Merge branch 'main' into DTOSS-11646-Setup-Container-Apps-container-probes

Author: mrlockstar

.github/workflows/cicd-2-main-branch.yaml

@@ -92,3 +92,67 @@ jobs:
       environments: '["review","dev","preprod","prod"]'
       commit_sha: ${{ github.sha }}
     secrets: inherit
+
+  notify-failure:
+    name: 'Notify failure'
+    runs-on: ubuntu-latest
+    if: ${{ failure() }}
+    needs: [commit-stage, test-stage, build-stage, deploy-stage]
+    steps:
+      - name: Determine failed stages
+        id: failed_stages
+        run: |
+          failed_stages=""
+
+          if [[ "${{ needs.commit-stage.result }}" == "failure" ]]; then
+            failed_stages="${failed_stages}• Commit stage\n"
+          fi
+          if [[ "${{ needs.test-stage.result }}" == "failure" ]]; then
+            failed_stages="${failed_stages}• Test stage\n"
+          fi
+          if [[ "${{ needs.build-stage.result }}" == "failure" ]]; then
+            failed_stages="${failed_stages}• Build stage\n"
+          fi
+          if [[ "${{ needs.deploy-stage.result }}" == "failure" ]]; then
+            failed_stages="${failed_stages}• Deploy stage (check workflow for environment)\n"
+          fi
+
+          # Format for Slack (remove trailing newline)
+          failed_stages=$(echo -e "$failed_stages" | sed -e :a -e '/^\n*$/{$d;N;ba' -e '}')
+
+          # Use delimiter for multiline output
+          echo "stages<<EOF" >> $GITHUB_OUTPUT
+          echo "$failed_stages" >> $GITHUB_OUTPUT
+          echo "EOF" >> $GITHUB_OUTPUT
+
+      - name: Notify Slack
+        uses: slackapi/slack-github-action@v2.1.1
+        with:
+          webhook: ${{ secrets.SLACK_WEBHOOK_DEV_NOTIFICATIONS_URL }}
+          webhook-type: incoming-webhook
+          payload: |
+            blocks:
+              - type: section
+                text:
+                  type: mrkdwn
+                  text: ":warning: Main branch CI/CD workflow failed:"
+              - type: section
+                fields:
+                - type: mrkdwn
+                  text: |-
+                    *Workflow:*
+                    <${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}|${{ github.workflow }}>
+                - type: mrkdwn
+                  text: |-
+                    *Commit:*
+                    <${{ github.server_url }}/${{ github.repository }}/commit/${{ github.sha }}|${{ github.sha }}>
+                - type: mrkdwn
+                  text: |-
+                    *Repo:*
+                    ${{ github.repository }}
+              - type: section
+                text:
+                  type: mrkdwn
+                  text: |-
+                    *Failed Stages:*
+                    ${{ steps.failed_stages.outputs.stages }}

docs/infrastructure/create-environment.md

@@ -29,6 +29,9 @@ The environment requires a shared Azure front door profile created in the hub. T
 
 ## Bicep
 
+> [!IMPORTANT]
+> **Required permissions**: Owner role on both the hub and resource subscriptions
+
 - From AVD:
   - Login with Microsoft Graph scope: `az login --scope https://graph.microsoft.com//.default -t HSCIC365.onmicrosoft.com`
   - Run bicep: `make [environment] resource-group-init`

infrastructure/environments/dev/variables.sh

@@ -1,6 +1,6 @@
 ENV_CONFIG=dev
 ENVIRONMENT=dev
-AZURE_SUBSCRIPTION="Digital Screening DToS - Core Services Dev"
+AZURE_SUBSCRIPTION="Breast Screening - Manage Breast Screening - Dev"
 HUB_SUBSCRIPTION="Digital Screening DToS - DevOps"
 HUB=dev
 TERRAFORM_MODULES_REF=main

infrastructure/environments/preprod/variables.tfvars

@@ -12,3 +12,4 @@ nhs_notify_api_message_batch_url      = "https://int.api.service.nhs.uk/comms/v1
 seed_demo_data                        = false
 allowed_paths                         = ["/notifications/message-status/create"]
 enable_alerting                       = true
+enable_notifications_jobs_schedule    = true

