[WX-1792] Helper to Actor #495
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: chart-update-on-merge | |
| on: | |
| pull_request: | |
| types: | |
| - closed | |
| jobs: | |
| chart-update: | |
| name: Cromwell Version Auto Updater | |
| if: github.event.pull_request.merged == true | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Clone Cromwell | |
| uses: actions/checkout@v4 | |
| with: | |
| repository: broadinstitute/cromwell | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
| path: cromwell | |
| - id: get-jira-id | |
| # We're cloning multiple repos, so Cromwell and its actions are at `./cromwell/` instead of `./` | |
| uses: ./cromwell/.github/library/get_jira_id | |
| - uses: actions/setup-java@v4 | |
| with: | |
| distribution: 'temurin' | |
| java-version: '17' | |
| - name: (DISABLED) Clone Cromwhelm | |
| # WX-1837 disabling CI for this chart, used by AoU RWB only | |
| if: false | |
| uses: actions/checkout@v2 | |
| with: | |
| repository: broadinstitute/cromwhelm | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
| path: cromwhelm | |
| - name: Find Cromwell short SHA | |
| run: | | |
| set -e | |
| cd cromwell | |
| echo "CROMWELL_SHORT_SHA=`git rev-parse --short $GITHUB_SHA`" >> $GITHUB_ENV | |
| - name: Find Cromwell release number | |
| run: | | |
| set -e | |
| previous_version=$(curl -X GET https://api.github.com/repos/broadinstitute/cromwell/releases/latest | jq .tag_name | xargs) | |
| if ! [[ "${previous_version}" =~ ^[0-9][0-9]+$ ]]; then | |
| exit 1 | |
| fi | |
| echo "CROMWELL_NUMBER=$((previous_version + 1))" >> $GITHUB_ENV | |
| - name: Save complete image ID | |
| run: | | |
| echo "CROMWELL_VERSION=`echo "$CROMWELL_NUMBER-$CROMWELL_SHORT_SHA"`" >> $GITHUB_ENV | |
| # `DSDEJENKINS_PASSWORD` auto syncs from vault with https://github.com/broadinstitute/terraform-ap-deployments/pull/614 | |
| - name: Login to Docker Hub | |
| uses: docker/login-action@v1 | |
| with: | |
| username: dsdejenkins | |
| password: ${{ secrets.DSDEJENKINS_PASSWORD }} | |
| # Build & push `cromwell`, `womtool`, `cromiam`, and `cromwell-drs-localizer` | |
| # This step is validated in the GHA 'docker_build_test.yml' without the accompanying docker push | |
| - name: Build Cromwell Docker | |
| run: | | |
| set -e | |
| cd cromwell | |
| sbt -Dproject.isSnapshot=false dockerBuildAndPush | |
| - name: Deploy to dev and board release train (Cromwell) | |
| uses: broadinstitute/repository-dispatch@master | |
| with: | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| repository: broadinstitute/terra-helmfile | |
| event-type: update-service | |
| client-payload: '{"service": "cromwell", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}' | |
| - name: Deploy to dev and board release train (CromIAM) | |
| uses: broadinstitute/repository-dispatch@master | |
| with: | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| repository: broadinstitute/terra-helmfile | |
| event-type: update-service | |
| client-payload: '{"service": "cromiam", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}' | |
| - name: (DISABLED) Edit & push cromwhelm chart | |
| # WX-1837 disabling CI for this chart, used by AoU RWB only | |
| if: false | |
| env: | |
| BROADBOT_GITHUB_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| run: | | |
| set -e | |
| cd cromwhelm | |
| git checkout main | |
| ls -la | |
| sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" terra-batch-libchart/values.yaml | |
| git diff | |
| git config --global user.name "broadbot" | |
| git config --global user.email "[email protected]" | |
| git commit -am "${{ steps.get-jira-id.outputs.jira-id }}: Auto update to Cromwell $CROMWELL_VERSION" | |
| git push https://broadbot:[email protected]/broadinstitute/cromwhelm.git main | |
| cd - | |
| ### WX-1836 Steps below here are disabled Azure CI | |
| - name: (DISABLED) Clone terra-helmfile | |
| uses: actions/checkout@v3 | |
| if: false | |
| with: | |
| repository: broadinstitute/terra-helmfile | |
| token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work | |
| path: terra-helmfile | |
| - name: (DISABLED) Update workflows-app in terra-helmfile | |
| if: false | |
| run: | | |
| set -e | |
| cd terra-helmfile | |
| sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/workflows-app/values.yaml | |
| cd - | |
| - name: (DISABLED) Update cromwell-runner-app in terra-helmfile | |
| if: false | |
| run: | | |
| set -e | |
| cd terra-helmfile | |
| sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/cromwell-runner-app/values.yaml | |
| cd - | |
| - name: (DISABLED) Make PR in terra-helmfile | |
| if: false | |
| env: | |
| BROADBOT_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| GH_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }} | |
| run: | | |
| set -e | |
| JIRA_ID=${{ steps.get-jira-id.outputs.jira-id }} | |
| if [[ $JIRA_ID == "missing" ]]; then | |
| echo "JIRA_ID missing, PR to terra-helmfile will not be created" | |
| exit 0; | |
| fi | |
| cd terra-helmfile | |
| git checkout -b ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION | |
| git config --global user.name "broadbot" | |
| git config --global user.email "[email protected]" | |
| git commit -am "${JIRA_ID}: Auto update Cromwell to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" | |
| git push -u origin ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION | |
| gh pr create --title "${JIRA_ID}: auto update Cromwell version to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" --body "${JIRA_ID} helm chart update" --label "automerge" | |
| cd - |