1.0.0
First initial tagged release
What's Changed
- Add draft CI workflow by @BrunoGrandePhD in #1
- Create S3 bucket for storing CloudFormation templates by @BrunoGrandePhD in #2
- Add NextFlow service account policy and user by @tthyer in #4
- Create initial draft for contribution guidelines by @BrunoGrandePhD in #3
- Add launch policy for NextFlow service user by @tthyer in #6
- CICD refactor by @tthyer in #7
- Revert "CICD refactor" by @tthyer in #8
- Revert "Revert "CICD refactor"" by @tthyer in #9
- Fix CICD refactor issues by @tthyer in #10
- Add VPCs by @tthyer in #11
- IT-1223: Add routes to VPN and update Sceptre action by @xschildw in #14
- Provision service user for accessing S3 data by @BrunoGrandePhD in #12
- Add an AWS Aurora cluster required for NextFlow Tower app by @tthyer in #15
- Add lambda to bootstrap tower database by @tthyer in #16
- Use
-O
option for storingwget
output to avoid caching by @BrunoGrandePhD in #17 - WORKFLOWS-25: support sceptre resolvers in build by @tthyer in #19
- WORKFLOWS-21: Add ECS cluster stack by @tthyer in #18
- Add KMS keys for workflows-specific infrastructure by @tthyer in #22
- Update Nextflow IAM Forge Policy by @daisyhan97 in #24
- WORKFLOWS-17: Enable Aurora DB logging via CloudWatch by @BrunoGrandePhD in #21
- Add stack that produces SMTP credentials by @tthyer in #35
- IT-1373: Add hosted zones by @xschildw in #38
- WORKFLOWS-36 use custom keys by @tthyer in #37
- Workflows-22 ECS task definition by @tthyer in #39
- Remove VPC peering by @tthyer in #40
- KMS key for bootstrapping must be in same stack with Lambda by @tthyer in #41
- Add ACM certificates for subdomains by @tthyer in #42
- Update VPC template version to the v0.3.0 tag by @tthyer in #43
- Update prod config for nextflow-aurora-mysql template changes by @tthyer in #44
- WORKFLOWS-20: Custom S3 Bucket Template by @daisyhan97 in #36
- Nextflow ECS Service and ALB by @tthyer in #48
- Happiness is a private subnet by @tthyer in #49
- System to mount Nextflow Tower configuration by @tthyer in #51
- [WORKFLOWS-43] Create comprehensive stack for compute environments by @BrunoGrandePhD in #50
- [WORKFLOWS-34] Onboarding Documentation by @BrunoGrandePhD in #52
- [WORKFLOWS-44] Add Managed Scaling by @tthyer in #53
- [WORKFLOWS-38] Encrypt EFS file system by @tthyer in #55
- [WORKFLOWS-44] Enable metrics collection for autoscaling group by @tthyer in #56
- Restrict KMS key access to project-specific roles and admins by @BrunoGrandePhD in #54
- [WORKFLOWS-51] Switch from GitHub to Google for IdP by @BrunoGrandePhD in #57
- add in challenge project by @thomasyu888 in #58
- [WORKFLOWS-42] Send tower container logs to Cloudwatch by @BrunoGrandePhD in #60
- [WORKFLOW-42] TESTING by @thomasyu888 in #63
- [WORKFLOWS-39] Parametrize IAM resources rather than hard-coding by @BrunoGrandePhD in #59
- [WORKFLOWS-52] Create post-launch hook script for Tower projects by @BrunoGrandePhD in #62
- [WORKFLOWS-60] Integrate
configure-tower-project.py
into CI by @BrunoGrandePhD in #64 - [WORKFLOWS-15/34] Create README with onboarding docs by @BrunoGrandePhD in #46
- Create
jhu-biobank-nf
Tower project by @BrunoGrandePhD in #61 - Create
imcore
Tower project by @BrunoGrandePhD in #66 - [WORKFLOWS-65] Create VPC gateway endpoints for S3 by @BrunoGrandePhD in #67
- Prevent public IPs being assigned to private EC2s by @BrunoGrandePhD in #68
- Require inbound ECS traffic to originate from VPC by @BrunoGrandePhD in #69
- add amp-ad project by @wpoehlm in #71
- [WORKFLOWS-67] Create more granular budget alerts by @BrunoGrandePhD in #73
- [WORKFLOWS-70] Create public buckets for iGenomes reference files by @BrunoGrandePhD in #74
- Add HTAN project by @adamjtaylor in #75
- [WORKFLOWS-66] Allow S3 object indexing by Synapse by @BrunoGrandePhD in #76
- [WORKFLOWS-68] Use Sceptre template handlers for remote templates by @BrunoGrandePhD in #72
- Migrate important info to Confluence wiki page with watchers by @BrunoGrandePhD in #78
- [WORKFLOWS-62 | WORKFLOWS-76] Add
CostCenter
tags by @BrunoGrandePhD in #77 - Ensure that iGenomes reference files are public by @BrunoGrandePhD in #81
