Skip to content

CD-sites

CD-sites #372

Workflow file for this run

# This workflow will deploy the VCell full application (server +- client) to alpha or release
name: CD-sites
# Controls when the workflow will run
on:
workflow_dispatch:
inputs:
vcell_version:
description: 'version.major.minor'
required: true
default: '7.6.0'
vcell_build:
description: 'build number'
required: true
default: '18'
vcell_site:
description: 'rel or alpha or test'
required: true
default: 'alpha'
server_only:
description: 'Deploy only the server components?'
required: true
default: 'false'
jobs:
build:
name: Build client installers
runs-on: ubuntu-20.04
steps:
- name: checkout tag
uses: actions/checkout@v3
with:
ref: ${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build }}
- name: setup global environment variables
run: |
echo "VCELL_VERSION=${{ github.event.inputs.vcell_version }}" >> $GITHUB_ENV
echo "VCELL_BUILD=${{ github.event.inputs.vcell_build }}" >> $GITHUB_ENV
echo "VCELL_SITE=${{ github.event.inputs.vcell_site }}" >> $GITHUB_ENV
echo "VCELL_TAG=`git rev-parse --short HEAD`" >> $GITHUB_ENV
echo "VCELL_REPO_NAMESPACE=ghcr.io/virtualcell" >> $GITHUB_ENV
echo "VCELL_DEPLOY_REMOTE_DIR=/share/apps/vcell3/deployed_github" >> $GITHUB_ENV
echo "VCELL_WEBHELP_REMOTE_DIR=/share/apps/vcell3/apache_webroot/htdocs/webstart/VCell_Tutorials/VCell_Help" >> $GITHUB_ENV
if [ "${{ github.event.inputs.vcell_site }}" == "rel" ]; then\
echo "VCELL_MANAGER_NODE=vcellapi.cam.uchc.edu" >> $GITHUB_ENV;\
echo "VCELL_INSTALLER_REMOTE_DIR="/share/apps/vcell3/apache_webroot/htdocs/webstart/Rel"" >> $GITHUB_ENV;\
else if [ "${{ github.event.inputs.vcell_site }}" == "alpha" ]; then\
echo "VCELL_MANAGER_NODE=vcellapi.cam.uchc.edu" >> $GITHUB_ENV;\
echo "VCELL_INSTALLER_REMOTE_DIR="/share/apps/vcell3/apache_webroot/htdocs/webstart/Alpha"" >> $GITHUB_ENV;\
else if [ "${{ github.event.inputs.vcell_site }}" == "test" ]; then\
echo "VCELL_MANAGER_NODE=vcellapi.cam.uchc.edu" >> $GITHUB_ENV;\
echo "VCELL_INSTALLER_REMOTE_DIR="/share/apps/vcell3/apache_webroot/htdocs/webstart/Test"" >> $GITHUB_ENV;\
else echo "Unknown site name ${{ github.event.inputs.vcell_site }}"; exit 1; fi; fi; fi
- name: setup ssh-agent
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.VC_KEY }}
- name: get installer secrets
run: |
ssh-keyscan $VCELL_MANAGER_NODE >> ~/.ssh/known_hosts
sudo mkdir /usr/local/deploy
sudo chmod 777 /usr/local/deploy
cd /usr/local/deploy
scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/deploy_dir_2023_07_30.tar .
cd ..
