-
Notifications
You must be signed in to change notification settings - Fork 360
142 lines (134 loc) · 5.76 KB
/
chart_update_on_merge.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
name: chart-update-on-merge
on:
pull_request:
types:
- closed
jobs:
chart-update:
name: Cromwell Version Auto Updater
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
steps:
- name: Clone Cromwell
uses: actions/checkout@v4
with:
repository: broadinstitute/cromwell
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: cromwell
- id: get-jira-id
# We're cloning multiple repos, so Cromwell and its actions are at `./cromwell/` instead of `./`
uses: ./cromwell/.github/library/get_jira_id
- uses: actions/setup-java@v4
with:
distribution: 'temurin'
java-version: '17'
- name: (DISABLED) Clone Cromwhelm
# WX-1837 disabling CI for this chart, used by AoU RWB only
if: false
uses: actions/checkout@v2
with:
repository: broadinstitute/cromwhelm
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: cromwhelm
- name: Find Cromwell short SHA
run: |
set -e
cd cromwell
echo "CROMWELL_SHORT_SHA=`git rev-parse --short $GITHUB_SHA`" >> $GITHUB_ENV
- name: Find Cromwell release number
run: |
set -e
previous_version=$(curl -X GET https://api.github.com/repos/broadinstitute/cromwell/releases/latest | jq .tag_name | xargs)
if ! [[ "${previous_version}" =~ ^[0-9][0-9]+$ ]]; then
exit 1
fi
echo "CROMWELL_NUMBER=$((previous_version + 1))" >> $GITHUB_ENV
- name: Save complete image ID
run: |
echo "CROMWELL_VERSION=`echo "$CROMWELL_NUMBER-$CROMWELL_SHORT_SHA"`" >> $GITHUB_ENV
# `DSDEJENKINS_PASSWORD` auto syncs from vault with https://github.com/broadinstitute/terraform-ap-deployments/pull/614
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: dsdejenkins
password: ${{ secrets.DSDEJENKINS_PASSWORD }}
# Build & push `cromwell`, `womtool`, `cromiam`, and `cromwell-drs-localizer`
# This step is validated in the GHA 'docker_build_test.yml' without the accompanying docker push
- name: Build Cromwell Docker
run: |
set -e
cd cromwell
sbt -Dproject.isSnapshot=false dockerBuildAndPush
- name: Deploy to dev and board release train (Cromwell)
uses: broadinstitute/repository-dispatch@master
with:
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
repository: broadinstitute/terra-helmfile
event-type: update-service
client-payload: '{"service": "cromwell", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}'
- name: Deploy to dev and board release train (CromIAM)
uses: broadinstitute/repository-dispatch@master
with:
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
repository: broadinstitute/terra-helmfile
event-type: update-service
client-payload: '{"service": "cromiam", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}'
- name: (DISABLED) Edit & push cromwhelm chart
# WX-1837 disabling CI for this chart, used by AoU RWB only
if: false
env:
BROADBOT_GITHUB_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
run: |
set -e
cd cromwhelm
git checkout main
ls -la
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" terra-batch-libchart/values.yaml
git diff
git config --global user.name "broadbot"
git config --global user.email "[email protected]"
git commit -am "${{ steps.get-jira-id.outputs.jira-id }}: Auto update to Cromwell $CROMWELL_VERSION"
git push https://broadbot:[email protected]/broadinstitute/cromwhelm.git main
cd -
### WX-1836 Steps below here are disabled Azure CI
- name: (DISABLED) Clone terra-helmfile
uses: actions/checkout@v3
if: false
with:
repository: broadinstitute/terra-helmfile
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: terra-helmfile
- name: (DISABLED) Update workflows-app in terra-helmfile
if: false
run: |
set -e
cd terra-helmfile
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/workflows-app/values.yaml
cd -
- name: (DISABLED) Update cromwell-runner-app in terra-helmfile
if: false
run: |
set -e
cd terra-helmfile
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/cromwell-runner-app/values.yaml
cd -
- name: (DISABLED) Make PR in terra-helmfile
if: false
env:
BROADBOT_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
GH_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
run: |
set -e
JIRA_ID=${{ steps.get-jira-id.outputs.jira-id }}
if [[ $JIRA_ID == "missing" ]]; then
echo "JIRA_ID missing, PR to terra-helmfile will not be created"
exit 0;
fi
cd terra-helmfile
git checkout -b ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION
git config --global user.name "broadbot"
git config --global user.email "[email protected]"
git commit -am "${JIRA_ID}: Auto update Cromwell to $CROMWELL_VERSION in workflows-app and cromwell-runner-app"
git push -u origin ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION
gh pr create --title "${JIRA_ID}: auto update Cromwell version to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" --body "${JIRA_ID} helm chart update" --label "automerge"
cd -