From 72eeec6255b06e260e2ff9e4311d55dac9357bff Mon Sep 17 00:00:00 2001 From: Vince Grassia <593223+vgrassia@users.noreply.github.com> Date: Thu, 21 May 2026 10:05:07 -0400 Subject: [PATCH] Update Build Web workflow to only run on published Web releases. Removed migrated Staged Rollout Desktop workflow. (#20761) --- .github/workflows/build-web.yml | 23 +++++ .github/workflows/staged-rollout-desktop.yml | 96 -------------------- 2 files changed, 23 insertions(+), 96 deletions(-) delete mode 100644 .github/workflows/staged-rollout-desktop.yml diff --git a/.github/workflows/build-web.yml b/.github/workflows/build-web.yml index a77e94c7243..299aed59169 100644 --- a/.github/workflows/build-web.yml +++ b/.github/workflows/build-web.yml @@ -56,8 +56,31 @@ permissions: contents: read jobs: + check-release-tag: + name: Check release tag + if: github.event_name == 'release' + runs-on: ubuntu-24.04 + steps: + - name: Check tag + env: + TAG_NAME: ${{ github.event.release.tag_name }} + run: | + if [[ "$TAG_NAME" == web-v* ]]; then + echo "### ✅ Web release detected" >> "$GITHUB_STEP_SUMMARY" + echo "Tag \`$TAG_NAME\` matches \`web-v*\`. Proceeding with build." >> "$GITHUB_STEP_SUMMARY" + else + echo "### ⏭️ Build skipped" >> "$GITHUB_STEP_SUMMARY" + echo "Tag \`$TAG_NAME\` does not match \`web-v*\`. This release is not for Web, skipping." >> "$GITHUB_STEP_SUMMARY" + fi + setup: name: Setup + needs: check-release-tag + if: | + always() + && (needs.check-release-tag.result == 'skipped' + || (needs.check-release-tag.result == 'success' + && startsWith(github.event.release.tag_name, 'web-v'))) runs-on: ubuntu-24.04 outputs: version: ${{ steps.version.outputs.value }} diff --git a/.github/workflows/staged-rollout-desktop.yml b/.github/workflows/staged-rollout-desktop.yml deleted file mode 100644 index 3d4f0376b39..00000000000 --- a/.github/workflows/staged-rollout-desktop.yml +++ /dev/null @@ -1,96 +0,0 @@ -name: Staged Rollout Desktop -run-name: Staged Rollout Desktop - ${{ inputs.rollout_percentage }}% - -on: - workflow_dispatch: - inputs: - rollout_percentage: - description: 'Staged Rollout Percentage' - required: true - default: '10' - type: string - -defaults: - run: - shell: bash - -jobs: - rollout: - name: Update Rollout Percentage - runs-on: ubuntu-22.04 - permissions: - id-token: write - steps: - - name: Log in to Azure - uses: bitwarden/gh-actions/azure-login@main - with: - subscription_id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} - tenant_id: ${{ secrets.AZURE_TENANT_ID }} - client_id: ${{ secrets.AZURE_CLIENT_ID }} - - - name: Retrieve secrets - id: retrieve-secrets - uses: bitwarden/gh-actions/get-keyvault-secrets@main - with: - keyvault: "bitwarden-ci" - secrets: "aws-electron-access-id, - aws-electron-access-key, - aws-electron-bucket-name" - - - name: Log out from Azure - uses: bitwarden/gh-actions/azure-logout@main - - - name: Download channel update info files from S3 - env: - AWS_ACCESS_KEY_ID: ${{ steps.retrieve-secrets.outputs.aws-electron-access-id }} - AWS_SECRET_ACCESS_KEY: ${{ steps.retrieve-secrets.outputs.aws-electron-access-key }} - AWS_DEFAULT_REGION: 'us-west-2' - AWS_S3_BUCKET_NAME: ${{ steps.retrieve-secrets.outputs.aws-electron-bucket-name }} - run: | - aws s3 cp "$AWS_S3_BUCKET_NAME/desktop/latest.yml" . \ - --quiet - aws s3 cp "$AWS_S3_BUCKET_NAME/desktop/latest-linux.yml" . \ - --quiet - aws s3 cp "$AWS_S3_BUCKET_NAME/desktop/latest-mac.yml" . \ - --quiet - - - name: Check new rollout percentage - env: - NEW_PCT: ${{ github.event.inputs.rollout_percentage }} - run: | - CURRENT_PCT=$(sed -r -n "s/stagingPercentage:\s([0-9]+)/\1/p" latest.yml) - echo "Current percentage: ${CURRENT_PCT}" - echo "New percentage: ${NEW_PCT}" - echo - if [ "$NEW_PCT" -le "$CURRENT_PCT" ]; then - echo "New percentage (${NEW_PCT}) must be higher than current percentage (${CURRENT_PCT})!" - echo - echo "If you want to pull a staged release because it hasn’t gone well, you must increment the version \ - number higher than your broken release. Because some of your users will be on the broken 1.0.1, \ - releasing a new 1.0.1 would result in them staying on a broken version." - exit 1 - fi - - - name: Set staged rollout percentage - env: - ROLLOUT_PCT: ${{ github.event.inputs.rollout_percentage }} - run: | - sed -i -r "/stagingPercentage/s/[0-9]+/${ROLLOUT_PCT}/" latest.yml - sed -i -r "/stagingPercentage/s/[0-9]+/${ROLLOUT_PCT}/" latest-linux.yml - sed -i -r "/stagingPercentage/s/[0-9]+/${ROLLOUT_PCT}/" latest-mac.yml - - - name: Publish channel update info files to S3 - env: - AWS_ACCESS_KEY_ID: ${{ steps.retrieve-secrets.outputs.aws-electron-access-id }} - AWS_SECRET_ACCESS_KEY: ${{ steps.retrieve-secrets.outputs.aws-electron-access-key }} - AWS_DEFAULT_REGION: 'us-west-2' - AWS_S3_BUCKET_NAME: ${{ steps.retrieve-secrets.outputs.aws-electron-bucket-name }} - run: | - aws s3 cp latest.yml "$AWS_S3_BUCKET_NAME/desktop/" \ - --acl "public-read" - - aws s3 cp latest-linux.yml "$AWS_S3_BUCKET_NAME/desktop/" \ - --acl "public-read" - - aws s3 cp latest-mac.yml "$AWS_S3_BUCKET_NAME/desktop/" \ - --acl "public-read"