sudo tar -xvf deploy/deploy_dir_2023_07_30.tar
sudo chmod 777 -R deploy
- name: setup config
run: |
cd docker/swarm
export VCELL_CONFIG_FILE_NAME="server_${VCELL_SITE}_${VCELL_VERSION}_${VCELL_BUILD}_${VCELL_TAG}.config"
echo "VCELL_CONFIG_FILE_NAME=$VCELL_CONFIG_FILE_NAME" >> $GITHUB_ENV
echo "| $VCELL_SITE | $VCELL_REPO_NAMESPACE | $VCELL_TAG | $VCELL_VERSION | $VCELL_BUILD | $VCELL_CONFIG_FILE_NAME |"
./serverconfig-uch.sh $VCELL_SITE $VCELL_REPO_NAMESPACE $VCELL_TAG $VCELL_VERSION $VCELL_BUILD $VCELL_CONFIG_FILE_NAME
env | grep VCELL > variables
- name: send home config file and variables
run: |
scp docker/build/admin/vcell-su.sh ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/config
scp docker/swarm/$VCELL_CONFIG_FILE_NAME ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}
scp docker/swarm/variables ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/variables_$VCELL_TAG
- name: upload variables
uses: actions/upload-artifact@v3
with:
name: variables
path: docker/swarm/variables
retention-days: 1
- name: build client installers
if: ${{ github.event.inputs.server_only != 'true' }}
run: |
cd docker/swarm
sudo docker login -u ${{ secrets.ACTION_USER }} -p ${{ secrets.ACTION_TOKEN }} ghcr.io
sudo docker pull $VCELL_REPO_NAMESPACE/vcell-clientgen:$VCELL_TAG
./generate_installers.sh ./${VCELL_CONFIG_FILE_NAME}
- name: upload generated installers
if: ${{ github.event.inputs.server_only != 'true' }}
uses: actions/upload-artifact@v3
with:
name: installers
path: docker/swarm/generated_installers
retention-days: 1
- name: Setup tmate session
if: ${{ failure() }}
uses: mxschmitt/action-tmate@v3
notarize:
name: Notarize the MacOS client
runs-on: macos-latest
needs: build
steps:
- name: download generated installers
if: ${{ github.event.inputs.server_only != 'true' }}
uses: actions/download-artifact@v3
- name: notarize mac installer
if: ${{ github.event.inputs.server_only != 'true' }}
run: |
set -x
set +e
cd installers
export MAC_INSTALLER=`ls *dmg`
xcrun notarytool submit --output-format normal --no-progress --no-wait --team-id "${{ secrets.MACTEAMID }}" --apple-id "${{ secrets.MACID }}" --password "${{ secrets.MACPW }}" $MAC_INSTALLER > submit_output
echo "output returned by notarytool submit:"
cat submit_output
cat submit_output | grep "id:" | cut -d ':' -f2 > UUID
for minutes in {1..5}
do
sleep 60
xcrun notarytool info --output-format normal --no-progress --team-id "${{ secrets.MACTEAMID }}" --apple-id "${{ secrets.MACID }}" --password "${{ secrets.MACPW }}" `cat UUID` > info_output
echo "output returned by notarytool info:"
cat info_output
grep -q Accepted info_output
if [[ $? == 0 ]]; then
echo "notarized succesfully"
break
else
echo "wait another minute and check again"
fi
done
grep -q Accepted info_output
if [[ $? == 0 ]]; then
xcrun stapler staple $MAC_INSTALLER
else
echo "notarization did not succeed in 5 minutes, giving up"
exit 1
fi
- name: update generated installers
if: ${{ github.event.inputs.server_only != 'true' }}
uses: actions/upload-artifact@v3
with:
name: installers
path: installers
retention-days: 1
- name: Setup tmate session
uses: mxschmitt/action-tmate@v3
if: ${{ failure() }}
deploy:
name: Deploy to site
runs-on: ubuntu-20.04
needs: notarize
steps:
- name: checkout tag
uses: actions/checkout@v3
with:
ref: ${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build }}
- name: retrieve installers and variables
uses: actions/download-artifact@v3
- name: setenv
run: |
for line in $(cat variables/variables); do echo $line >> $GITHUB_ENV; done
- name: stage installers
if: ${{ github.event.inputs.server_only != 'true' }}
run: |
cd installers
mkdir ../docker/swarm/generated_installers
mv * ../docker/swarm/generated_installers
- name: setup ssh-agent
uses: webfactory/[email protected]
with:
ssh-private-key: ${{ secrets.VC_KEY }}
- name: retrieve config file
run: |
set -ux
ssh-keyscan $VCELL_MANAGER_NODE >> ~/.ssh/known_hosts
cd docker/swarm
scp ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE}:${VCELL_DEPLOY_REMOTE_DIR}/${VCELL_CONFIG_FILE_NAME} .
