Skip to content
Update devs api image

[DC-1150] Add snapshot summary and do a bunch of drive by refactors (… #1783

Sign in to view logs

[DC-1150] Add snapshot summary and do a bunch of drive by refactors (…

[DC-1150] Add snapshot summary and do a bunch of drive by refactors (… #1783

Workflow file for this run

.github/workflows/dev-image-update.yaml at da0e27f
name: Update devs api image
env:
# This must be defined for the bash redirection
GOOGLE_APPLICATION_CREDENTIALS: 'jade-dev-account.json'
# This must be defined for the bash redirection
GOOGLE_SA_CERT: 'jade-dev-account.pem'
on:
workflow_dispatch: {}
push:
branches:
- develop
paths:
- '!*'
- 'src/**'
- 'gradle/**'
- 'gradle**'
- '**.gradle'
- 'Dockerfile'
- 'datarepo-clienttests/**'
- '.github/workflows/dev-image-update.yaml'
- '.swagger-codegen-ignore'
jobs:
bump_version:
runs-on: ubuntu-latest
outputs:
api_image_tag: ${{ steps.bumperstep.outputs.tag }}
# Skip entire workflow if commit is authored by broadbot
# broadbot is only used for automated commits, like version bumps
# We don't want to trigger a version bump/deploy to dev for those
if: ${{ !contains( github.event.sender.login, 'broadbot') }}
steps:
- name: Checkout Develop branch of jade-data-repo
uses: actions/checkout@v3
with:
ref: develop
token: ${{ secrets.BROADBOT_TOKEN }}
- name: "Bump the tag to a new version"
id: bumperstep
uses: broadinstitute/datarepo-actions/actions/[email protected]
with:
actions_subcommand: 'bumper'
sa_b64_credentials: ${{ secrets.SA_B64_CREDENTIALS }}
version_file_path: build.gradle
version_variable_name: version
# Sets the author of the version bump commit to broadbot. This is used in our skip job logic.
GITHUB_TOKEN: ${{ secrets.BROADBOT_TOKEN }}
build_client_and_publish:
runs-on: ubuntu-latest
needs:
- bump_version
steps:
- name: Checkout Develop branch of jade-data-repo
uses: actions/checkout@v3
with:
ref: develop
token: ${{ secrets.BROADBOT_TOKEN }}
- name: Set up JDK
uses: actions/setup-java@v3
with:
java-version: '17'
distribution: 'temurin'
cache: 'gradle'
- name: "Publish to Artifactory"
uses: gradle/gradle-build-action@v2
with:
arguments: ':datarepo-client:artifactoryPublish'
env:
ARTIFACTORY_USER: ${{ secrets.ARTIFACTORY_USER }}
ARTIFACTORY_PASSWORD: ${{ secrets.ARTIFACTORY_PASSWORD }}
ENABLE_SUBPROJECT_TASKS: true
build_container_and_publish:
runs-on: ubuntu-latest
needs:
- bump_version
steps:
- name: Checkout Develop branch of jade-data-repo
uses: actions/checkout@v3
with:
ref: develop
token: ${{ secrets.BROADBOT_TOKEN }}
- name: 'Checkout datarepo-helm-definitions repo'
uses: actions/checkout@v3
with:
repository: 'broadinstitute/datarepo-helm-definitions'
token: ${{ secrets.BROADBOT_TOKEN }}
path: datarepo-helm-definitions
- name: "Build new delevop docker image"
uses: broadinstitute/datarepo-actions/actions/[email protected]
with:
actions_subcommand: 'gradlebuild'
sa_b64_credentials: ${{ secrets.SA_B64_CREDENTIALS }}
- name: "Update Version in helm for Dev Env"
uses: broadinstitute/datarepo-actions/actions/[email protected]
with:
actions_subcommand: 'deploytagupdate'
helm_env_prefix: dev
sa_b64_credentials: ${{ secrets.SA_B64_CREDENTIALS }}
- name: 'Release Candidate Container Build: Checkout tag for DataBiosphere/jade-data-repo'
uses: broadinstitute/[email protected] #forked from nick-fields/retry
with:
timeout_minutes: 1
polling_interval_seconds: 5
max_attempts: 5
command: |
git fetch --all --tags
git checkout ${{ needs.bump_version.outputs.api_image_tag }}
- name: 'Release Candidate Container Build: Checkout DataBiosphere/jade-data-repo-ui repo'
uses: actions/checkout@v3
with:
repository: 'DataBiosphere/jade-data-repo-ui'
token: ${{ secrets.BROADBOT_TOKEN }}
path: jade-data-repo-ui
ref: develop
- name: 'Release Candidate Container Build: Create release candidate images'
uses: broadinstitute/datarepo-actions/actions/[email protected]
with:
actions_subcommand: 'alpharelease'
sa_b64_credentials: ${{ secrets.SA_B64_CREDENTIALS }}
alpharelease: ${{ needs.bump_version.outputs.api_image_tag }} # creates gcr build with semver tag
gcr_google_project: 'broad-jade-dev'
cherry_pick_image_to_production_gcr:
needs: [bump_version, build_container_and_publish]
uses: ./.github/workflows/cherry-pick-image.yaml
secrets: inherit
with:
gcr_tag: ${{ needs.bump_version.outputs.api_image_tag }}
source_gcr_url: 'gcr.io/broad-jade-dev/jade-data-repo'
target_gcr_url: 'gcr.io/datarepo-public-gcr/jade-data-repo'
report-to-sherlock:
name: Report App Version to DevOps
uses: broadinstitute/sherlock/.github/workflows/client-report-app-version.yaml@main
needs: [bump_version, cherry_pick_image_to_production_gcr]
with:
new-version: ${{ needs.bump_version.outputs.api_image_tag }}
chart-name: datarepo
permissions:
contents: read
id-token: write
set-app-version-in-dev:
uses: broadinstitute/sherlock/.github/workflows/client-set-environment-app-version.yaml@main
needs:
- bump_version
- report-to-sherlock
with:
new-version: ${{ needs.bump_version.outputs.api_image_tag }}
chart-name: datarepo
environment-name: dev
secrets:
sync-git-token: ${{ secrets.BROADBOT_TOKEN }}
permissions:
id-token: write
helm_tag_bumper:
needs:
- build_container_and_publish
# We block bumping the tag in datarepo-helm because that will cause a deployment to datarepo-dev
# too, and we don't want to be deploying to datarepo-dev twice simultaneously
- set-app-version-in-dev
uses: ./.github/workflows/helmtagbumper.yaml
secrets: inherit