WX-1351 Another round of CI cleanup #338
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: chart-update-on-merge | |
| on: | |
| pull_request: | |
| types: | |
| - closed | |
| jobs: | |
| chart-update: | |
| name: Cromwhelm Chart Auto Updater | |
| if: github.event.pull_request.merged == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Fetch Jira ID from the commit message | |
| id: fetch-jira-id | |
| run: | | |
| JIRA_ID=$(echo '${{ github.event.pull_request.title }}' | grep -Eo '[A-Z][A-Z]+-[0-9]+' | xargs echo -n | tr '[:space:]' ',') | |
| [[ -z "$JIRA_ID" ]] && { echo "No Jira ID found in $1" ; exit 1; } | |
| echo "JIRA_ID=$JIRA_ID" >> $GITHUB_OUTPUT | |
| - name: Clone Cromwell | |
| uses: actions/checkout@v2 | |
| with: | |
| repository: broadinstitute/cromwell | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
| path: cromwell | |
| - uses: olafurpg/setup-scala@v10 | |
| with: | |
| java-version: adopt@1.11 | |
| - name: Clone Cromwhelm | |
| uses: actions/checkout@v2 | |
| with: | |
| repository: broadinstitute/cromwhelm | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
| path: cromwhelm | |
| - name: Find Cromwell short SHA | |
| run: | | |
| set -e | |
| cd cromwell | |
| echo "CROMWELL_SHORT_SHA=`git rev-parse --short $GITHUB_SHA`" >> $GITHUB_ENV | |
| - name: Find Cromwell release number | |
| run: | | |
| set -e | |
| previous_version=$(curl -X GET https://api.github.com/repos/broadinstitute/cromwell/releases/latest | jq .tag_name | xargs) | |
| if ! [[ "${previous_version}" =~ ^[0-9][0-9]+$ ]]; then | |
| exit 1 | |
| fi | |
| echo "CROMWELL_NUMBER=$((previous_version + 1))" >> $GITHUB_ENV | |
| - name: Save complete image ID | |
| run: | | |
| echo "CROMWELL_VERSION=`echo "$CROMWELL_NUMBER-$CROMWELL_SHORT_SHA"`" >> $GITHUB_ENV | |
| # `DSDEJENKINS_PASSWORD` auto syncs from vault with https://github.com/broadinstitute/terraform-ap-deployments/pull/614 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v1 | |
| with: | |
| username: dsdejenkins | |
| password: ${{ secrets.DSDEJENKINS_PASSWORD }} | |
| # Build & push `cromwell`, `womtool`, `cromiam`, and `cromwell-drs-localizer` | |
| # This step is validated in the GHA 'docker_build_test.yml' without the accompanying docker push | |
| - name: Build Cromwell Docker | |
| run: | | |
| set -e | |
| cd cromwell | |
| sbt -Dproject.isSnapshot=false -Dproject.isRelease=false dockerBuildAndPush | |
| - name: Deploy to dev and board release train (Cromwell) | |
| uses: broadinstitute/repository-dispatch@master | |
| with: | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| repository: broadinstitute/terra-helmfile | |
| event-type: update-service | |
| client-payload: '{"service": "cromwell", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}' | |
| - name: Deploy to dev and board release train (CromIAM) | |
| uses: broadinstitute/repository-dispatch@master | |
| with: | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| repository: broadinstitute/terra-helmfile | |
| event-type: update-service | |
| client-payload: '{"service": "cromiam", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}' | |
| - name: Edit & push cromwhelm chart | |
| env: | |
| BROADBOT_GITHUB_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| run: | | |
| set -e | |
| cd cromwhelm | |
| git checkout main | |
| ls -la | |
| sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" terra-batch-libchart/values.yaml | |
| git diff | |
| git config --global user.name "broadbot" | |
| git config --global user.email "broadbot@broadinstitute.org" | |
| git commit -am "${{ steps.fetch-jira-id.outputs.JIRA_ID }}: Auto update to Cromwell $CROMWELL_VERSION" | |
| git push https://broadbot:$BROADBOT_GITHUB_TOKEN@github.com/broadinstitute/cromwhelm.git main | |
| cd - | |
| - name: Clone terra-helmfile | |
| uses: actions/checkout@v3 | |
| with: | |
| repository: broadinstitute/terra-helmfile | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
| path: terra-helmfile | |
| - name: Update workflows-app in terra-helmfile | |
| run: | | |
| set -e | |
| cd terra-helmfile | |
| sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/workflows-app/values.yaml | |
| cd - | |
| - name: Update cromwell-runner-app in terra-helmfile | |
| run: | | |
| set -e | |
| cd terra-helmfile | |
| sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/cromwell-runner-app/values.yaml | |
| cd - | |
| - name: Make PR in terra-helmfile | |
| env: | |
| BROADBOT_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| GH_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| run: | | |
| set -e | |
| JIRA_ID=${{ steps.fetch-jira-id.outputs.JIRA_ID }} | |
| if [[ $JIRA_ID == "missing" ]]; then | |
| echo "JIRA_ID missing, PR to terra-helmfile will not be created" | |
| exit 0; | |
| fi | |
| cd terra-helmfile | |
| git checkout -b ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION | |
| git config --global user.name "broadbot" | |
| git config --global user.email "broadbot@broadinstitute.org" | |
| git commit -am "${JIRA_ID}: Auto update Cromwell to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" | |
| git push -u origin ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION | |
| gh pr create --title "${JIRA_ID}: auto update Cromwell version to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" --body "${JIRA_ID} helm chart update" --label "automerge" | |
| cd - |