From f5adb0a7ae567f984ff8b93721c9e9cfb5704472 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Micha=C5=82=20Ch=C4=99ci=C5=84ski?= Date: Fri, 3 Jun 2022 22:48:22 +0200 Subject: [PATCH] Devops 818 trigger desktop on browser build (#2749) * Add trigger when browser build completes * Download artifacts from workflow run trigger * Fix branch quotes * Remove workflow run event trigger * Add trigger step for desktop build * Add current branch name for test purposes * Change the branch name * Add token retrieval from KeyVault * Revert "Change the branch name" This reverts commit 696157dc818b43f6380f77596ce58e8819239df3. * Fix json in request * Add printing variables * Change way of creating json string * Change name of kv secret --- .github/workflows/build-browser.yml | 44 +++++++++++++++++++++++++++++ .github/workflows/build-desktop.yml | 34 ++++++++++++++++++++-- 2 files changed, 76 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build-browser.yml b/.github/workflows/build-browser.yml index 9c7845cad2..9a8b9bff43 100644 --- a/.github/workflows/build-browser.yml +++ b/.github/workflows/build-browser.yml @@ -329,6 +329,46 @@ jobs: upload_sources: true upload_translations: false + trigger-desktop-build: + name: Trigger desktop build + if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') || contains(github.ref, 'hotfix-rc') }} + runs-on: ubuntu-20.04 + needs: + - build + - build-safari + steps: + + - name: Login to Azure + uses: Azure/login@ec3c14589bd3e9312b3cc8c41e6860e258df9010 + with: + creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} + + - name: Retrieve secrets + id: retrieve-secrets + uses: Azure/get-keyvault-secrets@b5c723b9ac7870c022b8c35befe620b7009b336f + with: + keyvault: "bitwarden-prod-kv" + secrets: "github-pat-bitwarden-devops-bot-repo-scope" + + - name: Extract branch name + id: extract_branch + shell: bash + run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" + + - name: Call GitHub API to trigger desktop build workflow + env: + TOKEN: ${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }} + BRANCH_NAME: ${{ steps.extract_branch.outputs.branch }} + run: | + + JSON_STRING=$(printf '{"ref":"%s"}' "$BRANCH_NAME") + + curl \ + -X POST \ + -i -u bitwarden-devops-bot:$TOKEN \ + -H "Accept: application/vnd.github.v3+json" \ + https://api.github.com/repos/bitwarden/clients/actions/workflows/build-desktop.yml/dispatches \ + -d $JSON_STRING check-failures: name: Check for failures @@ -341,6 +381,7 @@ jobs: - build - build-safari - crowdin-push + - trigger-desktop-build steps: - name: Check if any job failed if: ${{ (github.ref == 'refs/heads/master') || (github.ref == 'refs/heads/rc') }} @@ -351,6 +392,7 @@ jobs: BUILD_STATUS: ${{ needs.build.result }} SAFARI_BUILD_STATUS: ${{ needs.build-safari.result }} CROWDIN_PUSH_STATUS: ${{ needs.crowdin-push.result }} + TRIGGER_DESKTOP_BUILD_STATUS: ${{ needs.trigger-desktop-build.result }} run: | if [ "$CLOC_STATUS" = "failure" ]; then exit 1 @@ -364,6 +406,8 @@ jobs: exit 1 elif [ "$CROWDIN_PUSH_STATUS" = "failure" ]; then exit 1 + elif [ "$TRIGGER_DESKTOP_BUILD_STATUS" = "failure" ]; then + exit 1 fi - name: Login to Azure - Prod Subscription diff --git a/.github/workflows/build-desktop.yml b/.github/workflows/build-desktop.yml index 3e593a6b34..023778b9ca 100644 --- a/.github/workflows/build-desktop.yml +++ b/.github/workflows/build-desktop.yml @@ -633,6 +633,21 @@ jobs: if: steps.build-cache.outputs.cache-hit != 'true' run: npm run build + - name: Extract branch name + if: contains(github.ref, 'hotfix-rc') + id: extract_branch + shell: bash + run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" + + - name: Download artifact from hotfix-rc + if: contains(github.ref, 'hotfix-rc') + uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 + with: + workflow: build-browser.yml + workflow_conclusion: success + branch: ${{ steps.extract_branch.outputs.branch }} + path: ${{ github.workspace }}/browser-build-artifacts + - name: Download artifact from rc if: github.ref == 'refs/heads/rc' uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 @@ -643,7 +658,7 @@ jobs: path: ${{ github.workspace }}/browser-build-artifacts - name: Download artifact from master - if: github.ref != 'refs/heads/rc' + if: ${{ github.ref != 'refs/heads/rc' && !contains(github.ref, 'hotfix-rc') }} uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 with: workflow: build-browser.yml @@ -824,6 +839,21 @@ jobs: if: steps.build-cache.outputs.cache-hit != 'true' run: npm run build + - name: Extract branch name + if: contains(github.ref, 'hotfix-rc') + id: extract_branch + shell: bash + run: echo "##[set-output name=branch;]$(echo ${GITHUB_REF#refs/heads/})" + + - name: Download artifact from hotfix-rc + if: contains(github.ref, 'hotfix-rc') + uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 + with: + workflow: build-browser.yml + workflow_conclusion: success + branch: ${{ steps.extract_branch.outputs.branch }} + path: ${{ github.workspace }}/browser-build-artifacts + - name: Download artifact from rc if: github.ref == 'refs/heads/rc' uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 @@ -834,7 +864,7 @@ jobs: path: ${{ github.workspace }}/browser-build-artifacts - name: Download artifact from master - if: github.ref != 'refs/heads/rc' + if: ${{ github.ref != 'refs/heads/rc' && !contains(github.ref, 'hotfix-rc') }} uses: dawidd6/action-download-artifact@b2abf1705491048a2d7074f7d90513044fd25d39 # v2.19.0 with: workflow: build-browser.yml