From 0387363505c8beb9f2f2457838531cbcad917c7f Mon Sep 17 00:00:00 2001
From: Olivia Kotsopoulos <okotsopo@broadinstitute.org>
Date: Thu, 18 Apr 2024 19:17:35 -0400
Subject: [PATCH] [DCJ-28] Slack DCJ team on release failures, retries

I set up new Github repository variable SLACK_NOTIFICATION_CHANNELS = #dsp-data-custodian-journeys

chart-releaser and integrationChartBump are called within releasedrumbrella: I removed their existing Slack notifications.

I reworked releasedr and releasedrumbrella's Slack notifications to be emitted by Sherlock on failures or retries to our variable-driven channel list.  (I think we should have the insight we need into deployments from Beehive's Slack deploy hooks, but I am not confident enough to fully remove them.  If / when these fail, we can take a closer look at the full suite of notifications that go out and pare down as needed.)
---
 .github/workflows/chart-releaser.yaml       | 26 ++-------------
 .github/workflows/integrationChartBump.yaml | 28 ++---------------
 .github/workflows/releasedr.yaml            | 35 +++++++--------------
 .github/workflows/releasedrumbrella.yaml    | 28 +++++------------
 4 files changed, 24 insertions(+), 93 deletions(-)

diff --git a/.github/workflows/chart-releaser.yaml b/.github/workflows/chart-releaser.yaml
index 50bcb6f0..0312b643 100644
--- a/.github/workflows/chart-releaser.yaml
+++ b/.github/workflows/chart-releaser.yaml
@@ -1,16 +1,8 @@
 name: Release helm charts
 
 on:
-  workflow_dispatch:
-    inputs:
-      notify-slack:
-        default: true
-        type: boolean
-  workflow_call:
-    inputs:
-      notify-slack:
-        default: false
-        type: boolean
+  workflow_dispatch: {}
+  workflow_call: {}
 
 jobs:
   release_chart:
@@ -42,17 +34,3 @@ jobs:
         env:
           CR_TOKEN: "${{ secrets.GITHUB_TOKEN }}"
           CR_SKIP_EXISTING: "true"
-
-      - name: "Notify Slack"
-        if: ${{ inputs.notify-slack && always() }}
-        uses: broadinstitute/action-slack@v3.15.0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-          MATRIX_CONTEXT: ${{ toJson(matrix) }} # required to work with job field
-        with:
-          status: ${{ job.status }}
-          fields: job,repo,message
-          channel: "#jade-spam"
-          username: "datarepo-helm actions"
-          text: "Release Helm Charts"
diff --git a/.github/workflows/integrationChartBump.yaml b/.github/workflows/integrationChartBump.yaml
index 833dc481..61ba45d7 100644
--- a/.github/workflows/integrationChartBump.yaml
+++ b/.github/workflows/integrationChartBump.yaml
@@ -3,16 +3,8 @@ env:
   charts: gcloud-sqlproxy datarepo-api datarepo-ui oidc-proxy create-secret-manager-secret
 
 on:
-  workflow_dispatch:
-    inputs:
-      notify-slack:
-        default: true
-        type: boolean
-  workflow_call:
-    inputs:
-      notify-slack:
-        default: false
-        type: boolean
+  workflow_dispatch: {}
+  workflow_call: {}
 
 jobs:
   indivdual_chart_promotion:
@@ -89,20 +81,6 @@ jobs:
       - name: "[${{ matrix.repo }}] Merge multi chart version update"
         uses: broadinstitute/datarepo-actions/actions/merger@0.73.0
         env:
-          COMMIT_MESSAGE: "Datarepo Integration mutli chart version update"
+          COMMIT_MESSAGE: "Datarepo Integration multi chart version update"
           GITHUB_REPO: ${{ matrix.repo }}
           SWITCH_DIRECTORIES: "true"
-
-      - name: "Notify Slack"
-        if: ${{ inputs.notify-slack && always() }}
-        uses: broadinstitute/action-slack@v3.15.0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-          MATRIX_CONTEXT: ${{ toJson(matrix) }} # required to work with job field
-        with:
-          status: ${{ job.status }}
-          fields: job,repo,message
-          channel: "#jade-spam"
-          username: "datarepo-helm actions"
-          text: "Integration Chart Promotion"
diff --git a/.github/workflows/releasedr.yaml b/.github/workflows/releasedr.yaml
index 24937cc5..25f08337 100644
--- a/.github/workflows/releasedr.yaml
+++ b/.github/workflows/releasedr.yaml
@@ -1,16 +1,8 @@
 name: Create chart Datarepo chart
 
