WX-1519 Stop leaking DRS Localizer images on every CI run #383
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: chart-update-on-merge | |
on: | |
pull_request: | |
types: | |
- closed | |
jobs: | |
chart-update: | |
name: Cromwhelm Chart Auto Updater | |
if: github.event.pull_request.merged == true | |
runs-on: ubuntu-latest | |
steps: | |
- name: Fetch Jira ID from the commit message | |
id: fetch-jira-id | |
run: | | |
JIRA_ID=$(echo '${{ github.event.pull_request.title }}' | grep -Eo '[A-Z][A-Z]+-[0-9]+' | xargs echo -n | tr '[:space:]' ',') | |
[[ -z "$JIRA_ID" ]] && { echo "No Jira ID found in $1" ; exit 1; } | |
echo "JIRA_ID=$JIRA_ID" >> $GITHUB_OUTPUT | |
- name: Clone Cromwell | |
uses: actions/checkout@v2 | |
with: | |
repository: broadinstitute/cromwell | |
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
path: cromwell | |
- uses: olafurpg/setup-scala@v10 | |
with: | |
java-version: [email protected] | |
- name: Clone Cromwhelm | |
uses: actions/checkout@v2 | |
with: | |
repository: broadinstitute/cromwhelm | |
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
path: cromwhelm | |
- name: Find Cromwell short SHA | |
run: | | |
set -e | |
cd cromwell | |
echo "CROMWELL_SHORT_SHA=`git rev-parse --short $GITHUB_SHA`" >> $GITHUB_ENV | |
- name: Find Cromwell release number | |
run: | | |
set -e | |
previous_version=$(curl -X GET https://api.github.com/repos/broadinstitute/cromwell/releases/latest | jq .tag_name | xargs) | |
if ! [[ "${previous_version}" =~ ^[0-9][0-9]+$ ]]; then | |
exit 1 | |
fi | |
echo "CROMWELL_NUMBER=$((previous_version + 1))" >> $GITHUB_ENV | |
- name: Save complete image ID | |
run: | | |
echo "CROMWELL_VERSION=`echo "$CROMWELL_NUMBER-$CROMWELL_SHORT_SHA"`" >> $GITHUB_ENV | |
# `DSDEJENKINS_PASSWORD` auto syncs from vault with https://github.com/broadinstitute/terraform-ap-deployments/pull/614 | |
- name: Login to Docker Hub | |
uses: docker/login-action@v1 | |
with: | |
username: dsdejenkins | |
password: ${{ secrets.DSDEJENKINS_PASSWORD }} | |
# Build & push `cromwell`, `womtool`, `cromiam`, and `cromwell-drs-localizer` | |
# This step is validated in the GHA 'docker_build_test.yml' without the accompanying docker push | |
- name: Build Cromwell Docker | |
run: | | |
set -e | |
cd cromwell | |
sbt -Dproject.isSnapshot=false -Dproject.isRelease=false dockerBuildAndPush | |
- name: Deploy to dev and board release train (Cromwell) | |
uses: broadinstitute/repository-dispatch@master | |
with: | |
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
repository: broadinstitute/terra-helmfile | |
event-type: update-service | |
client-payload: '{"service": "cromwell", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}' | |
- name: Deploy to dev and board release train (CromIAM) | |
uses: broadinstitute/repository-dispatch@master | |
with: | |
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
repository: broadinstitute/terra-helmfile | |
event-type: update-service | |
client-payload: '{"service": "cromiam", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}' | |
- name: Edit & push cromwhelm chart | |
env: | |
BROADBOT_GITHUB_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
run: | | |
set -e | |
cd cromwhelm | |
git checkout main | |
ls -la | |
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" terra-batch-libchart/values.yaml | |
git diff | |
git config --global user.name "broadbot" | |
git config --global user.email "[email protected]" | |
git commit -am "${{ steps.fetch-jira-id.outputs.JIRA_ID }}: Auto update to Cromwell $CROMWELL_VERSION" | |
git push https://broadbot:[email protected]/broadinstitute/cromwhelm.git main | |
cd - | |
- name: Clone terra-helmfile | |
uses: actions/checkout@v3 | |
with: | |
repository: broadinstitute/terra-helmfile | |
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
path: terra-helmfile | |
- name: Update workflows-app in terra-helmfile | |
run: | | |
set -e | |
cd terra-helmfile | |
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/workflows-app/values.yaml | |
cd - | |
- name: Update cromwell-runner-app in terra-helmfile | |
run: | | |
set -e | |
cd terra-helmfile | |
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/cromwell-runner-app/values.yaml | |
cd - | |
- name: Make PR in terra-helmfile | |
env: | |
BROADBOT_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
GH_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
run: | | |
set -e | |
JIRA_ID=${{ steps.fetch-jira-id.outputs.JIRA_ID }} | |
if [[ $JIRA_ID == "missing" ]]; then | |
echo "JIRA_ID missing, PR to terra-helmfile will not be created" | |
exit 0; | |
fi | |
cd terra-helmfile | |
git checkout -b ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION | |
git config --global user.name "broadbot" | |
git config --global user.email "[email protected]" | |
git commit -am "${JIRA_ID}: Auto update Cromwell to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" | |
git push -u origin ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION | |
gh pr create --title "${JIRA_ID}: auto update Cromwell version to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" --body "${JIRA_ID} helm chart update" --label "automerge" | |
cd - |