Publish and deploy #446
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish and deploy | |
on: | |
push: | |
tags: | |
- '[0-9]+.[0-9]+.[0-9]+' | |
env: | |
SERVICE_NAME: ${{ github.event.repository.name }} | |
GOOGLE_PROJECT: dsp-artifact-registry | |
GOOGLE_DOCKER_REPOSITORY: us-central1-docker.pkg.dev | |
IMAGE_REPOSITORY_NAME: ddp | |
jobs: | |
get-version-tag: | |
runs-on: ubuntu-latest | |
outputs: | |
tag: ${{ steps.tag.outputs.tag }} | |
steps: | |
- name: Checkout Current Code | |
uses: actions/checkout@v3 | |
with: | |
token: ${{ secrets.BROADBOT_TOKEN }} | |
- name: Parse Tag | |
id: tag | |
run: echo "tag=$(git describe --tags)" >> $GITHUB_OUTPUT | |
publish-admin-image: | |
needs: get-version-tag | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
runs-on: ubuntu-latest | |
outputs: | |
tag: ${{ steps.build-publish.outputs.published-image }} | |
steps: | |
- name: Checkout Current Code | |
uses: actions/checkout@v3 | |
with: | |
token: ${{ secrets.BROADBOT_TOKEN }} | |
- name: build and publish image | |
id: build-publish | |
uses: ./.github/actions/build-push-image | |
with: | |
version-tag: ${{ needs.get-version-tag.outputs.tag }} | |
image-repo: 'us-central1-docker.pkg.dev' | |
image-name: "dsp-artifact-registry/ddp/${{ github.event.repository.name }}-admin" | |
gradle-build-args: ':api-admin:jibDockerBuild' | |
- name: Notify slack on failure | |
uses: broadinstitute/[email protected] | |
if: failure() | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
channel: '#juniper-dev-notifications' | |
status: failure | |
author_name: Publish docker Image | |
fields: job | |
text: "Publish failed :sadpanda:, image ${{ steps.build-publish.outputs.published-image }} failed to publish" | |
username: 'Pearl Build Notifications' | |
publish-participant-image: | |
needs: get-version-tag | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
runs-on: ubuntu-latest | |
outputs: | |
tag: ${{ steps.build-publish.outputs.published-image }} | |
steps: | |
- name: Checkout Current Code | |
uses: actions/checkout@v3 | |
with: | |
token: ${{ secrets.BROADBOT_TOKEN }} | |
- name: build and publish image | |
id: build-publish | |
uses: ./.github/actions/build-push-image | |
with: | |
version-tag: ${{ needs.get-version-tag.outputs.tag }} | |
image-repo: 'us-central1-docker.pkg.dev' | |
image-name: "dsp-artifact-registry/ddp/${{ github.event.repository.name }}-participant" | |
gradle-build-args: ':api-participant:jibDockerBuild' | |
- name: Notify slack on failure | |
uses: broadinstitute/[email protected] | |
if: failure() | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
channel: '#juniper-dev-notifications' | |
status: failure | |
author_name: Publish docker Image | |
fields: job | |
text: "Publish failed :sadpanda:, image ${{ steps.build-publish.outputs.published-image }} failed to publish" | |
username: 'Pearl Build Notifications' | |
report-to-sherlock: | |
# Report new version of application to DSP DevOps Tooling | |
uses: broadinstitute/sherlock/.github/workflows/client-report-app-version.yaml@main | |
needs: [publish-admin-image, publish-participant-image, get-version-tag] | |
with: | |
new-version: ${{ needs.get-version-tag.outputs.tag }} | |
chart-name: 'd2p' | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
set-version-in-dev: | |
# Put new version in ddp-azure-dev environment | |
uses: broadinstitute/sherlock/.github/workflows/client-set-environment-app-version.yaml@main | |
needs: [publish-admin-image, publish-participant-image, report-to-sherlock, get-version-tag] | |
with: | |
new-version: ${{ needs.get-version-tag.outputs.tag }} | |
chart-name: 'd2p' | |
environment-name: 'ddp-azure-dev' | |
secrets: | |
sync-git-token: ${{ secrets.BROADBOT_TOKEN }} | |
permissions: | |
id-token: 'write' | |
notify-upon-completion: | |
runs-on: ubuntu-latest | |
if: always() | |
needs: [set-version-in-dev, get-version-tag] | |
steps: | |
- uses: broadinstitute/[email protected] | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
channel: '#juniper-dev-notifications' | |
# Result status on the set version in dev job which actually performs the deploy | |
status: ${{ needs.set-version-in-dev.result }} | |
author_name: Auto Deploy to Dev | |
fields: job | |
text: Deploy to dev of ${{ needs.get-version-tag.outputs.tag }} resulted in ${{ needs.set-version-in-dev.result }} | |
username: 'Pearl Build Notifications' | |