-
Notifications
You must be signed in to change notification settings - Fork 4
235 lines (218 loc) · 9.94 KB
/
rawls-build-tag-publish-and-run-tests.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
name: rawls-build-tag-publish-and-run-tests
on:
pull_request:
paths-ignore: ['**.md']
push:
branches:
- develop
paths-ignore: ['**.md']
env:
RAWLS_BUILD_RUN_NAME: 'rawls-build-${{ github.event.repository.name }}-${{ github.run_id }}-${{ github.run_attempt }}'
RAWLS_SWAT_TESTS_RUN_NAME: 'rawls-swat-tests-${{ github.event.repository.name }}-${{ github.run_id }}-${{ github.run_attempt }}'
BEE_NAME: '${{ github.event.repository.name }}-${{ github.run_id }}-${{ github.run_attempt}}'
BEE_CREATE_RUN_NAME: 'bee-create-${{ github.event.repository.name }}-${{ github.run_id }}-${{ github.run_attempt }}'
BEE_DESTROY_RUN_NAME: 'bee-destroy-${{ github.event.repository.name }}-${{ github.run_id }}-${{ github.run_attempt }}'
jobs:
# Attempt to bump the app version.
tag-job:
uses: ./.github/workflows/tag.yml
with:
release-branches: develop
secrets: inherit
# Set the test-context: is this a merge to `develop` or is this a PR? Extract branch accordingly
init-github-context:
runs-on: ubuntu-latest
outputs:
log-results: ${{ steps.set-test-context.outputs.log-results }}
test-context: ${{ steps.set-test-context.outputs.test-context }}
ref: ${{ steps.extract-branch.outputs.ref }}
steps:
- name: Get test context
id: set-test-context
run: |-
echo 'log-results=true' >> $GITHUB_OUTPUT
if ${{ github.ref_name == 'develop' }}; then
echo 'test-context=dev-merge' >> $GITHUB_OUTPUT
else
echo 'test-context=pr-test' >> $GITHUB_OUTPUT
fi
- name: Extract branch
id: extract-branch
run: |
GITHUB_EVENT_NAME=${{ github.event_name }}
if [[ "$GITHUB_EVENT_NAME" == "push" ]]; then
GITHUB_REF=${{ github.ref }}
GITHUB_SHA=${{ github.sha }}
elif [[ "$GITHUB_EVENT_NAME" == "pull_request" ]]; then
GITHUB_REF=refs/heads/${{ github.head_ref }}
GITHUB_SHA=${{ github.event.pull_request.head.sha }}
else
echo "Failed to extract branch information"
exit 1
fi
echo "ref=$GITHUB_REF" >> $GITHUB_OUTPUT
echo "name=$GITHUB_SHA" >> $GITHUB_OUTPUT
# Compile the Scala code to a jar.
# Build the docker image and push that image to GCR.
rawls-build-publish-job:
runs-on: ubuntu-latest
needs:
- tag-job
- init-github-context
permissions:
contents: 'read'
id-token: 'write'
outputs:
custom-version-json: ${{ steps.render-rawls-version.outputs.custom-version-json }}
steps:
- uses: 'actions/checkout@v4'
- name: dispatch build to terra-github-workflows
uses: broadinstitute/[email protected]
with:
run-name: "${{ env.RAWLS_BUILD_RUN_NAME }}"
workflow: rawls-build
repo: broadinstitute/terra-github-workflows
ref: refs/heads/main
token: ${{ secrets.BROADBOT_TOKEN }} # github token for access to kick off a job in the private repo
inputs: '{
"run-name": "${{ env.RAWLS_BUILD_RUN_NAME }}",
"repository": "${{ github.event.repository.full_name }}",
"ref": "${{ needs.init-github-context.outputs.ref }}",
"rawls-release-tag": "${{ needs.tag-job.outputs.tag }}"
}'
- name: Render Rawls version
id: render-rawls-version
env:
GITHUB_CONTEXT: ${{ toJSON(github) }}
run: |
echo "$GITHUB_CONTEXT"
echo "custom-version-json={\\\"rawls\\\":{\\\"appVersion\\\":\\\"${{ needs.tag-job.outputs.tag }}\\\"}}" >> $GITHUB_OUTPUT
# Tell Broad DevOps Sherlock about the build version we just created.
report-to-sherlock:
uses: broadinstitute/sherlock/.github/workflows/client-report-app-version.yaml@main
needs: [tag-job, rawls-build-publish-job]
with:
new-version: ${{ needs.tag-job.outputs.tag }}
chart-name: 'rawls'
permissions:
contents: 'read'
id-token: 'write'
# Put new Rawls version in Broad dev environment
set-version-in-dev:
uses: broadinstitute/sherlock/.github/workflows/client-set-environment-app-version.yaml@main
needs: [tag-job, rawls-build-publish-job, report-to-sherlock]
if: ${{ github.ref_name == 'develop' }}
with:
new-version: ${{ needs.tag-job.outputs.tag }}
chart-name: 'rawls'
environment-name: 'dev'
secrets:
sync-git-token: ${{ secrets.BROADBOT_TOKEN }}
permissions:
id-token: 'write'
