From a06971b6af4c5edb4931c9cbdb16ffddf62e4a2d Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Thu, 10 Jul 2025 14:15:56 +0000 Subject: [PATCH 01/14] Trigger build From a709ca1f60e4a0a073c3edcb1bb1abcd489e2787 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Fri, 11 Jul 2025 13:13:31 +0000 Subject: [PATCH 02/14] Add cdk package --- .gitignore | 1 + .vscode/eps-assist-me.code-workspace | 4 + Makefile | 49 ++ cdk.json | 76 +++ package-lock.json | 683 ++++++++++++++++++++++++ package.json | 3 + packages/cdk/bin/EpsAssistMeApp.ts | 22 + packages/cdk/package.json | 20 + packages/cdk/stacks/epsAssistMeStack.ts | 15 + packages/cdk/tsconfig.json | 31 ++ tsconfig.build.json | 9 + tsconfig.defaults.json | 18 + tsconfig.json | 34 ++ 13 files changed, 965 insertions(+) create mode 100644 cdk.json create mode 100644 packages/cdk/bin/EpsAssistMeApp.ts create mode 100644 packages/cdk/package.json create mode 100644 packages/cdk/stacks/epsAssistMeStack.ts create mode 100644 packages/cdk/tsconfig.json create mode 100644 tsconfig.build.json create mode 100644 tsconfig.defaults.json create mode 100644 tsconfig.json diff --git a/.gitignore b/.gitignore index 5de2e51c..0b870556 100644 --- a/.gitignore +++ b/.gitignore @@ -26,3 +26,4 @@ _site/ .jekyll-cache .jekyll-metadata vendor +cdk.out diff --git a/.vscode/eps-assist-me.code-workspace b/.vscode/eps-assist-me.code-workspace index affb2e8a..ce3e338e 100644 --- a/.vscode/eps-assist-me.code-workspace +++ b/.vscode/eps-assist-me.code-workspace @@ -3,6 +3,10 @@ { "name": "eps-assist-me-monorepo", "path": ".." + }, + { + "name": "packages/cdk", + "path": "../packages/cdk" } ], "settings": { diff --git a/Makefile b/Makefile index 7b84b7de..aa972be5 100644 --- a/Makefile +++ b/Makefile @@ -32,5 +32,54 @@ lint-githubaction-scripts: lint: lint-githubactions lint-githubaction-scripts +check-licenses: check-licenses-node check-licenses-python + +check-licenses-node: + npm run check-licenses --workspace packages/cdk + check-licenses-python: scripts/check_python_licenses.sh + +aws-configure: + aws configure sso --region eu-west-2 + +cdk-deploy: guard-stack_name + REQUIRE_APPROVAL="$${REQUIRE_APPROVAL:-any-change}" && \ + VERSION_NUMBER="$${VERSION_NUMBER:-undefined}" && \ + COMMIT_ID="$${COMMIT_ID:-undefined}" && \ + npx cdk deploy \ + --app "npx ts-node --prefer-ts-exts packages/cdk/bin/EpsAssistMeApp.ts" \ + --all \ + --ci true \ + --require-approval $${REQUIRE_APPROVAL} \ + --context stackName=$$stack_name \ + --context VERSION_NUMBER=$$VERSION_NUMBER \ + --context COMMIT_ID=$$COMMIT_ID + +cdk-synth: + npx cdk synth \ + --app "npx ts-node --prefer-ts-exts packages/cdk/bin/EpsAssistMeApp.ts" \ + --context stackName=eps-am \ + --context VERSION_NUMBER=undefined \ + --context COMMIT_ID=undefined + +cdk-diff: + npx cdk diff \ + --app "npx ts-node --prefer-ts-exts packages/cdk/bin/EpsAssistMeApp.ts" \ + --context stackName=$$stack_name \ + --context VERSION_NUMBER=$$VERSION_NUMBER \ + --context COMMIT_ID=$$COMMIT_ID + +cdk-watch: guard-stack_name + REQUIRE_APPROVAL="$${REQUIRE_APPROVAL:-any-change}" && \ + VERSION_NUMBER="$${VERSION_NUMBER:-undefined}" && \ + COMMIT_ID="$${COMMIT_ID:-undefined}" && \ + npx cdk deploy \ + --app "npx ts-node --prefer-ts-exts packages/cdk/bin/EpsAssistMeApp.ts" \ + --watch \ + --all \ + --ci true \ + --require-approval $${REQUIRE_APPROVAL} \ + --context stackName=$$stack_name \ + --context VERSION_NUMBER=$$VERSION_NUMBER \ + --context COMMIT_ID=$$COMMIT_ID diff --git a/cdk.json b/cdk.json new file mode 100644 index 00000000..8fd3c35c --- /dev/null +++ b/cdk.json @@ -0,0 +1,76 @@ +{ + "watch": { + "include": [ + "packages/**" + ], + "exclude": [ + "**/README.md", + "**/cdk*.json", + "**/*.d.ts", + "**/*.js", + "**/tsconfig.json", + "**/package*.json", + "**/yarn.lock", + "**/node_modules", + "**/tests*", + "**/lib", + "**/coverage", + "**/jest.config.ts", + "**/jest.debug.config.ts" + ] + }, + "context": { + "@aws-cdk/aws-lambda:recognizeLayerVersion": true, + "@aws-cdk/core:checkSecretUsage": true, + "@aws-cdk/core:target-partitions": [ + "aws", + "aws-cn" + ], + "@aws-cdk-containers/ecs-service-extensions:enableDefaultLogDriver": true, + "@aws-cdk/aws-ec2:uniqueImdsv2TemplateName": true, + "@aws-cdk/aws-ecs:arnFormatIncludesClusterName": true, + "@aws-cdk/aws-iam:minimizePolicies": true, + "@aws-cdk/core:validateSnapshotRemovalPolicy": true, + "@aws-cdk/aws-codepipeline:crossAccountKeyAliasStackSafeResourceName": true, + "@aws-cdk/aws-s3:createDefaultLoggingPolicy": true, + "@aws-cdk/aws-sns-subscriptions:restrictSqsDescryption": true, + "@aws-cdk/aws-apigateway:disableCloudWatchRole": true, + "@aws-cdk/core:enablePartitionLiterals": true, + "@aws-cdk/aws-events:eventsTargetQueueSameAccount": true, + "@aws-cdk/aws-ecs:disableExplicitDeploymentControllerForCircuitBreaker": true, + "@aws-cdk/aws-iam:importedRoleStackSafeDefaultPolicyName": true, + "@aws-cdk/aws-s3:serverAccessLogsUseBucketPolicy": true, + "@aws-cdk/aws-route53-patters:useCertificate": true, + "@aws-cdk/customresources:installLatestAwsSdkDefault": false, + "@aws-cdk/aws-rds:databaseProxyUniqueResourceName": true, + "@aws-cdk/aws-codedeploy:removeAlarmsFromDeploymentGroup": true, + "@aws-cdk/aws-apigateway:authorizerChangeDeploymentLogicalId": true, + "@aws-cdk/aws-ec2:launchTemplateDefaultUserData": true, + "@aws-cdk/aws-secretsmanager:useAttachedSecretResourcePolicyForSecretTargetAttachments": true, + "@aws-cdk/aws-redshift:columnId": true, + "@aws-cdk/aws-stepfunctions-tasks:enableEmrServicePolicyV2": true, + "@aws-cdk/aws-ec2:restrictDefaultSecurityGroup": true, + "@aws-cdk/aws-apigateway:requestValidatorUniqueId": true, + "@aws-cdk/aws-kms:aliasNameRef": true, + "@aws-cdk/aws-autoscaling:generateLaunchTemplateInsteadOfLaunchConfig": true, + "@aws-cdk/core:includePrefixInUniqueNameGeneration": true, + "@aws-cdk/aws-efs:denyAnonymousAccess": true, + "@aws-cdk/aws-opensearchservice:enableOpensearchMultiAzWithStandby": true, + "@aws-cdk/aws-lambda-nodejs:useLatestRuntimeVersion": true, + "@aws-cdk/aws-efs:mountTargetOrderInsensitiveLogicalId": true, + "@aws-cdk/aws-rds:auroraClusterChangeScopeOfInstanceParameterGroupWithEachParameters": true, + "@aws-cdk/aws-appsync:useArnForSourceApiAssociationIdentifier": true, + "@aws-cdk/aws-rds:preventRenderingDeprecatedCredentials": true, + "@aws-cdk/aws-codepipeline-actions:useNewDefaultBranchForCodeCommitSource": true, + "@aws-cdk/aws-cloudwatch-actions:changeLambdaPermissionLogicalIdForLambdaAction": true, + "@aws-cdk/aws-codepipeline:crossAccountKeysDefaultValueToFalse": true, + "@aws-cdk/aws-codepipeline:defaultPipelineTypeToV2": true, + "@aws-cdk/aws-kms:reduceCrossAccountRegionPolicyScope": true, + "@aws-cdk/aws-eks:nodegroupNameAttribute": true, + "@aws-cdk/aws-ec2:ebsDefaultGp3Volume": true, + "@aws-cdk/aws-ecs:removeDefaultDeploymentAlarm": true, + "@aws-cdk/custom-resources:logApiResponseDataPropertyTrueDefault": false, + "@aws-cdk/aws-s3:keepNotificationInImportedBucket": false, + "cdk-migrate": true + } +} diff --git a/package-lock.json b/package-lock.json index bc706745..449c0b73 100644 --- a/package-lock.json +++ b/package-lock.json @@ -9,13 +9,64 @@ "version": "1.0.0", "license": "MIT", "workspaces": [ + "packages/cdk", "packages/querytool", "packages/slackbot" ], "devDependencies": { + "ts-node": "^10.9.2", + "typescript": "^5.8.3", "widdershins": "^4.0.1" } }, + "node_modules/@aws-cdk/asset-awscli-v1": { + "version": "2.2.242", + "resolved": "https://registry.npmjs.org/@aws-cdk/asset-awscli-v1/-/asset-awscli-v1-2.2.242.tgz", + "integrity": "sha512-4c1bAy2ISzcdKXYS1k4HYZsNrgiwbiDzj36ybwFVxEWZXVAP0dimQTCaB9fxu7sWzEjw3d+eaw6Fon+QTfTIpQ==", + "license": "Apache-2.0" + }, + "node_modules/@aws-cdk/asset-node-proxy-agent-v6": { + "version": "2.1.