From babd7a7c95a2956ac25cf860e7cbf19fc7ac9663 Mon Sep 17 00:00:00 2001
From: Alex Urbina <aurbina@bitwarden.com>
Date: Wed, 15 Nov 2023 21:29:00 -0500
Subject: [PATCH] DEVOPS-1581 ADD: azure-deploy job to non-prod-web workflow

---
 .github/workflows/deploy-non-prod-web.yml | 48 +++++++++++++++++++++++
 1 file changed, 48 insertions(+)

diff --git a/.github/workflows/deploy-non-prod-web.yml b/.github/workflows/deploy-non-prod-web.yml
index b1df20b189..70ae57e582 100644
--- a/.github/workflows/deploy-non-prod-web.yml
+++ b/.github/workflows/deploy-non-prod-web.yml
@@ -171,6 +171,54 @@ jobs:
           state: 'failure'
           deployment-id: ${{ steps.deployment.outputs.deployment_id }}
 
+  azure-deploy:
+    name: Deploy to Azure
+    runs-on: ubuntu-22.04
+    env:
+      _WEB_ARTIFACT: "web-*-cloud-euqa.zip"
+    steps:
+      - name: Login to Azure - EU Subscription
+        uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7
+        with:
+          creds: ${{ secrets.AZURE_KV_EU_QA_SERVICE_PRINCIPAL }}
+
+      - name: Retrieve Storage Account connection string
+        id: retrieve-secrets
+        uses: bitwarden/gh-actions/get-keyvault-secrets@main
+        with:
+          keyvault: webvaulteu-westeurope-qa
+          secrets: "sa-bitwarden-web-vault-dev-key-temp"
+
+      - name: Download latest cloud asset
+        uses: bitwarden/gh-actions/download-artifacts@main
+        with:
+          workflow: build-web.yml
+          path: apps/web
+          workflow_conclusion: success
+          branch: ${{ github.event.inputs.tag }}
+          artifacts: ${{ env._WEB_ARTIFACT }}
+
+      - name: Unzip build asset
+        working-directory: apps/web
+        run: unzip ${{ env._WEB_ARTIFACT }}
+
+      - name: Empty container in Storage Account
+        run: |
+          az storage blob delete-batch \
+            --source '$web' \
+            --pattern '*' \
+            --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}"
+
+      - name: Deploy to Azure Storage Account
+        working-directory: apps/web
+        run: |
+          az storage blob upload-batch \
+            --source "./build" \
+            --destination '$web' \
+            --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \
+            --overwrite \
+            --no-progress
+
   notify:
     name: Notify Slack with result
     runs-on: ubuntu-22.04