[BIOMAGE-2014] - Fix staging SHA

.github/workflows/ci.yaml

@@ -106,6 +106,9 @@ jobs:
     name: Build Docker container
     runs-on: ubuntu-20.04
     needs: test
+    outputs:
+      ref-id: ${{ steps.ref.outputs.ref-id }}
+      commit-sha: ${{ steps.ref.outputs.commit-sha }}
     steps:
       - id: checkout
         name: Check out source code
@@ -117,6 +120,7 @@ jobs:
           # This will take a ref like `refs/heads/master`
           # and turn it into `refs-heads-master`
           REF_ID=$(echo $GITHUB_REF | sed 's/\//-/g')
+          echo "::set-output name=ref-id::$REF_ID"
 
           # the final tag is something like:
           # refs-heads-master-a4f8bc313dae
@@ -128,13 +132,23 @@ jobs:
           # in PR synch the latest commit of the branch is found in github.event.pull_request.head.sha instead
 
           if [ "${{ github.event_name }}" = "release" ] && [ "${{ github.event.action }}" = "released" ]; then
-            echo "::set-output name=tag::${REF_ID/refs-tags-/}"
+            COMMIT_SHA=""
+            IMAGE_TAG="${REF_ID/refs-tags-/}"
           elif [ "${{ github.event_name }}" = "pull_request" ]; then
-            echo "::set-output name=tag::$REF_ID-${{ github.event.pull_request.head.sha }}"
+            COMMIT_SHA="${{ github.event.pull_request.head.sha }}"
+            IMAGE_TAG="$REF_ID-$COMMIT_SHA"
           else
-            echo "::set-output name=tag::$REF_ID-$GITHUB_SHA"
+            COMMIT_SHA=$GITHUB_SHA
+            IMAGE_TAG="$REF_ID-$COMMIT_SHA"
           fi
 
+          echo "::set-output name=commit-sha::$COMMIT_SHA"
+
+          # IMAGE_TAG is used in the Build Docker Image step.
+          # We can easily build the image-tag from REF_ID and COMMIT_SHA for non-production releases.
+          # But we can not easily create the image tag for production releases, so we're bulding it here
+          echo "::set-output name=image-tag::$IMAGE_TAG"
+
           # This will take a GitHub repo name like `hms-dbmi-cellenics/iac`
           # and turns it into `iac`. This will be the name of the
           # ECR repository.
@@ -170,7 +184,7 @@ jobs:
           context: .
           file: ./Dockerfile
           platforms: linux/amd64
-          tags: ${{ format('{0}/{1}:{2}', steps.login-ecr.outputs.registry, steps.ref.outputs.repo-name, steps.ref.outputs.tag) }}
+          tags: ${{ format('{0}/{1}:{2}', steps.login-ecr.outputs.registry, steps.ref.outputs.repo-name, steps.ref.outputs.image-tag) }}
           push: false
           build-args: "READONLY_API_TOKEN_GITHUB=${{ secrets.READONLY_API_TOKEN_GITHUB }}"
 
@@ -180,7 +194,7 @@ jobs:
           echo Pushing image $IMAGE_NAME to ECR.
           docker push $IMAGE_NAME
         env:
-          IMAGE_NAME: ${{ format('{0}/{1}:{2}', steps.login-ecr.outputs.registry, steps.ref.outputs.repo-name, steps.ref.outputs.tag) }}
+          IMAGE_NAME: ${{ format('{0}/{1}:{2}', steps.login-ecr.outputs.registry, steps.ref.outputs.repo-name, steps.ref.outputs.image-tag) }}
 
       - id: send-to-slack
         name: Send failure notification to Slack
@@ -226,17 +240,15 @@ jobs:
       - id: fill-metadata
         name: Fill out a new HelmRelease resource
         run: |-
-          REF_DASHED=$(echo $GITHUB_REF | sed 's/\//-/g')
           DEPLOYMENT_NAME=$(echo $GITHUB_REPOSITORY | awk -F '/' '{print $2}')
           echo "::set-output name=deployment-name::$DEPLOYMENT_NAME"
-          echo "::set-output name=ref-dashed::$REF_DASHED"
 
           if [ "${{ matrix.environment }}" = "production" ]; then
             SANDBOX_ID="default"
             RDS_SANDBOX_ID="default"
             CHART_REF="master"
             KUBERNETES_ENV="production"
-            IMAGE_TAG="${REF_DASHED/refs-tags-/}"
+            IMAGE_TAG="${REF_ID/refs-tags-/}"
             IMAGE_GLOB="semver:>=0.0.0"
             REPLICA_COUNT="4"
           fi
@@ -246,8 +258,8 @@ jobs:
             RDS_SANDBOX_ID="default"
             CHART_REF="master"
             KUBERNETES_ENV="staging"
-            IMAGE_TAG="$REF_DASHED-$GITHUB_SHA"
-            IMAGE_GLOB="glob:$REF_DASHED-*"
+            IMAGE_TAG="$REF_ID-$COMMIT_SHA"
+            IMAGE_GLOB="glob:$REF_ID-*"
             REPLICA_COUNT="2"
           fi
 
@@ -256,8 +268,8 @@ jobs:
             RDS_SANDBOX_ID="STAGING_RDS_SANDBOX_ID"
             CHART_REF="STAGING_CHART_REF"
             KUBERNETES_ENV="staging"
-            IMAGE_TAG="$REF_DASHED-$GITHUB_SHA"
-            IMAGE_GLOB="glob:$REF_DASHED-*"
+            IMAGE_TAG="$REF_ID-$COMMIT_SHA"
+            IMAGE_GLOB="glob:$REF_ID-*"
             REPLICA_COUNT="1"
           fi
 
@@ -284,8 +296,8 @@ jobs:
 
           cat $DEPLOYMENT_NAME.yaml
         env:
-          IMAGE_NAME: ${{ format('{0}/{1}:{2}', steps.login-ecr.outputs.registry, needs.build-docker.outputs.repo-name, needs.build-docker.outputs.tag) }}
-
+          REF_ID: ${{ needs.build-docker.outputs.ref-id }}
+          COMMIT_SHA: ${{ needs.build-docker.outputs.commit-sha }}
 
       - id: disable-admin-enforcement
         name: Temporarily disable admin enforcement
@@ -315,9 +327,9 @@ jobs:
           (github.event_name == 'pull_request' || github.event_name == 'push') && matrix.environment == 'staging'
         env:
           DEPLOYMENT_NAME: ${{ steps.fill-metadata.outputs.deployment-name }}
-          REF_DASHED: ${{ steps.fill-metadata.outputs.ref-dashed }}
+          REF_ID: ${{ needs.build-docker.outputs.ref-id }}
         run: |-
-          mv $DEPLOYMENT_NAME.yaml $REF_DASHED.yaml
+          mv $DEPLOYMENT_NAME.yaml $REF_ID.yaml
 
       - name: Push staging deployment template to releases
         if:
@@ -326,7 +338,7 @@ jobs:
         env:
           API_TOKEN_GITHUB: ${{ secrets.API_TOKEN_GITHUB }}
         with:
-          source_file: '${{ steps.fill-metadata.outputs.ref-dashed }}.yaml'
+          source_file: ${{ needs.build-docker.outputs.ref-id }}.yaml
           destination_repo: '${{ github.repository_owner }}/releases'
           destination_folder: 'staging-candidates/${{ steps.fill-metadata.outputs.deployment-name }}'
           user_email: '[email protected]'