From 786cf95c796fc4d59085a772f62f33cb73a70f0c Mon Sep 17 00:00:00 2001 From: robg-test <106234256+robg-test@users.noreply.github.com> Date: Mon, 20 Oct 2025 14:29:53 +0100 Subject: [PATCH 1/4] [PRM-516] Workflow Renames TEMP Make Ticket - 2 Undo the repo rename Formatting [PRM-516] Remove Merge files [PRM-516] Workflow Renames --- .../workflows/automated-sbom-repo-scan.yml | 14 ++--- .github/workflows/base-cypress-build.yml | 12 ++--- .github/workflows/base-cypress-smoketest.yml | 2 +- .../workflows/base-cypress-test-all-env.yml | 4 +- .github/workflows/base-cypress-test.yml | 18 +++---- .github/workflows/base-data-collection.yml | 6 +-- .github/workflows/base-deploy-ui.yml | 22 ++++---- .github/workflows/base-e2e-backendtest.yml | 2 +- ...base-lambda-layer-reusable-publish-all.yml | 12 ++--- .../base-lambda-layer-reusable-publish.yml | 6 +-- .../workflows/base-lambdas-check-packages.yml | 9 ++-- .../workflows/base-lambdas-edge-deploy.yml | 14 ++--- .../base-lambdas-reusable-deploy-all.yml | 4 +- .../base-lambdas-reusable-deploy.yml | 8 +-- .../workflows/base-lambdas-reusable-test.yml | 13 +++-- .github/workflows/base-run-bulk-upload.yml | 2 +- .github/workflows/base-vitest-test.yml | 14 ++--- .github/workflows/bulk-upload-300-test.yml | 2 +- .github/workflows/codeql.yml | 53 +++++++++---------- .../data-collection-deploy-to-sandbox.yml | 4 +- .github/workflows/full-deploy-to-pre-prod.yml | 38 ++++++------- .github/workflows/full-deploy-to-prod.yml | 8 +-- .github/workflows/full-deploy-to-sandbox.yml | 4 +- .github/workflows/git-rename-tag.yml | 17 +++--- .../lambdas-deploy-feature-to-sandbox.yml | 6 +-- .../workflows/lambdas-deploy-to-pre-prod.yml | 41 +++++++------- .github/workflows/lambdas-deploy-to-prod.yml | 2 +- .github/workflows/lambdas-deploy-to-test.yml | 6 +-- .github/workflows/lambdas-dev-to-main-ci.yml | 4 +- .github/workflows/ndr-e2e-backend-test-ci.yml | 4 +- .github/workflows/ndr-e2e-test-sandbox.yml | 2 +- .../workflows/ndr-smoketest-ui-test-ci.yml | 6 +-- .../performance-base-run-bulk-upload.yml | 4 +- .../performance-run-bulk-upload-test.yml | 4 +- .github/workflows/run-bulk-upload-dev.yml | 2 +- .../workflows/run-bulk-upload-pre-prod.yml | 2 +- .github/workflows/run-bulk-upload-test.yml | 2 +- .github/workflows/sonarcloud-analysis.yml | 14 ++--- .github/workflows/subscribe-to-mns.yml | 6 +-- .../ui-deploy-feature-to-sandbox-manual.yml | 7 ++- .../ui-deploy-to-pre-prod-manual.yml | 42 +++++++-------- .../workflows/ui-deploy-to-prod-manual.yml | 10 ++-- .../workflows/ui-deploy-to-test-manual.yml | 13 +++-- .github/workflows/ui-dev-to-main-ci.yml | 4 +- .github/workflows/ui-smoketest.yml | 20 +++---- 45 files changed, 237 insertions(+), 252 deletions(-) diff --git a/.github/workflows/automated-sbom-repo-scan.yml b/.github/workflows/automated-sbom-repo-scan.yml index 714d9c31e..913eb7b89 100644 --- a/.github/workflows/automated-sbom-repo-scan.yml +++ b/.github/workflows/automated-sbom-repo-scan.yml @@ -1,11 +1,11 @@ -name: 'Z-AUTOMATED: SBOM Repo Scan' +name: "Z-AUTOMATED Tool: SBOM Repo Scan" on: pull_request: types: [opened, synchronize, reopened] permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action id-token: write # Required for requesting the JWT pull-requests: write @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v5 with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - uses: anchore/sbom-action@v0 with: @@ -51,14 +51,14 @@ jobs: repo: context.repo.repo, issue_number: context.issue.number, }) - + const botComment = comments.find(comment => { return comment.user.type === 'Bot' && comment.body.includes('Code security issues found') }) // 2. Prepare format of the comment const output = `### Code security issues found - + View full details [here](https://github.com/${{ github.repository }}/security/code-scanning?query=is%3Aopen+pr%3A${{ github.event.pull_request.number }}).`; // 3. If we have a comment, update it, otherwise create a new one @@ -70,7 +70,7 @@ jobs: body: output }) } - + github.rest.issues.createComment({ issue_number: context.issue.number, owner: context.repo.owner, @@ -89,7 +89,7 @@ jobs: repo: context.repo.repo, issue_number: context.issue.number, }) - + const botComment = comments.find(comment => { return comment.user.type === 'Bot' && comment.body.includes('Code security issues found') }) diff --git a/.github/workflows/base-cypress-build.yml b/.github/workflows/base-cypress-build.yml index 7053eb12e..ec3513f81 100644 --- a/.github/workflows/base-cypress-build.yml +++ b/.github/workflows/base-cypress-build.yml @@ -1,13 +1,13 @@ # .github/workflows/terraform-dev -name: 'Z-BASE Cypress Build: Run a cypress build job' +name: "Z-BASE Build: Cypress" on: workflow_call: inputs: build_branch: - description: 'Branch with smoke tests.' + description: "Branch with smoke tests." required: true - type: 'string' + type: "string" permissions: pull-requests: write @@ -22,13 +22,13 @@ jobs: - name: Checkout uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ github.event.inputs.build_branch }} - name: Cypress install run: npm install --legacy-peer-deps working-directory: ./app - + - name: Configure React environment vars env: ENDPOINT_DOC_STORE_API: http://localhost:3000 @@ -37,7 +37,7 @@ jobs: IDENTITY_PROVIDER_POOL_ID: not provided yet MONITOR_ACCOUNT_ID: not provided yet BUILD_ENV: development - IMAGE_VERSION: 'not-required' + IMAGE_VERSION: "not-required" run: | ./react-environment-config.sh working-directory: ./app diff --git a/.github/workflows/base-cypress-smoketest.yml b/.github/workflows/base-cypress-smoketest.yml index 98dd52800..d1b06616b 100644 --- a/.github/workflows/base-cypress-smoketest.yml +++ b/.github/workflows/base-cypress-smoketest.yml @@ -1,5 +1,5 @@ # .github/workflows/terraform-dev -name: "Z-BASE Cypress Smoketest: Smoketest shared actions for running" +name: "Z-BASE Test: UI Smoke Test" on: workflow_call: diff --git a/.github/workflows/base-cypress-test-all-env.yml b/.github/workflows/base-cypress-test-all-env.yml index e92c195d3..1d3ceb83b 100644 --- a/.github/workflows/base-cypress-test-all-env.yml +++ b/.github/workflows/base-cypress-test-all-env.yml @@ -1,4 +1,4 @@ -name: "Z-BASE Cypress Test: Run a cypress test job against all browsers" +name: "Z-BASE Test: Cypress e2e browsers" on: workflow_call: @@ -21,7 +21,7 @@ jobs: view_action_parameters: name: View input params runs-on: ubuntu-latest - steps: + steps: - name: Display client passed variables run: | echo Build Branch: ${{ inputs.build_branch }} diff --git a/.github/workflows/base-cypress-test.yml b/.github/workflows/base-cypress-test.yml index 16bb48318..20f971e6f 100644 --- a/.github/workflows/base-cypress-test.yml +++ b/.github/workflows/base-cypress-test.yml @@ -1,21 +1,21 @@ # .github/workflows/terraform-dev -name: 'Z-BASE Cypress Test Base: Run a cypress test job against a specific browser' +name: "Z-BASE Test: Cypress e2e browser" on: workflow_call: inputs: build_branch: - description: 'Branch with smoke tests.' + description: "Branch with smoke tests." required: true - type: 'string' + type: "string" cypress_base_url: - description: 'Base URL to run tests against' + description: "Base URL to run tests against" required: true - type: 'string' + type: "string" cypress_browser: - description: 'what browser to run against' + description: "what browser to run against" required: true - type: 'string' + type: "string" permissions: pull-requests: write @@ -39,7 +39,7 @@ jobs: - name: Checkout uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ inputs.build_branch }} - name: Download the build folder @@ -66,7 +66,7 @@ jobs: working-directory: ./app env: CYPRESS_BASE_URL: ${{ inputs.cypress_base_url }} - CYPRESS_grepTags: 'regression' + CYPRESS_grepTags: "regression" - uses: actions/upload-artifact@v4 if: failure() diff --git a/.github/workflows/base-data-collection.yml b/.github/workflows/base-data-collection.yml index 84f533f33..f913c9547 100644 --- a/.github/workflows/base-data-collection.yml +++ b/.github/workflows/base-data-collection.yml @@ -1,4 +1,4 @@ -name: "Z-BASE Deploy Data Collection: Build data collection image" +name: "Z-BASE Deploy: Data Collection" on: workflow_call: @@ -32,9 +32,9 @@ jobs: steps: - uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ inputs.build_branch }} - fetch-depth: '0' + fetch-depth: "0" - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 diff --git a/.github/workflows/base-deploy-ui.yml b/.github/workflows/base-deploy-ui.yml index 2acef787d..e9d83c968 100644 --- a/.github/workflows/base-deploy-ui.yml +++ b/.github/workflows/base-deploy-ui.yml @@ -1,5 +1,5 @@ # .github/workflows/terraform-dev -name: "Z-BASE Deploy UI: Run a deploy job for the UI" +name: "Z-BASE Deploy: UI" on: workflow_call: @@ -21,7 +21,7 @@ on: required: true permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action id-token: write # This is required for requesting the JWT pull-requests: write @@ -37,9 +37,9 @@ jobs: steps: - uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ inputs.build_branch }} - fetch-depth: '0' + fetch-depth: "0" - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 @@ -48,10 +48,10 @@ jobs: role-skip-session-tagging: true aws-region: ${{ vars.AWS_REGION }} mask-aws-account-id: true - + - name: Get SSM parameters from SSM id: ssm-parameters - run: | + run: | doc_store_api_endpoint=$(aws ssm get-parameter --name "/ndr/${{ inputs.sandbox }}/api_endpoint" --with-decryption --query "Parameter.Value" --output text) echo "::add-mask::$doc_store_api_endpoint" echo "ENDPOINT_DOC_STORE_API=$doc_store_api_endpoint" >> $GITHUB_ENV @@ -65,7 +65,7 @@ jobs: cloudfront_domain_name=$(aws cloudfront list-distributions --query "DistributionList.Items[?starts_with(Origins.Items[0].DomainName, '${{ inputs.sandbox }}')].DomainName" --output text) echo "Cloudfront domain name found for environment: $cloudfront_domain_name" echo "CLOUDFRONT_DOMAIN_NAME=$cloudfront_domain_name" >> $GITHUB_ENV - + - name: Login to Amazon ECR id: login-ecr uses: aws-actions/amazon-ecr-login@v2 @@ -86,16 +86,16 @@ jobs: --query "AppMonitorSummaries[?starts_with(Name, '${{ inputs.sandbox }}')].Id" \ --output text) echo "::add-mask::$app_monitor_id" - echo "MONITOR_ACCOUNT_ID=$app_monitor_id" >> $GITHUB_OUTPUT + echo "MONITOR_ACCOUNT_ID=$app_monitor_id" >> $GITHUB_OUTPUT - name: Configure React environment vars env: AWS_REGION: ${{ vars.AWS_REGION }} OIDC_PROVIDER_ID: not provided yet - IDENTITY_PROVIDER_POOL_ID: ${{ steps.cognito-identity-pool.outputs.IDENTITY_PROVIDER_POOL_ID }} - MONITOR_ACCOUNT_ID: ${{ steps.rum-app-monitor.outputs.MONITOR_ACCOUNT_ID }} + IDENTITY_PROVIDER_POOL_ID: ${{ steps.cognito-identity-pool.outputs.IDENTITY_PROVIDER_POOL_ID }} + MONITOR_ACCOUNT_ID: ${{ steps.rum-app-monitor.outputs.MONITOR_ACCOUNT_ID }} BUILD_ENV: ${{ inputs.environment }} - IMAGE_VERSION: 'ndr-${{ inputs.sandbox }}-app:${{ github.sha }}' + IMAGE_VERSION: "ndr-${{ inputs.sandbox }}-app:${{ github.sha }}" run: | ./react-environment-config.sh diff --git a/.github/workflows/base-e2e-backendtest.yml b/.github/workflows/base-e2e-backendtest.yml index ce270caf0..c5feb1543 100644 --- a/.github/workflows/base-e2e-backendtest.yml +++ b/.github/workflows/base-e2e-backendtest.yml @@ -1,5 +1,5 @@ # .github/workflows/terraform-dev -name: "Z-BASE E2e Test: E2e shared actions for running tests on the NDR Backend" +name: "Z-BASE: Test - Backend E2e Test" on: workflow_call: diff --git a/.github/workflows/base-lambda-layer-reusable-publish-all.yml b/.github/workflows/base-lambda-layer-reusable-publish-all.yml index 7b5877c88..1449d9b45 100644 --- a/.github/workflows/base-lambda-layer-reusable-publish-all.yml +++ b/.github/workflows/base-lambda-layer-reusable-publish-all.yml @@ -1,4 +1,4 @@ -name: 'ZBASE Lambda Layers: Deploy all required Lambda layers' +name: "Z-BASE Deploy: Lambda layers" on: workflow_call: @@ -10,13 +10,13 @@ on: required: true type: string build_branch: - description: 'Feature branch to push to test?' + description: "Feature branch to push to test?" required: true - type: 'string' + type: "string" sandbox: - description: 'Which Sandbox to push to' + description: "Which Sandbox to push to" required: true - type: 'string' + type: "string" secrets: AWS_ASSUME_ROLE: required: true @@ -84,4 +84,4 @@ jobs: sandbox: ${{ inputs.sandbox }} lambda_layer_name: alerting_lambda_layer secrets: - AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} \ No newline at end of file + AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} diff --git a/.github/workflows/base-lambda-layer-reusable-publish.yml b/.github/workflows/base-lambda-layer-reusable-publish.yml index f6cc115a5..d74c51552 100644 --- a/.github/workflows/base-lambda-layer-reusable-publish.yml +++ b/.github/workflows/base-lambda-layer-reusable-publish.yml @@ -1,4 +1,4 @@ -name: 'Z-BASE Lambda Layer: action to deploy a single lambda layer' +name: "Z-BASE Deploy: Lambda layer" on: workflow_call: @@ -47,9 +47,9 @@ jobs: - name: Checkout uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ inputs.build_branch }} - fetch-depth: '0' + fetch-depth: "0" - name: Set up Python ${{ inputs.python_version }} uses: actions/setup-python@v5 diff --git a/.github/workflows/base-lambdas-check-packages.yml b/.github/workflows/base-lambdas-check-packages.yml index 25857c9ca..accd62d41 100644 --- a/.github/workflows/base-lambdas-check-packages.yml +++ b/.github/workflows/base-lambdas-check-packages.yml @@ -1,4 +1,4 @@ -name: "Z-BASE Lambdas: Lambda check packages runner" +name: "Z-BASE Build: Lambda Package Audit" on: workflow_call: @@ -24,7 +24,6 @@ jobs: name: View input params runs-on: ubuntu-latest steps: - - name: Display client passed variables run: | echo Python Version: ${{ inputs.python_version }} @@ -40,7 +39,7 @@ jobs: - name: Checkout uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ inputs.build_branch }} - name: Set up Python ${{ inputs.python_version }} @@ -49,7 +48,7 @@ jobs: python-version: ${{ inputs.python_version }} - name: Make virtual environment - run: | + run: | make env - name: Start virtual environment @@ -59,4 +58,4 @@ jobs: - name: Check packages with pip-audit run: | - make check-packages \ No newline at end of file + make check-packages diff --git a/.github/workflows/base-lambdas-edge-deploy.yml b/.github/workflows/base-lambdas-edge-deploy.yml index a92b1516d..dc6e8e2df 100644 --- a/.github/workflows/base-lambdas-edge-deploy.yml +++ b/.github/workflows/base-lambdas-edge-deploy.yml @@ -1,4 +1,4 @@ -name: 'Z-BASE Lambdas: action to deploy a single lambda' +name: "Z-BASE Deploy: Edge Lambda" on: workflow_call: @@ -51,9 +51,9 @@ jobs: - name: Checkout uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ inputs.build_branch }} - fetch-depth: '0' + fetch-depth: "0" - name: Set up Python ${{ inputs.python_version }} uses: actions/setup-python@v5 @@ -68,7 +68,7 @@ jobs: with: role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }} role-skip-session-tagging: true - aws-region: 'us-east-1' + aws-region: "us-east-1" mask-aws-account-id: true - name: Create release package for Lambda ${{ inputs.lambda_aws_name }} @@ -86,7 +86,7 @@ jobs: LAMBDA_VERSION=$(echo $RESPONSE | jq -r '.Version') echo "Lambda function updated to version: $LAMBDA_VERSION" - + LAMBDA_ARN=$(echo $RESPONSE | jq -r '.FunctionArn') echo "LAMBDA_ARN=$LAMBDA_ARN" >> $GITHUB_ENV @@ -104,5 +104,5 @@ jobs: run: | ./lambdas/venv/bin/python3 lambdas/scripts/update_cloudfront.py env: - AWS_REGION: 'us-east-1' - LAMBDA_ARN: ${{ env.LAMBDA_ARN }} \ No newline at end of file + AWS_REGION: "us-east-1" + LAMBDA_ARN: ${{ env.LAMBDA_ARN }} diff --git a/.github/workflows/base-lambdas-reusable-deploy-all.yml b/.github/workflows/base-lambdas-reusable-deploy-all.yml index fd5fadc0f..11bfaf6e9 100644 --- a/.github/workflows/base-lambdas-reusable-deploy-all.yml +++ b/.github/workflows/base-lambdas-reusable-deploy-all.yml @@ -1,4 +1,4 @@ -name: "ZBASE Lambdas: Deploy all required Lambda functions" +name: "Z-BASE Deploy: Lambdas" on: workflow_call: @@ -567,7 +567,7 @@ jobs: sandbox: ${{ inputs.sandbox }} lambda_handler_name: migration_dynamodb_segment_handler lambda_aws_name: MigrationDynamodbSegment - lambda_layer_names: 'core_lambda_layer' + lambda_layer_names: "core_lambda_layer" secrets: AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} diff --git a/.github/workflows/base-lambdas-reusable-deploy.yml b/.github/workflows/base-lambdas-reusable-deploy.yml index d4515ace3..c85f7e04c 100644 --- a/.github/workflows/base-lambdas-reusable-deploy.yml +++ b/.github/workflows/base-lambdas-reusable-deploy.yml @@ -1,4 +1,4 @@ -name: 'Z-BASE Lambdas: action to deploy a single lambda' +name: "Z-BASE Deploy: Lambda" on: workflow_call: @@ -27,7 +27,7 @@ on: required: true type: string lambda_layer_names: - description: 'Comma-separated list of Lambda Layer names' + description: "Comma-separated list of Lambda Layer names" required: true type: string secrets: @@ -59,9 +59,9 @@ jobs: - name: Checkout uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ inputs.build_branch }} - fetch-depth: '0' + fetch-depth: "0" - name: Set up Python ${{ inputs.python_version }} uses: actions/setup-python@v5 diff --git a/.github/workflows/base-lambdas-reusable-test.yml b/.github/workflows/base-lambdas-reusable-test.yml index 7322fbcd0..b43b28c45 100644 --- a/.github/workflows/base-lambdas-reusable-test.yml +++ b/.github/workflows/base-lambdas-reusable-test.yml @@ -1,4 +1,4 @@ -name: "Z-BASE Lambdas: Lambda test runner" +name: "Z-BASE Test: Lambda unit" on: workflow_call: @@ -20,8 +20,7 @@ jobs: view_action_parameters: name: View input params runs-on: ubuntu-latest - steps: - + steps: - name: Display client passed variables run: | echo Python Version: ${{ inputs.python_version }} @@ -35,7 +34,7 @@ jobs: - name: Checkout uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ inputs.build_branch }} - name: Set up Python ${{ inputs.python_version }} @@ -44,9 +43,9 @@ jobs: python-version: ${{ inputs.python_version }} - name: Make virtual environment - run: | + run: | make env - + - name: Start virtual environment run: | source ./lambdas/venv/bin/activate @@ -58,4 +57,4 @@ jobs: - name: Test with pytest run: | - make test-unit \ No newline at end of file + make test-unit diff --git a/.github/workflows/base-run-bulk-upload.yml b/.github/workflows/base-run-bulk-upload.yml index 0fef9b6d0..89260aade 100644 --- a/.github/workflows/base-run-bulk-upload.yml +++ b/.github/workflows/base-run-bulk-upload.yml @@ -1,4 +1,4 @@ -name: "Base Bulk Upload - Execute a Bulk Upload" +name: "Z-BASE Tool: Bulk Upload" permissions: pull-requests: write diff --git a/.github/workflows/base-vitest-test.yml b/.github/workflows/base-vitest-test.yml index 61df144a8..4c5c25569 100644 --- a/.github/workflows/base-vitest-test.yml +++ b/.github/workflows/base-vitest-test.yml @@ -1,13 +1,13 @@ # .github/workflows/terraform-dev -name: 'Z-BASE Vitest Test: Run a vitest test job' +name: "Z-BASE Test: UI Vitetest" on: workflow_call: inputs: build_branch: - description: 'Branch with smoke tests.' + description: "Branch with smoke tests." required: true - type: 'string' + type: "string" permissions: pull-requests: write @@ -25,9 +25,9 @@ jobs: steps: - uses: actions/checkout@v5 with: - repository: 'NHSDigital/national-document-repository' + repository: "NHSDigital/national-document-repository" ref: ${{ github.event.inputs.build_branch }} - fetch-depth: '0' + fetch-depth: "0" - name: Use Node.js ${{ matrix.node-version }} uses: actions/setup-node@v4 @@ -40,9 +40,9 @@ jobs: AWS_REGION: test region OIDC_PROVIDER_ID: not provided yet IDENTITY_PROVIDER_POOL_ID: not provided yet - MONITOR_ACCOUNT_ID: not provided yet + MONITOR_ACCOUNT_ID: not provided yet BUILD_ENV: development - IMAGE_VERSION: 'ndr-not-required' + IMAGE_VERSION: "ndr-not-required" run: | ./react-environment-config.sh working-directory: app diff --git a/.github/workflows/bulk-upload-300-test.yml b/.github/workflows/bulk-upload-300-test.yml index dfd3f1af3..06a426fa0 100644 --- a/.github/workflows/bulk-upload-300-test.yml +++ b/.github/workflows/bulk-upload-300-test.yml @@ -1,5 +1,5 @@ # .github/workflows/terraform-dev -name: "Test: Bulk Upload Validator - 300 patients 3 files" +name: "Test: Validate Bulk Upload - 300 patients 3 files" on: workflow_dispatch: diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 8d8915594..9cad4a1f5 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -1,10 +1,10 @@ -name: "CodeQL Advanced" +name: "Z-AUTOMATED: CodeQL" on: push: - branches: [ "main" ] + branches: ["main"] pull_request: - branches: [ "main" ] + branches: ["main"] jobs: analyze: @@ -30,28 +30,27 @@ jobs: fail-fast: false matrix: include: - - language: actions - build-mode: none - - language: javascript-typescript - build-mode: none - - language: python - build-mode: none - + - language: actions + build-mode: none + - language: javascript-typescript + build-mode: none + - language: python + build-mode: none + steps: - - name: Checkout repository - uses: actions/checkout@v5 - - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: ${{ matrix.language }} - build-mode: ${{ matrix.build-mode }} - config: | - paths-ignore: - - app/public - - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 - with: - category: "/language:${{matrix.language}}" - \ No newline at end of file + - name: Checkout repository + uses: actions/checkout@v5 + + - name: Initialize CodeQL + uses: github/codeql-action/init@v3 + with: + languages: ${{ matrix.language }} + build-mode: ${{ matrix.build-mode }} + config: | + paths-ignore: + - app/public + + - name: Perform CodeQL Analysis + uses: github/codeql-action/analyze@v3 + with: + category: "/language:${{matrix.language}}" diff --git a/.github/workflows/data-collection-deploy-to-sandbox.yml b/.github/workflows/data-collection-deploy-to-sandbox.yml index 237653760..0fb3f2400 100644 --- a/.github/workflows/data-collection-deploy-to-sandbox.yml +++ b/.github/workflows/data-collection-deploy-to-sandbox.yml @@ -1,4 +1,4 @@ -name: 'SANDBOX Data Collection - Publish Data Collection Image to ECR' +name: "Deploy: Data Collection" on: workflow_dispatch: @@ -53,4 +53,4 @@ jobs: environment: ${{ inputs.environment }} sandbox: ${{ inputs.sandbox }} secrets: - AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} \ No newline at end of file + AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} diff --git a/.github/workflows/full-deploy-to-pre-prod.yml b/.github/workflows/full-deploy-to-pre-prod.yml index 56a62fbc2..1a1edd66a 100644 --- a/.github/workflows/full-deploy-to-pre-prod.yml +++ b/.github/workflows/full-deploy-to-pre-prod.yml @@ -1,4 +1,4 @@ -name: "PRE PROD Full - Deploy to Pre-Prod" +name: "Deploy: Pre-Prod" on: workflow_dispatch: @@ -15,7 +15,7 @@ on: default: false permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write id-token: write # This is required for requesting the JWT @@ -67,25 +67,25 @@ jobs: permissions: write-all steps: - - name: Checkout main - if: ${{ github.event.inputs.branch_or_tag == 'main' }} - uses: actions/checkout@v5 - with: - ref: main - fetch-depth: '0' + - name: Checkout main + if: ${{ github.event.inputs.branch_or_tag == 'main' }} + uses: actions/checkout@v5 + with: + ref: main + fetch-depth: "0" - - name: Bump version and push tag - if: ${{ github.event.inputs.branch_or_tag == 'main' }} - id: versioning - uses: anothrNick/github-tag-action@1.64.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - WITH_V: false - DEFAULT_BUMP: patch + - name: Bump version and push tag + if: ${{ github.event.inputs.branch_or_tag == 'main' }} + id: versioning + uses: anothrNick/github-tag-action@1.64.