Update 01deg jra55 iaf bgc

.github/workflows/call-pr-1-ci.yml

@@ -0,0 +1,25 @@
+# This workflow is used to convert the `.version` in the `metadata.yaml` file into a valid `git tag` on push to `main`.
+# We use the `.version` field in that file to denote the version of the config once a PR is merged.
+name: pr-1-ci.yml
+on:
+  pull_request:
+    branches:
+      - 'release-*'
+      - 'dev-*'
+    paths-ignore:
+      # These are ignored because they don't have anything to do with the model itself
+      - .github/**
+      - tools/**
+      - doc/**
+      - .*
+      - README.md
+jobs:
+  call:
+    # We simply call the workflow on main so we don't have to propagate CI changes to
+    # multiple config branches all the time.
+    uses: access-nri/access-om2-configs/.github/workflows/pr-1-ci.yml@main
+    secrets: inherit
+    permissions:
+      contents: write
+      pull-requests: write
+      checks: write

.github/workflows/call-pr-3-bump-tag.yml

@@ -0,0 +1,19 @@
+# This workflow is used to convert the `.version` in the `metadata.yaml` file
+# into a valid `git tag` on push to `main`.
+# We use the `.version` field in that file to denote the version of the config
+# once a PR is merged.
+name: Call pr-3-bump-tag.yml
+on:
+  push:
+    branches:
+      - 'release-*'
+    paths:
+      - 'metadata.yaml'
+jobs:
+  call:
+    # We simply call the workflow on main so we don't have to propagate CI changes to
+    # multiple config branches all the time.
+    uses: access-nri/access-om2-configs/.github/workflows/pr-3-bump-tag.yml@main
+    secrets: inherit
+    permissions:
+      contents: write

