Skip to content

WX-1519 Stop leaking DRS Localizer images on every CI run #383

WX-1519 Stop leaking DRS Localizer images on every CI run

WX-1519 Stop leaking DRS Localizer images on every CI run #383

name: chart-update-on-merge
on:
pull_request:
types:
- closed
jobs:
chart-update:
name: Cromwhelm Chart Auto Updater
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
steps:
- name: Fetch Jira ID from the commit message
id: fetch-jira-id
run: |
JIRA_ID=$(echo '${{ github.event.pull_request.title }}' | grep -Eo '[A-Z][A-Z]+-[0-9]+' | xargs echo -n | tr '[:space:]' ',')
[[ -z "$JIRA_ID" ]] && { echo "No Jira ID found in $1" ; exit 1; }
echo "JIRA_ID=$JIRA_ID" >> $GITHUB_OUTPUT
- name: Clone Cromwell
uses: actions/checkout@v2
with:
repository: broadinstitute/cromwell
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: cromwell
- uses: olafurpg/setup-scala@v10
with:
java-version: [email protected]
- name: Clone Cromwhelm
uses: actions/checkout@v2
with:
repository: broadinstitute/cromwhelm
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: cromwhelm
- name: Find Cromwell short SHA
run: |
set -e
cd cromwell
echo "CROMWELL_SHORT_SHA=`git rev-parse --short $GITHUB_SHA`" >> $GITHUB_ENV
- name: Find Cromwell release number
run: |
set -e
previous_version=$(curl -X GET https://api.github.com/repos/broadinstitute/cromwell/releases/latest | jq .tag_name | xargs)
if ! [[ "${previous_version}" =~ ^[0-9][0-9]+$ ]]; then
exit 1
fi
echo "CROMWELL_NUMBER=$((previous_version + 1))" >> $GITHUB_ENV
- name: Save complete image ID
run: |
echo "CROMWELL_VERSION=`echo "$CROMWELL_NUMBER-$CROMWELL_SHORT_SHA"`" >> $GITHUB_ENV
# `DSDEJENKINS_PASSWORD` auto syncs from vault with https://github.com/broadinstitute/terraform-ap-deployments/pull/614
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: dsdejenkins
password: ${{ secrets.DSDEJENKINS_PASSWORD }}
# Build & push `cromwell`, `womtool`, `cromiam`, and `cromwell-drs-localizer`
# This step is validated in the GHA 'docker_build_test.yml' without the accompanying docker push
- name: Build Cromwell Docker
run: |
set -e
cd cromwell
sbt -Dproject.isSnapshot=false -Dproject.isRelease=false dockerBuildAndPush
- name: Deploy to dev and board release train (Cromwell)
uses: broadinstitute/repository-dispatch@master
with:
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
repository: broadinstitute/terra-helmfile
event-type: update-service
client-payload: '{"service": "cromwell", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}'
- name: Deploy to dev and board release train (CromIAM)
uses: broadinstitute/repository-dispatch@master
with:
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
repository: broadinstitute/terra-helmfile
event-type: update-service
client-payload: '{"service": "cromiam", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}'
- name: Edit & push cromwhelm chart
env:
BROADBOT_GITHUB_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
run: |
set -e
cd cromwhelm
git checkout main
ls -la
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" terra-batch-libchart/values.yaml
git diff
git config --global user.name "broadbot"
git config --global user.email "[email protected]"
git commit -am "${{ steps.fetch-jira-id.outputs.JIRA_ID }}: Auto update to Cromwell $CROMWELL_VERSION"
git push https://broadbot:[email protected]/broadinstitute/cromwhelm.git main
cd -
- name: Clone terra-helmfile
uses: actions/checkout@v3
with:
repository: broadinstitute/terra-helmfile
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: terra-helmfile
- name: Update workflows-app in terra-helmfile
run: |
set -e
cd terra-helmfile
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/workflows-app/values.yaml
cd -
- name: Update cromwell-runner-app in terra-helmfile
run: |
set -e
cd terra-helmfile
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/cromwell-runner-app/values.yaml
cd -
- name: Make PR in terra-helmfile
env:
BROADBOT_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
GH_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
run: |
set -e
JIRA_ID=${{ steps.fetch-jira-id.outputs.JIRA_ID }}
if [[ $JIRA_ID == "missing" ]]; then
echo "JIRA_ID missing, PR to terra-helmfile will not be created"
exit 0;
fi
cd terra-helmfile
git checkout -b ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION
git config --global user.name "broadbot"
git config --global user.email "[email protected]"
git commit -am "${JIRA_ID}: Auto update Cromwell to $CROMWELL_VERSION in workflows-app and cromwell-runner-app"
git push -u origin ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION
gh pr create --title "${JIRA_ID}: auto update Cromwell version to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" --body "${JIRA_ID} helm chart update" --label "automerge"
cd -