- name: install singularity
uses: eWaterCycle/setup-singularity@v6
with:
singularity-version: 3.7.1
- name: retrieve batch and opt singularity images
run: |
set -ux
cd docker/swarm
export BATCH_SINGULARITY_FILENAME=`cat $VCELL_CONFIG_FILE_NAME | grep VCELL_BATCH_SINGULARITY_FILENAME | cut -d"=" -f2`
export OPT_SINGULARITY_FILENAME=`cat $VCELL_CONFIG_FILE_NAME | grep VCELL_OPT_SINGULARITY_FILENAME | cut -d"=" -f2`
cd ../build/singularity-vm
singularity remote login -u ${{ secrets.ACTION_USER }} -p ${{ secrets.ACTION_TOKEN }} oras://ghcr.io
singularity pull $BATCH_SINGULARITY_FILENAME oras://${VCELL_REPO_NAMESPACE}/vcell-batch-singularity:${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build }}
singularity pull $OPT_SINGULARITY_FILENAME oras://${VCELL_REPO_NAMESPACE}/vcell-opt-singularity:${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build }}
- name: setup java 17 with maven cache (for documentation build)
uses: actions/setup-java@v3
with:
distribution: 'temurin'
java-version: '17'
cache: 'maven'
- name: build documentation for web help
if: ${{ github.event.inputs.server_only != 'true' }}
run: |
set -ux
mvn clean install -DskipTests
- name: deploy installers and singularity to kubernetes site and web help to vcell.org
run: |
set -ux
cd docker/swarm
ssh -t ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE} sudo docker login -u ${{ secrets.ACTION_USER }} -p ${{ secrets.ACTION_TOKEN }} ghcr.io
if ${{ github.event.inputs.server_only != 'true' }}; then
# build and install the client installers, the singularity images, and the web help (kubernetes cluster deployments are separate)
./deploy-action-kubernetes.sh \
--ssh-user ${{ secrets.CD_FULL_USER }} \
--install-singularity \
--build-installers \
--installer-deploy-dir $VCELL_INSTALLER_REMOTE_DIR \
--webhelp-local-dir ../../vcell-client/target/classes/vcellDoc \
--webhelp-deploy-dir $VCELL_WEBHELP_REMOTE_DIR \
${VCELL_MANAGER_NODE} \
./${VCELL_CONFIG_FILE_NAME}
export VCELL_SITE_CAMEL=`cat $VCELL_CONFIG_FILE_NAME | grep VCELL_SITE_CAMEL | cut -d"=" -f2`
ssh ${{ secrets.CD_FULL_USER }}@${VCELL_MANAGER_NODE} \
installer_deploy_dir=$VCELL_INSTALLER_REMOTE_DIR vcell_siteCamel=$VCELL_SITE_CAMEL vcell_version=$VCELL_VERSION vcell_build=$VCELL_BUILD \
'bash -s' < link-installers.sh
else
# build and install only the singularity images (kubernetes cluster deployments are separate)
./deploy-action-kubernetes.sh \
--ssh-user ${{ secrets.CD_FULL_USER }} \
--install-singularity \
${VCELL_MANAGER_NODE} \
./${VCELL_CONFIG_FILE_NAME}
fi
- name: Capitalize first character of site name
id: capitalize
run: |
SITE="${{ github.event.inputs.vcell_site }}"
SITE_CAPITALIZED="$(tr '[:lower:]' '[:upper:]' <<< ${SITE:0:1})${SITE:1}"
VCELL_SWVERSION="${SITE_CAPITALIZED}_Version_${{ github.event.inputs.vcell_version }}_build_${{ github.event.inputs.vcell_build}}"
KUSTOMIZE_OVERLAY='not-specified'
if [ "${{ github.event.inputs.vcell_site }}" == "rel" ]; then KUSTOMIZE_OVERLAY="prod"; fi
if [ "${{ github.event.inputs.vcell_site }}" == "alpha" ]; then KUSTOMIZE_OVERLAY="dev"; fi
if [ "${{ github.event.inputs.vcell_site }}" == "test" ]; then KUSTOMIZE_OVERLAY="stage"; fi
CONTAINER_IMAGE_TAG="${{ github.event.inputs.vcell_version }}.${{ github.event.inputs.vcell_build}}"
echo "VCELL_SWVERSION=${VCELL_SWVERSION}" >> $GITHUB_ENV
echo "KUSTOMIZE_OVERLAY=${KUSTOMIZE_OVERLAY}" >> $GITHUB_ENV
echo "CONTAINER_IMAGE_TAG=${CONTAINER_IMAGE_TAG}" >> $GITHUB_ENV
- name: Call webhook to deploy to kubernetes cluster (overlay 'prod', 'dev' or 'stage')
run: |
git_sha=$(git rev-parse --short "$GITHUB_SHA")
echo '{"ref": "main","inputs":{"overlay": "'${KUSTOMIZE_OVERLAY}'","tag":"'${CONTAINER_IMAGE_TAG}'","swversion": "'${VCELL_SWVERSION}'"}}' >body
curl -X POST 'https://api.github.com/repos/virtualcell/vcell-fluxcd/actions/workflows/deploy.yaml/dispatches' \
-H 'Authorization: Bearer ${{ secrets.ACTION_TOKEN }}' \
-H 'Content-Type: application/json' \
--data "@body"
- name: Setup tmate session 3
uses: mxschmitt/action-tmate@v3
if: ${{ failure() }}