.github/workflows/pr-2-confirm.yml

@@ -0,0 +1,160 @@
+# This workflow is used to do a major/minor version bump to the `metadata.yaml` file,
+# through a comment on the PR. It also commits and pushes the checksum file,
+# as this is the last stage before merging.
+# This is not done automatically because users may want to modify their config
+# based on the result of the reproducibility check.
+name: Confirm
+on:
+  issue_comment:
+    types:
+      - created
+      - edited
+env:
+  GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+  RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
+jobs:
+  bump-version:
+    name: Bump metadata.yaml
+    # Bump the `metadata.yaml` file if the comment is made on a PR and starts with '!bump'
+    if: github.event.issue.pull_request && startsWith(github.event.comment.body, '!bump')
+    runs-on: ubuntu-latest
+    outputs:
+      # metadata.yaml version before being bumped
+      before: ${{ steps.bump.outputs.before }}
+      # metadata.yaml version after being bumped
+      after: ${{ steps.bump.outputs.after }}
+      # The type of bump - 'major' or 'minor'
+      type: ${{ steps.type.outputs.bump }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          token: ${{ secrets.GH_COMMIT_CHECK_TOKEN }}
+
+      - name: Checkout Associated PR ${{ github.event.issue.number }}
+        # Since the trigger for this workflow was on.issue_comment, we need
+        # to do a bit more wrangling to checkout the pull request
+        id: pr
+        run: gh pr checkout ${{ github.event.issue.number }}
+
+      - name: Get Type of Bump
+        id: type
+        run: |
+          if [[ "${{ contains(github.event.comment.body, 'minor') }}" == "true" ]]; then
+            echo "bump=minor" >> $GITHUB_OUTPUT
+          elif [[ ${{ contains(github.event.comment.body, 'major') }} == "true" ]]; then
+            echo "bump=major" >> $GITHUB_OUTPUT
+          else
+            echo "::error::Comment was not of the form: '!bump [major|minor]'"
+            exit 1
+          fi
+
+      - name: Bump
+        # Regarding the regex in the script: `([0-9]+)\.([0-9]+)` is broken down into:
+        # `([0-9]+)`: Major version (eg. `12`)
+        # `\.`: Version separator (eg. `.`)
+        # `([0-9]+)`: Minor version (eg. `1`)
+        # which would give `12.1`
+        id: bump
+        run: |
+          version=$(yq '.version' metadata.yaml)
+          regex="([0-9]+)\.([0-9]+)"
+          if [[ $version =~ $regex ]]; then
+            major_version="${BASH_REMATCH[1]}"
+            minor_version="${BASH_REMATCH[2]}"
+          else
+            echo "::error::Invalid version format in metadata.yaml file!"
+            exit 1
+          fi
+
+          if [[ "${{ steps.type.outputs.bump }}" == "minor" ]]; then
+            minor_version=$((minor_version + 1))
+          elif [[ "${{ steps.type.outputs.bump }}" == "major" ]]; then
+            major_version=$((major_version + 1))
+            minor_version=0
+          fi
+          new_version="${major_version}.${minor_version}"
+          echo "before=$version" >> $GITHUB_OUTPUT
+          echo "after=$new_version" >> $GITHUB_OUTPUT
+
+  commit:
+    name: Commit metadata.yaml and Checksum
+    needs:
+      - bump-version
+    runs-on: ubuntu-latest
+    permissions:
+      contents: write
+      pull-requests: write
+    env:
+      GH_TOKEN: ${{ secrets.GH_COMMIT_CHECK_TOKEN }}
+      ARTIFACT_LOCAL_LOCATION: /opt/artifact
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+          token: ${{ secrets.GH_COMMIT_CHECK_TOKEN }}
+
+      - name: Checkout Associated PR ${{ github.event.issue.number }}
+        # Since the trigger for this workflow was on.issue_comment, we need
+        # to do a bit more wrangling to checkout the pull request and get the branch name
+        id: pr
+        run: |
+          gh pr checkout ${{ github.event.issue.number }}
+          echo "branch=$(git rev-parse --abbrev-ref HEAD)" >> $GITHUB_OUTPUT
+
+      - name: Download Newly Created Checksum
+        # Given the PR branch, we need to find the latest associated workflow run
+        # on this branch we can then download the associated artifact
+        run: |
+          associated_run=$(gh run list \
+            --json='databaseId,headBranch,updatedAt,status' \
+            --jq='[.[] | select(.headBranch == "${{ steps.pr.outputs.branch }}" and .status == "completed")] | sort_by(.updatedAt) | last | .databaseId')
+          gh run download $associated_run -D ${{ env.ARTIFACT_LOCAL_LOCATION }}
+
+      - name: Update metadata.yaml and Checksum files
+        run: |
+          yq -i '.version = "${{ needs.bump-version.outputs.after }}"' metadata.yaml
+          cp --recursive --verbose ${{ env.ARTIFACT_LOCAL_LOCATION }}/*/* testing
+
+      - name: Commit and Push Updates
+        run: |
+          git config user.name github-actions
+          git config user.email [email protected]
+
+          if [[ "${{ needs.bump-version.outputs.type }}" == "minor" ]]; then
+            git commit -am "Bumped version to ${{ needs.bump-version.outputs.after }} as part of ${{ env.RUN_URL }}"
+          elif [[ "${{ needs.bump-version.outputs.type }}" == "major" ]]; then
+            git commit -am "Updated checksums and bumped version to ${{ needs.bump-version.outputs.after }} as part of ${{ env.RUN_URL }}"
+          fi
+          git push
+
+      - name: Comment Success
+        env:
+          BODY: |
+            :white_check_mark: Version bumped from `${{ needs.bump-version.outputs.before }}` to `${{ needs.bump-version.outputs.after }}` :white_check_mark:
+        run: gh pr comment --body '${{ env.BODY }}'
+
+  failure-notifier:
+    name: Failure Notifier
+    if: failure()
+    needs:
+      - commit
+    runs-on: ubuntu-latest
+    permissions:
+      pull-requests: write
+    env:
+      GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      GH_REPO: ${{ github.repository }}
+    steps:
+      - uses: actions/checkout@v4
+        with:
+          fetch-depth: 0
+
+      - name: Checkout Associated PR ${{ github.event.issue.number }}
+        run: gh pr checkout ${{ github.event.issue.number }}
+
+      - name: Comment Failure
+        env:
+          BODY: |
+            :x: Failed to bump VERSION or commit changes, see ${{ env.RUN_URL }} :x:
+        run: gh pr comment --body '${{ env.BODY }}'

.github/workflows/validate-json.yml

@@ -0,0 +1,13 @@
+name: Validate JSON files
+on:
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '**.json'
+jobs:
+  validate:
+    name: Validate
+    uses: access-nri/actions/.github/workflows/validate-json.yml@main
+    with:
+      src: "config"