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + WITH_V: false + DEFAULT_BUMP: patch - - name: View outputs - run: | - echo Deploying branch or tagged version to pre-prod: ${{ steps.versioning.outputs.tag || github.event.inputs.branch_or_tag }} + - name: View outputs + run: | + echo Deploying branch or tagged version to pre-prod: ${{ steps.versioning.outputs.tag || github.event.inputs.branch_or_tag }} publish_all_lambda_layers: name: Publish all Lambda Layers diff --git a/.github/workflows/full-deploy-to-prod.yml b/.github/workflows/full-deploy-to-prod.yml index 53ebd9afc..2e3c66b7c 100644 --- a/.github/workflows/full-deploy-to-prod.yml +++ b/.github/workflows/full-deploy-to-prod.yml @@ -1,4 +1,4 @@ -name: "PROD Full - Deploy tagged version to Prod" +name: "Deploy: Prod" on: workflow_dispatch: @@ -9,7 +9,7 @@ on: type: "string" permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write id-token: write # This is required for requesting the JWT @@ -24,7 +24,7 @@ jobs: view_action_parameters: name: View input params runs-on: ubuntu-latest - steps: + steps: - name: Display client passed variables run: | echo Build Branch: ${{ inputs.tag_version }} @@ -53,7 +53,7 @@ jobs: python_version: "3.11" secrets: AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} - + deploy_ui: name: Deploy UI uses: ./.github/workflows/base-deploy-ui.yml diff --git a/.github/workflows/full-deploy-to-sandbox.yml b/.github/workflows/full-deploy-to-sandbox.yml index f192113bb..aab0e3b32 100644 --- a/.github/workflows/full-deploy-to-sandbox.yml +++ b/.github/workflows/full-deploy-to-sandbox.yml @@ -1,4 +1,4 @@ -name: "SANDBOX Full- Deploy feature branch to sandbox" +name: "Deploy: Dev" on: workflow_dispatch: @@ -30,7 +30,7 @@ on: default: true permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write id-token: write # This is required for requesting the JWT diff --git a/.github/workflows/git-rename-tag.yml b/.github/workflows/git-rename-tag.yml index 7a19138ef..398202354 100644 --- a/.github/workflows/git-rename-tag.yml +++ b/.github/workflows/git-rename-tag.yml @@ -1,16 +1,16 @@ -name: 'Git - Rename Tag' +name: "Tool: Rename Version" on: workflow_dispatch: inputs: old_tag: - description: 'Numerical only e.g. 1.0.0' + description: "Numerical only e.g. 1.0.0" required: true - type: 'string' + type: "string" new_tag: - description: 'Numerical only e.g. 1.1.0' + description: "Numerical only e.g. 1.1.0" required: true - type: 'string' + type: "string" permissions: pull-requests: write @@ -23,22 +23,21 @@ jobs: permissions: write-all steps: - - name: Checkout uses: actions/checkout@v5 with: ref: ${{ github.event.inputs.old_tag }} fetch-depth: 0 - + - name: Check SHA id: get-sha run: | echo "BRANCH_SHA=$(git log -1 '--format=format:%H')">> $GITHUB_OUTPUT - + - name: Check SHA value run: | echo Branch SHA: ${{steps.get-sha.outputs.BRANCH_SHA}} - + - name: Create tag uses: actions/github-script@v7 with: diff --git a/.github/workflows/lambdas-deploy-feature-to-sandbox.yml b/.github/workflows/lambdas-deploy-feature-to-sandbox.yml index 9313c4671..a21593fa0 100644 --- a/.github/workflows/lambdas-deploy-feature-to-sandbox.yml +++ b/.github/workflows/lambdas-deploy-feature-to-sandbox.yml @@ -1,4 +1,4 @@ -name: "SANDBOX Lambdas - Deploy Feature Branch to Sandbox" +name: "Deploy: Dev - Lambdas" on: workflow_dispatch: @@ -86,7 +86,3 @@ jobs: mock_login_enabled: ${{ inputs.mock_login_enabled }} secrets: AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} - - - - \ No newline at end of file diff --git a/.github/workflows/lambdas-deploy-to-pre-prod.yml b/.github/workflows/lambdas-deploy-to-pre-prod.yml index 3740a525b..977bcfb5c 100644 --- a/.github/workflows/lambdas-deploy-to-pre-prod.yml +++ b/.github/workflows/lambdas-deploy-to-pre-prod.yml @@ -1,4 +1,4 @@ -name: "PRE PROD Lambdas - Deploy to Pre-Prod" +name: "Deploy: Pre-Prod - Lambdas" on: workflow_dispatch: @@ -20,7 +20,7 @@ jobs: with: python_version: "3.11" build_branch: main - + tag_and_release: needs: ["run_tests"] runs-on: ubuntu-latest @@ -33,25 +33,25 @@ jobs: permissions: write-all steps: - - name: Checkout main - if: ${{ github.event.inputs.branch_or_tag == 'main' }} - uses: actions/checkout@v5 - with: - ref: main - fetch-depth: '0' + - name: Checkout main + if: ${{ github.event.inputs.branch_or_tag == 'main' }} + uses: actions/checkout@v5 + with: + ref: main + fetch-depth: "0" + + - name: Bump version and push tag + if: ${{ github.event.inputs.branch_or_tag == 'main' }} + id: versioning + uses: anothrNick/github-tag-action@1.64.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + WITH_V: false + DEFAULT_BUMP: patch - - name: Bump version and push tag - if: ${{ github.event.inputs.branch_or_tag == 'main' }} - id: versioning - uses: anothrNick/github-tag-action@1.64.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - WITH_V: false - DEFAULT_BUMP: patch - - - name: View outputs - run: | - echo Deploying branch or tagged version to pre-prod lambdas: ${{ steps.versioning.outputs.tag || github.event.inputs.branch_or_tag }} + - name: View outputs + run: | + echo Deploying branch or tagged version to pre-prod lambdas: ${{ steps.versioning.outputs.tag || github.event.inputs.branch_or_tag }} deploy_all: name: Deploy all Lambdas @@ -63,4 +63,3 @@ jobs: environment: pre-prod secrets: AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} - \ No newline at end of file diff --git a/.github/workflows/lambdas-deploy-to-prod.yml b/.github/workflows/lambdas-deploy-to-prod.yml index 313f8dd77..7a5beb2f5 100644 --- a/.github/workflows/lambdas-deploy-to-prod.yml +++ b/.github/workflows/lambdas-deploy-to-prod.yml @@ -1,4 +1,4 @@ -name: "PROD Lambdas - Deploy tagged version to Prod" +name: "Deploy: Prod - Lambdas" on: workflow_dispatch: diff --git a/.github/workflows/lambdas-deploy-to-test.yml b/.github/workflows/lambdas-deploy-to-test.yml index 1f28348cb..ab116daed 100644 --- a/.github/workflows/lambdas-deploy-to-test.yml +++ b/.github/workflows/lambdas-deploy-to-test.yml @@ -1,4 +1,4 @@ -name: "TEST Lambdas - Deploy Feature Branch to Test" +name: "Deploy: Test - Lambdas" on: workflow_dispatch: @@ -48,7 +48,3 @@ jobs: mock_login_enabled: ${{ inputs.mock_login_enabled }} secrets: AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} - - - - \ No newline at end of file diff --git a/.github/workflows/lambdas-dev-to-main-ci.yml b/.github/workflows/lambdas-dev-to-main-ci.yml index c5f32aacb..717caeb54 100644 --- a/.github/workflows/lambdas-dev-to-main-ci.yml +++ b/.github/workflows/lambdas-dev-to-main-ci.yml @@ -1,9 +1,9 @@ -name: "CI Lambdas - CI Feature to Main" +name: "Z-AUTOMATED: Dev - Lambdas" on: push: branches: - - main + - 1ain paths: - "lambdas/**" - "Makefile" diff --git a/.github/workflows/ndr-e2e-backend-test-ci.yml