Publish and deploy #1140
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Publish and deploy | |
on: | |
push: | |
tags: | |
- '[0-9]+.[0-9]+.[0-9]+' | |
env: | |
SERVICE_NAME: ${{ github.event.repository.name }} | |
GOOGLE_PROJECT: dsp-artifact-registry | |
GOOGLE_DOCKER_REPOSITORY: us-central1-docker.pkg.dev | |
IMAGE_REPOSITORY_NAME: ddp | |
jobs: | |
get-version-tag: | |
runs-on: ubuntu-latest | |
outputs: | |
tag: ${{ steps.tag.outputs.tag }} | |
steps: | |
- name: Checkout Current Code | |
uses: actions/checkout@v4 | |
with: | |
token: ${{ secrets.BROADBOT_TOKEN }} | |
- name: Parse Tag | |
id: tag | |
run: echo "tag=$(git describe --tags)" >> $GITHUB_OUTPUT | |
publish-admin-image: | |
needs: get-version-tag | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
runs-on: ubuntu-latest | |
outputs: | |
tag: ${{ steps.build-publish.outputs.published-image }} | |
steps: | |
- name: Checkout Current Code | |
uses: actions/checkout@v4 | |
with: | |
token: ${{ secrets.BROADBOT_TOKEN }} | |
- name: build and publish image | |
id: build-publish | |
uses: ./.github/actions/build-push-image | |
with: | |
version-tag: ${{ needs.get-version-tag.outputs.tag }} | |
image-repo: 'us-central1-docker.pkg.dev' | |
image-name: "dsp-artifact-registry/ddp/${{ github.event.repository.name }}-admin" | |
gradle-build-args: ':api-admin:jibDockerBuild' | |
- name: Notify slack on failure | |
uses: broadinstitute/action-slack@v3.15.0 | |
if: failure() | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
channel: '#juniper-dev-notifications' | |
status: failure | |
author_name: Publish docker Image | |
fields: job | |
text: "Publish failed :sadpanda:, image ${{ steps.build-publish.outputs.published-image }} failed to publish" | |
username: 'Juniper Build Notifications' | |
publish-participant-image: | |
needs: get-version-tag | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
runs-on: ubuntu-latest | |
outputs: | |
tag: ${{ steps.build-publish.outputs.published-image }} | |
steps: | |
- name: Checkout Current Code | |
uses: actions/checkout@v4 | |
with: | |
token: ${{ secrets.BROADBOT_TOKEN }} | |
- name: build and publish image | |
id: build-publish | |
uses: ./.github/actions/build-push-image | |
with: | |
version-tag: ${{ needs.get-version-tag.outputs.tag }} | |
image-repo: 'us-central1-docker.pkg.dev' | |
image-name: "dsp-artifact-registry/ddp/${{ github.event.repository.name }}-participant" | |
gradle-build-args: ':api-participant:jibDockerBuild' | |
- name: Notify slack on failure | |
uses: broadinstitute/action-slack@v3.15.0 | |
if: failure() | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
channel: '#juniper-dev-notifications' | |
status: failure | |
author_name: Publish docker Image | |
fields: job | |
text: "Publish failed :sadpanda:, image ${{ steps.build-publish.outputs.published-image }} failed to publish" | |
username: 'Juniper Build Notifications' | |
report-to-sherlock: | |
# Report new version of application to DSP DevOps Tooling | |
uses: broadinstitute/sherlock/.github/workflows/client-report-app-version.yaml@main | |
needs: [publish-admin-image, publish-participant-image, get-version-tag] | |
with: | |
new-version: ${{ needs.get-version-tag.outputs.tag }} | |
chart-name: 'd2p' | |
permissions: | |
contents: 'read' | |
id-token: 'write' | |
set-version-in-dev: | |
# Put new version in ddp-azure-dev environment | |
uses: broadinstitute/sherlock/.github/workflows/client-set-environment-app-version.yaml@main | |
needs: [publish-admin-image, publish-participant-image, report-to-sherlock, get-version-tag] | |
with: | |
new-version: ${{ needs.get-version-tag.outputs.tag }} | |
chart-name: 'd2p' | |
environment-name: 'ddp-azure-dev' | |
secrets: | |
sync-git-token: ${{ secrets.BROADBOT_TOKEN }} | |
permissions: | |
id-token: 'write' | |
notify-upon-completion: | |
runs-on: ubuntu-latest | |
if: always() | |
needs: [set-version-in-dev, get-version-tag] | |
steps: | |
- uses: broadinstitute/action-slack@v3.15.0 | |
env: | |
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }} | |
with: | |
channel: '#juniper-dev-notifications' | |
# Result status on the set version in dev job which actually performs the deploy | |
status: ${{ needs.set-version-in-dev.result }} | |
author_name: Auto Deploy to Dev | |
fields: job | |
text: Deploy to dev of ${{ needs.get-version-tag.outputs.tag }} resulted in ${{ needs.set-version-in-dev.result }} | |
username: 'Juniper Build Notifications' | |