Add github scripts

Author: kris-szlapa

.github/scripts/create_env_release_notes.sh

@@ -0,0 +1,18 @@
+#!/usr/bin/env bash
+
+cat <<EOF > payload.json
+{ 
+  "currentTag": "$CURRENT_DEPLOYED_TAG",
+  "targetTag": "$DEV_TAG",
+  "repoName": "eps-assist-me",
+  "targetEnvironment": "$ENV",
+  "productName": "EPS Assist Me",
+  "releaseNotesPageId": "$PAGE_ID",
+  "releaseNotesPageTitle": "Current EPSAM release notes - $ENV"
+}
+EOF
+cat payload.json
+
+function_arn=$(aws cloudformation list-exports --query "Exports[?Name=='release-notes:CreateReleaseNotesLambdaArn'].Value" --output text)
+aws lambda invoke --function-name "${function_arn}" --cli-binary-format raw-in-base64-out --payload file://payload.json out.txt
+cat out.txt

.github/scripts/delete_stacks.sh

@@ -0,0 +1,83 @@
+#!/usr/bin/env bash
+
+# generic script for removing cloudformation stacks and proxygen deployed apis where the pull request is closed
+
+# set the repo name to be the name of the repo this is running in
+REPO_NAME=eps-assist-me
+
+# this should be a regex used in jq command that parses the output from aws cloudformation list-stacks and just captures stacks we are interested in
+CAPTURE_REGEX="^epsam-pr-(\\d+)(-sandbox)?$"
+
+# this should be a regex that is used to get the pull request id from the cloud formation stack name
+# this is used in a replace command to replace the stack name so what is left is just the pull request id
+PULL_REQUEST_STACK_REGEX=epsam-pr-
+
+CNAME_QUERY=epsam-pr-
+
+main() {
+  delete_cloudformation_stacks
+  delete_cname_records
+}
+
+delete_cloudformation_stacks() {
+  echo "checking cloudformation stacks"
+  echo
+  ACTIVE_STACKS=$(aws cloudformation list-stacks | jq -r --arg CAPTURE_REGEX "${CAPTURE_REGEX}" '.StackSummaries[] | select ( .StackStatus != "DELETE_COMPLETE" ) | select( .StackName | capture($CAPTURE_REGEX) ) | .StackName ')
+
+  mapfile -t ACTIVE_STACKS_ARRAY <<< "$ACTIVE_STACKS"
+
+  for i in "${ACTIVE_STACKS_ARRAY[@]}"
+  do 
+    echo "Checking if stack $i has open pull request"
+    PULL_REQUEST=${i//${PULL_REQUEST_STACK_REGEX}/}
+    PULL_REQUEST=${PULL_REQUEST//-sandbox/}
+    echo "Checking pull request id ${PULL_REQUEST}"
+    URL="https://api.github.com/repos/NHSDigital/${REPO_NAME}/pulls/${PULL_REQUEST}"
+    RESPONSE=$(curl "${URL}" 2>/dev/null)
+    STATE=$(echo "${RESPONSE}" | jq -r .state)
+    if [ "$STATE" == "closed" ]; then
+      echo "** going to delete stack $i as state is ${STATE} **"
+      aws cloudformation delete-stack --stack-name "${i}"
+      echo "** Sleeping for 60 seconds to avoid 429 on delete stack **"
+      sleep 60
+    else
+      echo "not going to delete stack $i as state is ${STATE}"
+    fi
+  done
+}
+
+delete_cname_records() {
+  HOSTED_ZONE_ID=$(aws route53 list-hosted-zones-by-name --dns-name dev.eps.national.nhs.uk. | jq -r ".HostedZones[0] | .Id")
+  CNAME_RECORDS=$(aws route53 list-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" \
+    --query "ResourceRecordSets[?Type == 'CNAME' && contains(Name, '${CNAME_QUERY}')]" \
+    | jq -r " .[] | .Name")
+
+  mapfile -t CNAME_RECORDS_ARRAY <<< "$CNAME_RECORDS"
+
+  for i in "${CNAME_RECORDS_ARRAY[@]}"
+  do
+    echo "Checking if CNAME record $i has open pull request"
+
+    PULL_REQUEST=$(echo "$i" | grep -Po '(?<=-pr-)\d+')
+    echo "Checking pull request id ${PULL_REQUEST}"
+    URL="https://api.github.com/repos/NHSDigital/${REPO_NAME}/pulls/${PULL_REQUEST}"
+    RESPONSE=$(curl --url "${URL}" --header "Authorization: Bearer ${GITHUB_TOKEN}" 2>/dev/null)
+    STATE=$(echo "${RESPONSE}" | jq -r .state)
+    if [ "$STATE" == "closed" ]; then
+      echo "** going to delete CNAME record $i as state is ${STATE} **"
+      record_set=$(aws route53 list-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" \
+        --query "ResourceRecordSets[?Name == '$i']" --output json | jq .[0])
+
+      jq -n --argjson record_set "${record_set}" \
+          '{Changes: [{Action: "DELETE", ResourceRecordSet: $record_set}]}' > /tmp/payload.json
+
+      aws route53 change-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" --change-batch file:///tmp/payload.json
+
+      echo "CNAME record $i deleted"
+      else
+        echo "not going to delete CNAME record $i as state is ${STATE} **"
+      fi
+  done
+}
+
+main

.github/scripts/fix_cdk_json.sh

@@ -0,0 +1,53 @@
+#!/usr/bin/env bash
+set -e
+
+# script used to set context key values in cdk.json pre deployment from environment variables
+
+# helper function to set string values
+fix_string_key() {
+    KEY_NAME=$1
+    KEY_VALUE=$2
+    if [ -z "${KEY_VALUE}" ]; then
+        echo "${KEY_NAME} value is unset or set to the empty string"
+        exit 1
+    fi
+    echo "Setting ${KEY_NAME}"
+    jq \
+        --arg key_value "${KEY_VALUE}" \
+        --arg key_name "${KEY_NAME}" \
+        '.context += {($key_name): $key_value}' .build/cdk.json > .build/cdk.new.json
+    mv .build/cdk.new.json .build/cdk.json
+}
+
+# helper function to set boolean and number values (without quotes)
+fix_boolean_number_key() {
+    KEY_NAME=$1
+    KEY_VALUE=$2
+    if [ -z "${KEY_VALUE}" ]; then
+        echo "${KEY_NAME} value is unset or set to the empty string"
+        exit 1
+    fi
+    echo "Setting ${KEY_NAME}"
+    jq \
+        --argjson key_value "${KEY_VALUE}" \
+        --arg key_name "${KEY_NAME}" \
+        '.context += {($key_name): $key_value}' .build/cdk.json > .build/cdk.new.json
+    mv .build/cdk.new.json .build/cdk.json
+}
+
+# get some values from AWS
+TRUSTSTORE_BUCKET_ARN=$(aws cloudformation describe-stacks --stack-name account-resources --query "Stacks[0].Outputs[?OutputKey=='TrustStoreBucket'].OutputValue" --output text)
+TRUSTSTORE_BUCKET_NAME=$(echo "${TRUSTSTORE_BUCKET_ARN}" | cut -d ":" -f 6)
+TRUSTSTORE_VERSION=$(aws s3api list-object-versions --bucket "${TRUSTSTORE_BUCKET_NAME}" --prefix "${TRUSTSTORE_FILE}" --query 'Versions[?IsLatest].[VersionId]' --output text)
+
+# go through all the key values we need to set
+fix_string_key accountId "${ACCOUNT_ID}"
+fix_string_key stackName "${STACK_NAME}"
+fix_string_key versionNumber "${VERSION_NUMBER}"
+fix_string_key commitId "${COMMIT_ID}"
+fix_string_key logRetentionInDays "${LOG_RETENTION_IN_DAYS}"
+fix_string_key logLevel "${LOG_LEVEL}"
+fix_string_key targetSpineServer "${TARGET_SPINE_SERVER}"
+fix_boolean_number_key enableMutualTls "${ENABLE_MUTUAL_TLS}"
+fix_string_key trustStoreFile "${TRUSTSTORE_FILE}"
+fix_string_key trustStoreVersion "${TRUSTSTORE_VERSION}"

.github/scripts/get_current_dev_tag

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+dev_tag=$(aws cloudformation describe-stacks --stack-name cpt --query "Stacks[0].Tags[?Key=='version'].Value" --output text)
+
+echo "DEV_TAG=${dev_tag}" >> "$GITHUB_ENV"

.github/scripts/get_target_deployed_tag.sh

@@ -0,0 +1,5 @@
+#!/usr/bin/env bash
+
+current_deployed_tag=$(aws cloudformation describe-stacks --stack-name epsam --query "Stacks[0].Tags[?Key=='version'].Value" --output text)
+
+echo "CURRENT_DEPLOYED_TAG=${current_deployed_tag}" >> "$GITHUB_ENV"