b/.github/workflows/ndr-e2e-backend-test-ci.yml index 4005942ab..192c600b3 100644 --- a/.github/workflows/ndr-e2e-backend-test-ci.yml +++ b/.github/workflows/ndr-e2e-backend-test-ci.yml @@ -1,10 +1,10 @@ # .github/workflows/terraform-dev -name: "Merge to main: E2e Tests Backend" +name: "Z-AUTOMATED: Test - Backend" on: workflow_run: workflows: - - 'CI Lambdas - CI Feature to Main' + - "CI Lambdas - CI Feature to Main" types: - completed branches: diff --git a/.github/workflows/ndr-e2e-test-sandbox.yml b/.github/workflows/ndr-e2e-test-sandbox.yml index d925ddf21..8a394b081 100644 --- a/.github/workflows/ndr-e2e-test-sandbox.yml +++ b/.github/workflows/ndr-e2e-test-sandbox.yml @@ -1,5 +1,5 @@ # .github/workflows/terraform-dev -name: "SANDBOX: E2e Tests Backend" +name: "Test: Backend" on: workflow_dispatch: diff --git a/.github/workflows/ndr-smoketest-ui-test-ci.yml b/.github/workflows/ndr-smoketest-ui-test-ci.yml index d1e8a2cdc..93d0a70f6 100644 --- a/.github/workflows/ndr-smoketest-ui-test-ci.yml +++ b/.github/workflows/ndr-smoketest-ui-test-ci.yml @@ -1,12 +1,12 @@ # .github/workflows/terraform-dev -name: "Cypress Smoketest CI to Main: Smoketest shared actions checking CI deployments" +name: "Z-AUTOMATED: Test - Smoke Test" on: workflow_run: workflows: [ - 'CI UI - Development CI Feature Branch to Main', - 'CI Lambdas - CI Feature to Main' + "1I UI - Development CI Feature Branch to Main", + "CI Lambdas - CI Feature to Main", ] types: - completed diff --git a/.github/workflows/performance-base-run-bulk-upload.yml b/.github/workflows/performance-base-run-bulk-upload.yml index 64bc4476a..3cff251cc 100644 --- a/.github/workflows/performance-base-run-bulk-upload.yml +++ b/.github/workflows/performance-base-run-bulk-upload.yml @@ -1,4 +1,4 @@ -name: "Performance Base Bulk Upload - Execute a Bulk Upload" +name: "Z-BASE: Test - Performance Base Bulk Upload" permissions: pull-requests: write @@ -99,4 +99,4 @@ jobs: --environment "${{ inputs.sandbox }}" \ --start-bulk-upload\ "${BULK_UPLOAD_METADATA_PROCESSOR_FLAG}" - working-directory: ./tests/bulk-upload/scripts \ No newline at end of file + working-directory: ./tests/bulk-upload/scripts diff --git a/.github/workflows/performance-run-bulk-upload-test.yml b/.github/workflows/performance-run-bulk-upload-test.yml index c8192046a..404ad795e 100644 --- a/.github/workflows/performance-run-bulk-upload-test.yml +++ b/.github/workflows/performance-run-bulk-upload-test.yml @@ -1,4 +1,4 @@ -name: Performance Run Bulk Upload - Test +name: "Test - Bulk Upload Performance" permissions: pull-requests: write @@ -45,4 +45,4 @@ jobs: file_size: "${{ inputs.file_size }}" use_bulk_upload_metadata_processor: "${{ inputs.use_bulk_upload_metadata_processor }}" secrets: - AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} \ No newline at end of file + AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} diff --git a/.github/workflows/run-bulk-upload-dev.yml b/.github/workflows/run-bulk-upload-dev.yml index 22ca4bbff..46b4333a9 100644 --- a/.github/workflows/run-bulk-upload-dev.yml +++ b/.github/workflows/run-bulk-upload-dev.yml @@ -1,4 +1,4 @@ -name: Run Bulk Upload - Dev +name: "Tool: Bulk Upload on Dev" permissions: pull-requests: write diff --git a/.github/workflows/run-bulk-upload-pre-prod.yml b/.github/workflows/run-bulk-upload-pre-prod.yml index 9bf0210da..410032048 100644 --- a/.github/workflows/run-bulk-upload-pre-prod.yml +++ b/.github/workflows/run-bulk-upload-pre-prod.yml @@ -1,4 +1,4 @@ -name: Run Bulk Upload - Pre-prod +name: "Tool: Bulk Upload on Pre-prod" permissions: pull-requests: write diff --git a/.github/workflows/run-bulk-upload-test.yml b/.github/workflows/run-bulk-upload-test.yml index 6cace5822..c3707068b 100644 --- a/.github/workflows/run-bulk-upload-test.yml +++ b/.github/workflows/run-bulk-upload-test.yml @@ -1,4 +1,4 @@ -name: Run Bulk Upload - Test +name: "Tool: Bulk Upload on Test" permissions: pull-requests: write diff --git a/.github/workflows/sonarcloud-analysis.yml b/.github/workflows/sonarcloud-analysis.yml index da31d68fc..290fc7fe5 100644 --- a/.github/workflows/sonarcloud-analysis.yml +++ b/.github/workflows/sonarcloud-analysis.yml @@ -1,4 +1,4 @@ -name: SonarCloud-Analysis +name: "Z-AUTOMATED: SonarCloud" on: push: branches: @@ -17,7 +17,7 @@ jobs: steps: - uses: actions/checkout@v5 with: - fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis + fetch-depth: 0 # Shallow clones should be disabled for a better relevancy of analysis - name: Use Node.js 24.x uses: actions/setup-node@v4 @@ -30,9 +30,9 @@ jobs: AWS_REGION: test region OIDC_PROVIDER_ID: not provided yet IDENTITY_PROVIDER_POOL_ID: not provided yet - MONITOR_ACCOUNT_ID: not provided yet + MONITOR_ACCOUNT_ID: not provided yet BUILD_ENV: development - IMAGE_VERSION: 'ndr-${{ vars.BUILD_ENV }}-app:${{ github.sha }}' + IMAGE_VERSION: "ndr-${{ vars.BUILD_ENV }}-app:${{ github.sha }}" run: | ./react-environment-config.sh working-directory: ./app @@ -47,9 +47,9 @@ jobs: python-version: 3.11 - name: Make virtual environment - run: | + run: | make env - + - name: Start virtual environment run: | source ./lambdas/venv/bin/activate @@ -65,5 +65,5 @@ jobs: - name: SonarCloud Scan uses: SonarSource/sonarqube-scan-action@v6 env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} # Needed to get PR information, if any SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 7552ac201..d40a0593a 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -1,4 +1,4 @@ -name: Subscribe to MNS +name: "Tool: Subscribe to MNS" on: workflow_dispatch: @@ -46,8 +46,8 @@ jobs: - name: Set up Python uses: actions/setup-python@v5 with: - python-version: '3.11' - cache: 'pip' + python-version: "3.11" + cache: "pip" - name: Install dependencies run: | diff --git a/.github/workflows/ui-deploy-feature-to-sandbox-manual.yml b/.github/workflows/ui-deploy-feature-to-sandbox-manual.yml index fb46749f0..fa93b2317 100644 --- a/.github/workflows/ui-deploy-feature-to-sandbox-manual.yml +++ b/.github/workflows/ui-deploy-feature-to-sandbox-manual.yml @@ -1,4 +1,4 @@ -name: 'SANDBOX UI - Deploy Feature Branch