name: Build on: workflow_dispatch: inputs: custom_tag_extension: description: "Custom image tag extension" required: false push: branches-ignore: - 'l10n_master' - 'gh-pages' jobs: cloc: name: CLOC runs-on: ubuntu-latest steps: - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - name: Set up cloc run: | sudo apt update sudo apt -y install cloc - name: Print lines of code run: cloc --include-lang TypeScript,JavaScript,HTML,Sass,CSS --vcs git build-selfhost: name: Build SelfHost Docker image runs-on: ubuntu-latest steps: - name: Set up Node uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea with: node-version: '14' - name: Update NPM run: | npm install -g npm@7 - name: Cache npm id: npm-cache uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 with: path: '~/.npm' key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }} - name: Print environment run: | whoami node --version npm --version gulp --version docker --version echo "GitHub ref: $GITHUB_REF" echo "GitHub event: $GITHUB_EVENT" - name: Login to Azure if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a with: creds: ${{ secrets.AZURE_PROD_KV_CREDENTIALS }} - name: Retrieve secrets if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' id: retrieve-secrets uses: Azure/get-keyvault-secrets@80ccd3fafe5662407cc2e55f202ee34bfff8c403 with: keyvault: "bitwarden-prod-kv" secrets: "docker-password, docker-username, dct-delegate-2-repo-passphrase, dct-delegate-2-key" - name: Log into Docker if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' run: echo "$DOCKER_PASSWORD" | docker login -u "$DOCKER_USERNAME" --password-stdin env: DOCKER_USERNAME: ${{ steps.retrieve-secrets.outputs.docker-username }} DOCKER_PASSWORD: ${{ steps.retrieve-secrets.outputs.docker-password }} - name: Setup Docker Trust if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' run: | mkdir -p ~/.docker/trust/private echo "$DCT_DELEGATE_KEY" > ~/.docker/trust/private/$DCT_DELEGATION_KEY_ID.key env: DCT_DELEGATION_KEY_ID: "c9bde8ec820701516491e5e03d3a6354e7bd66d05fa3df2b0062f68b116dc59c" DCT_DELEGATE_KEY: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-key }} - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - name: Restore run: dotnet tool restore - name: Install dependencies run: npm install - name: Build run: | echo -e "# Building Web\n" echo "Building app" echo "npm version $(npm --version)" npm run dist:selfhost echo -e "\nBuilding Docker image" docker --version docker build -t bitwarden/web . - name: Tag rc branch if: github.ref == 'refs/heads/rc' run: docker tag bitwarden/web bitwarden/web:rc - name: Tag dev if: github.ref == 'refs/heads/master' run: docker tag bitwarden/web bitwarden/web:dev - name: List Docker images if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' run: docker images - name: Push rc images if: github.ref == 'refs/heads/rc' run: docker push bitwarden/web:rc env: DOCKER_CONTENT_TRUST: 1 DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }} - name: Push dev images if: github.ref == 'refs/heads/master' run: docker push bitwarden/web:dev env: DOCKER_CONTENT_TRUST: 1 DOCKER_CONTENT_TRUST_REPOSITORY_PASSPHRASE: ${{ steps.retrieve-secrets.outputs.dct-delegate-2-repo-passphrase }} - name: Log out of Docker if: github.ref == 'refs/heads/master' || github.ref == 'refs/heads/rc' run: docker logout build-qa: name: Build QA Docker image runs-on: ubuntu-latest steps: - name: Set up Node uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea with: node-version: '14' - name: Update NPM run: | npm install -g npm@7 - name: Cache npm id: npm-cache uses: actions/cache@c64c572235d810460d0d6876e9c705ad5002b353 # v2.1.6 with: path: '~/.npm' key: ${{ runner.os }}-${{ github.run_id }}-npm-${{ hashFiles('**/package-lock.json') }} - name: Print environment run: | whoami node --version npm --version gulp --version docker --version echo "GitHub ref: $GITHUB_REF" echo "GitHub event: $GITHUB_EVENT" - name: Login to Azure uses: Azure/login@77f1b2e3fb80c0e8645114159d17008b8a2e475a with: creds: ${{ secrets.AZURE_QA_KV_CREDENTIALS }} - name: Log into container registry run: az acr login -n bitwardenqa - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - name: Restore run: dotnet tool restore - name: Install dependencies run: npm ci - name: Build run: | echo -e "# Building Web\n" echo "Building app" echo "npm version $(npm --version)" npm run build:qa echo -e "\nBuilding Docker image" docker --version docker build -t bitwardenqa.azurecr.io/web . - name: Get image tag id: image_tag run: | IMAGE_TAG=$(echo "$GITHUB_REF" | awk '{split($0, a, "/"); print a[3];}') TAG_EXTENSION=${{ github.events.inputs.custom_tag_extension }} if [[ $TAG_EXTENSION ]]; then IMAGE_TAG=$IMAGE_TAG-$TAG_EXTENSION fi echo "::set-output name=value::$IMAGE_TAG" - name: Tag image env: IMAGE_TAG: ${{ steps.image_tag.outputs.value }} run: docker tag bitwardenqa.azurecr.io/web "bitwardenqa.azurecr.io/web:$IMAGE_TAG" - name: Tag dev if: github.ref == 'refs/heads/master' run: docker tag bitwardenqa.azurecr.io/web bitwardenqa.azurecr.io/web:dev - name: List Docker images run: docker images - name: Push image env: IMAGE_TAG: ${{ steps.image_tag.outputs.value }} run: docker push "bitwardenqa.azurecr.io/web:$IMAGE_TAG" - name: Push dev images if: github.ref == 'refs/heads/master' run: docker push bitwardenqa.azurecr.io/web:dev - name: Log out of Docker run: docker logout windows: name: Test code on Windows runs-on: windows-latest steps: - name: Set up NuGet uses: nuget/setup-nuget@04b0c2b8d1b97922f67eca497d7cf0bf17b8ffe1 with: nuget-version: 'latest' - name: Set up MSBuild uses: microsoft/setup-msbuild@c26a08ba26249b81327e26f6ef381897b6a8754d - name: Set up Node uses: actions/setup-node@46071b5c7a2e0c34e49c3cb8a0e792e86e18d5ea with: node-version: '14' - name: Update NPM run: | npm install -g npm@7 - name: Print environment run: | nuget help | grep Version msbuild -version dotnet --info node --version npm --version echo "GitHub ref: $GITHUB_REF" echo "GitHub event: $GITHUB_EVENT" env: GITHUB_REF: ${{ github.ref }} GITHUB_EVENT: ${{ github.event_name }} - name: Checkout repo uses: actions/checkout@5a4ac9002d0be2fb38bd78e4b4dbde5606d7042f - name: npm install run: npm install - name: npm build run: npm run build:prod