From ae65640a7e8fb58877456f1161ed149db4531f68 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Sun, 2 Jul 2023 20:17:02 -0700 Subject: [PATCH 01/17] add devcontainers for `server` --- .devcontainer/community_dev/devcontainer.json | 14 +++ .../community_dev/docker-compose.yml | 31 +++++++ .../community_dev/postCreateCommand.sh | 76 +++++++++++++++ .devcontainer/internal_dev/devcontainer.json | 14 +++ .devcontainer/internal_dev/docker-compose.yml | 38 ++++++++ .../internal_dev/postCreateCommand.sh | 92 +++++++++++++++++++ 6 files changed, 265 insertions(+) create mode 100644 .devcontainer/community_dev/devcontainer.json create mode 100644 .devcontainer/community_dev/docker-compose.yml create mode 100755 .devcontainer/community_dev/postCreateCommand.sh create mode 100644 .devcontainer/internal_dev/devcontainer.json create mode 100644 .devcontainer/internal_dev/docker-compose.yml create mode 100755 .devcontainer/internal_dev/postCreateCommand.sh diff --git a/.devcontainer/community_dev/devcontainer.json b/.devcontainer/community_dev/devcontainer.json new file mode 100644 index 000000000000..0e440193d54f --- /dev/null +++ b/.devcontainer/community_dev/devcontainer.json @@ -0,0 +1,14 @@ +{ + "name": "Bitwarden Community Dev", + "dockerComposeFile": "docker-compose.yml", + "service": "bitwarden_server", + "workspaceFolder": "/workspace", + "customizations": { + "vscode": { + "settings": {}, + "features": {}, + "extensions": ["ms-dotnettools.csharp"] + } + }, + "postCreateCommand": "bash .devcontainer/community_dev/postCreateCommand.sh" +} diff --git a/.devcontainer/community_dev/docker-compose.yml b/.devcontainer/community_dev/docker-compose.yml new file mode 100644 index 000000000000..791941d24df1 --- /dev/null +++ b/.devcontainer/community_dev/docker-compose.yml @@ -0,0 +1,31 @@ +version: '3' + +services: + bitwarden_server: + image: mcr.microsoft.com/devcontainers/dotnet:0-6.0 + volumes: + - ../../:/workspace:cached + # Overrides default command so things don't shut down after the process ends. + command: sleep infinity + + bitwarden_mssql: + image: mcr.microsoft.com/azure-sql-edge:latest + restart: unless-stopped + environment: + ACCEPT_EULA: "Y" + MSSQL_SA_PASSWORD: 'd3vP@ssw0rd!' # update this in your secrets.json file if you change this!!! + MSSQL_PID: Developer + volumes: + - edgesql_dev_data:/var/opt/mssql + - ../../util/Migrator:/mnt/migrator/ + - ../../dev/helpers/mssql:/mnt/helpers + - ../../dev/.data/mssql:/mnt/data + network_mode: service:bitwarden_server + + bitwarden_mail: + image: sj26/mailcatcher:latest + restart: unless-stopped + network_mode: service:bitwarden_server + +volumes: + edgesql_dev_data: diff --git a/.devcontainer/community_dev/postCreateCommand.sh b/.devcontainer/community_dev/postCreateCommand.sh new file mode 100755 index 000000000000..6ec53d7ccdb6 --- /dev/null +++ b/.devcontainer/community_dev/postCreateCommand.sh @@ -0,0 +1,76 @@ +#!/usr/bin/env bash +export DEV_DIR=/workspace/dev +export CONTAINER_CONFIG=/workspace/.devcontainer/community_dev +git config --global --add safe.directory /workspace + +get_installation_id_and_key() { + pushd ./dev >/dev/null || exit + read -r -p "Would you like to automatically grab a Bitwarden installation id and key? [y/N] " response + if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + echo "Retrieving an installation id and key..." + read -r -p "Enter your email address: " USER_EMAIL + INSTALLATION_RESPONSE="$(curl -s --location --request POST 'https://api.bitwarden.com/installations' --header 'Content-Type: application/json' --data-raw "{\"email\": \"$USER_EMAIL\"}")" + INSTALLATION_ID="$(echo "$INSTALLATION_RESPONSE" | jq -r '.id')" + INSTALLATION_KEY="$(echo "$INSTALLATION_RESPONSE" | jq -r '.key')" + jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | + .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ + secrets.json.example >secrets.json # create/overwrite secrets.json + else + echo "Please enter your installation id and key from https://bitwarden.com/host" + read -r -p "Installation id: " INSTALLATION_ID + read -r -p "Installation key: " INSTALLATION_KEY + jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | + .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ + secrets.json.example >secrets.json # create/overwrite secrets.json + fi + popd >/dev/null || exit +} + +configure_other_vars() { + pushd ./dev >/dev/null || exit + cp secrets.json .secrets.json.tmp + # set DB_PASSWORD equal to .services.mssql.environment.MSSQL_SA_PASSWORD, accounting for quotes + DB_PASSWORD="$(grep -oP 'MSSQL_SA_PASSWORD:\s*["'"'"']?\K[^"'"'"'\s]+' $CONTAINER_CONFIG/docker-compose.yml)" + CERT_OUTPUT="$(./create_certificates_linux.sh)" + #shellcheck disable=SC2086 + IDENTITY_SERVER_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Identity Server Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" + #shellcheck disable=SC2086 + DATA_PROTECTION_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Data Protection Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" + echo "Identity Server Dev: $IDENTITY_SERVER_FINGERPRINT" + echo "Data Protection Dev: $DATA_PROTECTION_FINGERPRINT" + jq \ + ".globalSettings.sqlServer.connectionString = \"Server=localhost;Database=vault_dev;User Id=SA;Password=$DB_PASSWORD;Encrypt=True;TrustServerCertificate=True\" | + .globalSettings.postgreSql.connectionString = \"Host=localhost;Username=postgres;Password=$DB_PASSWORD;Database=vault_dev;Include Error Detail=true\" | + .globalSettings.mySql.connectionString = \"server=localhost;uid=root;pwd=$DB_PASSWORD;database=vault_dev\" | + .globalSettings.identityServer.certificateThumbprint = \"$IDENTITY_SERVER_FINGERPRINT\" | + .globalSettings.dataProtection.certificateThumbprint = \"$DATA_PROTECTION_FINGERPRINT\"" \ + .secrets.json.tmp >secrets.json + # # workaround for the incorrect internalService URLs being used with self-hosted dev configs + # cp secrets.json .secrets.json.tmp + # jq \ + # ".globalSettings.baseServiceUri.internalAdmin = \"http://localhost:62912\" | + # .globalSettings.baseServiceUri.internalApi = \"http://localhost:4001\" | + # .globalSettings.baseServiceUri.internalIdentity = \"http://localhost:33657\"" \ + # .secrets.json.tmp > secrets.json + # rm -f .secrets.json.tmp + popd >/dev/null || exit +} + +one_time_setup() { + read -r -p \ + "Would you like to configure your secrets and certificates for the first time? +WARNING: This will overwrite any existing secrets.json and certificate files. +Proceed? [y/N] " response + if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + echo "Running one-time setup script..." + sleep 1 + get_installation_id_and_key + configure_other_vars + pushd ./dev >/dev/null || exit + pwsh ./setup_secrets.ps1 || true + popd >/dev/null || exit + fi +} + +# main +one_time_setup diff --git a/.devcontainer/internal_dev/devcontainer.json b/.devcontainer/internal_dev/devcontainer.json new file mode 100644 index 000000000000..7f67a48f9b16 --- /dev/null +++ b/.devcontainer/internal_dev/devcontainer.json @@ -0,0 +1,14 @@ +{ + "name": "Bitwarden Dev", + "dockerComposeFile": "docker-compose.yml", + "service": "bitwarden_server", + "workspaceFolder": "/workspace", + "customizations": { + "vscode": { + "settings": {}, + "features": {}, + "extensions": ["ms-dotnettools.csharp"] + } + }, + "postCreateCommand": "bash .devcontainer/internal_dev/postCreateCommand.sh" +} diff --git a/.devcontainer/internal_dev/docker-compose.yml b/.devcontainer/internal_dev/docker-compose.yml new file mode 100644 index 000000000000..bdb861c1ec4e --- /dev/null +++ b/.devcontainer/internal_dev/docker-compose.yml @@ -0,0 +1,38 @@ +version: '3' + +services: + bitwarden_server: + image: mcr.microsoft.com/devcontainers/dotnet:0-6.0 + volumes: + - ../../:/workspace:cached + # Overrides default command so things don't shut down after the process ends. + command: sleep infinity + + bitwarden_mssql: + image: mcr.microsoft.com/azure-sql-edge:latest + restart: unless-stopped + environment: + ACCEPT_EULA: "Y" + MSSQL_SA_PASSWORD: 'd3vP@ssw0rd!' # update this in your secrets.json file if you change this!!! + MSSQL_PID: Developer + volumes: + - edgesql_dev_data:/var/opt/mssql + - ../../util/Migrator:/mnt/migrator/ + - ../../dev/helpers/mssql:/mnt/helpers + - ../../dev/.data/mssql:/mnt/data + network_mode: service:bitwarden_server + + bitwarden_storage: + image: mcr.microsoft.com/azure-storage/azurite:latest + restart: unless-stopped + volumes: + - ../../dev/.data/azurite:/data + network_mode: service:bitwarden_server + + bitwarden_mail: + image: sj26/mailcatcher:latest + restart: unless-stopped + network_mode: service:bitwarden_server + +volumes: + edgesql_dev_data: diff --git a/.devcontainer/internal_dev/postCreateCommand.sh b/.devcontainer/internal_dev/postCreateCommand.sh new file mode 100755 index 000000000000..b05b275342b0 --- /dev/null +++ b/.devcontainer/internal_dev/postCreateCommand.sh @@ -0,0 +1,92 @@ +#!/usr/bin/env bash +export DEV_DIR=/workspace/dev +export CONTAINER_CONFIG=/workspace/.devcontainer/internal_dev +git config --global --add safe.directory /workspace + +get_installation_id_and_key() { + pushd ./dev >/dev/null || exit + read -r -p "Would you like to automatically grab a Bitwarden installation id and key? [y/N] " response + if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + echo "Retrieving an installation id and key..." + read -r -p "Enter your email address: " USER_EMAIL + INSTALLATION_RESPONSE="$(curl -s --location --request POST 'https://api.bitwarden.com/installations' --header 'Content-Type: application/json' --data-raw "{\"email\": \"$USER_EMAIL\"}")" + INSTALLATION_ID="$(echo "$INSTALLATION_RESPONSE" | jq -r '.id')" + INSTALLATION_KEY="$(echo "$INSTALLATION_RESPONSE" | jq -r '.key')" + jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | + .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ + secrets.json.example >secrets.json # create/overwrite secrets.json + else + echo "Please enter your installation id and key from https://bitwarden.com/host" + read -r -p "Installation id: " INSTALLATION_ID + read -r -p "Installation key: " INSTALLATION_KEY + jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | + .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ + secrets.json.example >secrets.json # create/overwrite secrets.json + fi + popd >/dev/null || exit +} + +remove_comments() { + # jq will not parse files with comments + file="$1" + + if [[ -f "$file" ]]; then + sed -e '/^\/\//d' -e 's@[[:blank:]]\{1,\}//.*@@' "$file" >"$file.tmp" + mv "$file.tmp" "$file" + fi +} + +configure_other_vars() { + pushd ./dev >/dev/null || exit + cp secrets.json .secrets.json.tmp + # set DB_PASSWORD equal to .services.mssql.environment.MSSQL_SA_PASSWORD, accounting for quotes + DB_PASSWORD="$(grep -oP 'MSSQL_SA_PASSWORD:\s*["'"'"']?\K[^"'"'"'\s]+' $CONTAINER_CONFIG/docker-compose.yml)" + CERT_OUTPUT="$(./create_certificates_linux.sh)" + #shellcheck disable=SC2086 + IDENTITY_SERVER_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Identity Server Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" + #shellcheck disable=SC2086 + DATA_PROTECTION_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Data Protection Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" + echo "Identity Server Dev: $IDENTITY_SERVER_FINGERPRINT" + echo "Data Protection Dev: $DATA_PROTECTION_FINGERPRINT" + jq \ + ".globalSettings.sqlServer.connectionString = \"Server=localhost;Database=vault_dev;User Id=SA;Password=$DB_PASSWORD;Encrypt=True;TrustServerCertificate=True\" | + .globalSettings.postgreSql.connectionString = \"Host=localhost;Username=postgres;Password=$DB_PASSWORD;Database=vault_dev;Include Error Detail=true\" | + .globalSettings.mySql.connectionString = \"server=localhost;uid=root;pwd=$DB_PASSWORD;database=vault_dev\" | + .globalSettings.identityServer.certificateThumbprint = \"$IDENTITY_SERVER_FINGERPRINT\" | + .globalSettings.dataProtection.certificateThumbprint = \"$DATA_PROTECTION_FINGERPRINT\"" \ + .secrets.json.tmp >secrets.json + popd >/dev/null || exit +} + +one_time_setup() { + read -r -p \ + "Would you like to configure your secrets and certificates for the first time? +WARNING: This will overwrite any existing secrets.json and certificate files. +Proceed? [y/N] " response + if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then + echo "Running one-time setup script..." + sleep 1 + # get_installation_id_and_key # I don't think we'd need this for most internal dev work + read -r -p \ + "Place the secrets.json and dev.pfx files from our shared Collection in the ./dev directory. +Press to continue." + remove_comments ./dev/secrets.json + configure_other_vars + echo "Installing Az module. This will take ~a minute..." + pwsh -Command "Install-Module -Name Az -Scope CurrentUser -Repository PSGallery -Force" + pwsh ./dev/setup_azurite.ps1 + + dotnet tool install dotnet-certificate-tool -g >/dev/null + + read -r -s -p "Paste the \"Licensing Certificate - Dev\" password: " CERT_PASSWORD + echo + pushd ./dev >/dev/null || exit + certificate-tool add --file ./dev.pfx --password "$CERT_PASSWORD" + echo "Injecting dotnet secrets..." + pwsh ./setup_secrets.ps1 || true + popd >/dev/null || exit + fi +} + +# main +one_time_setup From a99cfd75738442ecb84bd268702fde8b80b62d5d Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Sun, 2 Jul 2023 20:19:47 -0700 Subject: [PATCH 02/17] run db migrations automatically in dev environment --- src/Admin/Startup.cs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/Admin/Startup.cs b/src/Admin/Startup.cs index 9482be011a99..8df94d388743 100644 --- a/src/Admin/Startup.cs +++ b/src/Admin/Startup.cs @@ -108,7 +108,7 @@ public void ConfigureServices(IServiceCollection services) // Jobs service Jobs.JobsHostedService.AddJobsServices(services, globalSettings.SelfHosted); services.AddHostedService(); - if (globalSettings.SelfHosted) + if (globalSettings.SelfHosted || Environment.IsDevelopment()) { services.AddHostedService(); } From 43d417bccad7dc7676bb65ca6a49efaa2fdb884e Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Sun, 2 Jul 2023 21:08:59 -0700 Subject: [PATCH 03/17] remove curl --- .../community_dev/postCreateCommand.sh | 24 +++++-------------- .../internal_dev/postCreateCommand.sh | 24 +++++-------------- 2 files changed, 12 insertions(+), 36 deletions(-) diff --git a/.devcontainer/community_dev/postCreateCommand.sh b/.devcontainer/community_dev/postCreateCommand.sh index 6ec53d7ccdb6..c758599e7875 100755 --- a/.devcontainer/community_dev/postCreateCommand.sh +++ b/.devcontainer/community_dev/postCreateCommand.sh @@ -5,24 +5,12 @@ git config --global --add safe.directory /workspace get_installation_id_and_key() { pushd ./dev >/dev/null || exit - read -r -p "Would you like to automatically grab a Bitwarden installation id and key? [y/N] " response - if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then - echo "Retrieving an installation id and key..." - read -r -p "Enter your email address: " USER_EMAIL - INSTALLATION_RESPONSE="$(curl -s --location --request POST 'https://api.bitwarden.com/installations' --header 'Content-Type: application/json' --data-raw "{\"email\": \"$USER_EMAIL\"}")" - INSTALLATION_ID="$(echo "$INSTALLATION_RESPONSE" | jq -r '.id')" - INSTALLATION_KEY="$(echo "$INSTALLATION_RESPONSE" | jq -r '.key')" - jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | - .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ - secrets.json.example >secrets.json # create/overwrite secrets.json - else - echo "Please enter your installation id and key from https://bitwarden.com/host" - read -r -p "Installation id: " INSTALLATION_ID - read -r -p "Installation key: " INSTALLATION_KEY - jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | - .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ - secrets.json.example >secrets.json # create/overwrite secrets.json - fi + echo "Please enter your installation id and key from https://bitwarden.com/host:" + read -r -p "Installation id: " INSTALLATION_ID + read -r -p "Installation key: " INSTALLATION_KEY + jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | + .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ + secrets.json.example >secrets.json # create/overwrite secrets.json popd >/dev/null || exit } diff --git a/.devcontainer/internal_dev/postCreateCommand.sh b/.devcontainer/internal_dev/postCreateCommand.sh index b05b275342b0..1e70ad3cb72d 100755 --- a/.devcontainer/internal_dev/postCreateCommand.sh +++ b/.devcontainer/internal_dev/postCreateCommand.sh @@ -5,24 +5,12 @@ git config --global --add safe.directory /workspace get_installation_id_and_key() { pushd ./dev >/dev/null || exit - read -r -p "Would you like to automatically grab a Bitwarden installation id and key? [y/N] " response - if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then - echo "Retrieving an installation id and key..." - read -r -p "Enter your email address: " USER_EMAIL - INSTALLATION_RESPONSE="$(curl -s --location --request POST 'https://api.bitwarden.com/installations' --header 'Content-Type: application/json' --data-raw "{\"email\": \"$USER_EMAIL\"}")" - INSTALLATION_ID="$(echo "$INSTALLATION_RESPONSE" | jq -r '.id')" - INSTALLATION_KEY="$(echo "$INSTALLATION_RESPONSE" | jq -r '.key')" - jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | - .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ - secrets.json.example >secrets.json # create/overwrite secrets.json - else - echo "Please enter your installation id and key from https://bitwarden.com/host" - read -r -p "Installation id: " INSTALLATION_ID - read -r -p "Installation key: " INSTALLATION_KEY - jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | - .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ - secrets.json.example >secrets.json # create/overwrite secrets.json - fi + echo "Please enter your installation id and key from https://bitwarden.com/host:" + read -r -p "Installation id: " INSTALLATION_ID + read -r -p "Installation key: " INSTALLATION_KEY + jq ".globalSettings.installation.id = \"$INSTALLATION_ID\" | + .globalSettings.installation.key = \"$INSTALLATION_KEY\"" \ + secrets.json.example >secrets.json # create/overwrite secrets.json popd >/dev/null || exit } From 44e6f6a87ee551f6bec9f1124a975767354568a9 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Mon, 3 Jul 2023 11:11:37 +0000 Subject: [PATCH 04/17] remove trailing comma; causes parsing with `jq` --- dev/secrets.json.example | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/secrets.json.example b/dev/secrets.json.example index 5c9f901e2e32..e296ffb7c00b 100644 --- a/dev/secrets.json.example +++ b/dev/secrets.json.example @@ -15,7 +15,7 @@ "connectionString": "Server=localhost;Database=vault_dev;User Id=SA;Password=SET_A_PASSWORD_HERE_123;Encrypt=True;TrustServerCertificate=True" }, "postgreSql": { - "connectionString": "Host=localhost;Username=postgres;Password=SET_A_PASSWORD_HERE_123;Database=vault_dev;Include Error Detail=true", + "connectionString": "Host=localhost;Username=postgres;Password=SET_A_PASSWORD_HERE_123;Database=vault_dev;Include Error Detail=true" }, "mySql": { "connectionString": "server=localhost;uid=root;pwd=SET_A_PASSWORD_HERE_123;database=vault_dev" From 6a29e44b9a84db58716b3b6395a8c6bf841c6477 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Sat, 8 Jul 2023 03:48:28 -0700 Subject: [PATCH 05/17] use existing .env --- .devcontainer/community_dev/docker-compose.yml | 3 ++- .devcontainer/internal_dev/docker-compose.yml | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.devcontainer/community_dev/docker-compose.yml b/.devcontainer/community_dev/docker-compose.yml index 791941d24df1..b2420f735c90 100644 --- a/.devcontainer/community_dev/docker-compose.yml +++ b/.devcontainer/community_dev/docker-compose.yml @@ -11,9 +11,10 @@ services: bitwarden_mssql: image: mcr.microsoft.com/azure-sql-edge:latest restart: unless-stopped + env_file: + ../../dev/.env environment: ACCEPT_EULA: "Y" - MSSQL_SA_PASSWORD: 'd3vP@ssw0rd!' # update this in your secrets.json file if you change this!!! MSSQL_PID: Developer volumes: - edgesql_dev_data:/var/opt/mssql diff --git a/.devcontainer/internal_dev/docker-compose.yml b/.devcontainer/internal_dev/docker-compose.yml index bdb861c1ec4e..b5c290e5bc00 100644 --- a/.devcontainer/internal_dev/docker-compose.yml +++ b/.devcontainer/internal_dev/docker-compose.yml @@ -11,9 +11,10 @@ services: bitwarden_mssql: image: mcr.microsoft.com/azure-sql-edge:latest restart: unless-stopped + env_file: + ../../dev/.env environment: ACCEPT_EULA: "Y" - MSSQL_SA_PASSWORD: 'd3vP@ssw0rd!' # update this in your secrets.json file if you change this!!! MSSQL_PID: Developer volumes: - edgesql_dev_data:/var/opt/mssql From 7e22472e5bfcec6db3f1092f737defe785e390ac Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Sat, 8 Jul 2023 03:53:52 -0700 Subject: [PATCH 06/17] add initializeCommand --- .devcontainer/community_dev/configure_env | 25 +++++++++++++++++++ .devcontainer/community_dev/configure_env.cmd | 24 ++++++++++++++++++ .devcontainer/community_dev/devcontainer.json | 1 + .devcontainer/internal_dev/configure_env | 25 +++++++++++++++++++ .devcontainer/internal_dev/configure_env.cmd | 24 ++++++++++++++++++ .devcontainer/internal_dev/devcontainer.json | 1 + 6 files changed, 100 insertions(+) create mode 100755 .devcontainer/community_dev/configure_env create mode 100755 .devcontainer/community_dev/configure_env.cmd create mode 100755 .devcontainer/internal_dev/configure_env create mode 100755 .devcontainer/internal_dev/configure_env.cmd diff --git a/.devcontainer/community_dev/configure_env b/.devcontainer/community_dev/configure_env new file mode 100755 index 000000000000..15e0d341f84c --- /dev/null +++ b/.devcontainer/community_dev/configure_env @@ -0,0 +1,25 @@ +#!