- [WORKFLOWS-55 | WORKFLOWS-96] Upgrade Nextflow Tower to
v21.06.4
by @BrunoGrandePhD in #80 - [WORKFLOWS-84] Provide default GitHub credentials by @BrunoGrandePhD in #83
- [WORKFLOWS-99] Switch to
BucketOwnerEnforced
object ownership setting by @BrunoGrandePhD in #82 - Bump s3 permission by @thomasyu888 in #86
- Create INCLUDE Tower project by @BrunoGrandePhD in #87
- [WORKFLOWS-85] Prototype Tower project in separate account by @BrunoGrandePhD in #84
- Fix dependency paths after re-organizing configs by @BrunoGrandePhD in #88
- Create the production AMP-AD Tower project in the STRIDES AWS account by @BrunoGrandePhD in #89
- Minor docs changes by @allaway in #90
- Create cNF cell line processing Tower project by @allaway in #91
- [WORKFLOWS-93] Create Tower project for project GENIE by @BrunoGrandePhD in #92
- Fix
CostCenter
tags values based on latest list by @BrunoGrandePhD in #93 - Create ucf-dod-nf2-project.yaml by @allaway in #94
- [WORKFLOWS-181] Create and add teams to Tower workspaces by @BrunoGrandePhD in #96
- [WORKFLOWS-181] Ensure shorter team names due to length limit by @BrunoGrandePhD in #97
- [WORKFLOWS-181] Add support for paged requests by @BrunoGrandePhD in #98
- Create nfri-ctf-nf1-project.yaml by @allaway in #95
- Ensure that database migration completes before launching other containers by @BrunoGrandePhD in #99
- [WORKFLOWS-155] Enable secrets and OIDC token import in Tower-Dev by @BrunoGrandePhD in #100
- Add script for emptying an AWS Batch queue by @BrunoGrandePhD in #102
- Update link to valid program codes by @BrunoGrandePhD in #105
- [WORKFLOWS-187] Add scratch buckets for each Tower project by @BrunoGrandePhD in #103
- [WORKFLOWS-222 ] Update compute environment configuration by @BrunoGrandePhD in #101
- [WORKFLOWS-210] Configure Synapse OIDC as an authentication option by @BrunoGrandePhD in #104
- Create
ntap-gdp5-project
stack by @BrunoGrandePhD in #106 - [IT-1781] Clean up AWS resources (security tweaks) by @BrunoGrandePhD in #107
- [WORKFLOWS-53] Fix auto-scaling for Tower ECS service by @BrunoGrandePhD in #108
- [WORKFLOWS-233] Upgrade Nextflow Tower to
v22.1.0
by @BrunoGrandePhD in #109 - Update maintenance stack with longer cron duration by @BrunoGrandePhD in #110
- Disable private Tower workspaces per user by @BrunoGrandePhD in #111
- Consolidate and update Tower version by @BrunoGrandePhD in #112
- Create ctf-swnts-project.yaml by @ajs3nj in #113
- [WORKFLOWS-258] Block all public access on S3 buckets by @BrunoGrandePhD in #114
- Refine budget limits per account by @BrunoGrandePhD in #115
- [WORKFLOWS-293] Mitigate issue with orphaned EBS volumes (and upgrade Tower) by @BrunoGrandePhD in #116
- Refine budgets again based on notifications by @BrunoGrandePhD in #117
- Add Bruno to STRIDES AMP-AD project by @BrunoGrandePhD in #118
- [WORKFLOWS-410] Disable Tower Fusion in light of persistent issues by @BrunoGrandePhD in #119
- Added configuration files to onboard new users by @wpoehlm in #120
- Create robert-allaway-project by @allaway in #121
- Offboard Haley from GENIE by @thomasyu888 in #122
- Revert "Offboard Haley from GENIE" by @BrunoGrandePhD in #123
- Offboard Haley from GENIE by @BrunoGrandePhD in #124
- Create nf-ntap-biobank-jineta project by @jaybee84 in #126
- Fix pre-commit issues by @thomasyu888 in #127
- Rename robert-allaway-project to robert-allaway-project.yaml by @allaway in #128
- [WORKFLOWS-394] Add
TowerViewer
roles ahead of sandbox deprecation by @BrunoGrandePhD in #125 - Add chelsea nayan to GENIE read only by @thomasyu888 in #129
- Shell script for configuring SSH via SSM by @BrunoGrandePhD in #130
- Add project for MC2 MCMICRO work by @adamjtaylor in #131
- Change permissions for Chelsea by @thomasyu888 in #133
- Add external HMS collaborators to
mc2-mcmicro-project
by @BrunoGrandePhD in #134 - Deploy Lambda function to auto-delete orphaned EBS volumes by @BrunoGrandePhD in #135
- Update external user ARN by @adamjtaylor in #136
- WORKFLOWS-454 - Adds Brad access for HTAN by @BWMac in #137
- [ORCA-71] Migrate
TowerClient