# Create a BEE to be used by swat tests.
create-bee-workflow:
strategy:
matrix:
terra-env: [ dev ] # what versions of apps do we use to emulate types of environments
runs-on: ubuntu-latest
needs:
- rawls-build-publish-job
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Echo Rawls version
run: |
echo '${{ needs.rawls-build-publish-job.outputs.custom-version-json }}'
- name: dispatch to terra-github-workflows
uses: broadinstitute/[email protected]
with:
run-name: "${{ env.BEE_CREATE_RUN_NAME }}-${{ matrix.terra-env }}"
workflow: bee-create
repo: broadinstitute/terra-github-workflows
ref: refs/heads/main
token: ${{ secrets.BROADBOT_TOKEN }} # github token for access to kick off a job in the private repo
# manually recalculate b/c env context is broken https://github.com/actions/runner/issues/480
inputs: '{
"run-name": "${{ env.BEE_CREATE_RUN_NAME }}-${{ matrix.terra-env }}",
"bee-name": "${{ env.BEE_NAME }}-${{ matrix.terra-env }}",
"version-template": "${{ matrix.terra-env }}",
"custom-version-json": "${{ needs.rawls-build-publish-job.outputs.custom-version-json }}"
}'
# Run swat tests. This kicks off multiple parallel jobs for Workflows and Workspaces tests, which run against the BEE
# we just created.
rawls-swat-test-job:
strategy:
# set fail-fast: false. We want all test jobs to complete, so we can see their results. If fail-fast were true,
# the first test jobs failure would cancel the other test jobs.
fail-fast: false
matrix:
terra-env: [ dev ] # what versions of apps do we use to emulate types of environments
testing-env: [ qa ] # what env resources to use, e.g. SA keys
test-group: [
{ group_name: workspaces, tag: "-n org.broadinstitute.dsde.test.api.BillingsTest -n org.broadinstitute.dsde.test.api.WorkspacesTest" },
{ group_name: workspacesAuthDomains, tag: "-n org.broadinstitute.dsde.test.api.AuthDomainsTest" },
{ group_name: workflows, tag: "-n org.broadinstitute.dsde.test.api.MethodsTest" }
# The Analysis Journeys swat tests (DataRepoSnapshotsTest) are all disabled, so the following matrix value
# will run zero tests. Instead of running a noop test job, skip it altogether. We are leaving this value
# here, commented out, to make it easy to re-instate if/when Analysis Journeys does have some tests to run.
# { group_name: analysis_journeys, tag: "-n org.broadinstitute.dsde.test.api.DataRepoSnapshotsTest" }
] # Rawls test groups
name: ${{ matrix.test-group.group_name }}-owned tests
runs-on: ubuntu-latest
needs:
- create-bee-workflow
- init-github-context
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: dispatch to terra-github-workflows
env:
rawls_base_test_entrypoint: "testOnly -- -l ProdTest -l NotebooksCanaryTest"
test-context: ${{ needs.init-github-context.outputs.test-context }}
uses: broadinstitute/[email protected]
with:
run-name: "${{ env.RAWLS_SWAT_TESTS_RUN_NAME }}-${{ matrix.terra-env }}-${{ matrix.testing-env }}-${{ matrix.test-group.group_name }}"
workflow: .github/workflows/rawls-swat-tests.yaml
repo: broadinstitute/terra-github-workflows
ref: refs/heads/main
token: ${{ secrets.BROADBOT_TOKEN }} # github token for access to kick off a job in the private repo
# manually recalculate b/c env context is broken https://github.com/actions/runner/issues/480
inputs: '{
"additional-args": "{\"logging\":\"true\",\"java-version\":\"17\",\"billing-project\":\"\"}",
"run-name": "${{ env.RAWLS_SWAT_TESTS_RUN_NAME }}-${{ matrix.terra-env }}-${{ matrix.testing-env }}-${{ matrix.test-group.group_name }}",
"bee-name": "${{ env.BEE_NAME }}-${{ matrix.terra-env }}",
"ENV": "${{ matrix.testing-env }}",
"test-group-name": "${{ matrix.test-group.group_name }}",
"test-command": "${{ env.rawls_base_test_entrypoint }} ${{ matrix.test-group.tag }}",
"test-context": "${{ env.test-context }}",
"ref": "${{ needs.init-github-context.outputs.ref }}"
}'
# Delete the BEE, now that swat tests are done.
destroy-bee-workflow:
strategy:
matrix:
terra-env: [ dev ] # what versions of apps do we use to emulate types of environments
runs-on: ubuntu-latest
needs:
- rawls-swat-test-job
if: always() # always run to confirm bee is destroyed
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: dispatch to terra-github-workflows
uses: broadinstitute/[email protected]
with:
run-name: "${{ env.BEE_DESTROY_RUN_NAME }}-${{ matrix.terra-env }}"
workflow: bee-destroy
repo: broadinstitute/terra-github-workflows
ref: refs/heads/main
token: ${{ secrets.BROADBOT_TOKEN }} # github token for access to kick off a job in the private repo
# manually recalculate b/c env context is broken https://github.com/actions/runner/issues/480
inputs: '{
"run-name": "${{ env.BEE_DESTROY_RUN_NAME }}-${{ matrix.terra-env }}",
"bee-name": "${{ env.BEE_NAME }}-${{ matrix.terra-env }}"
}'