/usr/bin/env bash + +test_env() { + if [ ! -f ./dev/.env ]; then + echo "Creating ./dev/.env with default key-values" + echo "COMPOSE_PROJECT_NAME=bitwarden_server" > ./dev/.env + echo "MSSQL_SA_PASSWORD=d3vP@ssw0rd" >> ./dev/.env + else + echo "Found ./dev/.env" + copy_mssql_var + fi +} + +copy_mssql_var() { + if grep -q "MSSQL_SA_PASSWORD" ./dev/.env; then + echo "MSSQL_SA_PASSWORD already exists in ./dev/.env" + else + echo "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" + DB_PASSWORD=$(grep '^MSSQL_PASSWORD=' ./dev/.env) + echo "${DB_PASSWORD/MSSQL_PASSWORD/MSSQL_SA_PASSWORD}" >> ./dev/.env + mv ./dev/.env.tmp ./dev/.env + fi +} + +test_env diff --git a/.devcontainer/community_dev/configure_env.cmd b/.devcontainer/community_dev/configure_env.cmd new file mode 100755 index 000000000000..8a6ef2437810 --- /dev/null +++ b/.devcontainer/community_dev/configure_env.cmd @@ -0,0 +1,24 @@ +function Test-Env { + if (!(Test-Path "./dev/.env")) { + Write-Host "Creating ./dev/.env with default key-values" + Set-Content -Path "./dev/.env" -Value "COMPOSE_PROJECT_NAME=bitwarden_server" + Add-Content -Path "./dev/.env" -Value "MSSQL_SA_PASSWORD=d3vP@ssw0rd" + } + else { + Write-Host "Found ./dev/.env" + Copy-MSSQLVar + } +} + +function Copy-MSSQLVar { + if (Select-String -Path "./dev/.env" -Pattern "MSSQL_SA_PASSWORD" -Quiet) { + Write-Host "MSSQL_SA_PASSWORD already exists in ./dev/.env" + } + else { + Write-Host "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" + $DB_PASSWORD = Get-Content "./dev/.env" | Where-Object { $_ -match "^MSSQL_PASSWORD=" } + $DB_PASSWORD -replace "MSSQL_PASSWORD", "MSSQL_SA_PASSWORD" | Out-File -Append ./dev/.env + } +} + +Test-Env diff --git a/.devcontainer/community_dev/devcontainer.json b/.devcontainer/community_dev/devcontainer.json index 0e440193d54f..d9a7803a6bb5 100644 --- a/.devcontainer/community_dev/devcontainer.json +++ b/.devcontainer/community_dev/devcontainer.json @@ -10,5 +10,6 @@ "extensions": ["ms-dotnettools.csharp"] } }, + "initializeCommand": [".devcontainer/community_dev/configure_env"], "postCreateCommand": "bash .devcontainer/community_dev/postCreateCommand.sh" } diff --git a/.devcontainer/internal_dev/configure_env b/.devcontainer/internal_dev/configure_env new file mode 100755 index 000000000000..15e0d341f84c --- /dev/null +++ b/.devcontainer/internal_dev/configure_env @@ -0,0 +1,25 @@ +#!/usr/bin/env bash + +test_env() { + if [ ! -f ./dev/.env ]; then + echo "Creating ./dev/.env with default key-values" + echo "COMPOSE_PROJECT_NAME=bitwarden_server" > ./dev/.env + echo "MSSQL_SA_PASSWORD=d3vP@ssw0rd" >> ./dev/.env + else + echo "Found ./dev/.env" + copy_mssql_var + fi +} + +copy_mssql_var() { + if grep -q "MSSQL_SA_PASSWORD" ./dev/.env; then + echo "MSSQL_SA_PASSWORD already exists in ./dev/.env" + else + echo "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" + DB_PASSWORD=$(grep '^MSSQL_PASSWORD=' ./dev/.env) + echo "${DB_PASSWORD/MSSQL_PASSWORD/MSSQL_SA_PASSWORD}" >> ./dev/.env + mv ./dev/.env.tmp ./dev/.env + fi +} + +test_env diff --git a/.devcontainer/internal_dev/configure_env.cmd b/.devcontainer/internal_dev/configure_env.cmd new file mode 100755 index 000000000000..8a6ef2437810 --- /dev/null +++ b/.devcontainer/internal_dev/configure_env.cmd @@ -0,0 +1,24 @@ +function Test-Env { + if (!(Test-Path "./dev/.env")) { + Write-Host "Creating ./dev/.env with default key-values" + Set-Content -Path "./dev/.env" -Value "COMPOSE_PROJECT_NAME=bitwarden_server" + Add-Content -Path "./dev/.env" -Value "MSSQL_SA_PASSWORD=d3vP@ssw0rd" + } + else { + Write-Host "Found ./dev/.env" + Copy-MSSQLVar + } +} + +function Copy-MSSQLVar { + if (Select-String -Path "./dev/.env" -Pattern "MSSQL_SA_PASSWORD" -Quiet) { + Write-Host "MSSQL_SA_PASSWORD already exists in ./dev/.env" + } + else { + Write-Host "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" + $DB_PASSWORD = Get-Content "./dev/.env" | Where-Object { $_ -match "^MSSQL_PASSWORD=" } + $DB_PASSWORD -replace "MSSQL_PASSWORD", "MSSQL_SA_PASSWORD" | Out-File -Append ./dev/.env + } +} + +Test-Env diff --git a/.devcontainer/internal_dev/devcontainer.json b/.devcontainer/internal_dev/devcontainer.json index 7f67a48f9b16..4afc3ac6191d 100644 --- a/.devcontainer/internal_dev/devcontainer.json +++ b/.devcontainer/internal_dev/devcontainer.json @@ -10,5 +10,6 @@ "extensions": ["ms-dotnettools.csharp"] } }, + "initializeCommand": [".devcontainer/internal_dev/configure_env"], "postCreateCommand": "bash .devcontainer/internal_dev/postCreateCommand.sh" } From ede2b7b3828a6b8e1d5836c42730e21ed3b3fc57 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Sat, 8 Jul 2023 04:30:02 -0700 Subject: [PATCH 07/17] use better search string --- .devcontainer/community_dev/configure_env | 3 +-- .devcontainer/community_dev/configure_env.cmd | 4 ++-- .devcontainer/internal_dev/configure_env | 3 +-- .devcontainer/internal_dev/configure_env.cmd | 4 ++-- 4 files changed, 6 insertions(+), 8 deletions(-) diff --git a/.devcontainer/community_dev/configure_env b/.devcontainer/community_dev/configure_env index 15e0d341f84c..69aee7ade16a 100755 --- a/.devcontainer/community_dev/configure_env +++ b/.devcontainer/community_dev/configure_env @@ -12,13 +12,12 @@ test_env() { } copy_mssql_var() { - if grep -q "MSSQL_SA_PASSWORD" ./dev/.env; then + if grep -q "^MSSQL_SA_PASSWORD" ./dev/.env; then echo "MSSQL_SA_PASSWORD already exists in ./dev/.env" else echo "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" DB_PASSWORD=$(grep '^MSSQL_PASSWORD=' ./dev/.env) echo "${DB_PASSWORD/MSSQL_PASSWORD/MSSQL_SA_PASSWORD}" >> ./dev/.env - mv ./dev/.env.tmp ./dev/.env fi } diff --git a/.devcontainer/community_dev/configure_env.cmd b/.devcontainer/community_dev/configure_env.cmd index 8a6ef2437810..3b639a660b04 100755 --- a/.devcontainer/community_dev/configure_env.cmd +++ b/.devcontainer/community_dev/configure_env.cmd @@ -11,13 +11,13 @@ function Test-Env { } function Copy-MSSQLVar { - if (Select-String -Path "./dev/.env" -Pattern "MSSQL_SA_PASSWORD" -Quiet) { + if (Select-String -Path "./dev/.env" -Pattern "^MSSQL_SA_PASSWORD" -Quiet) { Write-Host "MSSQL_SA_PASSWORD already exists in ./dev/.env" } else { Write-Host "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" $DB_PASSWORD = Get-Content "./dev/.env" | Where-Object { $_ -match "^MSSQL_PASSWORD=" } - $DB_PASSWORD -replace "MSSQL_PASSWORD", "MSSQL_SA_PASSWORD" | Out-File -Append ./dev/.env + $DB_PASSWORD -replace "^MSSQL_PASSWORD", "MSSQL_SA_PASSWORD" | Out-File -Append ./dev/.env } } diff --git a/.devcontainer/internal_dev/configure_env b/.devcontainer/internal_dev/configure_env index 15e0d341f84c..69aee7ade16a 100755 --- a/.devcontainer/internal_dev/configure_env +++ b/.devcontainer/internal_dev/configure_env @@ -12,13 +12,12 @@ test_env() { } copy_mssql_var() { - if grep -q "MSSQL_SA_PASSWORD" ./dev/.env; then + if grep -q "^MSSQL_SA_PASSWORD" ./dev/.env; then echo "MSSQL_SA_PASSWORD already exists in ./dev/.env" else echo "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" DB_PASSWORD=$(grep '^MSSQL_PASSWORD=' ./dev/.env) echo "${DB_PASSWORD/MSSQL_PASSWORD/MSSQL_SA_PASSWORD}" >> ./dev/.env - mv ./dev/.env.tmp ./dev/.env fi } diff --git a/.devcontainer/internal_dev/configure_env.cmd b/.devcontainer/internal_dev/configure_env.cmd index 8a6ef2437810..3b639a660b04 100755 --- a/.devcontainer/internal_dev/configure_env.cmd +++ b/.devcontainer/internal_dev/configure_env.cmd @@ -11,13 +11,13 @@ function Test-Env { } function Copy-MSSQLVar { - if (Select-String -Path "./dev/.env" -Pattern "MSSQL_SA_PASSWORD" -Quiet) { + if (Select-String -Path "./dev/.env" -Pattern "^MSSQL_SA_PASSWORD" -Quiet) { Write-Host "MSSQL_SA_PASSWORD already exists in ./dev/.env" } else { Write-Host "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" $DB_PASSWORD = Get-Content "./dev/.env" | Where-Object { $_ -match "^MSSQL_PASSWORD=" } - $DB_PASSWORD -replace "MSSQL_PASSWORD", "MSSQL_SA_PASSWORD" | Out-File -Append ./dev/.env + $DB_PASSWORD -replace "^MSSQL_PASSWORD", "MSSQL_SA_PASSWORD" | Out-File -Append ./dev/.env } } From a6a606ca42e6810d2369ebc3e91160299802a6a0 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Sun, 9 Jul 2023 13:53:06 -0700 Subject: [PATCH 08/17] restructure common files --- .../configure_env | 0 .../bitwarden_common/configure_env.cmd | 1 + .../configure_env.ps1} | 0 .../docker-compose.yml | 0 .devcontainer/community_dev/devcontainer.json | 4 +- .../community_dev/postCreateCommand.sh | 12 ++---- .devcontainer/internal_dev/configure_env | 24 ------------ .devcontainer/internal_dev/configure_env.cmd | 24 ------------ .devcontainer/internal_dev/devcontainer.json | 8 ++-- .../internal_dev/docker-compose.override.yml | 9 +++++ .devcontainer/internal_dev/docker-compose.yml | 39 ------------------- .../internal_dev/postCreateCommand.sh | 4 +- 12 files changed, 23 insertions(+), 102 deletions(-) rename .devcontainer/{community_dev => bitwarden_common}/configure_env (100%) mode change 100755 => 100644 create mode 100644 .devcontainer/bitwarden_common/configure_env.cmd rename .devcontainer/{community_dev/configure_env.cmd => bitwarden_common/configure_env.ps1} (100%) mode change 100755 => 100644 rename .devcontainer/{community_dev => bitwarden_common}/docker-compose.yml (100%) mode change 100755 => 100644 .devcontainer/community_dev/postCreateCommand.sh delete mode 100755 .devcontainer/internal_dev/configure_env delete mode 100755 .devcontainer/internal_dev/configure_env.cmd create mode 100644 .devcontainer/internal_dev/docker-compose.override.yml delete mode 100644 .devcontainer/internal_dev/docker-compose.yml mode change 100755 => 100644 .devcontainer/internal_dev/postCreateCommand.sh diff --git a/.devcontainer/community_dev/configure_env b/.devcontainer/bitwarden_common/configure_env old mode 100755 new mode 100644 similarity index 100% rename from .devcontainer/community_dev/configure_env rename to .devcontainer/bitwarden_common/configure_env diff --git a/.devcontainer/bitwarden_common/configure_env.cmd b/.devcontainer/bitwarden_common/configure_env.cmd new file mode 100644 index 000000000000..c7869f2f6959 --- /dev/null +++ b/.devcontainer/bitwarden_common/configure_env.cmd @@ -0,0 +1 @@ +PowerShell.exe -ExecutionPolicy Bypass -File ".devcontainer\bitwarden_common\configure_env.ps1" diff --git a/.devcontainer/community_dev/configure_env.cmd b/.devcontainer/bitwarden_common/configure_env.ps1 old mode 100755 new mode 100644 similarity index 100% rename from .devcontainer/community_dev/configure_env.cmd rename to .devcontainer/bitwarden_common/configure_env.ps1 diff --git a/.devcontainer/community_dev/docker-compose.yml b/.devcontainer/bitwarden_common/docker-compose.yml similarity index 100% rename from .devcontainer/community_dev/docker-compose.yml rename to .devcontainer/bitwarden_common/docker-compose.yml diff --git a/.devcontainer/community_dev/devcontainer.json b/.devcontainer/community_dev/devcontainer.json index d9a7803a6bb5..edb9dac530a8 100644 --- a/.devcontainer/community_dev/devcontainer.json +++ b/.devcontainer/community_dev/devcontainer.json @@ -1,6 +1,6 @@ { "name": "Bitwarden Community Dev", - "dockerComposeFile": "docker-compose.yml", + "dockerComposeFile": "../../.devcontainer/bitwarden_common/docker-compose.yml", "service": "bitwarden_server", "workspaceFolder": "/workspace", "customizations": { @@ -10,6 +10,6 @@ "extensions": ["ms-dotnettools.csharp"] } }, - "initializeCommand": [".devcontainer/community_dev/configure_env"], + "initializeCommand": [".devcontainer/bitwarden_common/configure_env"], "postCreateCommand": "bash .devcontainer/community_dev/postCreateCommand.sh" } diff --git a/.devcontainer/community_dev/postCreateCommand.sh b/.devcontainer/community_dev/postCreateCommand.sh old mode 100755 new mode 100644 index c758599e7875..04f30755d9d1 --- a/.devcontainer/community_dev/postCreateCommand.sh +++ b/.devcontainer/community_dev/postCreateCommand.sh @@ -18,7 +18,7 @@ configure_other_vars() { pushd ./dev >/dev/null || exit cp secrets.json .secrets.json.tmp # set DB_PASSWORD equal to .services.mssql.environment.MSSQL_SA_PASSWORD, accounting for quotes - DB_PASSWORD="$(grep -oP 'MSSQL_SA_PASSWORD:\s*["'"'"']?\K[^"'"'"'\s]+' $CONTAINER_CONFIG/docker-compose.yml)" + DB_PASSWORD="$(grep -oP 'MSSQL_SA_PASSWORD=["'"'"']?\K[^"'"'"'\s]+' $DEV_DIR/.env)" CERT_OUTPUT="$(./create_certificates_linux.sh)" #shellcheck disable=SC2086 IDENTITY_SERVER_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Identity Server Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" @@ -33,14 +33,7 @@ configure_other_vars() { .globalSettings.identityServer.certificateThumbprint = \"$IDENTITY_SERVER_FINGERPRINT\" | .globalSettings.dataProtection.certificateThumbprint = \"$DATA_PROTECTION_FINGERPRINT\"" \ .secrets.json.tmp >secrets.json - # # workaround for the incorrect internalService URLs being used with self-hosted dev configs - # cp secrets.json .secrets.json.tmp - # jq \ - # ".globalSettings.baseServiceUri.internalAdmin = \"http://localhost:62912\" | - # .globalSettings.baseServiceUri.internalApi = \"http://localhost:4001\" | - # .globalSettings.baseServiceUri.internalIdentity = \"http://localhost:33657\"" \ - # .secrets.json.tmp > secrets.json - # rm -f .secrets.json.tmp + rm -f .secrets.json.tmp popd >/dev/null || exit } @@ -52,6 +45,7 @@ Proceed? [y/N] " response if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then echo "Running one-time setup script..." sleep 1 + /workspace/.devcontainer/bitwarden_common/configure_env # ensure idempotence get_installation_id_and_key configure_other_vars pushd ./dev >/dev/null || exit diff --git a/.devcontainer/internal_dev/configure_env b/.devcontainer/internal_dev/configure_env deleted file mode 100755 index 69aee7ade16a..000000000000 --- a/.devcontainer/internal_dev/configure_env +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env bash - -test_env() { - if [ ! -f ./dev/.env ]; then - echo "Creating ./dev/.env with default key-values" - echo "COMPOSE_PROJECT_NAME=bitwarden_server" > ./dev/.env - echo "MSSQL_SA_PASSWORD=d3vP@ssw0rd" >> ./dev/.env - else - echo "Found ./dev/.env" - copy_mssql_var - fi -} - -copy_mssql_var() { - if grep -q "^MSSQL_SA_PASSWORD" ./dev/.env; then - echo "MSSQL_SA_PASSWORD already exists in ./dev/.env" - else - echo "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" - DB_PASSWORD=$(grep '^MSSQL_PASSWORD=' ./dev/.env) - echo "${DB_PASSWORD/MSSQL_PASSWORD/MSSQL_SA_PASSWORD}" >> ./dev/.env - fi -} - -test_env diff --git a/.devcontainer/internal_dev/configure_env.cmd b/.devcontainer/internal_dev/configure_env.cmd deleted file mode 100755 index 3b639a660b04..000000000000 --- a/.devcontainer/internal_dev/configure_env.cmd +++ /dev/null @@ -1,24 +0,0 @@ -function Test-Env { - if (!