Devops 818 trigger desktop on browser build (#2749)

* Add trigger when browser build completes * Download artifacts from workflow run trigger * Fix branch quotes * Remove workflow run event trigger * Add trigger step for desktop build * Add current branch name for test purposes * Change the branch name * Add token retrieval from KeyVault * Revert "Change the branch name" This reverts commit 696157dc81. * Fix json in request * Add printing variables * Change way of creating json string * Change name of kv secret
2022-06-03 22:48:22 +02:00 · 2022-06-03 22:48:22 +02:00 · f5adb0a7ae
parent 2126ac414c
commit f5adb0a7ae
2 changed files with 76 additions and 2 deletions
--- a/.github/workflows/build-browser.yml
+++ b/.github/workflows/build-browser.yml
@ -329,6 +329,46 @@ jobs:
          upload_sources: true
          upload_translations: false

+  trigger-desktop-build:
+    name: Trigger desktop build
+    if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') || contains(github.ref, 'hotfix-rc') }}
+    runs-on: ubuntu-20.04
+    needs:
+      - build
+      - build-safari
+    steps:
+
+      - name: Login to Azure
+        uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010
+        with:
+          creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }}
+
+      - name: Retrieve secrets
+        id: retrieve-secrets
+        uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f
+        with:
+          keyvault: "bitwarden-prod-kv"
+          secrets: "github-pat-bitwarden-devops-bot-repo-scope"
+
+      - name: Extract branch name
+        id: extract_branch
+        shell: bash
+        run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
+
+      - name: Call GitHub API to trigger desktop build workflow
+        env:
+          TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}
+          BRANCH_NAME: ${{ steps.extract_branch.outputs.branch }}
+        run: |
+
+          JSON_STRING=$(printf '{"ref":"%s"}' "$BRANCH_NAME")
+
+          curl \
+            -X POST \
+            -i -u bitwarden-devops-bot:$TOKEN \
+            -H "Accept: application/vnd.github.v3+json" \
+            https://api.github.com/repos/bitwarden/clients/actions/workflows/build-desktop.yml/dispatches \
+            -d $JSON_STRING

  check-failures:
    name: Check for failures
@ -341,6 +381,7 @@ jobs:
      - build
      - build-safari
      - crowdin-push
+      - trigger-desktop-build
    steps:
      - name: Check if any job failed
        if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }}
@ -351,6 +392,7 @@ jobs:
          BUILD_STATUS: ${{ needs.build.result }}
          SAFARI_BUILD_STATUS: ${{ needs.build-safari.result }}
          CROWDIN_PUSH_STATUS: ${{ needs.crowdin-push.result }}
+          TRIGGER_DESKTOP_BUILD_STATUS:  ${{ needs.trigger-desktop-build.result }}
        run: |
          if [ "$CLOC_STATUS" = "failure" ]; then
              exit 1
@ -364,6 +406,8 @@ jobs:
              exit 1
          elif [ "$CROWDIN_PUSH_STATUS" = "failure" ]; then
              exit 1
+          elif [ "$TRIGGER_DESKTOP_BUILD_STATUS" = "failure" ]; then
+              exit 1
          fi

      - name: Login to Azure - Prod Subscription
--- a/.github/workflows/build-desktop.yml
+++ b/.github/workflows/build-desktop.yml
@ -633,6 +633,21 @@ jobs:
        if: steps.build-cache.outputs.cache-hit != 'true'
        run: npm run build

+      - name: Extract branch name
+        if: contains(github.ref, 'hotfix-rc')
+        id: extract_branch
+        shell: bash
+        run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
+
+      - name: Download artifact from hotfix-rc
+        if: contains(github.ref, 'hotfix-rc')
+        uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39  # v2.19.0
+        with:
+          workflow: build-browser.yml
+          workflow_conclusion: success
+          branch: ${{ steps.extract_branch.outputs.branch }}
+          path: ${{ github.workspace }}/browser-build-artifacts
+
      - name: Download artifact from rc
        if: github.ref == 'refs/heads/rc'
        uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39  # v2.19.0
@ -643,7 +658,7 @@ jobs:
          path: ${{ github.workspace }}/browser-build-artifacts

      - name: Download artifact from master
-        if: github.ref != 'refs/heads/rc'
+        if: ${{ github.ref != 'refs/heads/rc' && !contains(github.ref, 'hotfix-rc') }}
        uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39  # v2.19.0
        with:
          workflow: build-browser.yml
@ -824,6 +839,21 @@ jobs:
        if: steps.build-cache.outputs.cache-hit != 'true'
        run: npm run build

+      - name: Extract branch name
+        if: contains(github.ref, 'hotfix-rc')
+        id: extract_branch
+        shell: bash
+        run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})"
+
+      - name: Download artifact from hotfix-rc
+        if: contains(github.ref, 'hotfix-rc')
+        uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39  # v2.19.0
+        with:
+          workflow: build-browser.yml
+          workflow_conclusion: success
+          branch: ${{ steps.extract_branch.outputs.branch }}
+          path: ${{ github.workspace }}/browser-build-artifacts
+
      - name: Download artifact from rc
        if: github.ref == 'refs/heads/rc'
        uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39  # v2.19.0
@ -834,7 +864,7 @@ jobs:
          path: ${{ github.workspace }}/browser-build-artifacts

      - name: Download artifact from master
-        if: github.ref != 'refs/heads/rc'
+        if: ${{ github.ref != 'refs/heads/rc' && !contains(github.ref, 'hotfix-rc') }}
        uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39  # v2.19.0
        with:
          workflow: build-browser.yml