to Sandbox' +name: "Deploy: Dev - UI" on: workflow_dispatch: @@ -40,13 +40,12 @@ on: required: true permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write id-token: write # This is required for requesting the JWT jobs: - react_testing_job: name: Run UI Unit Tests uses: ./.github/workflows/base-vitest-test.yml @@ -61,4 +60,4 @@ jobs: environment: ${{ inputs.environment }} sandbox: ${{ inputs.sandbox }} secrets: - AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} \ No newline at end of file + AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} diff --git a/.github/workflows/ui-deploy-to-pre-prod-manual.yml b/.github/workflows/ui-deploy-to-pre-prod-manual.yml index ff5a9a866..e082bb077 100644 --- a/.github/workflows/ui-deploy-to-pre-prod-manual.yml +++ b/.github/workflows/ui-deploy-to-pre-prod-manual.yml @@ -1,4 +1,4 @@ -name: 'PRE PROD UI - Deploy to Pre-Prod' +name: "Deploy: Pre-Prod - UI" on: workflow_dispatch: @@ -10,7 +10,7 @@ on: default: main permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write id-token: write # This is required for requesting the JWT @@ -27,7 +27,7 @@ jobs: uses: ./.github/workflows/base-cypress-build.yml with: build_branch: main - + cypress_test_job: name: Run Cypress E2E Tests needs: [cypress_build_job] @@ -44,25 +44,25 @@ jobs: permissions: write-all steps: - - name: Checkout main - if: ${{ github.event.inputs.branch_or_tag == 'main' }} - uses: actions/checkout@v5 - with: - ref: main - fetch-depth: '0' + - name: Checkout main + if: ${{ github.event.inputs.branch_or_tag == 'main' }} + uses: actions/checkout@v5 + with: + ref: main + fetch-depth: "0" + + - name: Bump version and push tag + if: ${{ github.event.inputs.branch_or_tag == 'main' }} + id: versioning + uses: anothrNick/github-tag-action@1.64.0 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + WITH_V: false + DEFAULT_BUMP: patch - - name: Bump version and push tag - if: ${{ github.event.inputs.branch_or_tag == 'main' }} - id: versioning - uses: anothrNick/github-tag-action@1.64.0 - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} - WITH_V: false - DEFAULT_BUMP: patch - - - name: View outputs - run: | - echo Deploying branch or tagged version to pre-prod UI: ${{ steps.versioning.outputs.tag || github.event.inputs.branch_or_tag }} + - name: View outputs + run: | + echo Deploying branch or tagged version to pre-prod UI: ${{ steps.versioning.outputs.tag || github.event.inputs.branch_or_tag }} deploy_ui: name: Deploy UI diff --git a/.github/workflows/ui-deploy-to-prod-manual.yml b/.github/workflows/ui-deploy-to-prod-manual.yml index 16cab77d1..bb9394c70 100644 --- a/.github/workflows/ui-deploy-to-prod-manual.yml +++ b/.github/workflows/ui-deploy-to-prod-manual.yml @@ -1,15 +1,15 @@ -name: 'PROD UI - Deploy tagged version to Prod' +name: "Deploy: Prod - UI" on: workflow_dispatch: inputs: tag_version: - description: 'Which tagged version do you want to push to prod?' + description: "Which tagged version do you want to push to prod?" required: true - type: 'string' + type: "string" permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write id-token: write # This is required for requesting the JWT @@ -23,4 +23,4 @@ jobs: environment: prod sandbox: prod secrets: - AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} \ No newline at end of file + AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} diff --git a/.github/workflows/ui-deploy-to-test-manual.yml b/.github/workflows/ui-deploy-to-test-manual.yml index a3e5b4fc5..5dbc90d37 100644 --- a/.github/workflows/ui-deploy-to-test-manual.yml +++ b/.github/workflows/ui-deploy-to-test-manual.yml @@ -1,16 +1,15 @@ -# .github/workflows/terraform-dev -name: 'TEST UI - Deploy Main to Test' +name: "Deploy: Test - UI" on: workflow_dispatch: inputs: build_branch: - description: 'Feature branch to push to test?' + description: "Feature branch to push to test?" required: true - type: 'string' + type: "string" permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write id-token: write # This is required for requesting the JWT @@ -27,7 +26,7 @@ jobs: uses: ./.github/workflows/base-cypress-build.yml with: build_branch: ${{ inputs.build_branch }} - + cypress_test_job: name: Run Cypress E2E Tests needs: [cypress_build_job] @@ -35,7 +34,7 @@ jobs: with: cypress_base_url: ${{ vars.CYPRESS_BASE_URL }} build_branch: ${{ inputs.build_branch }} - + deploy_ui: name: Deploy UI uses: ./.github/workflows/base-deploy-ui.yml diff --git a/.github/workflows/ui-dev-to-main-ci.yml b/.github/workflows/ui-dev-to-main-ci.yml index 9140f04c3..57ac4d13b 100644 --- a/.github/workflows/ui-dev-to-main-ci.yml +++ b/.github/workflows/ui-dev-to-main-ci.yml @@ -1,5 +1,5 @@ # .github/workflows/terraform-dev -name: "CI UI - Development CI Feature Branch to Main" +name: "Z-AUTOMATED: Dev - UI" on: push: @@ -22,7 +22,7 @@ on: required: true permissions: - actions: read # Required for anchore/sbom-action + actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write id-token: write # This is required for requesting the JWT diff --git a/.github/workflows/ui-smoketest.yml b/.github/workflows/ui-smoketest.yml index c5ead4d49..ab7c51997 100644 --- a/.github/workflows/ui-smoketest.yml +++ b/.github/workflows/ui-smoketest.yml @@ -1,24 +1,24 @@ # .github/workflows/terraform-dev -name: 'SANDBOX - UI Smoke Test' +name: "Test: Dev - UI" on: workflow_dispatch: inputs: build_branch: - description: 'Branch with smoke tests.' + description: "Branch with smoke tests." required: true - type: 'string' - default: 'main' + type: "string" + default: "main" environment: - description: 'Which Environment type are we using' + description: "Which Environment type are we using" required: true - type: 'string' - default: 'development' + type: "string" + default: "development" sandbox: - description: 'Sandbox to run the smoke tests on.' + description: "Sandbox to run the smoke tests on." required: true - type: 'string' - default: 'ndr' + type: "string" + default: "ndr" permissions: pull-requests: write From 4ec9b59aa6c70fe06f59a56e381bc728d32fa8eb Mon Sep 17 00:00:00 2001 