Simon/self-host
1
0
Fork 0
mirror of https://github.com/bitwarden/self-host.git synced 2026-06-28 14:25:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
67261cc892c1b31bbb4395e2df733f7318762e6f
self-host/.github/workflows/release-digital-ocean.yml
Kyle Spearrin a7aadf07b8 Fix marketplace image versioning by passing release version from release pipeline (#485) 
* Fix azure release version

* fix all

* use env vars
2026-04-02 20:26:18 -04:00

169 lines
6.2 KiB
YAML
Raw Blame History

name: Release Digital Ocean 1-Click
on:
push:
paths:
- "DigitalOceanMarketplace/**"
- "CommonMarketplace/**"
workflow_dispatch:
inputs:
release_version:
description: "Release version (e.g., 2026.3.2)"
required: false
type: string
concurrency:
group: ${{ github.workflow }}
cancel-in-progress: false
permissions:
contents: read
jobs:
build-image:
name: Build Image
runs-on: ubuntu-24.04
timeout-minutes: 90
permissions:
contents: read
id-token: write
steps:
- name: Checkout repo
uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
with:
persist-credentials: false
- name: Log in to Azure
uses: bitwarden/gh-actions/azure-login@main
with:
subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
tenant_id: ${{ secrets.AZURE_TENANT_ID }}
client_id: ${{ secrets.AZURE_CLIENT_ID }}
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: "bitwarden-ci"
secrets: "digital-ocean-api-key"
- name: Log out from Azure
uses: bitwarden/gh-actions/azure-logout@main
- name: Set version
id: set-version
env:
RELEASE_VERSION: ${{ inputs.release_version }}
run: |
VERSION=$(jq -r '.versions.coreVersion' version.json)
if [[ -z "$VERSION" ]]; then
echo "ERROR: Failed to extract coreVersion from version.json"
exit 1
fi
echo "version=$VERSION" >> "$GITHUB_OUTPUT"
# Use the release version input when dispatched from the release
# pipeline. Fall back to coreVersion for other builds.
if [[ -n "$RELEASE_VERSION" ]]; then
echo "img_version=$RELEASE_VERSION" >> "$GITHUB_OUTPUT"
else
echo "img_version=$VERSION" >> "$GITHUB_OUTPUT"
fi
- name: Set up Hashicorp Packer
uses: hashicorp/setup-packer@1aa358be5cf73883762b302a3a03abd66e75b232 # v3.1.0
- name: Build Digital Ocean Image
env:
DIGITALOCEAN_TOKEN: ${{ steps.retrieve-secrets.outputs.digital-ocean-api-key }}
DIGITALOCEAN_IMG_VERSION: ${{ steps.set-version.outputs.img_version }}
working-directory: ./DigitalOceanMarketplace
run: |
packer version
packer init -upgrade marketplace-image.pkr.hcl
packer build marketplace-image.pkr.hcl
- name: Install doctl
uses: digitalocean/action-doctl@135ac0aa0eed4437d547c6f12c364d3006b42824 # v2.5.1
with:
token: ${{ steps.retrieve-secrets.outputs.digital-ocean-api-key }}
- name: Cleanup orphaned droplets on cancellation
if: cancelled()
run: |
echo "Workflow cancelled - cleaning up any orphaned droplets..."
# Write to workflow summary
echo "## :warning: Workflow Cancelled - Droplet Cleanup" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "Searching for orphaned droplets with tag: \`github-run-${{ github.run_id }}\`" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Find droplets with our workflow run tag
DROPLET_IDS=$(doctl compute droplet list \
--tag-name "github-run-${{ github.run_id }}" \
--format ID \
--no-header)
if [ -n "$DROPLET_IDS" ]; then
echo "Found orphaned droplets: $DROPLET_IDS"
echo "### Orphaned Droplets Found and Deleted" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "| Droplet ID | Status |" >> $GITHUB_STEP_SUMMARY
echo "|------------|--------|" >> $GITHUB_STEP_SUMMARY
for DROPLET_ID in $DROPLET_IDS; do
echo "Deleting droplet $DROPLET_ID..."
if doctl compute droplet delete "$DROPLET_ID" --force; then
echo "| $DROPLET_ID | :white_check_mark: Deleted |" >> $GITHUB_STEP_SUMMARY
else
echo "| $DROPLET_ID | :x: Failed to delete |" >> $GITHUB_STEP_SUMMARY
fi
done
echo "" >> $GITHUB_STEP_SUMMARY
echo ":white_check_mark: Cleanup complete" >> $GITHUB_STEP_SUMMARY
else
echo "No orphaned droplets found"
echo ":white_check_mark: No orphaned droplets found - nothing to clean up" >> $GITHUB_STEP_SUMMARY
fi
- name: Add build summary
if: success()
env:
VERSION: ${{ steps.set-version.outputs.version }}
working-directory: ./DigitalOceanMarketplace
run: |
echo "## :rocket: Digital Ocean Image Build Complete" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Version:** ${VERSION}" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
# Get artifact details from manifest
if [ -f manifest.json ]; then
SNAPSHOT_ID=$(jq -r '.builds[-1].artifact_id' manifest.json | cut -d ":" -f2)
SNAPSHOT_NAME=$(jq -r '.builds[-1].custom_data.snapshot_name // "N/A"' manifest.json)
echo "**Snapshot ID:** \`$SNAPSHOT_ID\`" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo "**Snapshot Name:** \`$SNAPSHOT_NAME\`" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
fi
echo ":white_check_mark: Packer build droplet was automatically cleaned up" >> $GITHUB_STEP_SUMMARY
- name: Digital Ocean Image Cleanup
working-directory: ./DigitalOceanMarketplace
if: ${{ inputs.release_version == '' }}
run: |
# Get the ID from the snapshot build.
DO_ARTIFACT=$(jq -r '.builds[-1].artifact_id' manifest.json | cut -d ":" -f2)
# Force remove the snapshot
doctl compute image delete "$DO_ARTIFACT" -f
# Update summary for non-release builds
echo "" >> $GITHUB_STEP_SUMMARY
echo "---" >> $GITHUB_STEP_SUMMARY
echo "" >> $GITHUB_STEP_SUMMARY
echo ":wastebasket: **Non-release build:** Snapshot \`$DO_ARTIFACT\` was automatically cleaned up" >> $GITHUB_STEP_SUMMARY
Reference in New Issue View Git Blame Copy Permalink