Skip to content

Headless release

Headless release #7398

Workflow file for this run

name: Nextflow CI
# read more here: https://help.github.com/en/articles/workflow-syntax-for-github-actions#on
# Note: We don't use the `on: path` option for docs,
# because the Build steps are *required* tests.
# Instead, we trigger + skip the tests if the only changes
# are in the docs folder. GitHub treats this as passing.
on:
push:
branches:
- 'master'
- 'test*'
- 'dev*'
- 'STABLE-*'
pull_request:
types: [opened, reopened, synchronize]
workflow_dispatch:
jobs:
build:
name: Build
runs-on: ubuntu-latest
timeout-minutes: 90
strategy:
fail-fast: false
matrix:
java_version: [17, 23]
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 1
submodules: true
- name: Get the commit message
id: get_commit_message
run: |
if [ "${{ github.event_name }}" = "pull_request" ]; then
echo "GitHub event=pull_request"
COMMIT_SHA=${{ github.event.pull_request.head.sha }}
COMMIT_MESSAGE=$(curl -s \
-H "Authorization: token ${{ secrets.GITHUB_TOKEN }}" \
https://api.github.com/repos/${{ github.repository }}/commits/$COMMIT_SHA | jq -r '.commit.message')
echo "Commit message=$COMMIT_MESSAGE" | head -n 1
echo "commit_message=$COMMIT_MESSAGE" | head -n 1 >> $GITHUB_OUTPUT
else
echo "GitHub event=${{ github.event_name }}"
echo "Commit message=${{ github.event.head_commit.message }}" | head -n 1
echo "commit_message=${{ github.event.head_commit.message }}" | head -n 1 >> $GITHUB_OUTPUT
fi
- name: Get changed files
id: changed-files
uses: tj-actions/changed-files@v43
with:
files_ignore: docs/**
- name: List all changed files
env:
ALL_CHANGED_FILES: ${{ steps.changed-files.outputs.all_changed_files }}
run: |
for file in ${ALL_CHANGED_FILES}; do
echo "$file was changed"
done
- name: Setup env
if: steps.changed-files.outputs.any_changed == 'true'
run: |
rm -f $HOME/.gitconfig;
mkdir -p "$HOME/.nextflow";
echo "providers.github.auth='$NXF_GITHUB_ACCESS_TOKEN'" > "$HOME/.nextflow/scm"
env:
NXF_GITHUB_ACCESS_TOKEN: ${{ secrets.NXF_GITHUB_ACCESS_TOKEN }}
- name: Setup Java ${{ matrix.java_version }}
if: steps.changed-files.outputs.any_changed == 'true'
uses: actions/setup-java@v4
with:
java-version: ${{matrix.java_version}}
distribution: 'temurin'
architecture: x64
cache: gradle
- name: Compile
if: steps.changed-files.outputs.any_changed == 'true'
run: make assemble
- name: Test
if: steps.changed-files.outputs.any_changed == 'true'
run: |
env | sort
# configure test env
if [[ "$GOOGLE_SECRET" ]]; then
echo $GOOGLE_SECRET | base64 -d > $PWD/google_credentials.json
export GOOGLE_APPLICATION_CREDENTIALS=$PWD/google_credentials.json
fi
# run tests
make test
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
NXF_BITBUCKET_ACCESS_TOKEN: ${{ secrets.NXF_BITBUCKET_ACCESS_TOKEN }}
NXF_GITHUB_ACCESS_TOKEN: ${{ secrets.NXF_GITHUB_ACCESS_TOKEN }}
NXF_GITLAB_ACCESS_TOKEN: ${{ secrets.NXF_GITLAB_ACCESS_TOKEN }}
NXF_AZURE_REPOS_TOKEN: ${{ secrets.NXF_AZURE_REPOS_TOKEN }}