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.1.0.tgz", + "integrity": "sha512-7bY3J8GCVxLupn/kNmpPc5VJz8grx+4RKfnnJiO1LG+uxkZfANZG3RMHhE+qQxxwkyQ9/MfPtTpf748UhR425A==", + "license": "Apache-2.0" + }, + "node_modules/@aws-cdk/cloud-assembly-schema": { + "version": "45.2.0", + "resolved": "https://registry.npmjs.org/@aws-cdk/cloud-assembly-schema/-/cloud-assembly-schema-45.2.0.tgz", + "integrity": "sha512-5TTUkGHQ+nfuUGwKA8/Yraxb+JdNUh4np24qk/VHXmrCMq+M6HfmGWfhcg/QlHA2S5P3YIamfYHdQAB4uSNLAg==", + "bundleDependencies": [ + "jsonschema", + "semver" + ], + "license": "Apache-2.0", + "dependencies": { + "jsonschema": "~1.4.1", + "semver": "^7.7.2" + }, + "engines": { + "node": ">= 18.0.0" + } + }, + "node_modules/@aws-cdk/cloud-assembly-schema/node_modules/jsonschema": { + "version": "1.4.1", + "inBundle": true, + "license": "MIT", + "engines": { + "node": "*" + } + }, + "node_modules/@aws-cdk/cloud-assembly-schema/node_modules/semver": { + "version": "7.7.2", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, "node_modules/@babel/code-frame": { "version": "7.27.1", "resolved": "https://registry.npmjs.org/@babel/code-frame/-/code-frame-7.27.1.tgz", @@ -51,6 +102,19 @@ "node": ">=6.9.0" } }, + "node_modules/@cspotcode/source-map-support": { + "version": "0.8.1", + "resolved": "https://registry.npmjs.org/@cspotcode/source-map-support/-/source-map-support-0.8.1.tgz", + "integrity": "sha512-IchNf6dN4tHoMFIn/7OE8LWZ19Y6q/67Bmf6vnGREv8RSbBVb9LPJxEcnwrcwX6ixSvaiGoomAUvu4YSxXrVgw==", + "dev": true, + "license": "MIT", + "dependencies": { + "@jridgewell/trace-mapping": "0.3.9" + }, + "engines": { + "node": ">=12" + } + }, "node_modules/@exodus/schemasafe": { "version": "1.3.0", "resolved": "https://registry.npmjs.org/@exodus/schemasafe/-/schemasafe-1.3.0.tgz", @@ -58,6 +122,62 @@ "dev": true, "license": "MIT" }, + "node_modules/@jridgewell/resolve-uri": { + "version": "3.1.2", + "resolved": "https://registry.npmjs.org/@jridgewell/resolve-uri/-/resolve-uri-3.1.2.tgz", + "integrity": "sha512-bRISgCIjP20/tbWSPWMEi54QVPRZExkuD9lJL+UIxUKtwVJA8wW1Trb1jMs1RFXo1CBTNZ/5hpC9QvmKWdopKw==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=6.0.0" + } + }, + "node_modules/@jridgewell/sourcemap-codec": { + "version": "1.5.4", + "resolved": "https://registry.npmjs.org/@jridgewell/sourcemap-codec/-/sourcemap-codec-1.5.4.tgz", + "integrity": "sha512-VT2+G1VQs/9oz078bLrYbecdZKs912zQlkelYpuf+SXF+QvZDYJlbx/LSx+meSAwdDFnF8FVXW92AVjjkVmgFw==", + "dev": true, + "license": "MIT" + }, + "node_modules/@jridgewell/trace-mapping": { + "version": "0.3.9", + "resolved": "https://registry.npmjs.org/@jridgewell/trace-mapping/-/trace-mapping-0.3.9.tgz", + "integrity": "sha512-3Belt6tdc8bPgAtbcmdtNJlirVoTmEb5e2gC94PnkwEW9jI6CAHUeoG85tjWP5WquqfavoMtMwiG4P926ZKKuQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@jridgewell/resolve-uri": "^3.0.3", + "@jridgewell/sourcemap-codec": "^1.4.10" + } + }, + "node_modules/@tsconfig/node10": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/@tsconfig/node10/-/node10-1.0.11.tgz", + "integrity": "sha512-DcRjDCujK/kCk/cUe8Xz8ZSpm8mS3mNNpta+jGCA6USEDfktlNvm1+IuZ9eTcDbNk41BHwpHHeW+N1lKCz4zOw==", + "dev": true, + "license": "MIT" + }, + "node_modules/@tsconfig/node12": { + "version": "1.0.11", + "resolved": "https://registry.npmjs.org/@tsconfig/node12/-/node12-1.0.11.tgz", + "integrity": "sha512-cqefuRsh12pWyGsIoBKJA9luFu3mRxCA+ORZvA4ktLSzIuCUtWVxGIuXigEwO5/ywWFMZ2QEGKWvkZG1zDMTag==", + "dev": true, + "license": "MIT" + }, + "node_modules/@tsconfig/node14": { + "version": "1.0.3", + "resolved": "https://registry.npmjs.org/@tsconfig/node14/-/node14-1.0.3.tgz", + "integrity": "sha512-ysT8mhdixWK6Hw3i1V2AeRqZ5WfXg1G43mqoYlM2nc6388Fq5jcXyr5mRsqViLx/GJYdoL0bfXD8nmF+Zn/Iow==", + "dev": true, + "license": "MIT" + }, + "node_modules/@tsconfig/node16": { + "version": "1.0.4", + "resolved": "https://registry.npmjs.org/@tsconfig/node16/-/node16-1.0.4.tgz", + "integrity": "sha512-vxhUy4J8lyeyinH7Azl1pdd43GJhZH/tP2weN8TntQblOY+A0XbT8DJk1/oCPuOOyg/Ja757rG0CgHcWC8OfMA==", + "dev": true, + "license": "MIT" + }, "node_modules/@types/json-schema": { "version": "7.0.15", "resolved": "https://registry.npmjs.org/@types/json-schema/-/json-schema-7.0.15.tgz", @@ -65,6 +185,43 @@ "dev": true, "license": "MIT" }, + "node_modules/@types/node": { + "version": "24.0.13", + "resolved": "https://registry.npmjs.org/@types/node/-/node-24.0.13.tgz", + "integrity": "sha512-Qm9OYVOFHFYg3wJoTSrz80hoec5Lia/dPp84do3X7dZvLikQvM1YpmvTBEdIr/e+U8HTkFjLHLnl78K/qjf+jQ==", + "dev": true, + "license": "MIT", + "peer": true, + "dependencies": { + "undici-types": "~7.8.0" + } + }, + "node_modules/acorn": { + "version": "8.15.0", + "resolved": "https://registry.npmjs.org/acorn/-/acorn-8.15.0.tgz", + "integrity": "sha512-NZyJarBfL7nWwIq+FDL6Zp/yHEhePMNnnJ0y3qfieCrmNvYct8uvtiV41UvlSe6apAfk0fY1FbWx+NwfmpvtTg==", + "dev": true, + "license": "MIT", + "bin": { + "acorn": "bin/acorn" + }, + "engines": { + "node": ">=0.4.0" + } + }, + "node_modules/acorn-walk": { + "version": "8.3.4", + "resolved": "https://registry.npmjs.org/acorn-walk/-/acorn-walk-8.3.4.tgz", + "integrity": "sha512-ueEepnujpqee2o5aIYnvHU6C0A42MNdsIDeqy5BydrkuC5R1ZuUFnm27EeFJGoEHJQgn3uleRvmTXaJgfXbt4g==", + "dev": true, + "license": "MIT", + "dependencies": { + "acorn": "^8.11.0" + }, + "engines": { + "node": ">=0.4.0" + } + }, "node_modules/ajv": { "version": "6.12.6", "resolved": "https://registry.npmjs.org/ajv/-/ajv-6.12.6.tgz", @@ -102,6 +259,13 @@ "node": ">=0.10.0" } }, + "node_modules/arg": { + "version": "4.1.3", + "resolved": "https://registry.npmjs.org/arg/-/arg-4.1.3.tgz", + "integrity": "sha512-58S9QDqG0Xx27YwPSt9fJxivjYl432YCwfDMfZ+71RAqUrZef7LrKQZ3LHLOwCS4FLNBplP533Zx895SeOCHvA==", + "dev": true, + "license": "MIT" + }, "node_modules/argparse": { "version": "1.0.10", "resolved": "https://registry.npmjs.org/argparse/-/argparse-1.0.10.tgz", @@ -119,6 +283,372 @@ "dev": true, "license": "MIT" }, + "node_modules/aws-cdk": { + "version": "2.1020.2", + "resolved": "https://registry.npmjs.org/aws-cdk/-/aws-cdk-2.1020.2.tgz", + "integrity": "sha512-yWdt3dJh4aPm1VNyEgfG3lozGrvddw0i7avt+Cl9KOYixmisQtAg39/aZqzVVqjzVZVEanXmz+tlhzzh75Z69A==", + "dev": true, + "license": "Apache-2.0", + "bin": { + "cdk": "bin/cdk" + }, + "engines": { + "node": ">= 18.0.0" + }, + "optionalDependencies": { + "fsevents": "2.3.2" + } + }, + "node_modules/aws-cdk-lib": { + "version": "2.204.0", + "resolved": "https://registry.npmjs.org/aws-cdk-lib/-/aws-cdk-lib-2.204.0.tgz", + "integrity": "sha512-mY3nYu+QvPhO+fz+LCFKbc0PFhTHbHzDLnbcA2fPcQBKciYnTixpBd2ccRlKYWbG4y6NTc6ju6DudZ3HIS4OlA==", + "bundleDependencies": [ + "@balena/dockerignore", + "case", + "fs-extra", + "ignore", + "jsonschema", + "minimatch", + "punycode", + "semver", + "table", + "yaml", + "mime-types" + ], + "license": "Apache-2.0", + "dependencies": { + "@aws-cdk/asset-awscli-v1": "2.2.242", + "@aws-cdk/asset-node-proxy-agent-v6": "^2.1.0", + "@aws-cdk/cloud-assembly-schema": "^45.0.0", + "@balena/dockerignore": "^1.0.2", + "case": "1.6.3", + "fs-extra": "^11.3.0", + "ignore": "^5.3.2", + "jsonschema": "^1.5.0", + "mime-types": "^2.1.35", + "minimatch": "^3.1.2", + "punycode": "^2.3.1", + "semver": "^7.7.2", + "table": "^6.9.0", + "yaml": "1.10.2" + }, + "engines": { + "node": ">= 14.15.0" + }, + "peerDependencies": { + "constructs": "^10.0.0" + } + }, + "node_modules/aws-cdk-lib/node_modules/@balena/dockerignore": { + "version": "1.0.2", + "inBundle": true, + "license": "Apache-2.0" + }, + "node_modules/aws-cdk-lib/node_modules/ajv": { + "version": "8.17.1", + "inBundle": true, + "license": "MIT", + "dependencies": { + "fast-deep-equal": "^3.1.3", + "fast-uri": "^3.0.1", + "json-schema-traverse": "^1.0.0", + "require-from-string": "^2.0.2" + }, + "funding": { + "type": "github", + "url": "https://github.com/sponsors/epoberezkin" + } + }, + "node_modules/aws-cdk-lib/node_modules/ansi-regex": { + "version": "5.0.1", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/aws-cdk-lib/node_modules/ansi-styles": { + "version": "4.3.0", + "inBundle": true, + "license": "MIT", + "dependencies": { + "color-convert": "^2.0.1" + }, + "engines": { + "node": ">=8" + }, + "funding": { + "url": "https://github.com/chalk/ansi-styles?sponsor=1" + } + }, + "node_modules/aws-cdk-lib/node_modules/astral-regex": { + "version": "2.0.0", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/aws-cdk-lib/node_modules/balanced-match": { + "version": "1.0.2", + "inBundle": true, + "license": "MIT" + }, + "node_modules/aws-cdk-lib/node_modules/brace-expansion": { + "version": "1.1.12", + "inBundle": true, + "license": "MIT", + "dependencies": { + "balanced-match": "^1.0.0", + "concat-map": "0.0.1" + } + }, + "node_modules/aws-cdk-lib/node_modules/case": { + "version": "1.6.3", + "inBundle": true, + "license": "(MIT OR GPL-3.0-or-later)", + "engines": { + "node": ">= 0.8.0" + } + }, + "node_modules/aws-cdk-lib/node_modules/color-convert": { + "version": "2.0.1", + "inBundle": true, + "license": "MIT", + "dependencies": { + "color-name": "~1.1.4" + }, + "engines": { + "node": ">=7.0.0" + } + }, + "node_modules/aws-cdk-lib/node_modules/color-name": { + "version": "1.1.4", + "inBundle": true, + "license": "MIT" + }, + "node_modules/aws-cdk-lib/node_modules/concat-map": { + "version": "0.0.1", + "inBundle": true, + "license": "MIT" + }, + "node_modules/aws-cdk-lib/node_modules/emoji-regex": { + "version": "8.0.0", + "inBundle": true, + "license": "MIT" + }, + "node_modules/aws-cdk-lib/node_modules/fast-deep-equal": { + "version": "3.1.3", + "inBundle": true, + "license": "MIT" + }, + "node_modules/aws-cdk-lib/node_modules/fast-uri": { + "version": "3.0.6", + "funding": [ + { + "type": "github", + "url": "https://github.com/sponsors/fastify" + }, + { + "type": "opencollective", + "url": "https://opencollective.com/fastify" + } + ], + "inBundle": true, + "license": "BSD-3-Clause" + }, + "node_modules/aws-cdk-lib/node_modules/fs-extra": { + "version": "11.3.0", + "inBundle": true, + "license": "MIT", + "dependencies": { + "graceful-fs": "^4.2.0", + "jsonfile": "^6.0.1", + "universalify": "^2.0.0" + }, + "engines": { + "node": ">=14.14" + } + }, + "node_modules/aws-cdk-lib/node_modules/graceful-fs": { + "version": "4.2.11", + "inBundle": true, + "license": "ISC" + }, + "node_modules/aws-cdk-lib/node_modules/ignore": { + "version": "5.3.2", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">= 4" + } + }, + "node_modules/aws-cdk-lib/node_modules/is-fullwidth-code-point": { + "version": "3.0.0", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=8" + } + }, + "node_modules/aws-cdk-lib/node_modules/json-schema-traverse": { + "version": "1.0.0", + "inBundle": true, + "license": "MIT" + }, + "node_modules/aws-cdk-lib/node_modules/jsonfile": { + "version": "6.1.0", + "inBundle": true, + "license": "MIT", + "dependencies": { + "universalify": "^2.0.0" + }, + "optionalDependencies": { + "graceful-fs": "^4.1.6" + } + }, + "node_modules/aws-cdk-lib/node_modules/jsonschema": { + "version": "1.5.0", + "inBundle": true, + "license": "MIT", + "engines": { + "node": "*" + } + }, + "node_modules/aws-cdk-lib/node_modules/lodash.truncate": { + "version": "4.4.2", + "inBundle": true, + "license": "MIT" + }, + "node_modules/aws-cdk-lib/node_modules/mime-db": { + "version": "1.52.0", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/aws-cdk-lib/node_modules/mime-types": { + "version": "2.1.35", + "inBundle": true, + "license": "MIT", + "dependencies": { + "mime-db": "1.52.0" + }, + "engines": { + "node": ">= 0.6" + } + }, + "node_modules/aws-cdk-lib/node_modules/minimatch": { + "version": "3.1.2", + "inBundle": true, + "license": "ISC", + "dependencies": { + "brace-expansion": "^1.1.7" + }, + "engines": { + "node": "*" + } + }, + "node_modules/aws-cdk-lib/node_modules/punycode": { + "version": "2.3.1", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=6" + } + }, + "node_modules/aws-cdk-lib/node_modules/require-from-string": { + "version": "2.0.2", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, + "node_modules/aws-cdk-lib/node_modules/semver": { + "version": "7.7.2", + "inBundle": true, + "license": "ISC", + "bin": { + "semver": "bin/semver.js" + }, + "engines": { + "node": ">=10" + } + }, + "node_modules/aws-cdk-lib/node_modules/slice-ansi": { + "version": "4.0.0", + "inBundle": true, + "license": "MIT", + "dependencies": { + "ansi-styles": "^4.0.0", + "astral-regex": "^2.0.0", + "is-fullwidth-code-point": "^3.0.0" + }, + "engines": { + "node": ">=10" + }, + "funding": { + "url": "https://github.com/chalk/slice-ansi?sponsor=1" + } + }, + "node_modules/aws-cdk-lib/node_modules/string-width": { + "version": "4.2.3", + "inBundle": true, + "license": "MIT", + "dependencies": { + "emoji-regex": "^8.0.0", + "is-fullwidth-code-point": "^3.0.0", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/aws-cdk-lib/node_modules/strip-ansi": { + "version": "6.0.1", + "inBundle": true, + "license": "MIT", + "dependencies": { + "ansi-regex": "^5.0.1" + }, + "engines": { + "node": ">=8" + } + }, + "node_modules/aws-cdk-lib/node_modules/table": { + "version": "6.9.0", + "inBundle": true, + "license": "BSD-3-Clause", + "dependencies": { + "ajv": "^8.0.1", + "lodash.truncate": "^4.4.2", + "slice-ansi": "^4.0.0", + "string-width": "^4.2.3", + "strip-ansi": "^6.0.1" + }, + "engines": { + "node": ">=10.0.0" + } + }, + "node_modules/aws-cdk-lib/node_modules/universalify": { + "version": "2.0.1", + "inBundle": true, + "license": "MIT", + "engines": { + "node": ">= 10.0.0" + } + }, + "node_modules/aws-cdk-lib/node_modules/yaml": { + "version": "1.10.2", + "inBundle": true, + "license": "ISC", + "engines": { + "node": ">= 