infrastructure/environments/prod/variables.tfvars

@@ -13,3 +13,4 @@ allowed_paths                         = ["/notifications/message-status/create"]
 enable_alerting                       = true
 use_apex_domain                       = true
 cae_zone_redundancy_enabled           = true
+enable_notifications_jobs_schedule    = true

infrastructure/environments/review/variables.sh

@@ -1,4 +1,5 @@
 ENV_CONFIG=review
+AZURE_SUBSCRIPTION="Breast Screening - Manage Breast Screening - Dev"
 HUB_SUBSCRIPTION="Digital Screening DToS - DevOps"
 AZURE_SUBSCRIPTION="Digital Screening DToS - Core Services Dev"
 HUB=dev

infrastructure/modules/container-apps/jobs.tf

@@ -1,15 +1,15 @@
 locals {
   scheduled_jobs = {
     store_mesh_messages = {
-      cron_expression = "0 6-20 * * *"
+      cron_expression = "0 6 * * *"
       environment_variables = {
         BLOB_CONTAINER_NAME = "notifications-mesh-data"
       }
       job_short_name     = "smm"
       job_container_args = "store_mesh_messages"
     }
     create_appointments = {
-      cron_expression = "30 6-20 * * *"
+      cron_expression = "0 7 * * *"
       environment_variables = {
         BLOB_CONTAINER_NAME = "notifications-mesh-data"
       }
@@ -28,17 +28,6 @@ locals {
       job_short_name     = "smb"
       job_container_args = "send_message_batch"
     }
-    retry_failed_message_batch = {
-      # cron_expression = "0,30 9-12 * * 1-5"
-      cron_expression = null
-      environment_variables = {
-        API_OAUTH_TOKEN_URL              = var.api_oauth_token_url
-        NHS_NOTIFY_API_MESSAGE_BATCH_URL = var.nhs_notify_api_message_batch_url
-        RETRY_QUEUE_NAME                 = "notifications-message-batch-retries"
-      }
-      job_short_name     = "rmb"
-      job_container_args = "retry_failed_message_batch"
-    }
     save_message_status = {
       # cron_expression = "0,30 * * * *"
       cron_expression = null
@@ -69,7 +58,6 @@ locals {
     collect_metrics = {
       cron_expression = "*/5 * * * *"
       environment_variables = {
-        RETRY_QUEUE_NAME          = "notifications-message-batch-retries"
         STATUS_UPDATES_QUEUE_NAME = "notifications-message-status-updates"
         ENVIRONMENT               = var.environment
       }

manage_breast_screening/config/.env.tpl

@@ -31,11 +31,6 @@ BASIC_AUTH_PASSWORD=changeme
 # Notifications specific env vars
 NOTIFICATIONS_BATCH_RETRY_LIMIT=5
 
-NOTIFICATIONS_SMTP_USERNAME=example@nhs.net
-NOTIFICATIONS_SMTP_PASSWORD=changeme
-NOTIFICATIONS_SMTP_RECIPIENTS=example@nhs.net,example@mail.com
-NOTIFICATIONS_SMTP_IS_ENABLED=False
-
 API_OAUTH_API_KEY=""
 API_OAUTH_API_KID=""
 API_OAUTH_PRIVATE_KEY=""

manage_breast_screening/core/jinja2/layout-confirmation.jinja

@@ -1,5 +1,7 @@
 {% extends "layout-app.jinja" %}
 {% from 'nhsuk/components/button/macro.jinja' import button %}
+{% from 'nhsuk/components/inset-text/macro.jinja' import insetText %}
+
 
 {% block header %}
   {{ header({
@@ -21,6 +23,13 @@
     </h1>
 
     {% block details %}
+      {% set insetTextHtml %}
+        <p>This action is final and cannot be undone.</p>
+      {% endset %}
+
+      {{ insetText({
+        "html": insetTextHtml
+      }) }}
     {% endblock %}
 
     <form method="post" action="{{ confirm_action.href | default(request.path) }}">