-
Notifications
You must be signed in to change notification settings - Fork 359
135 lines (127 loc) · 5.6 KB
/
chart_update_on_merge.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: chart-update-on-merge
on:
pull_request:
types:
- closed
jobs:
chart-update:
name: Cromwhelm Chart Auto Updater
if: github.event.pull_request.merged == true
runs-on: ubuntu-latest
steps:
- name: Fetch Jira ID from the commit message
id: fetch-jira-id
run: |
JIRA_ID=$(echo '${{ github.event.pull_request.title }}' | grep -Eo '[A-Z][A-Z]+-[0-9]+' | xargs echo -n | tr '[:space:]' ',')
[[ -z "$JIRA_ID" ]] && { echo "No Jira ID found in $1" ; exit 1; }
echo "JIRA_ID=$JIRA_ID" >> $GITHUB_OUTPUT
- name: Clone Cromwell
uses: actions/checkout@v2
with:
repository: broadinstitute/cromwell
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: cromwell
- uses: olafurpg/setup-scala@v10
with:
java-version: adopt@1.11
- name: Clone Cromwhelm
uses: actions/checkout@v2
with:
repository: broadinstitute/cromwhelm
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: cromwhelm
- name: Find Cromwell short SHA
run: |
set -e
cd cromwell
echo "CROMWELL_SHORT_SHA=`git rev-parse --short $GITHUB_SHA`" >> $GITHUB_ENV
- name: Find Cromwell release number
run: |
set -e
previous_version=$(curl -X GET https://api.github.com/repos/broadinstitute/cromwell/releases/latest | jq .tag_name | xargs)
if ! [[ "${previous_version}" =~ ^[0-9][0-9]+$ ]]; then
exit 1
fi
echo "CROMWELL_NUMBER=$((previous_version + 1))" >> $GITHUB_ENV
- name: Save complete image ID
run: |
echo "CROMWELL_VERSION=`echo "$CROMWELL_NUMBER-$CROMWELL_SHORT_SHA"`" >> $GITHUB_ENV
# `DSDEJENKINS_PASSWORD` auto syncs from vault with https://github.com/broadinstitute/terraform-ap-deployments/pull/614
- name: Login to Docker Hub
uses: docker/login-action@v1
with:
username: dsdejenkins
password: ${{ secrets.DSDEJENKINS_PASSWORD }}
# Build & push `cromwell`, `womtool`, `cromiam`, and `cromwell-drs-localizer`
# This step is validated in the GHA 'docker_build_test.yml' without the accompanying docker push
- name: Build Cromwell Docker
run: |
set -e
cd cromwell
sbt -Dproject.isSnapshot=false -Dproject.isRelease=false dockerBuildAndPush
- name: Deploy to dev and board release train (Cromwell)
uses: broadinstitute/repository-dispatch@master
with:
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
repository: broadinstitute/terra-helmfile
event-type: update-service
client-payload: '{"service": "cromwell", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}'
- name: Deploy to dev and board release train (CromIAM)
uses: broadinstitute/repository-dispatch@master
with:
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
repository: broadinstitute/terra-helmfile
event-type: update-service
client-payload: '{"service": "cromiam", "version": "${{ env.CROMWELL_VERSION }}", "dev_only": false}'
- name: Edit & push cromwhelm chart
env:
BROADBOT_GITHUB_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
run: |
set -e
cd cromwhelm
git checkout main
ls -la
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" terra-batch-libchart/values.yaml
git diff
git config --global user.name "broadbot"
git config --global user.email "broadbot@broadinstitute.org"
git commit -am "${{ steps.fetch-jira-id.outputs.JIRA_ID }}: Auto update to Cromwell $CROMWELL_VERSION"
git push https://broadbot:$BROADBOT_GITHUB_TOKEN@github.com/broadinstitute/cromwhelm.git main
cd -
- name: Clone terra-helmfile
uses: actions/checkout@v3
with:
repository: broadinstitute/terra-helmfile
token: ${{ secrets.BROADBOT_GITHUB_TOKEN }} # Has to be set at checkout AND later when pushing to work
path: terra-helmfile
- name: Update workflows-app in terra-helmfile
run: |
set -e
cd terra-helmfile
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/workflows-app/values.yaml
cd -
- name: Update cromwell-runner-app in terra-helmfile
run: |
set -e
cd terra-helmfile
sed -i "s|image: broadinstitute/cromwell:.*|image: broadinstitute/cromwell:$CROMWELL_VERSION|" charts/cromwell-runner-app/values.yaml
cd -
- name: Make PR in terra-helmfile
env:
BROADBOT_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
GH_TOKEN: ${{ secrets.BROADBOT_GITHUB_TOKEN }}
run: |
set -e
JIRA_ID=${{ steps.fetch-jira-id.outputs.JIRA_ID }}
if [[ $JIRA_ID == "missing" ]]; then
echo "JIRA_ID missing, PR to terra-helmfile will not be created"
exit 0;
fi
cd terra-helmfile
git checkout -b ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION
git config --global user.name "broadbot"
git config --global user.email "broadbot@broadinstitute.org"
git commit -am "${JIRA_ID}: Auto update Cromwell to $CROMWELL_VERSION in workflows-app and cromwell-runner-app"
git push -u origin ${JIRA_ID}-cromwell-update-$CROMWELL_VERSION
gh pr create --title "${JIRA_ID}: auto update Cromwell version to $CROMWELL_VERSION in workflows-app and cromwell-runner-app" --body "${JIRA_ID} helm chart update" --label "automerge"
cd -