Use reusable image deploy

[kathy-t]

Description
This PR uses the reusable deploy_artifacts workflow from dockstore/workflow-actions#3 that deploys a branch/tag to artifactory and uploads an image to quay. This happens for every push of a branch and tag and does not need to be manually invoked.

The settings.xml file is deleted because the settings are now specified in the reusable deploy_artifacts workflow.

Review Instructions
Builds should pass for the develop branch. Create a new tagged release and verify that the Deploy artifacts GitHub action works.

Issue
https://ucsc-cgl.atlassian.net/browse/SEAB-6771

Security
If there are any concerns that require extra attention from the security team, highlight them here.

Please make sure that you've checked the following before submitting your pull request. Thanks!

• Check that you pass the basic style checks and unit tests by running mvn clean install in the project that you have modified (until https://ucsc-cgl.atlassian.net/browse/SEAB-5300 adds multi-module support properly)
• Ensure that the PR targets the correct branch. Check the milestone or fix version of the ticket.
• If you are changing dependencies, check with dependabot to ensure you are not introducing new high/critical vulnerabilities
• If this PR is for a user-facing feature, create and link a documentation ticket for this feature (usually in the same milestone as the linked issue). Style points if you create a documentation PR directly and link that instead.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 20.37%. Comparing base (d7f8b3b) to head (1a0369e).

❗ There is a different number of reports uploaded between BASE (d7f8b3b) and HEAD (1a0369e). Click for more details.

HEAD has 1 upload less than BASE

Flag	BASE (d7f8b3b)	HEAD (1a0369e)
toolbackup	1	0

Additional details and impacted files

@@              Coverage Diff              @@
##             develop     #510      +/-   ##
=============================================
- Coverage      27.08%   20.37%   -6.72%     
+ Complexity       150      110      -40     
=============================================
  Files             44       44              
  Lines           2322     2322              
  Branches         196      196              
=============================================
- Hits             629      473     -156     
- Misses          1646     1809     +163     
+ Partials          47       40       -7     

Flag	Coverage Δ
metricsaggregator	20.37% <ø> (ø)
toolbackup	?
tooltester	9.21% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[denis-yuen]

I have similar changes in the webservice and dockstore-deploy repos to use the reusable image deploy workflow, but the above question can be applied for those repos as well, so I would like to get some opinions before I request reviews for the other repos.

Ah, you can ignore my question in the other PR.

I think it makes sense, we may want to keep an eye on artifactory (e.g. if i gets too big, or I may have set a limit on how many snapshot versions it can store, so the old ones may drop out sooner) but I think this is something @svonworl requested at some point to work with feature branches or something

[coverbeck]

How do we feel about creating the image for every branch?

I'm OK with creating it for every branch. Most of the time we won't need it, but when we do, it's useful. Unless we run into some quota limits on Quay, might as well.

[coverbeck]

Presumably you'll change this to main after your other PR is merged?

[svonworl]

Little bit confused by deploy_image and deploy_tagged, they seem similar. Why not just [the functionality of] deploy_image on its own?

[kathy-t]

deploy_image deploys the image to quay and uploads the image digest to S3.

deploy_tagged uploads the tagged release to artifactory.

They could arguably be combined (at least from the POV of this repo), but not all of our repositories require uploading the artifacts to artifactory, which is why I separated out deploy_image and deploy_tagged.

[denis-yuen]

Would be good code comment

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud