Add !redeploy Comment Command

[CodeGat]

Background

See ACCESS-NRI/model-deployment-template#9 (comment) - instructions for people to add empty commits to redeploy their model is a bit fiddly. So, create a ChatOps command to redeploy, instead.

The majority of this PR is updating the ci.yml job to handle an explicit inputs.pr rather than inferring from github.event.pull_request/github.[head|base]_ref, since we now offer two entrypoints into ci.yml - on.pull_request, and on.issue_comment (specifically, commenting !redeploy).

We also have redeploy-pre/redeploy-post jobs added when the trigger is a !redeploy comment, in which we set the HEAD commit status to pending, run the rest of the ci.yml, then update the HEAD commit again based on the prerelease deployment status.

In this PR:

• ci.yml
  • Updated deployment comment prerelease version templating, references Deployment Comment spack Environment Name Not Filled In #146
  • Added new required input pr, set pr metadata in defaults and clone all repos at inputs.pr, replace all github.* contexts with inputs.pr/needs.default.outputs.*
  • Add redeploy-pre and redeploy-post jobs that handle commit status updates on !redeploy
• validate-repo-version action: Added new required input pr, updated references in ci.yml

Requirements for Model Deployment Repositories

Before merge, there must be updates to deployment repositories like so:

 jobs:
   pr-ci:
     name: CI
-    if: github.event_name == 'pull_request' && github.event.action != 'closed'
+    if: >-
+      (github.event_name == 'pull_request' && github.event.action != 'closed') ||
+      (github.event_name == 'issue_comment' && startsWith(github.event.comment.body, '!redeploy'))
     uses: access-nri/build-cd/.github/workflows/ci.yml@main
     with:
       model: ${{ vars.NAME }}
       # root-sbd: if different from vars.NAME
+      pr: ${{ github.event_name == 'pull_request' && github.event.pull_request.number || github.event.issue.number }}
     permissions:
       pull-requests: write
       contents: write
+      statuses: write
     secrets: inherit
 
   pr-comment:
     name: Comment
-    if: github.event_name == 'issue_comment'
+    if: github.event_name == 'issue_comment' && startsWith(github.event.comment.body, '!bump') 
     uses: access-nri/build-cd/.github/workflows/ci-comment.yml@main
     with:
       model: ${{ vars.NAME }}
       # root-sbd: if different from vars.NAME

Testing

• The majority of testing was done in this PR: Testing !redeploy Comment Command ACCESS-TEST#7 - note the successes at the end!
• All gh commands were tested locally

---

Closes #173
Closes #146

[CodeGat]

Note, this will have to be reworked as we are hitting the limit of 5 nested workflow calls.

[tmcadam]

@CodeGat Will this be used on public repos? If so, would it be an issue with anyone being able to add the magic comment to PRs?

[CodeGat]

Good point @tmcadam - I'll add a similar step that checks the permissions of the user.

[tmcadam]

@CodeGat Could this also be achieved with workflow_dispatch, I think you are able to choose a branch(?). But maybe that is the branch for the action rather than the code that is checked out.

[CodeGat]

Indeed, it's for the branch of the action. And I think it's less overhead to do a command in the PR rather than a workflow dispatch where they need to remember the PR number

[tmcadam]

Looks good, just one comment

[aidanheerdegen]

Looks great, thanks!

Even though this has added a lot of code, the refactor makes it much cleaner I think.

I also appreciated the very thorough overview in the top level post. The context helped a lot with understanding what was being done, which made it a lot quicker for me to review.