Merge branch 'develop' into feature/axkr1-NRL-1176-fix-feature-test-error

Author: katebobyn-nhs

.github/workflows/daily-build.yml

@@ -0,0 +1,85 @@
+name: Build NRL Project on Environment
+run-name: Build NRL Project on ${{ inputs.environment || 'dev' }}
+permissions:
+  id-token: write
+  contents: read
+  actions: write
+
+on:
+  schedule:
+    - cron: "0 1 * * *"
+  workflow_dispatch:
+    inputs:
+      environment:
+        type: environment
+        description: "The environment to deploy changes to"
+        default: "dev"
+        required: true
+
+jobs:
+  build:
+    name: Build - develop
+    runs-on: [self-hosted, ci]
+
+    steps:
+      - name: Git clone - develop
+        uses: actions/checkout@v4
+        with:
+          ref: develop
+
+      - name: Setup asdf cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.asdf
+          key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }}
+          restore-keys: |
+            ${{ runner.os }}-asdf-
+
+      - name: Install asdf
+        uses: asdf-vm/actions/[email protected]
+        with:
+          asdf_branch: v0.13.1
+
+      - name: Install zip
+        run: sudo apt-get install zip
+
+      - name: Setup Python environment
+        run: |
+          poetry install --no-root
+          source $(poetry env info --path)/bin/activate
+
+      - name: Run Linting
+        run: make lint
+
+      - name: Run Unit Tests
+        run: make test
+
+      - name: Build Project
+        run: make build
+
+      - name: Configure Management Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: eu-west-2
+          role-to-assume: ${{ secrets.MGMT_ROLE_ARN }}
+          role-session-name: github-actions-ci-${{ inputs.environment || 'dev' }}-${{ github.run_id }}
+
+      - name: Add S3 Permissions to Lambda
+        run: |
+          account=$(echo '${{ inputs.environment || 'dev' }}' | cut -d '-' -f1)
+          inactive_stack=$(poetry run python ./scripts/get_env_config.py inactive-stack ${{ inputs.environment || 'dev' }})
+          make get-s3-perms ENV=${account} TF_WORKSPACE_NAME=${inactive_stack}
+
+      - name: Save Build Artifacts
+        uses: actions/upload-artifact@v4
+        with:
+          name: build-artifacts
+          path: |
+            dist/*.zip
+            !dist/nrlf_permissions.zip
+
+      - name: Save NRLF Permissions cache
+        uses: actions/cache/save@v4
+        with:
+          key: ${{ github.run_id }}-nrlf-permissions
+          path: dist/nrlf_permissions.zip

.github/workflows/pr-env-deploy.yml

@@ -264,6 +264,53 @@ jobs:
       - name: Run Integration Tests
         run: make test-features-integration TF_WORKSPACE_NAME=${{ needs.set-environment-id.outputs.environment_id }}
 
+  smoke-test:
+    name: Run Smoke Tests
+    needs: [set-environment-id, integration-test]
+    environment: pull-request
+    runs-on: [self-hosted, ci]
+    steps:
+      - name: Git Clone - ${{ github.event.pull_request.head.ref }}
+        uses: actions/checkout@v4
+        with:
+          ref: ${{ github.event.pull_request.head.ref }}
+
+      - name: Setup asdf cache
+        uses: actions/cache@v4
+        with:
+          path: ~/.asdf
+          key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }}
+          restore-keys: |
+            ${{ runner.os }}-asdf-
+
+      - name: Install asdf and tools
+        uses: asdf-vm/actions/[email protected]
+        with:
+          asdf_branch: v0.13.1
+
+      - name: Setup Python environment
+        run: |
+          poetry install --no-root
+          source $(poetry env info --path)/bin/activate
+
+      - name: Configure Management Credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: eu-west-2
+          role-to-assume: ${{ secrets.MGMT_ROLE_ARN }}
+          role-session-name: github-actions-ci-${{ needs.set-environment-id.outputs.environment_id }}
+
+      - name: Terraform Init
+        run: |
+          terraform -chdir=terraform/infrastructure init
+          terraform -chdir=terraform/infrastructure workspace new ${{ needs.set-environment-id.outputs.environment_id }} || \
+          terraform -chdir=terraform/infrastructure workspace select ${{ needs.set-environment-id.outputs.environment_id }}
+
+      - name: Smoke Test
+        run: |
+          make ENV=dev truststore-pull-client
+          make ENV=dev TF_WORKSPACE_NAME=${{ needs.set-environment-id.outputs.environment_id }} test-smoke-internal
+
   performance-test:
     name: Run Performance Tests
     needs: [set-environment-id, integration-test]

LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2024 Crown Copyright
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

api/consumer/searchDocumentReference/search_document_reference.py

@@ -9,7 +9,7 @@
 from nrlf.core.logger import LogReference, logger
 from nrlf.core.model import ConnectionMetadata, ConsumerRequestParams
 from nrlf.core.response import Response, SpineErrorResponse
-from nrlf.core.validators import validate_type_system
+from nrlf.core.validators import validate_category, validate_type
 
 
 @request_handler(params=ConsumerRequestParams)
@@ -46,18 +46,28 @@ def handler(
     base_url = f"https://{config.ENVIRONMENT}.api.service.nhs.uk/"
     self_link = f"{base_url}record-locator/consumer/FHIR/R4/DocumentReference?subject:identifier=https://fhir.nhs.uk/Id/nhs-number|{params.nhs_number}"
 
-    # TODO - Add checks for the type code as well as system
-    if not validate_type_system(params.type, metadata.pointer_types):
+    if not validate_type(params.type, metadata.pointer_types):
         logger.log(
             LogReference.CONSEARCH002,
             type=params.type,
             pointer_types=metadata.pointer_types,
         )
         return SpineErrorResponse.INVALID_CODE_SYSTEM(
-            diagnostics="Invalid query parameter (The provided type system does not match the allowed types for this organisation)",
+            diagnostics="Invalid query parameter (The provided type does not match the allowed types for this organisation)",
             expression="type",
         )
 
+    categories = params.category.root.split(",") if params.category else []
+    if not validate_category(categories):
+        logger.log(
+            LogReference.CONSEARCH002b,
+            category=params.category,
+        )  # TODO - Should update error message once permissioning by category is implemented
+        return SpineErrorResponse.INVALID_CODE_SYSTEM(
+            diagnostics="Invalid query parameter (The provided category is not valid)",
+            expression="category",
+        )
+
     custodian_id = (
         params.custodian_identifier.root.split("|", maxsplit=1)[1]
         if params.custodian_identifier
@@ -70,6 +80,9 @@ def handler(
     if params.type:
         self_link += f"&type={params.type.root}"
 
+    if params.category:
+        self_link += f"&category={params.category.root}"
+
     bundle = {
         "resourceType": "Bundle",
         "type": "searchset",
@@ -89,6 +102,7 @@ def handler(
         nhs_number=params.nhs_number,
         custodian=custodian_id,
         pointer_types=pointer_types,
+        categories=categories,
     ):
         try:
             document_reference = DocumentReference.model_validate_json(result.document)