From 1950c714f519e59bb34328d9e75b1df77ce440c0 Mon Sep 17 00:00:00 2001
From: Dryusdan <contact@dryusdan.fr>
Date: Tue, 6 Dec 2022 17:05:50 +0100
Subject: [PATCH] Use builded web interface

---
 tasks/main.yml | 132 ++++++++++++++++---------------------------------
 1 file changed, 42 insertions(+), 90 deletions(-)

diff --git a/tasks/main.yml b/tasks/main.yml
index 5a61463..0aab5b1 100644
--- a/tasks/main.yml
+++ b/tasks/main.yml
@@ -27,6 +27,18 @@
     - install
     - upgrade
 
+- name: "Get web-build version"
+  uri:
+    url: https://api.github.com/repos/dani-garcia/bw_web_builds/releases/latest
+    method: GET
+    return_content: yes
+    status_code: 200
+    body_format: json
+  register: webbuild_github_repo
+  tags:
+    - install
+    - upgrade
+
 - name: Get rustup installer
   get_url:
     url: https://sh.rustup.rs
@@ -78,6 +90,22 @@
   tags:
     - upgrade
 
+- name: Remove web build
+  file:
+    path: "{{ item.home }}/web-vault.tar.gz"
+    state: absent
+  loop: "{{ bitwarden }}"
+  tags:
+    - upgrade
+
+- name: Remove web build.asc
+  file:
+    path: "{{ item.home }}/web-vault.tar.gz.asc"
+    state: absent
+  loop: "{{ bitwarden }}"
+  tags:
+    - upgrade
+
 - name: Stop bitwarden
   ansible.builtin.systemd:
     state: stopped
@@ -100,43 +128,6 @@
     - install
     - upgrade
 
-- name: "Clone bitwarden patch"
-  git:
-    repo: https://github.com/dani-garcia/bw_web_builds.git
-    dest: "{{ item.home }}/bw_web_builds"
-  become: yes
-  become_user : "{{ item.name }}"
-  become_method: su
-  become_flags: '-s /bin/bash'
-  loop: "{{ bitwarden }}"
-  tags:
-    - install
-    - upgrade
-
-- name: "Get last patch"
-  shell: ls | sort --version-sort | tail -n 1 | sed "s/.patch//"
-  args:
-    chdir: "{{ item.home }}/bw_web_builds/patches"
-  register: webvault_version
-  loop: "{{ bitwarden }}"
-  tags:
-    - install
-    - upgrade
-
-- name: "Clone bitwarden web"
-  git:
-    repo: https://github.com/bitwarden/clients.git
-    dest: "{{ item.item.home }}/web-vault"
-    version: "web-{{ item.stdout }}"
-  become: yes
-  become_user : "{{ item.item.name }}"
-  become_method: su
-  become_flags: '-s /bin/bash'
-  loop: "{{ webvault_version.results }}"
-  tags:
-    - install
-    - upgrade
-
 - name: Compile bitwarden_rs
   shell: "{{ item.home }}/.cargo/bin/cargo build --release --features {{ item.backend }}"
   args:
@@ -150,80 +141,41 @@
     - install
     - upgrade
 
-- name: Patch web-vault
-  shell: "git apply {{ item.item.home }}/bw_web_builds/patches/{{ item.stdout }}.patch"
-  args:
-    chdir: "{{ item.item.home }}/web-vault"
-  become: yes
-  become_user : "{{ item.item.name }}"
-  become_method: su
-  become_flags: '-s /bin/bash'
-  loop: "{{ webvault_version.results }}"
-  tags:
-    - install
-    - upgrade
-
-- name: Replace google webfont 
-  shell: "sed -i 's/\"gulp-google-webfonts\": \"^4.0.0\"/\"gulp-google-webfonts\": \"^4.1.0\"/' package.json"
-  args:
-    chdir: "{{ item.home }}/web-vault"
+- name: Download web-vault
+  ansible.builtin.get_url:
+    url: "https://github.com/dani-garcia/bw_web_builds/releases/download/{{ webbuild_github_repo.json.tag_name }}/bw_web_{{ webbuild_github_repo.json.tag_name }}.tar.gz"
+    dest: "{{ item.home }}/web-vault.tar.gz"
+    mode: '0440'
   become: yes
   become_user : "{{ item.name }}"
   become_method: su
   become_flags: '-s /bin/bash'
-  loop: "{{ bitwarden }}"
   tags:
     - install
     - upgrade
 
-- name: Init build 
-  shell: "npm ci"
-  args:
-    chdir: "{{ item.home }}/web-vault"
+- name: Download web-vault.asc
+  ansible.builtin.get_url:
+    url: "https://github.com/dani-garcia/bw_web_builds/releases/download/{{ webbuild_github_repo.json.tag_name }}/bw_web_{{ webbuild_github_repo.json.tag_name }}.tar.gz.asc"
+    dest: "{{ item.home }}/web-vault.tar.gz.asc"
+    mode: '0440'
   become: yes
   become_user : "{{ item.name }}"
   become_method: su
   become_flags: '-s /bin/bash'
-  loop: "{{ bitwarden }}"
   tags:
     - install
     - upgrade
 
-- name: Init build with fix 
-  shell: "npm audit fix || true"
+- name: Verify signature
+  ansible.builtin.command:
+    cmd: gpg --verify web-vault.tar.gz.asc
   args:
-    chdir: "{{ item.home }}/web-vault"
+    chdir: "{{ item.home }}"
   become: yes
   become_user : "{{ item.name }}"
   become_method: su
   become_flags: '-s /bin/bash'
-  loop: "{{ bitwarden }}"
-  tags:
-    - install
-    - upgrade
-
-- name: Install npm dependancies
-  shell: "npm run dist:oss:selfhost"
-  args:
-    chdir: "{{ item.home }}/web-vault/apps/web"
-  become: yes
-  become_user : "{{ item.name }}"
-  become_method: su
-  become_flags: '-s /bin/bash'
-  loop: "{{ bitwarden }}"
-  tags:
-    - install
-    - upgrade
-
-- name: Build web-vault 
-  shell: "npm run dist:oss:selfhost"
-  args:
-    chdir: "{{ item.home }}/web-vault"
-  become: yes
-  become_user : "{{ item.name }}"
-  become_method: su
-  become_flags: '-s /bin/bash'
-  loop: "{{ bitwarden }}"
   tags:
     - install
     - upgrade