6" + } + }, "node_modules/better-ajv-errors": { "version": "0.6.7", "resolved": "https://registry.npmjs.org/better-ajv-errors/-/better-ajv-errors-0.6.7.tgz", @@ -196,6 +726,20 @@ "node": ">=6" } }, + "node_modules/cdk": { + "resolved": "packages/cdk", + "link": true + }, + "node_modules/cdk-nag": { + "version": "2.36.36", + "resolved": "https://registry.npmjs.org/cdk-nag/-/cdk-nag-2.36.36.tgz", + "integrity": "sha512-886syL1B/NPatemwrly3sP+Gd8tW5Bxje1oVXnw7dQJwgEAVhYU/8ow+refYHaf+0w4K1DfhBhQ94zMddj1yag==", + "license": "Apache-2.0", + "peerDependencies": { + "aws-cdk-lib": "^2.156.0", + "constructs": "^10.0.5" + } + }, "node_modules/chalk": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/chalk/-/chalk-1.1.3.tgz", @@ -316,6 +860,12 @@ "dev": true, "license": "MIT" }, + "node_modules/constructs": { + "version": "10.4.2", + "resolved": "https://registry.npmjs.org/constructs/-/constructs-10.4.2.tgz", + "integrity": "sha512-wsNxBlAott2qg8Zv87q3eYZYgheb9lchtBfjHzzLHtXbttwSrHPs1NNQbBrmbb1YZvYg2+Vh0Dor76w4mFxJkA==", + "license": "Apache-2.0" + }, "node_modules/core-js": { "version": "3.44.0", "resolved": "https://registry.npmjs.org/core-js/-/core-js-3.44.0.tgz", @@ -328,6 +878,13 @@ "url": "https://opencollective.com/core-js" } }, + "node_modules/create-require": { + "version": "1.1.1", + "resolved": "https://registry.npmjs.org/create-require/-/create-require-1.1.1.tgz", + "integrity": "sha512-dcKFX3jn0MpIaXjisoRvexIJVEKzaq7z2rZKxf+MSr9TkdmHmsU4m2lcLojrj/FHl8mk5VxMmYA+ftRkP/3oKQ==", + "dev": true, + "license": "MIT" + }, "node_modules/cross-spawn": { "version": "6.0.6", "resolved": "https://registry.npmjs.org/cross-spawn/-/cross-spawn-6.0.6.tgz", @@ -375,6 +932,16 @@ "node": ">=0.4.0" } }, + "node_modules/diff": { + "version": "4.0.2", + "resolved": "https://registry.npmjs.org/diff/-/diff-4.0.2.tgz", + "integrity": "sha512-58lmxKSA4BNyLz+HHMUzlOEpg09FV+ev6ZMe3vJihgdxzgcwZ8VoEEPmALCZG9LmqfVoNMMKpttIYTVG6uDY7A==", + "dev": true, + "license": "BSD-3-Clause", + "engines": { + "node": ">=0.3.1" + } + }, "node_modules/dot": { "version": "1.1.3", "resolved": "https://registry.npmjs.org/dot/-/dot-1.1.3.tgz", @@ -610,6 +1177,21 @@ "node": ">=0.10.0" } }, + "node_modules/fsevents": { + "version": "2.3.2", + "resolved": "https://registry.npmjs.org/fsevents/-/fsevents-2.3.2.tgz", + "integrity": "sha512-xiqMQR4xAeHTuB9uWm+fFRcIOgKBMiOBP+eXiyT7jsgVCq1bkVygt00oASowB7EdtpOHaaPgKt812P9ab+DDKA==", + "dev": true, + "hasInstallScript": true, + "license": "MIT", + "optional": true, + "os": [ + "darwin" + ], + "engines": { + "node": "^8.16.0 || ^10.6.0 || >=11.0.0" + } + }, "node_modules/get-caller-file": { "version": "1.0.3", "resolved": "https://registry.npmjs.org/get-caller-file/-/get-caller-file-1.0.3.tgz", @@ -903,6 +1485,13 @@ "node": ">=6" } }, + "node_modules/make-error": { + "version": "1.3.6", + "resolved": "https://registry.npmjs.org/make-error/-/make-error-1.3.6.tgz", + "integrity": "sha512-s8UhlNe7vPKomQhC1qFelMokr/Sc3AgNbso3n74mVPA5LTZwkB9NlXf4XPamLxJE8h0gh73rM94xvwRT2CVInw==", + "dev": true, + "license": "ISC" + }, "node_modules/map-age-cleaner": { "version": "0.1.3", "resolved": "https://registry.npmjs.org/map-age-cleaner/-/map-age-cleaner-0.1.3.tgz", @@ -2092,6 +2681,64 @@ "dev": true, "license": "MIT" }, + "node_modules/ts-node": { + "version": "10.9.2", + "resolved": "https://registry.npmjs.org/ts-node/-/ts-node-10.9.2.tgz", + "integrity": "sha512-f0FFpIdcHgn8zcPSbf1dRevwt047YMnaiJM3u2w2RewrB+fob/zePZcrOyQoLMMO7aBIddLcQIEK5dYjkLnGrQ==", + "dev": true, + "license": "MIT", + "dependencies": { + "@cspotcode/source-map-support": "^0.8.0", + "@tsconfig/node10": "^1.0.7", + "@tsconfig/node12": "^1.0.7", + "@tsconfig/node14": "^1.0.0", + "@tsconfig/node16": "^1.0.2", + "acorn": "^8.4.1", + "acorn-walk": "^8.1.1", + "arg": "^4.1.0", + "create-require": "^1.1.0", + "diff": "^4.0.1", + "make-error": "^1.1.1", + "v8-compile-cache-lib": "^3.0.1", + "yn": "3.1.1" + }, + "bin": { + "ts-node": "dist/bin.js", + "ts-node-cwd": "dist/bin-cwd.js", + "ts-node-esm": "dist/bin-esm.js", + "ts-node-script": "dist/bin-script.js", + "ts-node-transpile-only": "dist/bin-transpile.js", + "ts-script": "dist/bin-script-deprecated.js" + }, + "peerDependencies": { + "@swc/core": ">=1.2.50", + "@swc/wasm": ">=1.2.50", + "@types/node": "*", + "typescript": ">=2.7" + }, + "peerDependenciesMeta": { + "@swc/core": { + "optional": true + }, + "@swc/wasm": { + "optional": true + } + } + }, + "node_modules/typescript": { + "version": "5.8.3", + "resolved": "https://registry.npmjs.org/typescript/-/typescript-5.8.3.tgz", + "integrity": "sha512-p1diW6TqL9L07nNxvRMM7hMMw4c5XOo/1ibL4aAIGmSAt9slTE1Xgw5KWuof2uTOvCg9BY7ZRi+GaF+7sfgPeQ==", + "dev": true, + "license": "Apache-2.0", + "bin": { + "tsc": "bin/tsc", + "tsserver": "bin/tsserver" + }, + "engines": { + "node": ">=14.17" + } + }, "node_modules/uc.micro": { "version": "1.0.6", "resolved": "https://registry.npmjs.org/uc.micro/-/uc.micro-1.0.6.tgz", @@ -2099,6 +2746,14 @@ "dev": true, "license": "MIT" }, + "node_modules/undici-types": { + "version": "7.8.0", + "resolved": "https://registry.npmjs.org/undici-types/-/undici-types-7.8.0.tgz", + "integrity": "sha512-9UJ2xGDvQ43tYyVMpuHlsgApydB8ZKfVYTsLDhXkFL/6gfkp+U8xTGdh8pMJv1SpZna0zxG1DwsKZsreLbXBxw==", + "dev": true, + "license": "MIT", + "peer": true + }, "node_modules/uri-js": { "version": "4.4.1", "resolved": "https://registry.npmjs.org/uri-js/-/uri-js-4.4.1.tgz", @@ -2116,6 +2771,13 @@ "dev": true, "license": "MIT" }, + "node_modules/v8-compile-cache-lib": { + "version": "3.0.1", + "resolved": "https://registry.npmjs.org/v8-compile-cache-lib/-/v8-compile-cache-lib-3.0.1.tgz", + "integrity": "sha512-wa7YjyUGfNZngI/vtK0UHAN+lgDCxBPCylVXGp0zu59Fz5aiGtNXaq3DhIov063MorB+VfufLh3JlF2KdTK3xg==", + "dev": true, + "license": "MIT" + }, "node_modules/webidl-conversions": { "version": "3.0.1", "resolved": "https://registry.npmjs.org/webidl-conversions/-/webidl-conversions-3.0.1.tgz", @@ -2280,6 +2942,27 @@ "camelcase": "^5.0.0", "decamelize": "^1.2.0" } + }, + "node_modules/yn": { + "version": "3.1.1", + "resolved": "https://registry.npmjs.org/yn/-/yn-3.1.1.tgz", + "integrity": "sha512-Ux4ygGWsu2c7isFWe8Yu1YluJmqVhxqK2cLXNQA5AcC3QfbGNpM7fu0Y8b/z16pXLnFxZYvWhd3fhBY9DLmC6Q==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=6" + } + }, + "packages/cdk": { + "version": "0.1.0", + "dependencies": { + "aws-cdk-lib": "^2.204.0", + "cdk-nag": "^2.36.36", + "constructs": "^10.4.2" + }, + "devDependencies": { + "aws-cdk": "^2.1020.2" + } } } } diff --git a/package.json b/package.json index dddf3e41..5f06e0bb 100644 --- a/package.json +++ b/package.json @@ -14,10 +14,13 @@ "author": "NHS Digital", "license": "MIT", "workspaces": [ + "packages/cdk", "packages/querytool", "packages/slackbot" ], "devDependencies": { + "ts-node": "^10.9.2", + "typescript": "^5.8.3", "widdershins": "^4.0.1" } } diff --git a/packages/cdk/bin/EpsAssistMeApp.ts b/packages/cdk/bin/EpsAssistMeApp.ts new file mode 100644 index 00000000..917292ca --- /dev/null +++ b/packages/cdk/bin/EpsAssistMeApp.ts @@ -0,0 +1,22 @@ +#!