19
19
jobs :
20
20
lint :
21
21
name : Lint
22
- runs-on : ubuntu-22 .04
22
+ runs-on : ubuntu-24 .04
23
23
steps :
24
24
- name : Check out repo
25
25
uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -33,46 +33,62 @@ jobs:
33
33
run : dotnet format --verify-no-changes
34
34
35
35
build-artifacts :
36
- name : Build artifacts
37
- runs-on : ubuntu-22 .04
36
+ name : Build Docker images
37
+ runs-on : ubuntu-24 .04
38
38
needs :
39
39
- lint
40
40
outputs :
41
41
has_secrets : ${{ steps.check-secrets.outputs.has_secrets }}
42
+ permissions :
43
+ security-events : write
44
+ id-token : write
42
45
strategy :
43
46
fail-fast : false
44
47
matrix :
45
48
include :
46
49
- project_name : Admin
47
50
base_path : ./src
51
+ dotnet : true
48
52
node : true
49
53
- project_name : Api
50
54
base_path : ./src
55
+ dotnet : true
56
+ - project_name : Attachments
57
+ base_path : ./util
51
58
- project_name : Billing
52
59
base_path : ./src
60
+ dotnet : true
53
61
- project_name : Events
54
62
base_path : ./src
63
+ dotnet : true
55
64
- project_name : EventsProcessor
56
65
base_path : ./src
66
+ dotnet : true
57
67
- project_name : Icons
58
68
base_path : ./src
69
+ dotnet : true
59
70
- project_name : Identity
60
71
base_path : ./src
72
+ dotnet : true
73
+ - project_name : MsSql
74
+ base_path : ./util
61
75
- project_name : MsSqlMigratorUtility
62
76
base_path : ./util
63
77
dotnet : true
78
+ - project_name : Nginx
79
+ base_path : ./util
64
80
- project_name : Notifications
65
81
base_path : ./src
82
+ dotnet : true
66
83
- project_name : Scim
67
84
base_path : ./bitwarden_license/src
68
85
dotnet : true
69
- - project_name : Server
70
- base_path : ./util
71
86
- project_name : Setup
72
87
base_path : ./util
88
+ dotnet : true
73
89
- project_name : Sso
74
90
base_path : ./bitwarden_license/src
75
- node : true
91
+ dotnet : true
76
92
steps :
77
93
- name : Check secrets
78
94
id : check-secrets
@@ -87,6 +103,18 @@ jobs:
87
103
with :
88
104
ref : ${{ github.event.pull_request.head.sha }}
89
105
106
+ - name : Check branch to publish
107
+ env :
108
+ PUBLISH_BRANCHES : " main,rc,hotfix-rc"
109
+ id : publish-branch-check
110
+ run : |
111
+ IFS="," read -a publish_branches <<< $PUBLISH_BRANCHES
112
+ if [[ " ${publish_branches[*]} " =~ " ${GITHUB_REF:11} " ]]; then
113
+ echo "is_publish_branch=true" >> $GITHUB_ENV
114
+ else
115
+ echo "is_publish_branch=false" >> $GITHUB_ENV
116
+ fi
117
+
90
118
- name : Set up .NET
91
119
uses : actions/setup-dotnet@87b7050bc53ea08284295505d98d2aa94301e852 # v4.2.0
92
120
@@ -115,6 +143,7 @@ jobs:
115
143
116
144
- name : Publish project
117
145
working-directory : ${{ matrix.base_path }}/${{ matrix.project_name }}
146
+ if : ${{ matrix.dotnet }}
118
147
run : |
119
148
echo "Publish"
120
149
dotnet publish -c "Release" -o obj/build-output/publish
@@ -128,87 +157,18 @@ jobs:
128
157
129
158
- name : Upload project artifact
130
159
uses : actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
160
+ if : ${{ matrix.dotnet }}
131
161
with :
132
162
name : ${{ matrix.project_name }}.zip
133
163
path : ${{ matrix.base_path }}/${{ matrix.project_name }}/${{ matrix.project_name }}.zip
134
164
if-no-files-found : error
135
165
136
- build-docker :
137
- name : Build Docker images
138
- runs-on : ubuntu-22.04
139
- permissions :
140
- security-events : write
141
- id-token : write
142
- needs :
143
- - build-artifacts
144
- if : ${{ needs.build-artifacts.outputs.has_secrets == 'true' }}
145
- strategy :
146
- fail-fast : false
147
- matrix :
148
- include :
149
- - project_name : Admin
150
- base_path : ./src
151
- dotnet : true
152
- - project_name : Api
153
- base_path : ./src
154
- dotnet : true
155
- - project_name : Attachments
156
- base_path : ./util
157
- - project_name : Billing
158
- base_path : ./src
159
- dotnet : true
160
- - project_name : Events
161
- base_path : ./src
162
- dotnet : true
163
- - project_name : EventsProcessor
164
- base_path : ./src
165
- dotnet : true
166
- - project_name : Icons
167
- base_path : ./src
168
- dotnet : true
169
- - project_name : Identity
170
- base_path : ./src
171
- dotnet : true
172
- - project_name : MsSql
173
- base_path : ./util
174
- - project_name : MsSqlMigratorUtility
175
- base_path : ./util
176
- dotnet : true
177
- - project_name : Nginx
178
- base_path : ./util
179
- - project_name : Notifications
180
- base_path : ./src
181
- dotnet : true
182
- - project_name : Scim
183
- base_path : ./bitwarden_license/src
184
- dotnet : true
185
- - project_name : Server
186
- base_path : ./util
187
- dotnet : true
188
- - project_name : Setup
189
- base_path : ./util
190
- dotnet : true
191
- - project_name : Sso
192