From: robg-test <106234256+robg-test@users.noreply.github.com> Date: Mon, 27 Oct 2025 14:46:56 +0000 Subject: [PATCH 2/4] [NDR-516] Sandbox name and ref into run-name TEMP Make Ticket - 2 Undo the repo rename Formatting --- .github/workflows/full-deploy-to-sandbox.yml | 67 ++++++++------------ 1 file changed, 25 insertions(+), 42 deletions(-) diff --git a/.github/workflows/full-deploy-to-sandbox.yml b/.github/workflows/full-deploy-to-sandbox.yml index aab0e3b32..ac309119a 100644 --- a/.github/workflows/full-deploy-to-sandbox.yml +++ b/.github/workflows/full-deploy-to-sandbox.yml @@ -1,70 +1,53 @@ name: "Deploy: Dev" +run-name: "${{ github.event.inputs.git_ref }} | ${{ github.event.inputs.sandbox_name }}" + on: workflow_dispatch: inputs: - build_branch: - description: "Feature branch to push?" + git_ref: + description: "Branch, tag or SHA to deploy" required: true type: "string" default: "main" - sandbox: + sandbox_name: description: "Which Sandbox to push to." required: true type: "string" - default: "ndr" - environment: - description: "Which Environment settings to use." - required: true - type: "string" - default: "development" bulk_upload: - description: "Do you want to disable the PDS stub and run a Bulk Upload on this sandbox?" + description: "Disable the PDS stub and run a Bulk Upload on this sandbox?" required: true type: boolean - default: false mock_login_enabled: - description: "Do you want to deploy with mock login enabled?" - required: true + description: "Deploy with mock login enabled?" type: boolean - default: true + required: true permissions: actions: read # Required for anchore/sbom-action contents: write # Required for anchore/sbom-action pull-requests: write - id-token: write # This is required for requesting the JWT + id-token: write jobs: - view_action_parameters: - name: View input params - runs-on: ubuntu-latest - steps: - - name: Display client passed variables - run: | - echo Build Branch: ${{ inputs.build_branch }} - echo Sandbox: ${{ inputs.sandbox }} - echo Environment: ${{ inputs.environment }} - echo Cypress Base Url: ${{ vars.CYPRESS_BASE_URL }} - lambda_test_job: name: Run Lambda Unit Tests uses: ./.github/workflows/base-lambdas-reusable-test.yml with: python_version: "3.11" - build_branch: ${{ inputs.build_branch }} + git_ref: ${{ inputs.git_ref }} react_testing_job: name: Run UI Unit Tests uses: ./.github/workflows/base-vitest-test.yml with: - build_branch: ${{ inputs.build_branch }} + git_ref: ${{ inputs.git_ref }} cypress_build_job: name: Build UI version for E2E Tests uses: ./.github/workflows/base-cypress-build.yml with: - build_branch: ${{ inputs.build_branch }} + git_ref: ${{ inputs.git_ref }} cypress_test_job: name: Run Cypress E2E Tests @@ -72,16 +55,16 @@ jobs: uses: ./.github/workflows/base-cypress-test-all-env.yml with: cypress_base_url: ${{ vars.CYPRESS_BASE_URL }} - build_branch: ${{ inputs.build_branch }} + git_ref: ${{ inputs.git_ref }} publish_all_lambda_layers: name: Publish all Lambda Layers uses: ./.github/workflows/base-lambda-layer-reusable-publish-all.yml with: - build_branch: ${{ inputs.build_branch }} - sandbox: ${{ inputs.sandbox }} - environment: ${{ inputs.environment }} + git_ref: ${{ inputs.git_ref }} + sandbox: ${{ inputs.sandbox_name }} python_version: "3.11" + environment: "development" secrets: AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} @@ -90,9 +73,9 @@ jobs: uses: ./.github/workflows/base-lambdas-reusable-deploy-all.yml needs: ["publish_all_lambda_layers"] with: - build_branch: ${{ inputs.build_branch }} - sandbox: ${{ inputs.sandbox }} - environment: ${{ inputs.environment }} + environment: "development" + git_ref: ${{ inputs.git_ref }} + sandbox: ${{ inputs.sandbox_name }} python_version: "3.11" is_sandbox: true mock_login_enabled: ${{ inputs.mock_login_enabled }} @@ -103,9 +86,9 @@ jobs: name: Deploy UI uses: ./.github/workflows/base-deploy-ui.yml with: - build_branch: ${{ inputs.build_branch }} - environment: ${{ inputs.environment }} - sandbox: ${{ inputs.sandbox }} + environment: "development" + git_ref: ${{ inputs.git_ref }} + sandbox: ${{ inputs.sandbox_name }} secrets: AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} @@ -115,10 +98,10 @@ jobs: uses: "./.github/workflows/base-run-bulk-upload.yml" needs: ["deploy_all_lambdas"] with: - environment: ${{ inputs.environment }} - sandbox: ${{ inputs.sandbox }} + environment: "development" + sandbox: ${{ inputs.sandbox_name }} combi_settings: "combi300" - base_branch: ${{ inputs.build_branch }} + base_branch: ${{ inputs.git_ref }} file_count: "3" secrets: AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} From 60f551530c47bacf15d6d3b7292ccd85e23ada0a Mon Sep 17 00:00:00 2001 From: robg-test <106234256+robg-test@users.noreply.github.com> Date: Mon, 27 Oct 2025 14:49:59 +0000 Subject: [PATCH 3/4] [PRM-516] Added Test --- .github/workflows/full-deploy-to-sandbox.yml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.github/workflows/full-deploy-to-sandbox.yml b/.github/workflows/full-deploy-to-sandbox.yml index ac309119a..b6d4c717e 100644 --- a/.github/workflows/full-deploy-to-sandbox.yml +++ b/.github/workflows/full-deploy-to-sandbox.yml @@ -22,6 +22,9 @@ on: description: "Deploy with mock login enabled?" type: boolean required: true + push: + branches: + - PRM-516 permissions: actions: read # Required for anchore/sbom-action From 6c1676cc5f66bea742339df3917cbcb27590201b Mon Sep 17 00:00:00 2001 From: robg-test <106234256+robg-test@users.noreply.github.com> Date: Mon, 27 Oct 2025 14:55:28 +0000 Subject: [PATCH 4/4] [PRM-516] Added Test to revert --- .github/workflows/full-deploy-to-sandbox.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/full-deploy-to-sandbox.yml b/.github/workflows/full-deploy-to-sandbox.yml index b6d4c717e..2a389c1e9 100644 --- a/.github/workflows/full-deploy-to-sandbox.yml +++ b/.github/workflows/full-deploy-to-sandbox.yml @@ -1,4 +1,4 @@ -name: "Deploy: Dev" +name: "SANDBOX Full- Deploy feature branch to sandbox" run-name: "${{ github.event.inputs.git_ref }} | ${{ github.event.inputs.sandbox_name }}"