/usr/bin/env node +import * as cdk from 'aws-cdk-lib' +import {EpsAssistMeStack} from '../stacks/epsAssistMeStack' + +const app = new cdk.App() + +/* Required Context: + - stackName + - version + - commit +*/ + +const stackName = app.node.tryGetContext("stackName") +const version = app.node.tryGetContext("VERSION_NUMBER") +const commit = app.node.tryGetContext("COMMIT_ID") + +new EpsAssistMeStack(app, 'EpsAssistMeStack', { + env: {region: "eu-west-2"}, + stackName: stackName, + version: version, + commitId: commit +}) diff --git a/packages/cdk/package.json b/packages/cdk/package.json new file mode 100644 index 00000000..467b5f4a --- /dev/null +++ b/packages/cdk/package.json @@ -0,0 +1,20 @@ +{ + "name": "cdk", + "version": "0.1.0", + "scripts": { + "build": "tsc", + "watch": "tsc -w", + "test": "jest --passWithNoTests", + "cdk": "cdk", + "lint": "eslint --max-warnings 0 --fix --config ../../eslint.config.mjs .", + "check-licenses": "license-checker --failOn GPL --failOn LGPL --start ../.." + }, + "dependencies": { + "aws-cdk-lib": "^2.204.0", + "cdk-nag": "^2.36.36", + "constructs": "^10.4.2" + }, + "devDependencies": { + "aws-cdk": "^2.1020.2" + } +} diff --git a/packages/cdk/stacks/epsAssistMeStack.ts b/packages/cdk/stacks/epsAssistMeStack.ts new file mode 100644 index 00000000..9df1e26d --- /dev/null +++ b/packages/cdk/stacks/epsAssistMeStack.ts @@ -0,0 +1,15 @@ +import {App, Stack, StackProps} from 'aws-cdk-lib' + +export interface EpsAssistMeStackProps extends StackProps { + readonly stackName: string + readonly version: string + readonly commitId: string +} + +export class EpsAssistMeStack extends Stack { + constructor(scope: App, id: string, props: EpsAssistMeStackProps) { + super(scope, id, props) + + console.log('EpsAssistMeStack is being synthesized.') + } +} diff --git a/packages/cdk/tsconfig.json b/packages/cdk/tsconfig.json new file mode 100644 index 00000000..823f1fd7 --- /dev/null +++ b/packages/cdk/tsconfig.json @@ -0,0 +1,31 @@ +{ + "extends": "../../tsconfig.defaults.json", + "compilerOptions": { + "module": "commonjs", + "rootDir": ".", + "outDir": "lib", + "allowImportingTsExtensions": true, + "noEmit": true, + "strict": false, + "lib": [ + "es2020" + ], + "noImplicitAny": true, + "strictNullChecks": true, + "noImplicitThis": true, + "alwaysStrict": true, + "noUnusedLocals": false, + "noUnusedParameters": false, + "noImplicitReturns": true, + "noFallthroughCasesInSwitch": false, + "inlineSources": true, + "experimentalDecorators": true, + "strictPropertyInitialization": false, + "typeRoots": [ + "../../node_modules/@types" + ] + }, + "references": [], + "include": ["src/**/*", "tests/**/*"], + "exclude": ["node_modules", "cdk.out"] +} diff --git a/tsconfig.build.json b/tsconfig.build.json new file mode 100644 index 00000000..2e47db28 --- /dev/null +++ b/tsconfig.build.json @@ -0,0 +1,9 @@ +{ + // The root project has no sources of its own. By setting `files` to an empty + // list, TS won't automatically include all sources below root (the default). + "files": [], + // Building this project will build all of the following: + "references": [ + {"path": "packages/cdk"} + ] +} diff --git a/tsconfig.defaults.json b/tsconfig.defaults.json new file mode 100644 index 00000000..1ab75f9d --- /dev/null +++ b/tsconfig.defaults.json @@ -0,0 +1,18 @@ +{ + "compilerOptions": { + "incremental": true, + "target": "ES2022", + "module": "ES2022", + "declaration": true, + "sourceMap": true, + "composite": true, + "strict": true, + "moduleResolution": "node", + "esModuleInterop": true, + "skipLibCheck": true, + "forceConsistentCasingInFileNames": true, + "preserveConstEnums": true, + "resolveJsonModule": true, + "allowJs": true + } +} diff --git a/tsconfig.json b/tsconfig.json new file mode 100644 index 00000000..ccb2ed95 --- /dev/null +++ b/tsconfig.json @@ -0,0 +1,34 @@ +{ + "compilerOptions": { + "lib": [ + "dom", + "dom.iterable", + "esnext" + ], + "allowJs": true, + "skipLibCheck": true, + "strict": false, + "noEmit": true, + "incremental": true, + "module": "esnext", + "esModuleInterop": true, + "moduleResolution": "node", + "resolveJsonModule": true, + "isolatedModules": true, + "jsx": "preserve", + "plugins": [ + { + "name": "next" + } + ] + }, + "include": [ + "next-env.d.ts", + ".next/types/**/*.ts", + "**/*.ts", + "**/*.tsx" + ], + "exclude": [ + "node_modules" + ] +} From eeab885879d84d6e6925c8de80f6def298fa46cb Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Fri, 11 Jul 2025 17:14:08 +0000 Subject: [PATCH 03/14] Update stack name --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index aa972be5..96a6b0c5 100644 --- a/Makefile +++ b/Makefile @@ -59,7 +59,7 @@ cdk-deploy: guard-stack_name cdk-synth: npx cdk synth \ --app "npx ts-node --prefer-ts-exts packages/cdk/bin/EpsAssistMeApp.ts" \ - --context stackName=eps-am \ + --context stackName=epsam \ --context VERSION_NUMBER=undefined \ --context COMMIT_ID=undefined From 26ba5f8dc38636b9cb4d619323afe9126eb79e56 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Fri, 11 Jul 2025 17:14:58 +0000 Subject: [PATCH 04/14] Add github workflows --- .github/workflows/cdk_package_code.yml | 74 +++++++++ .github/workflows/cdk_release_code.yml | 182 +++++++++++++++++++++ .github/workflows/ci.yml | 123 ++++++++++++++ .github/workflows/create_release_notes.yml | 88 ++++++++++ .github/workflows/pull_request.yml | 23 +++ .github/workflows/release.yml | 153 +++++++++++++++++ 6 files changed, 643 insertions(+) create mode 100644 .github/workflows/cdk_package_code.yml create mode 100644 .github/workflows/cdk_release_code.yml create mode 100644 .github/workflows/ci.yml create mode 100644 .github/workflows/create_release_notes.yml create mode 100644 .github/workflows/release.yml diff --git a/.github/workflows/cdk_package_code.yml b/.github/workflows/cdk_package_code.yml new file mode 100644 index 00000000..4dc0d239 --- /dev/null +++ b/.github/workflows/cdk_package_code.yml @@ -0,0 +1,74 @@ +name: cdk package code + +on: + workflow_call: + inputs: + VERSION_NUMBER: + required: true + type: string + COMMIT_ID: + required: true + type: string + +jobs: + package_code: + runs-on: ubuntu-22.04 + permissions: + id-token: write + contents: read + packages: read + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ env.BRANCH_NAME }} + + # using git commit sha for version of action to ensure we have stable version + - name: Install asdf + uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302 + with: + asdf_branch: v0.14.1 + + - name: Cache asdf + uses: actions/cache@v4 + with: + path: | + ~/.asdf + key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} + restore-keys: | + ${{ runner.os }}-asdf- + + - name: Install asdf dependencies in .tool-versions + uses: asdf-vm/actions/install@1902764435ca0dd2f3388eea723a4f92a4eb8302 + with: + asdf_branch: v0.14.1 + env: + PYTHON_CONFIGURE_OPTS: --enable-shared + + - name: Setting up .npmrc + env: + NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN}" >> ~/.npmrc + echo "@nhsdigital:registry=https://npm.pkg.github.com" >> ~/.npmrc + + - name: make install + run: | + make install + + - name: 'Tar files' + run: | + tar -rf artifact.tar \ + .tool-versions \ + packages \ + node_modules \ + package.json \ + package-lock.json \ + tsconfig.defaults.json \ + cdk.json + + - uses: actions/upload-artifact@v4 + name: upload build artifact + with: + name: build_artifact + path: artifact.tar diff --git a/.github/workflows/cdk_release_code.yml b/.github/workflows/cdk_release_code.yml new file mode 100644 index 00000000..e214b6be --- /dev/null +++ b/.github/workflows/cdk_release_code.yml @@ -0,0 +1,182 @@ +name: cdk release code + +on: + workflow_call: + inputs: + STACK_NAME: + required: true + type: string + TARGET_ENVIRONMENT: + required: true + type: string + VERSION_NUMBER: + required: true + type: string + COMMIT_ID: + required: true + type: string + CDK_APP_NAME: + required: true + type: string + LOG_RETENTION_IN_DAYS: + required: true + type: string + LOG_LEVEL: + required: true + type: string + ENABLE_MUTUAL_TLS: + required: true + type: boolean + MARK_JIRA_RELEASED: + type: boolean + default: false + secrets: + CLOUD_FORMATION_DEPLOY_ROLE: + required: true + CDK_PULL_IMAGE_ROLE: + required: true + DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: + required: false + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: + required: false + REGRESSION_TESTS_PEM: + required: false + +jobs: + release_code: + runs-on: ubuntu-22.04 + environment: ${{ inputs.TARGET_ENVIRONMENT }} + name: deploy cdk app ${{ inputs.CDK_APP_NAME }} + permissions: + id-token: write + contents: write + + steps: + - name: Checkout local github actions + uses: actions/checkout@v4 + with: + ref: ${{ env.BRANCH_NAME }} + fetch-depth: 0 + sparse-checkout: | + .github + + - name: Configure AWS Credentials + id: connect-aws-pull-image + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: eu-west-2 + role-to-assume: ${{ secrets.CDK_PULL_IMAGE_ROLE }} + role-session-name: eps-assist-me-pull-image + + - name: build_artifact download + uses: actions/download-artifact@v4 + with: + name: build_artifact + + - name: extract build_artifact + run: | + mkdir -p .build + tar -xf artifact.tar -C .build + + - name: Retrieve AWS Account ID + id: retrieve-account-id + run: echo "ACCOUNT_ID=$(aws sts get-caller-identity --query Account --output text)" >> "$GITHUB_ENV" + + - name: Login to Amazon ECR + id: login-ecr + run: | + aws ecr get-login-password --region eu-west-2 | docker login --username AWS --password-stdin ${{ env.ACCOUNT_ID }}.dkr.ecr.eu-west-2.amazonaws.com + + - name: Pull cdk-utils-build from Amazon ECR + run: | + docker pull "${{ env.ACCOUNT_ID }}.dkr.ecr.eu-west-2.amazonaws.com/cdk-utils-build-repo:latest" + docker tag "${{ env.ACCOUNT_ID }}.dkr.ecr.eu-west-2.amazonaws.com/cdk-utils-build-repo:latest" cdk-utils-build-repo:latest + + - name: Configure AWS Credentials + id: connect-aws + uses: aws-actions/configure-aws-credentials@v4 + with: + aws-region: eu-west-2 + role-to-assume: ${{ secrets.CLOUD_FORMATION_DEPLOY_ROLE }} + role-session-name: eps-assist-me-deployment + output-credentials: true + + - name: fix cdk.json for deployment + run: | + ./.github/scripts/fix_cdk_json.sh + env: + STACK_NAME: "${{ inputs.STACK_NAME }}" + VERSION_NUMBER: "${{ inputs.VERSION_NUMBER }}" + COMMIT_ID: "${{ inputs.COMMIT_ID }}" + LOG_RETENTION_IN_DAYS: "${{ inputs.LOG_RETENTION_IN_DAYS }}" + LOG_LEVEL: "${{ inputs.LOG_LEVEL }}" + ENABLE_MUTUAL_TLS: "${{ inputs.ENABLE_MUTUAL_TLS }}" + + - name: Show diff + run: | + docker run \ + -v "$(pwd)/.build":/home/cdkuser/workspace/ \ + -e AWS_ACCESS_KEY_ID=${{ steps.connect-aws.outputs.aws-access-key-id }} \ + -e AWS_SECRET_ACCESS_KEY=${{ steps.connect-aws.outputs.aws-secret-access-key }} \ + -e AWS_SESSION_TOKEN=${{ steps.connect-aws.outputs.aws-session-token }} \ + -e AWS_REGION="eu-west-2" \ + -e stack_name="${{ inputs.STACK_NAME }}" \ + -e VERSION_NUMBER="${{ inputs.VERSION_NUMBER}}" \ + -e COMMIT_ID="${{ inputs.COMMIT_ID}}" \ + -e SHOW_DIFF="true" \ + -e DEPLOY_CODE="false" \ + -e CDK_APP_PATH="packages/cdk/bin/EpsAssistMeApp.ts" \ + cdk-utils-build-repo:latest + shell: bash + + - name: Deploy code + run: | + docker run \ + -v "$(pwd)/.build":/home/cdkuser/workspace/ \ + -e AWS_ACCESS_KEY_ID=${{ steps.connect-aws.outputs.aws-access-key-id }} \ + -e AWS_SECRET_ACCESS_KEY=${{ steps.connect-aws.outputs.aws-secret-access-key }} \ + -e AWS_SESSION_TOKEN=${{ steps.connect-aws.outputs.aws-session-token }} \ + -e AWS_REGION="eu-west-2" \ + -e stack_name="${{ inputs.STACK_NAME }}" \ + -e VERSION_NUMBER="${{ inputs.VERSION_NUMBER}}" \ + -e COMMIT_ID="${{ inputs.COMMIT_ID}}" \ + -e SHOW_DIFF="false" \ + -e DEPLOY_CODE="true" \ + -e CDK_APP_PATH="packages/cdk/bin/EpsAssistMeApp.ts" \ + cdk-utils-build-repo:latest + shell: bash + + - name: mark_released_in_jira + uses: ./.github/actions/mark_jira_released + if: ${{ inputs.MARK_JIRA_RELEASED == true && always() && !failure() && !cancelled() }} + with: + RELEASE_TAG: ${{ inputs.VERSION_NUMBER }} + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} + - name: Checkout gh-pages + if: ${{ !startsWith(inputs.STACK_NAME, 'cpt-pr-') }} + uses: actions/checkout@v4 + with: + ref: gh-pages + path: gh-pages + + - name: Checkout gh-pages + if: ${{ !startsWith(inputs.STACK_NAME, 'lambda-resources-pr-') }} + uses: actions/checkout@v4 + with: + ref: gh-pages + path: gh-pages + + - name: Update release tag in github pages + if: ${{ !startsWith(inputs.STACK_NAME, 'epsam-pr-') }} + run: | + cd gh-pages + NOW=$(date +'%Y-%m-%dT%H:%M:%S') + echo "tag,release_datetime" > _data/${{ inputs.TARGET_ENVIRONMENT }}_latest.csv + echo "${{ inputs.VERSION_NUMBER }},${NOW}" >> _data/${{ inputs.TARGET_ENVIRONMENT }}_latest.csv + echo "${{ inputs.VERSION_NUMBER }},${NOW}" >> _data/${{ inputs.TARGET_ENVIRONMENT }}_deployments.csv + git config user.name github-actions + git config user.email github-actions@github.com + git add _data/${{ inputs.TARGET_ENVIRONMENT }}_latest.csv + git add _data/${{ inputs.TARGET_ENVIRONMENT }}_deployments.csv + git commit -m 'update releases for ${{ inputs.TARGET_ENVIRONMENT }}' + parallel --retries 10 --delay 3 ::: "git pull --rebase && git push" diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml new file mode 100644 index 00000000..825f0404 --- /dev/null +++ b/.github/workflows/ci.yml @@ -0,0 +1,123 @@ +name: merge to main workflow + +on: + push: + branches: [main] + +env: + BRANCH_NAME: ${{ github.event.ref.BRANCH_NAME }} + +jobs: + # quality_checks: + # uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.0.5 + # secrets: + # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + + get_commit_id: + runs-on: ubuntu-22.04 + outputs: + commit_id: ${{ steps.commit_id.outputs.commit_id }} + steps: + - name: Get Commit ID + id: commit_id + run: | + echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" + + tag_release: + # needs: quality_checks + runs-on: ubuntu-22.04 + outputs: + version_tag: ${{ steps.output_version_tag.outputs.VERSION_TAG }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ env.BRANCH_NAME }} + fetch-depth: 0 + + # using git commit sha for version of action to ensure we have stable version + - name: Install asdf + uses: asdf-vm/actions/setup@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 + with: + asdf_branch: v0.14.1 + + - name: Cache asdf + uses: actions/cache@v4 + with: + path: | + ~/.asdf + key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} + restore-keys: | + ${{ runner.os }}-asdf- + + - name: Install asdf dependencies in .tool-versions + uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 + with: + asdf_branch: v0.14.1 + env: + PYTHON_CONFIGURE_OPTS: --enable-shared + + - name: Setting up .npmrc + env: + NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN}" >> ~/.npmrc + echo "@nhsdigital:registry=https://npm.pkg.github.com" >> ~/.npmrc + + - name: Install Dependencies + run: make install + + - name: Set VERSION_TAG env var to be short git SHA and get next tag varsion + id: output_version_tag + run: | + VERSION_TAG=$(git rev-parse --short HEAD) + npx semantic-release --dry-run > semantic-release-output.log + NEXT_VERSION=$(grep -i 'The next release version is' semantic-release-output.log | sed -E 's/.