--- name: Deploy Web to EU-QA Cloud on: workflow_dispatch: inputs: tag: description: "Branch name to deploy (examples: 'main', 'feature/sm')" required: true type: string default: main jobs: notify-start: name: Notify Slack with start message runs-on: ubuntu-22.04 if: always() steps: - uses: bitwarden/gh-actions/report-deployment-status-to-slack@main with: project: Web environment: EU QA Cloud tag: ${{ github.ref_name }} slack-channel: team-eng-qa-devops event: 'start' url: https://github.com/bitwarden/clients/actions/runs/${{ github.run_id }} AZURE_KV_CI_SERVICE_PRINCIPAL: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }} azure-deploy: name: Deploy to Azure runs-on: ubuntu-22.04 env: _WEB_ARTIFACT: "web-*-cloud-euqa.zip" steps: - name: Login to Azure - EU Subscription uses: Azure/login@92a5484dfaf04ca78a94597f4f19fea633851fa2 # v1.4.7 with: creds: ${{ secrets.AZURE_KV_EU_QA_SERVICE_PRINCIPAL }} - name: Retrieve Storage Account connection string id: retrieve-secrets uses: bitwarden/gh-actions/get-keyvault-secrets@main with: keyvault: webvaulteu-westeurope-qa secrets: "sa-bitwarden-web-vault-dev-key-temp" - name: Download latest cloud asset uses: bitwarden/gh-actions/download-artifacts@main with: workflow: build-web.yml path: apps/web workflow_conclusion: success branch: ${{ github.event.inputs.tag }} artifacts: ${{ env._WEB_ARTIFACT }} - name: Unzip build asset working-directory: apps/web run: unzip ${{ env._WEB_ARTIFACT }} - name: Empty container in Storage Account run: | az storage blob delete-batch \ --source '$web' \ --pattern '*' \ --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" - name: Deploy to Azure Storage Account working-directory: apps/web run: | az storage blob upload-batch \ --source "./build" \ --destination '$web' \ --connection-string "${{ steps.retrieve-secrets.outputs.sa-bitwarden-web-vault-dev-key-temp }}" \ --overwrite \ --no-progress notify: name: Notify Slack with result runs-on: ubuntu-22.04 if: always() needs: azure-deploy steps: - uses: bitwarden/gh-actions/report-deployment-status-to-slack@main with: project: Web environment: EU QA Cloud tag: ${{ github.event.inputs.tag }} slack-channel: team-eng-qa-devops event: ${{ needs.azure-deploy.result }} url: https://github.com/bitwarden/devops/actions/runs/${{ github.run_id }} AZURE_KV_CI_SERVICE_PRINCIPAL: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}