poc: support a bitwarden-gov.com cloud environment#7702
Draft
addisonbeck wants to merge 3 commits into
Draft
Conversation
Codecov Report❌ Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #7702 +/- ##
==========================================
- Coverage 64.90% 60.52% -4.39%
==========================================
Files 2141 2142 +1
Lines 94654 94725 +71
Branches 8456 8459 +3
==========================================
- Hits 61435 57332 -4103
- Misses 31118 35386 +4268
+ Partials 2101 2007 -94 ☔ View full report in Codecov by Sentry. 🚀 New features to boost your workflow:
|
addisonbeck
force-pushed
the
pm-35087-gov-region
branch
from
56a2cb3 to
7d66d78
Compare
addisonbeck
changed the title
addisonbeck
force-pushed
the
pm-35087-gov-region
branch
from
7d66d78 to
df1aa3b
Compare
…um from Setup to Core Centralizes per-region configuration data (domain, API URL, identity URL, vault URL, notifications URL, icons URL, events URL, SSO callback URI) into a new CloudRegionConfig sealed class in Bit.Core.Settings. Eliminates duplication across Constants.cs, ServiceCollectionExtensions.cs, and HandlebarsMailService.cs. Adding a new region now requires defining one CloudRegionConfig entry; domain arrays and Swagger servers derive automatically. Also promotes the CloudRegion enum from util/Setup to src/Core: the enum is relocated from Bit.Setup.Enums to Bit.Core.Enums, the three Setup consumers (Context.cs, Program.cs, and Setup.csproj) are updated to reference the Core namespace, and Setup.csproj gains a direct ProjectReference to Core.csproj. The util/Setup/Enums/CloudRegion.cs file is deleted. - New src/Core/Enums/CloudRegion.cs: CloudRegion enum (US=0, EU=1) in Bit.Core.Enums, decoupled from util/Setup so Core can reference it without a circular project dependency - New src/Core/Settings/CloudRegionConfig.cs: sealed class with private constructor, static All array (US and EU entries), FindByDomain() and FindByRegion() helpers - src/Core/Constants.cs: BitwardenCloudDomains and BitwardenMobileSsoCallbackUris now derived from CloudRegionConfig.All; bitwarden.pw retained with explanatory comments - src/Api/Utilities/ServiceCollectionExtensions.cs: hardcoded US/EU AddSwaggerServerWithSecurity calls replaced with foreach loop over CloudRegionConfig.All - src/Core/Platform/Mail/HandlebarsMailService.cs: GetCloudVaultSubscriptionUrl changed from private to public; switch statement replaced with CloudRegionConfig.FindByRegion() lookup; Enum.Parse<CloudRegion> used to convert the string CloudRegion setting to the enum value - util/Setup/Context.cs, util/Setup/Program.cs: using directive swapped from Bit.Setup.Enums to Bit.Core.Enums - util/Setup/Setup.csproj: added direct ProjectReference to Core.csproj
Adds the fedramp-gov-region feature flag key to FeatureFlagKeys in the Platform Team section. This flag gates Gov region visibility in the client-side environment selector via AvailableRegionsService, preventing bitwarden-gov.com from appearing to users before the feature is enabled. The flag string value matches what will be registered in LaunchDarkly and declared in the clients feature-flag enum (FeatureFlag.FedRampGovRegion).
addisonbeck
force-pushed
the
pm-35087-gov-region
branch
from
df1aa3b to
2f5e2c6
Compare
…ns, and Gov vault URL
Adds Gov region support across three layers:
1. Enum value: adds Gov=2 to src/Core/Enums/CloudRegion.cs
(Bit.Core.Enums.CloudRegion). The Setup-layer enum was removed in the
preceding commit; there is now a single canonical enum in Core.
2. CloudRegionConfig.All: appends Gov entry with bitwarden-gov.com domains
(API, identity, vault, notifications, icons, events, SSO callback).
Because BitwardenCloudDomains and BitwardenMobileSsoCallbackUris in
Constants.cs already derive from CloudRegionConfig.All via LINQ spread,
Gov is automatically included in both allowlists at no extra cost.
3. Tests:
- ConstantsTests: BitwardenCloudDomains_ContainsAllProductionDomains and
BitwardenMobileSsoCallbackUris_ContainsAllRegionCallbacks are parametrized
over US/EU/Gov to assert domain and SSO-callback presence
- HandlebarsMailServiceTests: GetCloudVaultSubscriptionUrl_ResolvesPerRegion
parametrized over us/eu/gov to assert vault URL prefix resolution
Implementation note: the prior coordinator's decision to create a new
Bit.Core.Enums.CloudRegion (rather than keep it in Bit.Setup.Enums) was
correct to avoid a circular project dependency (Core must not reference
Setup). Now that the Setup enum is deleted, adding a new region requires
only a single enum update in src/Core/Enums/CloudRegion.cs.
Refs: PM-35089, PM-35087
addisonbeck
force-pushed
the
pm-35087-gov-region
branch
from
2f5e2c6 to
fe70e5d
Compare
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
🎟️ Tracking
https://bitwarden.atlassian.net/browse/PM-35181
bitwarden/clients#20826
📔 Objective
This PR demonstrates the clients-side approach from the tech breakdown. It is not intended for production merge; it exists to validate the breakdown's assumptions, surface deviations, and provide a concrete starting point for the implementation sprint. It follows the breakdown task-for task.