GOOGLE_SECRET: ${{ secrets.GOOGLE_SECRET }}
AZURE_STORAGE_ACCOUNT_NAME: nfazurestore
AZURE_STORAGE_ACCOUNT_KEY: ${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}
AZURE_BATCH_ACCOUNT_NAME: nfbatchtest
AZURE_BATCH_ACCOUNT_KEY: ${{ secrets.AZURE_BATCH_ACCOUNT_KEY }}
- name: Publish tests report
uses: actions/upload-artifact@v4
if: steps.changed-files.outputs.any_changed == 'true' && always()
with:
name: report-unit-tests-jdk-${{ matrix.java_version }}
path: |
**/build/reports/tests/test
outputs:
any_changed: ${{ steps.changed-files.outputs.any_changed }}
commit_message: ${{ steps.get_commit_message.outputs.commit_message }}
test:
if: ${{ !contains(needs.build.outputs.commit_message, '[ci fast]') && needs.build.outputs.any_changed == 'true' }}
needs: build
runs-on: ubuntu-latest
timeout-minutes: 90
strategy:
fail-fast: false
matrix:
java_version: [17, 23]
test_mode: ["test_integration", "test_docs", "test_aws", "test_azure", "test_google", "test_wave"]
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 1
submodules: true
- name: Setup env
run: |
rm -f $HOME/.gitconfig;
mkdir -p "$HOME/.nextflow";
echo "providers.github.auth='$NXF_GITHUB_ACCESS_TOKEN'" > "$HOME/.nextflow/scm"
env:
NXF_GITHUB_ACCESS_TOKEN: ${{ secrets.NXF_GITHUB_ACCESS_TOKEN }}
- name: Setup Java ${{ matrix.java_version }}
uses: actions/setup-java@v4
with:
java-version: ${{matrix.java_version}}
distribution: 'temurin'
architecture: x64
cache: gradle
- name: Run tests
run: |
env | sort
# configure test env
if [[ "$GOOGLE_SECRET" ]]; then
echo $GOOGLE_SECRET | base64 -d > $PWD/google_credentials.json
export GOOGLE_APPLICATION_CREDENTIALS=$PWD/google_credentials.json
fi
cat $HOME/.nextflow/scm
make clean assemble install
bash test-ci.sh
env:
TEST_JDK: ${{ matrix.java_version }}
TEST_MODE: ${{ matrix.test_mode }}
GRADLE_OPTS: '-Dorg.gradle.daemon=false'
TOWER_ACCESS_TOKEN: ${{ secrets.TOWER_ACCESS_TOKEN }}
AWS_DEFAULT_REGION: eu-west-1
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
NXF_BITBUCKET_ACCESS_TOKEN: ${{ secrets.NXF_BITBUCKET_ACCESS_TOKEN }}
NXF_GITHUB_ACCESS_TOKEN: ${{ secrets.NXF_GITHUB_ACCESS_TOKEN }}
NXF_GITLAB_ACCESS_TOKEN: ${{ secrets.NXF_GITLAB_ACCESS_TOKEN }}
NXF_AZURE_REPOS_TOKEN: ${{ secrets.NXF_AZURE_REPOS_TOKEN }}
GOOGLE_SECRET: ${{ secrets.GOOGLE_SECRET }}
AZURE_STORAGE_ACCOUNT_NAME: nfazurestore
AZURE_STORAGE_ACCOUNT_KEY: ${{ secrets.AZURE_STORAGE_ACCOUNT_KEY }}
AZURE_BATCH_ACCOUNT_NAME: nfbatchtest
AZURE_BATCH_ACCOUNT_KEY: ${{ secrets.AZURE_BATCH_ACCOUNT_KEY }}
- name: Tar integration tests
if: always()
run: tar -cvf integration-tests.tar tests/checks
- name: Publish tests report
uses: actions/upload-artifact@v4
if: always()
with:
name: report-${{ matrix.test_mode }}-jdk-${{ matrix.java_version }}
path: |
validation/**/*
validation/**/.*
integration-tests.tar
test-e2e:
if: ${{ contains(needs.build.outputs.commit_message,'[e2e stage]') || contains(needs.build.outputs.commit_message,'[e2e prod]') }}
needs: build
runs-on: ubuntu-latest
timeout-minutes: 10
