new way of chekcing auth

broadinstitute · Jan 21, 2025 · 2cce1f5 · 2cce1f5
1 parent c881827
commit 2cce1f5
Show file tree

Hide file tree

Showing 19 changed files with 37 additions and 186 deletions.
diff --git a/.github/workflows/authorized_users.yml b/.github/workflows/authorized_users.yml
@@ -21,7 +21,7 @@ jobs:
         id: gatekeeper
         run: |
           echo "The actor is: ${GITHUB_ACTOR}"
-          APPROVED_USERS=("nikellepetrilloo") # Add more users as needed
+          APPROVED_USERS=("nikellepetrillo") # Add more users as needed
 
           if [[ " ${APPROVED_USERS[@]} " =~ " ${GITHUB_ACTOR} " ]]; then
             echo "User ${GITHUB_ACTOR} is approved."

diff --git a/.github/workflows/test_cram_to_unmapped_bams.yml b/.github/workflows/test_cram_to_unmapped_bams.yml
@@ -60,17 +60,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestCramToUnmappedBams:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_exome_germline_single_sample.yml b/.github/workflows/test_exome_germline_single_sample.yml
@@ -73,17 +73,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestExomeGermlineSingleSample:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_exome_reprocessing.yml b/.github/workflows/test_exome_reprocessing.yml
@@ -76,17 +76,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestExomeReprocessing:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_imputation.yml b/.github/workflows/test_imputation.yml
@@ -61,22 +61,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestImputation:
-    needs: [check-authorization, authorization-failed]
-    if: |
-      always() &&
-      needs.check-authorization.outputs.approved == 'true' &&
-      needs.check-authorization.result == 'success'
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_joint_genotyping.yml b/.github/workflows/test_joint_genotyping.yml
@@ -65,17 +65,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestJointGenotyping:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_multisamplesmartseq2singlenucleus.yml b/.github/workflows/test_multisamplesmartseq2singlenucleus.yml
@@ -69,17 +69,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestMultiSampleSmartSeq2SingleNucleus:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_optimus.yml b/.github/workflows/test_optimus.yml
@@ -69,17 +69,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestOptimus:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_pairedtag.yml b/.github/workflows/test_pairedtag.yml
@@ -71,17 +71,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestPairedTag:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_reblockGVCF.yml b/.github/workflows/test_reblockGVCF.yml
@@ -63,17 +63,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestReblockGVCF:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_rna_with_umis.yml b/.github/workflows/test_rna_with_umis.yml
@@ -64,17 +64,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestRNAWithUMIsPipeline:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_slideseq.yml b/.github/workflows/test_slideseq.yml
@@ -67,17 +67,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestSlideSeq:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_snm3c.yml b/.github/workflows/test_snm3c.yml
@@ -60,17 +60,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   Testsnm3C:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_ultima_genomics_joint_genotyping.yml b/.github/workflows/test_ultima_genomics_joint_genotyping.yml
@@ -67,17 +67,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestUltimaGenomicsJointGenotyping:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_ultima_genomics_whole_genome_cram_only.yml b/.github/workflows/test_ultima_genomics_whole_genome_cram_only.yml
@@ -74,17 +74,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
+  TestUltimaGenomicsWholeGenomeCramOnly:
     needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
-  run_pipeline:
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_ultima_genomics_whole_genome_germline.yml b/.github/workflows/test_ultima_genomics_whole_genome_germline.yml
@@ -74,17 +74,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestUltimaGenomicsWholeGenomeGermline:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_variant_calling.yml b/.github/workflows/test_variant_calling.yml
@@ -65,17 +65,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestVariantCalling:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_whole_genome_germline_single_sample.yml b/.github/workflows/test_whole_genome_germline_single_sample.yml
@@ -74,17 +74,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestWholeGenomeGermlineSingleSample:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions:

diff --git a/.github/workflows/test_whole_genome_reprocessing.yml b/.github/workflows/test_whole_genome_reprocessing.yml
@@ -77,17 +77,9 @@ jobs:
   check-authorization:
     uses: ./.github/workflows/authorized_users.yml
 
-  authorization-failed:
-    needs: check-authorization
-    if: ${{ failure() }}
-    runs-on: ubuntu-latest
-    steps:
-      - name: Authorization Failed
-        run: |
-          echo "::error::Authorization check failed - unauthorized user"
-          exit 1
-
   TestWholeGenomeReprocessing:
+    needs: check-authorization
+    if: ${{ needs.check-authorization.outputs.approved == 'true' }}
     runs-on: ubuntu-latest
     # Add "id-token" with the intended permissions.
     permissions: