then - docker tag bitwarden/web:latest bitwarden/web:dryrun - else - docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:$_RELEASE_VERSION - docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:latest - fi + docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:$_RELEASE_VERSION + docker tag bitwarden/web:$_BRANCH_NAME bitwarden/web:latest - - name: Push version and latest image + - name: Docker Push version and latest image if: ${{ github.event.inputs.release_type != 'Dry Run' }} env: DOCKER_CONTENT_TRUST: 1 @@ -112,7 +110,7 @@ jobs: ########## ACR ########## - name: Login to Azure - QA Subscription - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a + uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 # v1.1 with: creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} @@ -123,15 +121,11 @@ jobs: env: REGISTRY: bitwardenqa.azurecr.io run: | - if [[ "${{ github.event.inputs.release_type }}" == "Dry Run" ]]; then - docker tag bitwarden/web:latest $REGISTRY/web:dryrun - else - docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:$_RELEASE_VERSION - docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:latest + docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:$_RELEASE_VERSION + docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web:latest - docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web-sh:$_RELEASE_VERSION - docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web-sh:latest - fi + docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web-sh:$_RELEASE_VERSION + docker tag bitwarden/web:$_BRANCH_NAME $REGISTRY/web-sh:latest - name: Push version and latest image if: ${{ github.event.inputs.release_type != 'Dry Run' }} @@ -159,7 +153,7 @@ jobs: _TAG_VERSION: ${{ needs.setup.outputs.tag_version }} steps: - name: Checkout Repo - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 # v2.4.0 with: ref: gh-pages @@ -169,7 +163,7 @@ jobs: git push -u origin gh-pages-deploy-$_TAG_VERSION - name: Checkout Repo - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 # v2.4.0 - name: Setup git config run: | @@ -181,22 +175,24 @@ jobs: - name: Download latest cloud asset uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8 with: - workflow: build.yml + workflow: build-web.yml + path: apps/web workflow_conclusion: success branch: ${{ needs.setup.outputs.branch_name }} artifacts: web-*-cloud-COMMERCIAL.zip # This should result in a build directory in the current working directory - name: Unzip build asset + working-directory: apps/web run: unzip web-*-cloud-COMMERCIAL.zip - name: Deploy GitHub Pages - uses: crazy-max/ghaction-github-pages@a117e4aa1fb4854d021546d2abdfac95be568a3a # v2.6.0 + uses: crazy-max/ghaction-github-pages@eb08c35b9fab86751edfff4e55cd5cde35ff0e52 # v3.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: target_branch: gh-pages-deploy-${{ needs.setup.outputs.tag_version }} - build_dir: build + build_dir: apps/web/build keep_history: true commit_message: "Staging deploy ${{ needs.setup.outputs.release_version }}" dry_run: ${{ github.event.inputs.release_type == 'Dry Run' }} @@ -224,22 +220,24 @@ jobs: _TAG_VERSION: ${{ needs.setup.outputs.tag_version }} steps: - name: Checkout Repo - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Download latest cloud asset uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8 with: - workflow: build.yml + workflow: build-web.yml + path: apps/web workflow_conclusion: success branch: ${{ needs.setup.outputs.branch_name }} artifacts: web-*-cloud-COMMERCIAL.zip # This should result in a build directory in the current working directory - name: Unzip build asset + working-directory: apps/web run: unzip web-*-cloud-COMMERCIAL.zip - name: Checkout Repo - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # v2.4.0 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 with: ref: deploy path: deployment @@ -254,7 +252,7 @@ jobs: - name: Deploy CloudFlare Pages run: | rm -rf ./* - cp -R ../build/* . + cp -R apps/web/build/* . working-directory: deployment - name: Create cf-pages-deploy branch @@ -263,7 +261,7 @@ jobs: git add . git commit -m "Staging deploy ${{ needs.setup.outputs.release_version }}" git push -u origin cf-pages-deploy-$_TAG_VERSION - working-directory: deployment + working-directory: deployment - name: Create CloudFlare Pages Deploy PR if: ${{ github.event.inputs.release_type != 'Dry Run' }} @@ -287,29 +285,31 @@ jobs: - cfpages-deploy steps: - name: Download latest build artifacts - uses: bitwarden/gh-actions/download-artifacts@23433be15ed6fd046ce12b6889c5184a8d9c8783 + uses: bitwarden/gh-actions/download-artifacts@c1fa8e09871a860862d6bbe36184b06d2c7e35a8 with: - workflow: build.yml + workflow: build-web.yml + path: apps/web/artifacts workflow_conclusion: success branch: ${{ needs.setup.outputs.branch_name }} artifacts: "web-*-selfhosted-COMMERCIAL.zip, web-*-selfhosted-open-source.zip" - name: Rename assets + working-directory: apps/web/artifacts run: | mv web-*-selfhosted-COMMERCIAL.zip web-${{ needs.setup.outputs.release_version }}-selfhosted-COMMERCIAL.zip mv web-*-selfhosted-open-source.zip web-${{ needs.setup.outputs.release_version }}-selfhosted-open-source.zip - name: Create release if: ${{ github.event.inputs.release_type != 'Dry Run' }} - uses: ncipollo/release-action@40bb172bd05f266cf9ba4ff965cb61e9ee5f6d01 + uses: ncipollo/release-action@58ae73b360456532aafd58ee170c045abbeaee37 # v1.10.0 with: - name: "Version ${{ needs.setup.outputs.release_version }}" + name: "Version v${{ needs.setup.outputs.release_version }}" commit: ${{ github.sha }} tag: "${{ needs.setup.outputs.tag_version }}" body: "" - artifacts: "web-${{ needs.setup.outputs.release_version }}-selfhosted-COMMERCIAL.zip, - web-${{ needs.setup.outputs.release_version }}-selfhosted-open-source.zip" + artifacts: "apps/web/artifacts/web-${{ needs.setup.outputs.release_version }}-selfhosted-COMMERCIAL.zip, + apps/web/artifacts/web-${{ needs.setup.outputs.release_version }}-selfhosted-open-source.zip" token: ${{ secrets.GITHUB_TOKEN }} draft: true @@ -325,7 +325,7 @@ jobs: - release steps: - name: Checkout repo - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 # 2.4.0 + uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b # v3.0.2 - name: Remove gh-pages-deploy branch run: git push origin --delete gh-pages-deploy-$_TAG_VERSION diff --git a/.gitignore b/.gitignore index 8addd5b54a..71fec37f66 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ node_modules/ **/coverage/ +.github/workflows/act \ No newline at end of file diff --git a/apps/web/.github/workflows/crowdin-pull.yml b/apps/web/.github/workflows/crowdin-pull.yml deleted file mode 100644 index 0c959fea2f..0000000000 --- a/apps/web/.github/workflows/crowdin-pull.yml +++ /dev/null @@ -1,49 +0,0 @@ ---- -name: Crowdin Pull - -on: - workflow_dispatch: - inputs: {} - schedule: - - cron: "0 0 * * 5" - -jobs: - crowdin-pull: - name: Pull - runs-on: ubuntu-20.04 - env: - _CROWDIN_PROJECT_ID: "308189" - steps: - - name: Checkout repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 - - - name: Login to Azure - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a - with: - creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - - - name: Retrieve secrets - id: retrieve-secrets - uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 - with: - keyvault: "bitwarden-prod-kv" - secrets: "crowdin-api-token" - - - name: Download translations - uses: crowdin/github-action@e39093fd75daae7859c68eded4b43d42ec78d8ea # v1.3.2 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - CROWDIN_API_TOKEN: ${{ steps.retrieve-secrets.outputs.crowdin-api-token }} - with: - config: crowdin.yml - crowdin_branch_name: master - upload_sources: false - upload_translations: false - download_translations: true - github_user_name: "github-actions" - github_user_email: "<>" - commit_message: "Autosync the updated translations" - localization_branch_name: crowdin-auto-sync - create_pull_request: true - pull_request_title: "Autosync Crowdin Translations" - pull_request_body: "Autosync the updated translations" diff --git a/apps/web/.github/workflows/enforce-labels.yml b/apps/web/.github/workflows/enforce-labels.yml deleted file mode 100644 index 0a63c70e4a..0000000000 --- a/apps/web/.github/workflows/enforce-labels.yml +++ /dev/null @@ -1,16 +0,0 @@ ---- -name: Enforce PR labels - -on: - pull_request: - types: [labeled, unlabeled, opened, edited, synchronize] -jobs: - enforce-label: - name: EnforceLabel - runs-on: ubuntu-20.04 - steps: - - name: Enforce Label - uses: yogevbd/enforce-label-action@8d1e1709b1011e6d90400a0e6cf7c0b77aa5efeb - with: - BANNED_LABELS: "hold" - BANNED_LABELS_DESCRIPTION: "PRs on hold cannot be merged" diff --git a/apps/web/.github/workflows/qa-deploy.yml b/apps/web/.github/workflows/qa-deploy.yml deleted file mode 100644 index d654dd9241..0000000000 --- a/apps/web/.github/workflows/qa-deploy.yml +++ /dev/null @@ -1,71 +0,0 @@ ---- -name: QA Deploy - -on: - workflow_dispatch: - inputs: - image_extension: - description: "Image tag extension" - required: false - -env: - _QA_CLUSTER_RESOURCE_GROUP: "bw-env-qa" - _QA_CLUSTER_NAME: "bw-aks-qa" - _QA_K8S_NAMESPACE: "bw-qa" - _QA_K8S_APP_NAME: "bw-web" - -jobs: - deploy: - name: Deploy QA Web - runs-on: ubuntu-20.04 - steps: - - name: Checkout Repo - uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f # v2.3.4 - - - name: Setup - run: export PATH=$PATH:~/work/web/web - - - name: Login to Azure - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a - with: - creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} - - - name: Retrieve secrets - id: retrieve-secrets - uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 - with: - keyvault: "bitwarden-qa-kv" - secrets: "qa-aks-kubectl-credentials" - - - name: Login with qa-aks-kubectl-credentials SP - uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a - with: - creds: ${{ env.qa-aks-kubectl-credentials }} - - - name: Setup AKS access - #env: - # USER_ID: ${{ env.qa-kubectl-managed-identity-clientId }} - run: | - echo "---az install---" - az aks install-cli --install-location ./kubectl --kubelogin-install-location ./kubelogin - echo "---az get-creds---" - az aks get-credentials -n $_QA_CLUSTER_NAME -g $_QA_CLUSTER_RESOURCE_GROUP - - - name: Get image tag - id: image_tag - run: | - IMAGE_TAG=$(echo "${GITHUB_REF:11}" | sed "s#/#-#g") - TAG_EXTENSION=${{ github.event.inputs.image_extension }} - - if [[ $TAG_EXTENSION ]]; then - IMAGE_TAG=$IMAGE_TAG-$TAG_EXTENSION - fi - echo "::set-output name=value::$IMAGE_TAG" - - - name: Deploy Web image - env: - IMAGE_TAG: ${{ steps.image_tag.outputs.value }} - run: | - kubectl set image -n $_QA_K8S_NAMESPACE deployment/web web=bitwardenqa.azurecr.io/web:$IMAGE_TAG --record - kubectl rollout restart -n $_QA_K8S_NAMESPACE deployment/web - kubectl rollout status deployment/web -n $_QA_K8S_NAMESPACE diff --git a/apps/web/.github/workflows/version-bump.yml b/apps/web/.github/workflows/version-bump.yml deleted file mode 100644 index 94cc859fd9..0000000000 --- a/apps/web/.github/workflows/version-bump.yml +++ /dev/null @@ -1,71 +0,0 @@ ---- -name: Version Bump - -on: - workflow_dispatch: - inputs: - version_number: - description: "New Version" - required: true - -jobs: - bump_props_version: - name: "Create version_bump_${{ github.event.inputs.version_number }} branch" - runs-on: ubuntu-20.04 - steps: - - name: Checkout Branch - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 - - - name: Create Version Branch - run: | - git switch -c version_bump_${{ github.event.inputs.version_number }} - git push -u origin version_bump_${{ github.event.inputs.version_number }} - - - name: Checkout Version Branch - uses: actions/checkout@ec3a7ce113134d7a93b817d10a8272cb61118579 - with: - ref: version_bump_${{ github.event.inputs.version_number }} - - - name: Bump Version - package.json - uses: bitwarden/gh-actions/version-bump@03ad9a873c39cdc95dd8d77dbbda67f84db43945 - with: - version: ${{ github.event.inputs.version_number }} - file_path: "./package.json" - - - name: Bump Version - package-lock.json - uses: bitwarden/gh-actions/version-bump@03ad9a873c39cdc95dd8d77dbbda67f84db43945 - with: - version: ${{ github.event.inputs.version_number }} - file_path: "./package-lock.json" - - - name: Commit files - run: | - git config --local user.email "41898282+github-actions[bot]@users.noreply.github.com" - git config --local user.name "github-actions[bot]" - git commit -m "Bumped version to ${{ github.event.inputs.version_number }}" -a - - - name: Push changes - run: git push -u origin version_bump_${{ github.event.inputs.version_number }} - - - name: Create Version PR - env: - PR_BRANCH: "version_bump_${{ github.event.inputs.version_number }}" - GITHUB_TOKEN: "${{ secrets.GITHUB_TOKEN }}" - BASE_BRANCH: master - TITLE: "Bump version to ${{ github.event.inputs.version_number }}" - run: | - gh pr create --title "$TITLE" \ - --base "$BASE" \ - --head "$PR_BRANCH" \ - --label "version update" \ - --label "automated pr" \ - --body " - ## Type of change - - [ ] Bug fix - - [ ] New feature development - - [ ] Tech debt (refactoring, code cleanup, dependency upgrades, etc) - - [ ] Build/deploy pipeline (DevOps) - - [X] Other - - ## Objective - Automated version bump to ${{ github.event.inputs.version_number }}" diff --git a/apps/web/.github/workflows/workflow-linter.yml b/apps/web/.github/workflows/workflow-linter.yml deleted file mode 100644 index 9fda2eee0a..0000000000 --- a/apps/web/.github/workflows/workflow-linter.yml +++ /dev/null @@ -1,11 +0,0 @@ ---- -name: Workflow Linter - -on: - pull_request: - paths: - - .github/workflows/** - -jobs: - call-workflow: - uses: bitwarden/gh-actions/.github/workflows/workflow-linter.yml@master