 on:
-  workflow_dispatch:
-    inputs:
-      notify-slack:
-        default: true
-        type: boolean
-  workflow_call:
-    inputs:
-      notify-slack:
-        default: false
-        type: boolean
+  workflow_dispatch: {}
+  workflow_call: {}
   push:
     branches:
       - master
@@ -90,20 +82,6 @@ jobs:
           GITHUB_REPO: datarepo-helm
           MERGE_BRANCH: master
 
-      - name: "Notify Slack"
-        if: ${{ (github.event_name == 'push' && always()) || (inputs.notify-slack && always()) }} # workflow_call has own slack notification
-        uses: broadinstitute/action-slack@v3.15.0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-          MATRIX_CONTEXT: ${{ toJson(matrix) }} # required to work with job field
-        with:
-          status: ${{ job.status }}
-          fields: job,repo,message
-          channel: "#jade-spam"
-          username: "datarepo-helm actions"
-          text: "Create Datarepo Chart"
-
   report-chart-to-sherlock:
     name: Report Chart Version to DevOps
     needs: [release_new_umbrella_dr]
@@ -130,3 +108,12 @@ jobs:
       sync-git-token: ${{ secrets.BROADBOT_TOKEN }}
     permissions:
       id-token: write
+
+  report-workflow:
+    uses: broadinstitute/sherlock/.github/workflows/client-report-workflow.yaml@main
+    with:
+      relates-to-chart-releases: 'datarepo-dev'
+      notify-slack-channels-upon-workflow-failure: ${{ vars.SLACK_NOTIFICATION_CHANNELS }}
+      notify-slack-channels-upon-workflow-retry: ${{ vars.SLACK_NOTIFICATION_CHANNELS }}
+    permissions:
+      id-token: write
diff --git a/.github/workflows/releasedrumbrella.yaml b/.github/workflows/releasedrumbrella.yaml
index 6b6d8072..218b3243 100644
--- a/.github/workflows/releasedrumbrella.yaml
+++ b/.github/workflows/releasedrumbrella.yaml
@@ -29,23 +29,11 @@ jobs:
     needs: release_new_umbrella_dr
     uses: ./.github/workflows/integrationChartBump.yaml
     secrets: inherit
-  notify_slack:
-    needs:
-      - release_new_umbrella_dr
-      - release_umbrella_helm_charts
-      - integration_chart_promotion
-    runs-on: ubuntu-latest
-    if: always()
-    steps:
-      - name: "Notify Slack"
-        uses: broadinstitute/action-slack@v3.15.0
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-          SLACK_WEBHOOK_URL: ${{ secrets.SLACK_WEBHOOK_URL }}
-          MATRIX_CONTEXT: ${{ toJson(matrix) }} # required to work with job field
-        with:
-          status: ${{ contains(needs.*.result, 'failure') && 'failure' || 'success' }}
-          fields: job,repo,message
-          channel: "#jade-spam"
-          username: "datarepo-helm actions"
-          text: "Release Datarepo Chart"
+  report-workflow:
+    uses: broadinstitute/sherlock/.github/workflows/client-report-workflow.yaml@main
+    with:
+      relates-to-chart-releases: 'datarepo-dev'
+      notify-slack-channels-upon-workflow-failure: ${{ vars.SLACK_NOTIFICATION_CHANNELS }}
+      notify-slack-channels-upon-workflow-retry: ${{ vars.SLACK_NOTIFICATION_CHANNELS }}
+    permissions:
+      id-token: write