- base_path : ./bitwarden_license/src
193
- dotnet : true
194
- steps :
195
- - name : Check out repo
196
- uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
197
- with :
198
- ref : ${{ github.event.pull_request.head.sha }}
166
+ # ######### Set up Docker ##########
167
+ - name : Set up QEMU emulators
168
+ uses : docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0
199
169
200
- - name : Check branch to publish
201
- env :
202
- PUBLISH_BRANCHES : " main,rc,hotfix-rc"
203
- id : publish-branch-check
204
- run : |
205
- IFS="," read -a publish_branches <<< $PUBLISH_BRANCHES
206
-
207
- if [[ " ${publish_branches[*]} " =~ " ${GITHUB_REF:11} " ]]; then
208
- echo "is_publish_branch=true" >> $GITHUB_ENV
209
- else
210
- echo "is_publish_branch=false" >> $GITHUB_ENV
211
- fi
170
+ - name : Set up Docker Buildx
171
+ uses : docker/setup-buildx-action@f95db51fddba0c2d1ec667646a06c2ce06100226 # v3.0.0
212
172
213
173
# ######### ACRs ##########
214
174
- name : Log in to Azure - production subscription
@@ -277,26 +237,24 @@ jobs:
277
237
fi
278
238
echo "tags=$TAGS" >> $GITHUB_OUTPUT
279
239
280
- - name : Get build artifact
281
- if : ${{ matrix.dotnet }}
282
- uses : actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 # v4.1.8
283
- with :
284
- name : ${{ matrix.project_name }}.zip
285
-
286
- - name : Set up build artifact
287
- if : ${{ matrix.dotnet }}
288
- run : |
289
- mkdir -p ${{ matrix.base_path}}/${{ matrix.project_name }}/obj/build-output/publish
290
- unzip ${{ matrix.project_name }}.zip \
291
- -d ${{ matrix.base_path }}/${{ matrix.project_name }}/obj/build-output/publish
240
+ - name : Generate image full name
241
+ id : cache-name
242
+ env :
243
+ PROJECT_NAME : ${{ steps.setup.outputs.project_name }}
244
+ run : echo "name=${_AZ_REGISTRY}/${PROJECT_NAME}:buildcache" >> $GITHUB_OUTPUT
292
245
293
246
- name : Build Docker image
294
- id : build-docker
247
+ id : build-artifacts
295
248
uses : docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
296
249
with :
297
- context : ${{ matrix.base_path }}/${{ matrix.project_name }}
250
+ cache-from : type=registry,ref=${{ steps.cache-name.outputs.name }}
251
+ cache-to : type=registry,ref=${{ steps.cache-name.outputs.name}},mode=max
252
+ context : .
298
253
file : ${{ matrix.base_path }}/${{ matrix.project_name }}/Dockerfile
299
- platforms : linux/amd64
254
+ platforms : |
255
+ linux/amd64,
256
+ linux/arm/v7,
257
+ linux/arm64
300
258
push : true
301
259
tags : ${{ steps.image-tags.outputs.tags }}
302
260
secrets : |
@@ -309,7 +267,7 @@ jobs:
309
267
- name : Sign image with Cosign
310
268
if : github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
311
269
env :
312
- DIGEST : ${{ steps.build-docker .outputs.digest }}
270
+ DIGEST : ${{ steps.build-artifacts .outputs.digest }}
313
271
TAGS : ${{ steps.image-tags.outputs.tags }}
314
272
run : |
315
273
IFS="," read -a tags <<< "${TAGS}"
@@ -336,8 +294,8 @@ jobs:
336
294
337
295
upload :
338
296
name : Upload
339
- runs-on : ubuntu-22 .04
340
- needs : build-docker
297
+ runs-on : ubuntu-24 .04
298
+ needs : build-artifacts
341
299
steps :
342
300
- name : Check out repo
343
301
uses : actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
@@ -512,7 +470,7 @@ jobs:
512
470
513
471
build-mssqlmigratorutility :
514
472
name : Build MSSQL migrator utility
515
- runs-on : ubuntu-22 .04
473
+ runs-on : ubuntu-24 .04
516
474
needs :
517
475
- lint
518
476
defaults :
@@ -568,9 +526,9 @@ jobs:
568
526
if : |
569
527
github.event_name != 'pull_request'
570
528
&& (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/rc' || github.ref == 'refs/heads/hotfix-rc')
571
- runs-on : ubuntu-22 .04
529
+ runs-on : ubuntu-24 .04
572
530
needs :
573
- - build-docker
531
+ - build-artifacts
574
532
steps :
575
533
- name : Log in to Azure - CI subscription
576
534
uses : Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
@@ -604,7 +562,7 @@ jobs:
604
562
if : github.event_name != 'pull_request' && github.ref == 'refs/heads/main'
605
563
runs-on : ubuntu-22.04
606
564
needs :
607
- - build-docker
565
+ - build-artifacts
608
566
steps :
609
567
- name : Log in to Azure - CI subscription
610
568
uses : Azure/login@e15b166166a8746d1a47596803bd8c1b595455cf # v1.6.0
@@ -638,7 +596,6 @@ jobs:
638
596
name : Setup Ephemeral Environment
639
597
needs :
640
598
- build-artifacts
641
- - build-docker
642
599
if : |
643
600
needs.build-artifacts.outputs.has_secrets == 'true'
644
601
&& github.event_name == 'pull_request'
@@ -656,7 +613,6 @@ jobs:
656
613
needs :
657
614
- lint
658
615
- build-artifacts
659
- - build-docker
660
616
- upload
661
617
- build-mssqlmigratorutility
662
618
- self-host-build
0 commit comments