Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DR-2889: Upgrade Github actions due to Node 12 Deprecation #1404

Merged
merged 14 commits into from
Feb 8, 2023
Merged

DR-2889: Upgrade Github actions due to Node 12 Deprecation #1404

merged 14 commits into from
Feb 8, 2023

Conversation

snf2ye
Copy link
Contributor

@snf2ye snf2ye commented Feb 2, 2023
edited
Loading

Motivation: The goal of this ticket is to handle the warning messages that we've been getting on our github actions about node.js 12 actions being depreciated. All actions need to now run at least on node 16.
image

While we're making these upgrades, I'm also making changes according to a few other guiding principles [In order of preference]: (official guide here, thanks @fboulnois for pointing me to this)

  1. Switch actions to default github action features. (e.g. reusable workflows)
  2. Switch to trusted third party published github actions (e.g. gradle, hashicorp)
  3. If the action is simple enough, remove the third party library and hardcode the functionality into the action step (github-action-get-previous-tag - the core of this is only two lines!!). This removes the need to upgrade this forked repo, gives us control, and removes a security vulnerability.

When none of these options are available, I upgraded the forked library and pointed our step to the latest version (nick-fields/retry, action-slack)

Note: I attempted to switch to the slack action actually built by slack. I spent a good chunk of time just trying to get something basic working according to their documentation, but couldn't figure it out. I don't feel like that's a good sign, so I've upgraded the forked repo we've been using instead.

Testing

Test runs on each action:

Skipping testing - no unique changes to these actions and I'd rather not mess with the versions promoted to alpha/staging/force early release of a version

  • Alpha promotion
  • Alpha test/GCR promotion
  • Staging Smoke Tests
  • Track Deploys
  • Perf test (This wouldn't mess with anything, but includes no unique changes, I don't think it's worth a test run)

@snf2ye snf2ye force-pushed the sh-DR-2889 branch 5 times, most recently from f12ac6a to ecccada Compare February 2, 2023 19:47
@snf2ye
Insetad of updating the cloned action, instead use trusted third part…
78072e0 
…y action produced by gradle
@snf2ye
update retry
8469df5
@snf2ye
Use github's reusable workflow structure instead of third party step
20df78f 
comment out steps for now

Uncomment for merge

inherit secrets

bump version

switch job dependent

update

consolidate to one slack notification

update space
@snf2ye
update vault action version to latest
93d43e5 
update remaining vault actions
@snf2ye
update trivy action's java and cache versions
a0e5e41 
add distribution for java setup
@snf2ye
update python client's python and node versions
b6ea243
@snf2ye
Replace github-action-get-previous-tag
56b12f6 
Remove need for external library and call git command for tag

Revert "[test] replace github-action-get-previous-tag"

This reverts commit aa5c648.

leave workspace_dispatch
snf2ye
snf2ye commented Feb 3, 2023
View reviewed changes
.github/workflows/helmtagbumper.yaml Outdated
Comment on lines 56 to 67
- name: "Notify Slack"
if: always()
uses: broadinstitute/action-slack@v3.8.0
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
with:
status: ${{ job.status }}
fields: job,repo,message,author,took
author_name: "[API] [datarepo-helm-definitions] Version update for Integration namespaces"
mention: fb,muscles
mention_if: failure
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Note to reviewers: Since we're using a reusable workflow, I have consolidated it so that we have one slack notification after all of the helm tasks run, instead of three.

Copy link
Contributor Author

@snf2ye snf2ye Feb 7, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Update: I decided to leave this step in place, but I have a flag that can be set as to whether or not to notify slack. I have it set to default true when the workflow is triggered manually via workflow_dispatch. See the image attached - the user can set this variable on manually kicking off the workflow.
image

I have it set to default false when the workflow is triggered automatically through workflow_call, where the workflow should already have it's own slack notification.

@snf2ye
[test] Slack
36638c1 
add payload back

cleanup

use valid fields

test other format

add payload
@snf2ye
Revert "[test] Slack"
4ef9fae 
This reverts commit 36638c1.
@snf2ye snf2ye mentioned this pull request Feb 7, 2023
Merged
@snf2ye snf2ye marked this pull request as ready for review February 7, 2023 18:13
@snf2ye
Notify slack according to flag
18dd962 
- Setting the default to true when triggered manually via workflow_dispatch
- Setting the default to false when triggered via workflow_call as those workflows should have their own slack notification
@snf2ye snf2ye changed the title DR-2889: Bump third party library actions / Node JS Upgrade DR-2889: Upgrade Github actions due to Node 12 Depreciation Feb 8, 2023
@snf2ye snf2ye mentioned this pull request Feb 8, 2023
Merged
fboulnois
fboulnois approved these changes Feb 8, 2023
View reviewed changes
Copy link
Contributor

@fboulnois fboulnois left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

.github/workflows/helmtagbumper.yaml Show resolved Hide resolved
@fboulnois fboulnois changed the title DR-2889: Upgrade Github actions due to Node 12 Depreciation DR-2889: Upgrade Github actions due to Node 12 Deprecation Feb 8, 2023
@snf2ye snf2ye merged commit 164be35 into develop Feb 8, 2023
@snf2ye snf2ye deleted the sh-DR-2889 branch February 8, 2023 15:39
@snf2ye snf2ye mentioned this pull request Aug 3, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fboulnois fboulnois fboulnois approved these changes

@okotsopoulos okotsopoulos okotsopoulos approved these changes

@nmalfroy nmalfroy Awaiting requested review from nmalfroy

@samanehsan samanehsan Awaiting requested review from samanehsan

@lu-c lu-c Awaiting requested review from lu-c

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@snf2ye @fboulnois @okotsopoulos