to sagetasks by @BrunoGrandePhD in #138 - remove Tess Thyer, add Jared Hendrickson project S3 read access to st… by @wpoehlm in #139
- Add Sasha to ntap-add5-project.yaml by @ajs3nj in #140
- [WORKFLOWS-455] Harden separation in S3 access between Tower projects by @BrunoGrandePhD in #141
- [WORKFLOWS-461] Clean up Tower workspaces by @BrunoGrandePhD in #142
- [WORKFLOWS-481] Parametrize TowerViewer assumed-role ARN prefix by @BrunoGrandePhD in #143
- [IBCDPE-404] Remove unlisted participants in each workspace by @BrunoGrandePhD in #144
- Bump cryptography from 38.0.1 to 38.0.3 by @dependabot in #145
- IBCDPE-389/agora tower project by @BWMac in #147
- [ORCA-105] Create
orca-dev-project
Tower project by @BrunoGrandePhD in #148 - [WORKFLOWS-479] Update README for new support process by @BrunoGrandePhD in #146
- [WORKFLOWS-472] Add Rixing with read/write access to genie-bpc-project by @rxu17 in #149
- Add ARN for htan-dev external account by @adamjtaylor in #151
- [WORKFLOWS-497] Only return non-duplicated emails by @thomasyu888 in #152
- Bump certifi from 2022.9.24 to 2022.12.7 by @dependabot in #150
- Add Brad to example-project by @BrunoGrandePhD in #154
- [IBCSPRT-132] Ensure that MC2 external users are added to Tower by @BrunoGrandePhD in #155
- Bump cryptography from 38.0.4 to 39.0.1 by @dependabot in #156
- [WORKFLOWS-420] - Updates tower projects to transition files after 14 days, adds rules … by @BWMac in #153
- [IT-2366] Upgrade Tower to release 22.4.1 by @BrunoGrandePhD in #159
- [IBCDPE-431] iAtlas workspace by @BWMac in #157
- Create dev project for MC2/MCMICRO by @adamjtaylor in #160
- [IT-2364] Improve allocation strategy and instance types by @BrunoGrandePhD in #161
- [WORKFLOWS-515] Limit to cheaper
8xlarge
instance types by @BrunoGrandePhD in #162 - [WORKFLOWS-517] Switch to
BEST_FIT
for smaller instances by @BrunoGrandePhD in #164 - Optimize ECS config by @BrunoGrandePhD in #165
- [IBCSPRT-159] Add shorter data expiration lifecycle rules by @BrunoGrandePhD in #166
- [ORCA-171] Create container registry credentials for Wave service by @BrunoGrandePhD in #167
- [WORKFLOWS-521] Check Redis append-only file first by @BrunoGrandePhD in #174
- [ORCA-143] Enable Wave for Nextflow Tower by @BWMac in #173
- [IT-2357] Test on pull requests by @zaro0508 in #172
- Update sceptre template_path by @zaro0508 in #169
- Bump starlette from 0.22.0 to 0.25.0 by @dependabot in #158
- Bump markdown-it-py from 2.1.0 to 2.2.0 by @dependabot in #163
- [IT-2376] Switch from LaunchConfiguration to LaunchTemplate by @zaro0508 in #170
- [IT-2376] Remove LaunchConfiguration by @zaro0508 in #171
- [IT-2357] Setup dependent pipelines by @zaro0508 in #176
- Update the kms key template by @zaro0508 in #178
- ignore jetbrains folder by @zaro0508 in #179
- Bump AMP-AD budgets by @thomasyu888 in #182
- Add Nextflow dev resource for dan to test by @thomasyu888 in #183
- [IBCDPE-523] Add UNC collaborators to iAtlas project by @BWMac in #175
- [IT-2790] Change release workflow by @zaro0508 in #184
- Test by @thomasyu888 in #185
- [IT-2793] Fix pipenv cache in GH action by @zaro0508 in #186
- install pipenv and dependencies in reusable workflow by @zaro0508 in #188
- Re-commit the env changes by @thomasyu888 in #189
- Update pre-commit linters by @zaro0508 in #187
- Parameterize
notifications_email
for budgets by @BrunoGrandePhD in #190
New Contributors
- @tthyer made their first contribution in #4
- @xschildw made their first contribution in #14
- @daisyhan97 made their first contribution in #24
- @thomasyu888 made their first contribution in #58
- @wpoehlm made their first contribution in #71
- @adamjtaylor made their first contribution in #75
- @allaway made their first contribution in #90
- @ajs3nj made their first contribution in #113
- @jaybee84 made their first contribution in #126
- @BWMac made their first contribution in #137
- @dependabot made their first contribution in #145
- @rxu17 made their first contribution in #149
- @zaro0508 made their first contribution in #172
Full Changelog: https://github.com/Sage-Bionetworks-Workflows/nextflow-infra/commits/1.0.0