(Test-Path "./dev/.env")) { - Write-Host "Creating ./dev/.env with default key-values" - Set-Content -Path "./dev/.env" -Value "COMPOSE_PROJECT_NAME=bitwarden_server" - Add-Content -Path "./dev/.env" -Value "MSSQL_SA_PASSWORD=d3vP@ssw0rd" - } - else { - Write-Host "Found ./dev/.env" - Copy-MSSQLVar - } -} - -function Copy-MSSQLVar { - if (Select-String -Path "./dev/.env" -Pattern "^MSSQL_SA_PASSWORD" -Quiet) { - Write-Host "MSSQL_SA_PASSWORD already exists in ./dev/.env" - } - else { - Write-Host "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" - $DB_PASSWORD = Get-Content "./dev/.env" | Where-Object { $_ -match "^MSSQL_PASSWORD=" } - $DB_PASSWORD -replace "^MSSQL_PASSWORD", "MSSQL_SA_PASSWORD" | Out-File -Append ./dev/.env - } -} - -Test-Env diff --git a/.devcontainer/internal_dev/devcontainer.json b/.devcontainer/internal_dev/devcontainer.json index 4afc3ac6191d..dcd18fc60dba 100644 --- a/.devcontainer/internal_dev/devcontainer.json +++ b/.devcontainer/internal_dev/devcontainer.json @@ -1,7 +1,9 @@ { "name": "Bitwarden Dev", - "dockerComposeFile": "docker-compose.yml", - "service": "bitwarden_server", + "dockerComposeFile": [ + "../../.devcontainer/bitwarden_common/docker-compose.yml", + "../../.devcontainer/internal_dev/docker-compose.override.yml" + ], "service": "bitwarden_server", "workspaceFolder": "/workspace", "customizations": { "vscode": { @@ -10,6 +12,6 @@ "extensions": ["ms-dotnettools.csharp"] } }, - "initializeCommand": [".devcontainer/internal_dev/configure_env"], + "initializeCommand": [".devcontainer/bitwarden_common/configure_env"], "postCreateCommand": "bash .devcontainer/internal_dev/postCreateCommand.sh" } diff --git a/.devcontainer/internal_dev/docker-compose.override.yml b/.devcontainer/internal_dev/docker-compose.override.yml new file mode 100644 index 000000000000..9aaee9ee62f9 --- /dev/null +++ b/.devcontainer/internal_dev/docker-compose.override.yml @@ -0,0 +1,9 @@ +version: '3' + +services: + bitwarden_storage: + image: mcr.microsoft.com/azure-storage/azurite:latest + restart: unless-stopped + volumes: + - ../../dev/.data/azurite:/data + network_mode: service:bitwarden_server diff --git a/.devcontainer/internal_dev/docker-compose.yml b/.devcontainer/internal_dev/docker-compose.yml deleted file mode 100644 index b5c290e5bc00..000000000000 --- a/.devcontainer/internal_dev/docker-compose.yml +++ /dev/null @@ -1,39 +0,0 @@ -version: '3' - -services: - bitwarden_server: - image: mcr.microsoft.com/devcontainers/dotnet:0-6.0 - volumes: - - ../../:/workspace:cached - # Overrides default command so things don't shut down after the process ends. - command: sleep infinity - - bitwarden_mssql: - image: mcr.microsoft.com/azure-sql-edge:latest - restart: unless-stopped - env_file: - ../../dev/.env - environment: - ACCEPT_EULA: "Y" - MSSQL_PID: Developer - volumes: - - edgesql_dev_data:/var/opt/mssql - - ../../util/Migrator:/mnt/migrator/ - - ../../dev/helpers/mssql:/mnt/helpers - - ../../dev/.data/mssql:/mnt/data - network_mode: service:bitwarden_server - - bitwarden_storage: - image: mcr.microsoft.com/azure-storage/azurite:latest - restart: unless-stopped - volumes: - - ../../dev/.data/azurite:/data - network_mode: service:bitwarden_server - - bitwarden_mail: - image: sj26/mailcatcher:latest - restart: unless-stopped - network_mode: service:bitwarden_server - -volumes: - edgesql_dev_data: diff --git a/.devcontainer/internal_dev/postCreateCommand.sh b/.devcontainer/internal_dev/postCreateCommand.sh old mode 100755 new mode 100644 index 1e70ad3cb72d..18b135b676e7 --- a/.devcontainer/internal_dev/postCreateCommand.sh +++ b/.devcontainer/internal_dev/postCreateCommand.sh @@ -28,7 +28,7 @@ configure_other_vars() { pushd ./dev >/dev/null || exit cp secrets.json .secrets.json.tmp # set DB_PASSWORD equal to .services.mssql.environment.MSSQL_SA_PASSWORD, accounting for quotes - DB_PASSWORD="$(grep -oP 'MSSQL_SA_PASSWORD:\s*["'"'"']?\K[^"'"'"'\s]+' $CONTAINER_CONFIG/docker-compose.yml)" + DB_PASSWORD="$(grep -oP 'MSSQL_SA_PASSWORD=["'"'"']?\K[^"'"'"'\s]+' $DEV_DIR/.env)" CERT_OUTPUT="$(./create_certificates_linux.sh)" #shellcheck disable=SC2086 IDENTITY_SERVER_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Identity Server Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" @@ -43,6 +43,7 @@ configure_other_vars() { .globalSettings.identityServer.certificateThumbprint = \"$IDENTITY_SERVER_FINGERPRINT\" | .globalSettings.dataProtection.certificateThumbprint = \"$DATA_PROTECTION_FINGERPRINT\"" \ .secrets.json.tmp >secrets.json + rm .secrets.json.tmp popd >/dev/null || exit } @@ -54,6 +55,7 @@ Proceed? [y/N] " response if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then echo "Running one-time setup script..." sleep 1 + /workspace/.devcontainer/bitwarden_common/configure_env # ensure idempotence # get_installation_id_and_key # I don't think we'd need this for most internal dev work read -r -p \ "Place the secrets.json and dev.pfx files from our shared Collection in the ./dev directory. From 806326962f1385226e45d2f554e6fa606c307103 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Sun, 9 Jul 2023 15:01:54 -0700 Subject: [PATCH 09/17] chmod +x scripts --- .devcontainer/bitwarden_common/configure_env | 0 .devcontainer/bitwarden_common/configure_env.cmd | 0 .devcontainer/bitwarden_common/configure_env.ps1 | 0 .devcontainer/community_dev/postCreateCommand.sh | 0 .devcontainer/internal_dev/postCreateCommand.sh | 0 5 files changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 .devcontainer/bitwarden_common/configure_env mode change 100644 => 100755 .devcontainer/bitwarden_common/configure_env.cmd mode change 100644 => 100755 .devcontainer/bitwarden_common/configure_env.ps1 mode change 100644 => 100755 .devcontainer/community_dev/postCreateCommand.sh mode change 100644 => 100755 .devcontainer/internal_dev/postCreateCommand.sh diff --git a/.devcontainer/bitwarden_common/configure_env b/.devcontainer/bitwarden_common/configure_env old mode 100644 new mode 100755 diff --git a/.devcontainer/bitwarden_common/configure_env.cmd b/.devcontainer/bitwarden_common/configure_env.cmd old mode 100644 new mode 100755 diff --git a/.devcontainer/bitwarden_common/configure_env.ps1 b/.devcontainer/bitwarden_common/configure_env.ps1 old mode 100644 new mode 100755 diff --git a/.devcontainer/community_dev/postCreateCommand.sh b/.devcontainer/community_dev/postCreateCommand.sh old mode 100644 new mode 100755 diff --git a/.devcontainer/internal_dev/postCreateCommand.sh b/.devcontainer/internal_dev/postCreateCommand.sh old mode 100644 new mode 100755 From 34e184bc1e12c85371305ac3c44e4950610a852b Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Mon, 10 Jul 2023 07:02:51 -0700 Subject: [PATCH 10/17] remove problematic env config scripts --- .devcontainer/bitwarden_common/configure_env | 24 ------------------- .../bitwarden_common/configure_env.cmd | 1 - .../bitwarden_common/configure_env.ps1 | 24 ------------------- .devcontainer/community_dev/devcontainer.json | 1 - .devcontainer/internal_dev/devcontainer.json | 1 - 5 files changed, 51 deletions(-) delete mode 100755 .devcontainer/bitwarden_common/configure_env delete mode 100755 .devcontainer/bitwarden_common/configure_env.cmd delete mode 100755 .devcontainer/bitwarden_common/configure_env.ps1 diff --git a/.devcontainer/bitwarden_common/configure_env b/.devcontainer/bitwarden_common/configure_env deleted file mode 100755 index 69aee7ade16a..000000000000 --- a/.devcontainer/bitwarden_common/configure_env +++ /dev/null @@ -1,24 +0,0 @@ -#!