Skip to content
Ephemeral Environment Manager

Ephemeral Environment - BRE-demo-ee-01 #1

Sign in to view logs

Ephemeral Environment - BRE-demo-ee-01

Ephemeral Environment - BRE-demo-ee-01 #1

Workflow file for this run

.github/workflows/_ephemeral_environment_manager.yml at 9432784
name: Ephemeral Environment Manager
run-name: Ephemeral Environment - ${{ inputs.ephemeral_env_branch }}
on:
workflow_call:
inputs:
ephemeral_env_branch:
required: true
type: string
project:
type: string
default: server
cleanup_config:
type: boolean
sync_environment:
type: boolean
pull_request_number:
type: number
workflow_dispatch:
inputs:
ephemeral_env_branch:
type: string
required: true
project:
type: string
default: server
cleanup_config:
type: boolean
sync_environment:
type: boolean
pull_request_number:
type: number
env:
_KEY_VAULT: bitwarden-ci
_BOT_NAME: bitwarden-devops-bot
jobs:
check-run:
name: Check PR run
uses: ./.github/workflows/check-run.yml
cleanup:
name: Cleanup config
if: ${{ inputs.cleanup_config }}
runs-on: ubuntu-24.04
needs: check-run
steps:
- name: Login to Azure - Prod Subscription
uses: Azure/login@a65d910e8af852a8061c627c456678983e180302 # v2.2.0
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: ${{ env._KEY_VAULT }}
secrets: "github-pat-bitwarden-devops-bot-repo-scope,github-bitwarden-devops-bot-email"
- name: Checkout ${{ inputs.project }}
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
repository: bitwarden/${{ inputs.project }}
ref: ${{ inputs.ephemeral_env_branch }}
token: '${{ steps.retrieve-secrets.outputs.github-pat-bitwarden-devops-bot-repo-scope }}'
- name: Remove config
working-directory: ephemeral-environments
run: rm -f ${{ inputs.ephemeral_env_branch }}.yaml
- name: Commit changes to ${{ inputs.ephemeral_env_branch }}
working-directory: ephemeral-environments
run: |
git config --local user.email "${{ steps.retrieve-secrets.outputs.github-bitwarden-devops-bot-email }}"
git config --local user.name "${{ env._BOT_NAME }}"
git add ${{ inputs.ephemeral_env_branch }}.yaml
git commit -m "Removed ${{ inputs.ephemeral_env_branch }}.yaml config."
git push
sync-env:
name: Sync Ephemeral Environment
if: ${{ inputs.sync_environment }}
runs-on: ubuntu-24.04
needs: check-run
steps:
- name: Login to Azure - Prod Subscription
uses: Azure/login@a65d910e8af852a8061c627c456678983e180302 # v2.2.0
with:
creds: ${{ secrets.AZURE_KV_CI_SERVICE_PRINCIPAL }}
- name: Retrieve secrets
id: retrieve-secrets
uses: bitwarden/gh-actions/get-keyvault-secrets@main
with:
keyvault: ${{ env._KEY_VAULT }}
secrets: |
ephemeral-environment-argocd-cluster-url,
ephemeral-environment-argocd-cluster-api-secret,
ephemeral-environment-argocd-cluster-api-user
- name: Install ArgoCD CLI
run: |
curl -sSL -o argocd-linux-amd64 \
"https://github.com/argoproj/argo-cd/releases/latest/download/argocd-linux-amd64"
install -m 555 argocd-linux-amd64 /usr/local/bin/argocd
argocd version --client
rm argocd-linux-amd64
- name: Log into Argo CD cluster
run: |
argocd login ${{ steps.retrieve-secrets.outputs.ephemeral-environment-argocd-cluster-url }} \
--username ${{ steps.retrieve-secrets.outputs.ephemeral-environment-argocd-cluster-api-user }} \
--password ${{ steps.retrieve-secrets.outputs.ephemeral-environment-argocd-cluster-api-secret }}
- name: Sync ${{ inputs.ephemeral_env_branch }} application
run: |
APP_NAME=$(argocd app list -o name | grep ${{ inputs.pull_request_number }})
argocd app sync "$APP_NAME"