permissions:
actions: write # Allow writing to actions
contents: write # Allow writing to repository contents
steps:
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 1
submodules: true
- name: Setup Java 17
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
architecture: x64
cache: gradle
- name: Setup env
run: |
wget -q -O wave https://github.com/seqeralabs/wave-cli/releases/download/v1.4.1/wave-1.4.1-linux-x86_64
chmod +x wave
mv wave /usr/local/bin/
echo "COMMIT_MESSAGE=\"${{ needs.build.outputs.commit_message }}\"" >> $GITHUB_ENV
- name : Docker Login to Seqera public CR
uses : docker/login-action@v3
with :
registry : "public.cr.seqera.io"
username : "public-cr-admin"
password : ${{ secrets.SEQERA_PUBLIC_CR_PASSWORD }}
- name: Launch tests
run: |
cd test-e2e
bash run.sh
env:
GITHUB_TOKEN: ${{ secrets.AUTOMATION_GITHUB_TOKEN }}
GRADLE_OPTS: '-Dorg.gradle.daemon=false'
# --------------------------------------------------
# job: release
# --------------------------------------------------
release:
name: Release
if: ${{ contains(needs.build.outputs.commit_message,'[release]') }}
runs-on: ubuntu-latest
needs: build
timeout-minutes: 10
steps:
# setup steps
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: 1
submodules: true
- name: Setup Java
uses: actions/setup-java@v4
with:
java-version: 17
distribution: 'temurin'
architecture: x64
- name: Setup AWS
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: eu-west-1
aws-access-key-id: ${{ secrets.AWS_DEPLOY_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_DEPLOY_SECRET_ACCESS_KEY }}
- name: Login to Docker hub
uses: docker/login-action@v3
with:
username: ${{ secrets.DOCKER_HUB_ID }}
password: ${{ secrets.DOCKER_HUB_PASSWORD }}
- name: Login to Seqera registry
uses: docker/login-action@v3
with:
registry: ${{ vars.SEQERA_PUBLIC_CR_URL }}
username: ${{ secrets.SEQERA_PUBLIC_CR_USER }}
password: ${{ secrets.SEQERA_PUBLIC_CR_PASSWORD }}
# release step
- name: Release
run: bash .github/scripts/release.sh
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_DEPLOY_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_DEPLOY_SECRET_ACCESS_KEY }}
GH_ORG: ${{ vars.PLUGINS_GITHUB_ORG }}
GH_USER: ${{ vars.DEPLOY_GITHUB_USER }}
GH_USER_EMAIL: ${{ vars.DEPLOY_GITHUB_EMAIL }}
GH_TOKEN: ${{ secrets.DEPLOY_GITHUB_TOKEN }}
MAVEN_PUBLISH_URL: ${{ vars.MAVEN_PLUGINS_PUBLISH_URL }}
PLUGINS_INDEX_JSON: ${{ vars.PLUGINS_INDEX_JSON }}
S3_RELEASE_BUCKET: ${{ vars.S3_RELEASE_BUCKET }}
SEQERA_REGISTRY: ${{ vars.SEQERA_PUBLIC_CR_URL }}
# upload steps
- name: Upload artifacts (libs)
uses: actions/upload-artifact@v4
with:
retention-days: 3
name: libs
path: modules/*/build/libs/
- name: Upload artifacts (distribution)
uses: actions/upload-artifact@v4
with:
retention-days: 3
name: distribution
path: build/releases/
- name: Upload artifacts (plugins)
uses: actions/upload-artifact@v4
with:
retention-days: 3
compression-level: 0
name: plugins
path: |
plugins/build/libs/
plugins/*/build/libs/