/usr/bin/env bash - -test_env() { - if [ ! -f ./dev/.env ]; then - echo "Creating ./dev/.env with default key-values" - echo "COMPOSE_PROJECT_NAME=bitwarden_server" > ./dev/.env - echo "MSSQL_SA_PASSWORD=d3vP@ssw0rd" >> ./dev/.env - else - echo "Found ./dev/.env" - copy_mssql_var - fi -} - -copy_mssql_var() { - if grep -q "^MSSQL_SA_PASSWORD" ./dev/.env; then - echo "MSSQL_SA_PASSWORD already exists in ./dev/.env" - else - echo "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" - DB_PASSWORD=$(grep '^MSSQL_PASSWORD=' ./dev/.env) - echo "${DB_PASSWORD/MSSQL_PASSWORD/MSSQL_SA_PASSWORD}" >> ./dev/.env - fi -} - -test_env diff --git a/.devcontainer/bitwarden_common/configure_env.cmd b/.devcontainer/bitwarden_common/configure_env.cmd deleted file mode 100755 index c7869f2f6959..000000000000 --- a/.devcontainer/bitwarden_common/configure_env.cmd +++ /dev/null @@ -1 +0,0 @@ -PowerShell.exe -ExecutionPolicy Bypass -File ".devcontainer\bitwarden_common\configure_env.ps1" diff --git a/.devcontainer/bitwarden_common/configure_env.ps1 b/.devcontainer/bitwarden_common/configure_env.ps1 deleted file mode 100755 index 3b639a660b04..000000000000 --- a/.devcontainer/bitwarden_common/configure_env.ps1 +++ /dev/null @@ -1,24 +0,0 @@ -function Test-Env { - if (!(Test-Path "./dev/.env")) { - Write-Host "Creating ./dev/.env with default key-values" - Set-Content -Path "./dev/.env" -Value "COMPOSE_PROJECT_NAME=bitwarden_server" - Add-Content -Path "./dev/.env" -Value "MSSQL_SA_PASSWORD=d3vP@ssw0rd" - } - else { - Write-Host "Found ./dev/.env" - Copy-MSSQLVar - } -} - -function Copy-MSSQLVar { - if (Select-String -Path "./dev/.env" -Pattern "^MSSQL_SA_PASSWORD" -Quiet) { - Write-Host "MSSQL_SA_PASSWORD already exists in ./dev/.env" - } - else { - Write-Host "Copying MSSQL_PASSWORD to MSSQL_SA_PASSWORD" - $DB_PASSWORD = Get-Content "./dev/.env" | Where-Object { $_ -match "^MSSQL_PASSWORD=" } - $DB_PASSWORD -replace "^MSSQL_PASSWORD", "MSSQL_SA_PASSWORD" | Out-File -Append ./dev/.env - } -} - -Test-Env diff --git a/.devcontainer/community_dev/devcontainer.json b/.devcontainer/community_dev/devcontainer.json index edb9dac530a8..f2b2699e4c7b 100644 --- a/.devcontainer/community_dev/devcontainer.json +++ b/.devcontainer/community_dev/devcontainer.json @@ -10,6 +10,5 @@ "extensions": ["ms-dotnettools.csharp"] } }, - "initializeCommand": [".devcontainer/bitwarden_common/configure_env"], "postCreateCommand": "bash .devcontainer/community_dev/postCreateCommand.sh" } diff --git a/.devcontainer/internal_dev/devcontainer.json b/.devcontainer/internal_dev/devcontainer.json index dcd18fc60dba..6961c7e443ec 100644 --- a/.devcontainer/internal_dev/devcontainer.json +++ b/.devcontainer/internal_dev/devcontainer.json @@ -12,6 +12,5 @@ "extensions": ["ms-dotnettools.csharp"] } }, - "initializeCommand": [".devcontainer/bitwarden_common/configure_env"], "postCreateCommand": "bash .devcontainer/internal_dev/postCreateCommand.sh" } From 65775cbce42123e409b7994d0308c4bd9e77ddc5 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Mon, 10 Jul 2023 07:03:37 -0700 Subject: [PATCH 11/17] add mention of var that is needed for devcontainer --- dev/.env.example | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/dev/.env.example b/dev/.env.example index 18346872e6b1..d0ebf50efbc4 100644 --- a/dev/.env.example +++ b/dev/.env.example @@ -1,7 +1,11 @@ COMPOSE_PROJECT_NAME=bitwardenserver # Ensure the MSSQL_PASSWORD is complex and follows the password policy defined at # https://docs.microsoft.com/en-us/sql/relational-databases/security/password-policy?view=sql-server-ver15 + +# The MSSQL*_PASSWORD variables can be the same value; MSSQL_SA_PASSWORD is used for VS Code devcontainers +# and MSSQL_PASSWORD is used for docker-compose for traditional dev configurations. MSSQL_PASSWORD=SET_A_PASSWORD_HERE_123 +MSSQL_SA_PASSWORD=SET_A_PASSWORD_HERE_123 MAILCATCHER_PORT=1080 # Alternative databases From a43277000717bbae4af990a1d73f8bad829b974e Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Mon, 10 Jul 2023 07:13:09 -0700 Subject: [PATCH 12/17] remove ref to deleted script --- .devcontainer/community_dev/postCreateCommand.sh | 1 - .devcontainer/internal_dev/postCreateCommand.sh | 2 -- 2 files changed, 3 deletions(-) diff --git a/.devcontainer/community_dev/postCreateCommand.sh b/.devcontainer/community_dev/postCreateCommand.sh index 04f30755d9d1..7e2848a43702 100755 --- a/.devcontainer/community_dev/postCreateCommand.sh +++ b/.devcontainer/community_dev/postCreateCommand.sh @@ -45,7 +45,6 @@ Proceed? [y/N] " response if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then echo "Running one-time setup script..." sleep 1 - /workspace/.devcontainer/bitwarden_common/configure_env # ensure idempotence get_installation_id_and_key configure_other_vars pushd ./dev >/dev/null || exit diff --git a/.devcontainer/internal_dev/postCreateCommand.sh b/.devcontainer/internal_dev/postCreateCommand.sh index 18b135b676e7..443c29ff0a2b 100755 --- a/.devcontainer/internal_dev/postCreateCommand.sh +++ b/.devcontainer/internal_dev/postCreateCommand.sh @@ -55,8 +55,6 @@ Proceed? [y/N] " response if [[ "$response" =~ ^([yY][eE][sS]|[yY])+$ ]]; then echo "Running one-time setup script..." sleep 1 - /workspace/.devcontainer/bitwarden_common/configure_env # ensure idempotence - # get_installation_id_and_key # I don't think we'd need this for most internal dev work read -r -p \ "Place the secrets.json and dev.pfx files from our shared Collection in the ./dev directory. Press to continue." From 82eb447efa259e4f8589bd861c5dcce62e6bab85 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Thu, 26 Oct 2023 13:31:31 -0700 Subject: [PATCH 13/17] Update .devcontainer/community_dev/devcontainer.json Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> --- .devcontainer/community_dev/devcontainer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devcontainer/community_dev/devcontainer.json b/.devcontainer/community_dev/devcontainer.json index f2b2699e4c7b..b9c31709a869 100644 --- a/.devcontainer/community_dev/devcontainer.json +++ b/.devcontainer/community_dev/devcontainer.json @@ -7,7 +7,7 @@ "vscode": { "settings": {}, "features": {}, - "extensions": ["ms-dotnettools.csharp"] + "extensions": ["ms-dotnettools.csdevkit"] } }, "postCreateCommand": "bash .devcontainer/community_dev/postCreateCommand.sh" From dcbd67447dbda416de5a8d94f605ac0eb0c78e72 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Thu, 26 Oct 2023 14:12:12 -0700 Subject: [PATCH 14/17] Update .devcontainer/internal_dev/devcontainer.json Co-authored-by: Justin Baur <19896123+justindbaur@users.noreply.github.com> --- .devcontainer/internal_dev/devcontainer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devcontainer/internal_dev/devcontainer.json b/.devcontainer/internal_dev/devcontainer.json index 6961c7e443ec..d86d0576aac1 100644 --- a/.devcontainer/internal_dev/devcontainer.json +++ b/.devcontainer/internal_dev/devcontainer.json @@ -9,7 +9,7 @@ "vscode": { "settings": {}, "features": {}, - "extensions": ["ms-dotnettools.csharp"] + "extensions": ["ms-dotnettools.csdevkit"] } }, "postCreateCommand": "bash .devcontainer/internal_dev/postCreateCommand.sh" From ac2b0ba281507a05e5ad6806810f21769227928f Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Mon, 6 Nov 2023 11:16:01 -0800 Subject: [PATCH 15/17] use dev image for `6.0.416` SDK --- .devcontainer/bitwarden_common/docker-compose.