For a complete introduction to WorkFlow Launcher, please visit its documentation website!
WorkFlow Launcher (WFL) is a workload manager.
For example, a workload could be a set of Whole Genome samples to be reprocessed in a given project/bucket, the workflow is the processing of an individual sample in that workload running WGS reprocessing; a workload could also be a queue of incoming notifications that describe all of the required inputs to launch Arrays scientific pipelines in Cromwell.
When we need to access a Vault secret within GitHub Actions (ex. within integration test runs), we should propagate it to a Github Secret managed by Atlantis -- DSP's Terraform deployment server. The GitHub Secret should then be passed to the action as an environment variable rather than Vault being accessed directly, an operation which could risk leaking secrets publicly.
To view or maintain WFL's Atlantis-managed Github Secrets, see terraform-ap-deployments repository.
More Information: "Moving Vault secrets to Github via Atlantis"
Questions: #dsp-devops-champions