GitHub-Bitwarden
/
self-host
mirror of https://github.com/bitwarden/self-host.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Add WEB_ARTIFACT_PATH with ability to consume a local web artifact (#411)

pull/413/head
MtnBurrit0 3 months ago committed by GitHub
parent
e6cc283fff
commit
84237d1649
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 51 additions and 13 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 28
      .github/workflows/build-unified.yml
  2. 36
      docker-unified/Dockerfile

28
.github/workflows/build-unified.yml
Unescape View File

@ -11,6 +11,10 @@ on:
description: "Server branch name to deploy (examples: 'main', 'rc', 'feature/sm')" description: "Server branch name to deploy (examples: 'main', 'rc', 'feature/sm')"
type: string type: string
default: main default: main
web_branch:
description: "Web client branch name to deploy (examples: 'main', 'rc', 'feature/sm')"
type: string
default: main
use_latest_core_version: use_latest_core_version:
description: "Use the latest core version from versions.json instead of branch" description: "Use the latest core version from versions.json instead of branch"
type: boolean type: boolean
@ -159,6 +163,26 @@ jobs:
ref: ${{ steps.server-branch-name.outputs.server_ref }} ref: ${{ steps.server-branch-name.outputs.server_ref }}
path: "server" path: "server"
- name: Download web client branch artifacts for dev builds
if: steps.tag.outputs.image_tag == 'dev'
uses: bitwarden/gh-actions/download-artifacts@main
with:
github_token: ${{ steps.app-token.outputs.token }}
workflow: build-web.yml
workflow_conclusion: success
branch: ${{ inputs.web_branch }}
repo: bitwarden/clients
artifacts: "web-*-selfhosted-DEV.zip"
- name: Set web artifact path for dev builds
if: steps.tag.outputs.image_tag == 'dev'
id: set-web-artifact-path
run: |
WEB_ARTIFACT=$(find . -name "web-*-selfhosted-DEV.zip" | head -1)
if [[ -n "${WEB_ARTIFACT}" ]]; then
echo "WEB_ARTIFACT_PATH=${WEB_ARTIFACT}" >> $GITHUB_ENV
fi
- name: Build and push Docker image - name: Build and push Docker image
id: build-docker id: build-docker
uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0 uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
@ -171,6 +195,8 @@ jobs:
linux/arm64/v8 linux/arm64/v8
push: true push: true
tags: ${{ steps.tag-list.outputs.tags }} tags: ${{ steps.tag-list.outputs.tags }}
build-args: |
WEB_ARTIFACT_PATH=${{ env.WEB_ARTIFACT_PATH }}
- name: Install Cosign - name: Install Cosign
if: env.is_publish_branch == 'true' if: env.is_publish_branch == 'true'
@ -215,7 +241,7 @@ jobs:
ref: ${{ contains(github.event_name, 'pull_request') && format('refs/pull/{0}/head', github.event.pull_request.number) || github.ref }} ref: ${{ contains(github.event_name, 'pull_request') && format('refs/pull/{0}/head', github.event.pull_request.number) || github.ref }}
- name: Log out of Docker - name: Log out of Docker
if: ${{ env.is_publish_branch == 'true' }} if: env.is_publish_branch == 'true'
run: | run: |
docker logout ghcr.io docker logout ghcr.io
docker logout $_AZ_REGISTRY docker logout $_AZ_REGISTRY

36
docker-unified/Dockerfile
Unescape View File

@ -3,6 +3,7 @@
# Build stage # # Build stage #
############################################### ###############################################
FROM --platform=$BUILDPLATFORM alpine:3.21 AS web-setup FROM --platform=$BUILDPLATFORM alpine:3.21 AS web-setup
ARG WEB_ARTIFACT_PATH
# Add packages # Add packages
RUN apk add --no-cache \ RUN apk add --no-cache \
@ -14,21 +15,32 @@ RUN apk add --no-cache \
WORKDIR /tmp WORKDIR /tmp
# Grab last tag/release of the 'web' client # Grab last tag/release of the 'web' client
RUN git ls-remote --tags https://github.com/bitwarden/clients.git | grep refs/tags/web | cut -d/ -f3 | sort -Vr | head -1 > tag.txt RUN if [ -z "${WEB_ARTIFACT_PATH}" ]; then \
git ls-remote --tags https://github.com/bitwarden/clients.git | grep refs/tags/web | cut -d/ -f3 | sort -Vr | head -1 > tag.txt; \
RUN cat tag.txt fi
# Extract the version of the 'web' client # Extract the version of the 'web' client
RUN cat tag.txt | grep -o -E "[0-9]{4}\.[0-9]{1,2}\.[0-9]+" > version.txt RUN if [ -z "${WEB_ARTIFACT_PATH}" ]; then \
cat tag.txt | grep -o -E "[0-9]{4}\.[0-9]{1,2}\.[0-9]+" > version.txt; \
fi
# Download the built release artifact for the 'web' client # Download the built release artifact for the 'web' client
RUN TAG=$(cat tag.txt) \ RUN if [ -z "${WEB_ARTIFACT_PATH}" ]; then \
&& VERSION=$(cat version.txt) \ TAG=$(cat tag.txt) \
&& curl --proto "=https" -L https://github.com/bitwarden/clients/releases/download/$TAG/web-$VERSION-selfhosted-COMMERCIAL.zip -O && VERSION=$(cat version.txt) \
&& curl --proto "=https" -L https://github.com/bitwarden/clients/releases/download/$TAG/web-$VERSION-selfhosted-COMMERCIAL.zip -O; \
fi
# Copy provided web artifact if available
COPY ${WEB_ARTIFACT_PATH}* /tmp/
# Unzip the 'web' client to /tmp/build # Unzip the 'web' client to /tmp/build
RUN VERSION=$(cat version.txt) \ RUN if [ -z "${WEB_ARTIFACT_PATH}" ]; then \
&& unzip web-$VERSION-selfhosted-COMMERCIAL.zip VERSION=$(cat version.txt) \
&& unzip web-$VERSION-selfhosted-COMMERCIAL.zip; \
else \
unzip ${WEB_ARTIFACT_PATH} -d /tmp/; \
fi
############################################### ###############################################
# Build stage # # Build stage #
@ -41,11 +53,11 @@ ARG TARGETPLATFORM
# Determine proper runtime value for .NET # Determine proper runtime value for .NET
# We put the value in a file to be read by later layers. # We put the value in a file to be read by later layers.
RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \ RUN if [ "$TARGETPLATFORM" = "linux/amd64" ]; then \
RID=linux-musl-x64 ; \ RID=linux-musl-x64 ; \
elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \ elif [ "$TARGETPLATFORM" = "linux/arm64" ]; then \
RID=linux-musl-arm64 ; \ RID=linux-musl-arm64 ; \
elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \ elif [ "$TARGETPLATFORM" = "linux/arm/v7" ]; then \
RID=linux-musl-arm ; \ RID=linux-musl-arm ; \
fi \ fi \
&& echo "RID=$RID" > /tmp/rid.txt && echo "RID=$RID" > /tmp/rid.txt

Write Preview
Loading…
Cancel
Save