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.devcontainer/bitwarden_common/docker-compose.yml b/.devcontainer/bitwarden_common/docker-compose.yml index b2420f735c90..295fd08da2ce 100644 --- a/.devcontainer/bitwarden_common/docker-compose.yml +++ b/.devcontainer/bitwarden_common/docker-compose.yml @@ -2,7 +2,7 @@ version: '3' services: bitwarden_server: - image: mcr.microsoft.com/devcontainers/dotnet:0-6.0 + image: mcr.microsoft.com/devcontainers/dotnet:dev-6.0 volumes: - ../../:/workspace:cached # Overrides default command so things don't shut down after the process ends. From 71732d1518e0b143bbb0227b36d4f32c945b0ed5 Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Mon, 6 Nov 2023 11:18:29 -0800 Subject: [PATCH 16/17] revert to manual DB migrations --- .devcontainer/community_dev/postCreateCommand.sh | 6 ++++++ .devcontainer/internal_dev/postCreateCommand.sh | 5 +++++ src/Admin/Startup.cs | 2 +- 3 files changed, 12 insertions(+), 1 deletion(-) diff --git a/.devcontainer/community_dev/postCreateCommand.sh b/.devcontainer/community_dev/postCreateCommand.sh index 7e2848a43702..d6dc56a0dd6b 100755 --- a/.devcontainer/community_dev/postCreateCommand.sh +++ b/.devcontainer/community_dev/postCreateCommand.sh @@ -24,6 +24,7 @@ configure_other_vars() { IDENTITY_SERVER_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Identity Server Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" #shellcheck disable=SC2086 DATA_PROTECTION_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Data Protection Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" + SQL_CONNECTION_STRING="Server=localhost;Database=vault_dev;User Id=SA;Password=$DB_PASSWORD;Encrypt=True;TrustServerCertificate=True" echo "Identity Server Dev: $IDENTITY_SERVER_FINGERPRINT" echo "Data Protection Dev: $DATA_PROTECTION_FINGERPRINT" jq \ @@ -50,6 +51,11 @@ Proceed? [y/N] " response pushd ./dev >/dev/null || exit pwsh ./setup_secrets.ps1 || true popd >/dev/null || exit + + echo "Running migrations..." + sleep 5 # wait for DB container to start + dotnet run --project ./util/MsSqlMigratorUtility "$SQL_CONNECTION_STRING" + fi } diff --git a/.devcontainer/internal_dev/postCreateCommand.sh b/.devcontainer/internal_dev/postCreateCommand.sh index 443c29ff0a2b..e857c337d8ca 100755 --- a/.devcontainer/internal_dev/postCreateCommand.sh +++ b/.devcontainer/internal_dev/postCreateCommand.sh @@ -34,6 +34,7 @@ configure_other_vars() { IDENTITY_SERVER_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Identity Server Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" #shellcheck disable=SC2086 DATA_PROTECTION_FINGERPRINT="$(echo $CERT_OUTPUT | awk -F 'Data Protection Dev: ' '{match($2, /[[:alnum:]]+/); print substr($2, RSTART, RLENGTH)}')" + SQL_CONNECTION_STRING="Server=localhost;Database=vault_dev;User Id=SA;Password=$DB_PASSWORD;Encrypt=True;TrustServerCertificate=True" echo "Identity Server Dev: $IDENTITY_SERVER_FINGERPRINT" echo "Data Protection Dev: $DATA_PROTECTION_FINGERPRINT" jq \ @@ -73,6 +74,10 @@ Press to continue." echo "Injecting dotnet secrets..." pwsh ./setup_secrets.ps1 || true popd >/dev/null || exit + + echo "Running migrations..." + sleep 5 # wait for DB container to start + dotnet run --project ./util/MsSqlMigratorUtility "$SQL_CONNECTION_STRING" fi } diff --git a/src/Admin/Startup.cs b/src/Admin/Startup.cs index 3a4f30d27709..a10cd4d2de56 100644 --- a/src/Admin/Startup.cs +++ b/src/Admin/Startup.cs @@ -110,7 +110,7 @@ public void ConfigureServices(IServiceCollection services) // Jobs service Jobs.JobsHostedService.AddJobsServices(services, globalSettings.SelfHosted); services.AddHostedService(); - if (globalSettings.SelfHosted || Environment.IsDevelopment()) + if (globalSettings.SelfHosted) { services.AddHostedService(); } From 13825662ae0f80d88b665e91e00774999df7aced Mon Sep 17 00:00:00 2001 From: tangowithfoxtrot <5676771+tangowithfoxtrot@users.noreply.github.com> Date: Mon, 6 Nov 2023 12:25:03 -0800 Subject: [PATCH 17/17] reuse SQL connection string var --- .devcontainer/community_dev/postCreateCommand.sh | 2 +- .devcontainer/internal_dev/postCreateCommand.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.devcontainer/community_dev/postCreateCommand.sh b/.devcontainer/community_dev/postCreateCommand.sh index d6dc56a0dd6b..afb852dc1d5e 100755 --- a/.devcontainer/community_dev/postCreateCommand.sh +++ b/.devcontainer/community_dev/postCreateCommand.sh @@ -28,7 +28,7 @@ configure_other_vars() { echo "Identity Server Dev: $IDENTITY_SERVER_FINGERPRINT" echo "Data Protection Dev: $DATA_PROTECTION_FINGERPRINT" jq \ - ".globalSettings.sqlServer.connectionString = \"Server=localhost;Database=vault_dev;User Id=SA;Password=$DB_PASSWORD;Encrypt=True;TrustServerCertificate=True\" | + ".globalSettings.sqlServer.connectionString = \"$SQL_CONNECTION_STRING\" | .globalSettings.postgreSql.connectionString = \"Host=localhost;Username=postgres;Password=$DB_PASSWORD;Database=vault_dev;Include Error Detail=true\" | .globalSettings.mySql.connectionString = \"server=localhost;uid=root;pwd=$DB_PASSWORD;database=vault_dev\" | .globalSettings.identityServer.certificateThumbprint = \"$IDENTITY_SERVER_FINGERPRINT\" | diff --git a/.devcontainer/internal_dev/postCreateCommand.sh b/.devcontainer/internal_dev/postCreateCommand.sh index e857c337d8ca..db074e218452 100755 --- a/.devcontainer/internal_dev/postCreateCommand.sh +++ b/.devcontainer/internal_dev/postCreateCommand.sh @@ -38,7 +38,7 @@ configure_other_vars() { echo "Identity Server Dev: $IDENTITY_SERVER_FINGERPRINT" echo "Data Protection Dev: $DATA_PROTECTION_FINGERPRINT" jq \ - ".globalSettings.sqlServer.connectionString = \"Server=localhost;Database=vault_dev;User Id=SA;Password=$DB_PASSWORD;Encrypt=True;TrustServerCertificate=True\" | + ".globalSettings.sqlServer.connectionString = \"$SQL_CONNECTION_STRING\" | .globalSettings.postgreSql.connectionString = \"Host=localhost;Username=postgres;Password=$DB_PASSWORD;Database=vault_dev;Include Error Detail=true\" | .globalSettings.mySql.connectionString = \"server=localhost;uid=root;pwd=$DB_PASSWORD;database=vault_dev\" | .globalSettings.identityServer.certificateThumbprint = \"$IDENTITY_SERVER_FINGERPRINT\" |