* ([[:digit:].]+)$/\1/') + if [ -z "${NEXT_VERSION}" ] + then + echo "Could not get next tag. Here is the log from semantic-release" + cat semantic-release-output.log + exit 1 + fi + tagFormat=$(node -e "const config=require('./release.config.js'); console.log(config.tagFormat)") + if [ "${tagFormat}" = "null" ] + then + tagFormat="v\${version}" + fi + # disabling shellcheck as replace does not work + # shellcheck disable=SC2001 + NEW_VERSION_TAG=$(echo "$tagFormat" | sed "s/\${version}/$NEXT_VERSION/") + echo "## VERSION TAG : ${VERSION_TAG}" >> "$GITHUB_STEP_SUMMARY" + echo "## NEXT TAG WILL BE : ${NEW_VERSION_TAG}" >> "$GITHUB_STEP_SUMMARY" + echo "VERSION_TAG=${VERSION_TAG}" >> "$GITHUB_OUTPUT" + echo "VERSION_TAG=${VERSION_TAG}" >> "$GITHUB_ENV" + env: + GITHUB_TOKEN: ${{ github.token }} + + package_code: + needs: [get_commit_id, tag_release] + uses: ./.github/workflows/cdk_package_code.yml + with: + VERSION_NUMBER: ${{ needs.tag_release.outputs.version_tag }} + COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} + + release_dev: + needs: [get_commit_id, tag_release, package_code] + uses: ./.github/workflows/cdk_release_code.yml + with: + STACK_NAME: epsam + TARGET_ENVIRONMENT: dev + VERSION_NUMBER: ${{ needs.tag_release.outputs.version_tag }} + COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} + CDK_APP_NAME: CptsApiApp + LOG_RETENTION_IN_DAYS: 30 + LOG_LEVEL: DEBUG + ENABLE_MUTUAL_TLS: false + MARK_JIRA_RELEASED: false + secrets: + CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }} + CDK_PULL_IMAGE_ROLE: ${{ secrets.DEV_CDK_PULL_IMAGE_ROLE }} + REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} + DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} + diff --git a/.github/workflows/create_release_notes.yml b/.github/workflows/create_release_notes.yml new file mode 100644 index 00000000..4fe34e18 --- /dev/null +++ b/.github/workflows/create_release_notes.yml @@ -0,0 +1,88 @@ +name: create release notes + +on: + workflow_call: + inputs: + TARGET_ENVIRONMENT: + required: false + type: string + VERSION_NUMBER: + required: true + type: string + CREATE_INT_RELEASE_NOTES: + type: boolean + default: false + CREATE_INT_RC_RELEASE_NOTES: + type: boolean + default: false + CREATE_PROD_RELEASE_NOTES: + type: boolean + default: false + MARK_JIRA_RELEASED: + type: boolean + default: false + secrets: + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: + required: true + DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: + required: true + INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: + required: true + PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: + required: true + +jobs: + create_release_notes: + runs-on: ubuntu-22.04 + environment: ${{ inputs.TARGET_ENVIRONMENT }} + permissions: + id-token: write + contents: write + steps: + - name: Checkout local github actions + uses: actions/checkout@v4 + with: + ref: ${{ env.BRANCH_NAME }} + fetch-depth: 0 + sparse-checkout: | + .github + - name: create_int_rc_release_notes + uses: ./.github/actions/update_confluence_jira + if: ${{ inputs.CREATE_INT_RC_RELEASE_NOTES == true }} + with: + TARGET_ENVIRONMENT: int + RELEASE_TAG: ${{ inputs.VERSION_NUMBER }} + CONFLUENCE_PAGE_ID: "768067994" + CREATE_RC_RELEASE_NOTES: true + DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + TARGET_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} + + - name: create_int_release_notes + uses: ./.github/actions/update_confluence_jira + if: ${{ inputs.CREATE_INT_RELEASE_NOTES == true && always() && !failure() && !cancelled() }} + with: + TARGET_ENVIRONMENT: int + CONFLUENCE_PAGE_ID: "768067990" + CREATE_RC_RELEASE_NOTES: false + DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + TARGET_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} + + - name: create_prod_release_notes + uses: ./.github/actions/update_confluence_jira + if: ${{ inputs.CREATE_PROD_RELEASE_NOTES == true && always() && !failure() && !cancelled() }} + with: + TARGET_ENVIRONMENT: prod + CONFLUENCE_PAGE_ID: "768067992" + CREATE_RC_RELEASE_NOTES: false + DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + TARGET_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} + + - name: mark_released_in_jira + uses: ./.github/actions/mark_jira_released + if: ${{ inputs.MARK_JIRA_RELEASED == true && always() && !failure() && !cancelled() }} + with: + RELEASE_TAG: ${{ inputs.VERSION_NUMBER }} + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 349bce93..0298d316 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -52,3 +52,26 @@ jobs: id: commit_id run: | echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" + package_code: + needs: [get_issue_number, get_commit_id] + uses: ./.github/workflows/cdk_package_code.yml + with: + VERSION_NUMBER: PR-${{ needs.get_issue_number.outputs.issue_number }} + COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} + + release_code: + needs: [get_issue_number, package_code, get_commit_id] + uses: ./.github/workflows/cdk_release_code.yml + with: + STACK_NAME: epsam-pr-${{needs.get_issue_number.outputs.issue_number}} + TARGET_ENVIRONMENT: dev-pr + VERSION_NUMBER: PR-${{ needs.get_issue_number.outputs.issue_number }} + COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} + CDK_APP_NAME: EpsAssistMeApp + LOG_RETENTION_IN_DAYS: 30 + LOG_LEVEL: DEBUG + ENABLE_MUTUAL_TLS: false + + secrets: + CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }} + CDK_PULL_IMAGE_ROLE: ${{ secrets.DEV_CDK_PULL_IMAGE_ROLE }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml new file mode 100644 index 00000000..4843a58b --- /dev/null +++ b/.github/workflows/release.yml @@ -0,0 +1,153 @@ +name: deploy to environments + +on: + workflow_dispatch: + +env: + BRANCH_NAME: ${{ github.event.ref.BRANCH_NAME }} + +jobs: + # quality_checks: + # uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v4.0.5 + # secrets: + # SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + + get_commit_id: + runs-on: ubuntu-22.04 + outputs: + commit_id: ${{ steps.commit_id.outputs.commit_id }} + steps: + - name: Get Commit ID + id: commit_id + run: | + echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" + + tag_release: + # needs: quality_checks + runs-on: ubuntu-22.04 + outputs: + version_tag: ${{ steps.output_version_tag.outputs.VERSION_TAG }} + steps: + - name: Checkout code + uses: actions/checkout@v4 + with: + ref: ${{ env.BRANCH_NAME }} + fetch-depth: 0 + + # using git commit sha for version of action to ensure we have stable version + - name: Install asdf + uses: asdf-vm/actions/setup@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 + with: + asdf_branch: v0.14.1 + + - name: Cache asdf + uses: actions/cache@v4 + with: + path: | + ~/.asdf + key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} + restore-keys: | + ${{ runner.os }}-asdf- + + - name: Install asdf dependencies in .tool-versions + uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6 + with: + asdf_branch: v0.14.1 + env: + PYTHON_CONFIGURE_OPTS: --enable-shared + + - name: Setting up .npmrc + env: + NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + echo "//npm.pkg.github.com/:_authToken=${NODE_AUTH_TOKEN}" >> ~/.npmrc + echo "@nhsdigital:registry=https://npm.pkg.github.com" >> ~/.npmrc + + - name: Install dependencies + run: | + make install + + - name: Set VERSION_TAG to be next tag varsion + id: output_version_tag + run: | + NEXT_VERSION=$(npx semantic-release --dry-run | grep -i 'The next release version is' | sed -E 's/.* ([[:digit:].]+)$/\1/') + tagFormat=$(node -e "const config=require('./release.config.js'); console.log(config.tagFormat)") + if [ "${tagFormat}" = "null" ] + then + tagFormat="v\${version}" + fi + # disabling shellcheck as replace does not work + # shellcheck disable=SC2001 + VERSION_TAG=$(echo "$tagFormat" | sed "s/\${version}/$NEXT_VERSION/") + echo "## VERSION TAG : ${VERSION_TAG}" >> "$GITHUB_STEP_SUMMARY" + echo "VERSION_TAG=${VERSION_TAG}" >> "$GITHUB_OUTPUT" + echo "VERSION_TAG=${VERSION_TAG}" >> "$GITHUB_ENV" + env: + GITHUB_TOKEN: ${{ github.token }} + + - name: tag release + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + run: | + npx semantic-release + + - name: Get release for editing + id: get_release + # version 1.2.4 + uses: cardinalby/git-get-release-action@5172c3a026600b1d459b117738c605fabc9e4e44 + env: + GITHUB_TOKEN: ${{ github.token }} + with: + tag: ${{ env.VERSION_TAG }} + + - name: Edit Release + # version 1.2.0 + uses: irongut/EditRelease@ccf529ad26dddf9996e7dd0f24ca5da4ea507cc2 + with: + token: ${{ secrets.GITHUB_TOKEN }} + id: ${{ steps.get_release.outputs.id }} + body: | + ## Info + [See code diff](${{ github.event.compare }}) + [Release workflow run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) + + It was initialized by [${{ github.event.sender.login }}](${{ github.event.sender.html_url }}) + + package_code: + needs: [get_commit_id, tag_release] + uses: ./.github/workflows/cdk_package_code.yml + with: + VERSION_NUMBER: ${{ needs.tag_release.outputs.version_tag }} + COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} + + release_dev: + needs: [get_commit_id, tag_release, package_code] + uses: ./.github/workflows/cdk_release_code.yml + with: + STACK_NAME: epsam + TARGET_ENVIRONMENT: dev + VERSION_NUMBER: ${{ needs.tag_release.outputs.version_tag }} + COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} + CDK_APP_NAME: EpsAssistMeApp + LOG_RETENTION_IN_DAYS: 30 + LOG_LEVEL: DEBUG + ENABLE_MUTUAL_TLS: false + secrets: + CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }} + CDK_PULL_IMAGE_ROLE: ${{ secrets.DEV_CDK_PULL_IMAGE_ROLE }} + REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} + + create_release_notes: + needs: [tag_release, package_code, get_commit_id, release_dev] + uses: ./.github/workflows/create_release_notes.yml + with: + VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}} + CREATE_INT_RELEASE_NOTES: true + CREATE_INT_RC_RELEASE_NOTES: false + CREATE_PROD_RELEASE_NOTES: true + MARK_JIRA_RELEASED: false + secrets: + DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} + DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }} + PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }} From 162f2fc2b56939fd4839368a8032d383ae77a229 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Fri, 11 Jul 2025 18:04:33 +0000 Subject: [PATCH 05/14] Add github scripts --- .github/scripts/create_env_release_notes.sh | 18 +++++ .github/scripts/delete_stacks.sh | 83 +++++++++++++++++++++ .github/scripts/fix_cdk_json.sh | 53 +++++++++++++ .github/scripts/get_current_dev_tag | 5 ++ .github/scripts/get_target_deployed_tag.sh | 5 ++ 5 files changed, 164 insertions(+) create mode 100755 .github/scripts/create_env_release_notes.sh create mode 100755 .github/scripts/delete_stacks.sh create mode 100755 .github/scripts/fix_cdk_json.sh create mode 100644 .github/scripts/get_current_dev_tag create mode 100755 .github/scripts/get_target_deployed_tag.sh diff --git a/.github/scripts/create_env_release_notes.sh b/.github/scripts/create_env_release_notes.sh new file mode 100755 index 00000000..2561e598 --- /dev/null +++ b/.github/scripts/create_env_release_notes.sh @@ -0,0 +1,18 @@ +#!/usr/bin/env bash + +cat < payload.json +{ + "currentTag": "$CURRENT_DEPLOYED_TAG", + "targetTag": "$DEV_TAG", + "repoName": "eps-assist-me", + "targetEnvironment": "$ENV", + "productName": "EPS Assist Me", + "releaseNotesPageId": "$PAGE_ID", + "releaseNotesPageTitle": "Current EPSAM release notes - $ENV" +} +EOF +cat payload.json + +function_arn=$(aws cloudformation list-exports --query "Exports[?Name=='release-notes:CreateReleaseNotesLambdaArn'].Value" --output text) +aws lambda invoke --function-name "${function_arn}" --cli-binary-format raw-in-base64-out --payload file://payload.json out.txt +cat out.txt diff --git a/.github/scripts/delete_stacks.sh b/.github/scripts/delete_stacks.sh new file mode 100755 index 00000000..ebd941cb --- /dev/null +++ b/.github/scripts/delete_stacks.sh @@ -0,0 +1,83 @@ +#!/usr/bin/env bash + +# generic script for removing cloudformation stacks and proxygen deployed apis where the pull request is closed + +# set the repo name to be the name of the repo this is running in +REPO_NAME=eps-assist-me + +# this should be a regex used in jq command that parses the output from aws cloudformation list-stacks and just captures stacks we are interested in +CAPTURE_REGEX="^epsam-pr-(\\d+)(-sandbox)?$" + +# this should be a regex that is used to get the pull request id from the cloud formation stack name +# this is used in a replace command to replace the stack name so what is left is just the pull request id +PULL_REQUEST_STACK_REGEX=epsam-pr- + +CNAME_QUERY=epsam-pr- + +main() { + delete_cloudformation_stacks + delete_cname_records +} + +delete_cloudformation_stacks() { + echo "checking cloudformation stacks" + echo + ACTIVE_STACKS=$(aws cloudformation list-stacks | jq -r --arg CAPTURE_REGEX "${CAPTURE_REGEX}" '.StackSummaries[] | select ( .StackStatus != "DELETE_COMPLETE" ) | select( .StackName | capture($CAPTURE_REGEX) ) | .StackName ') + + mapfile -t ACTIVE_STACKS_ARRAY <<< "$ACTIVE_STACKS" + + for i in "${ACTIVE_STACKS_ARRAY[@]}" + do + echo "Checking if stack $i has open pull request" + PULL_REQUEST=${i//${PULL_REQUEST_STACK_REGEX}/} + PULL_REQUEST=${PULL_REQUEST//-sandbox/} + echo "Checking pull request id ${PULL_REQUEST}" + URL="https://api.github.com/repos/NHSDigital/${REPO_NAME}/pulls/${PULL_REQUEST}" + RESPONSE=$(curl "${URL}" 2>/dev/null) + STATE=$(echo "${RESPONSE}" | jq -r .state) + if [ "$STATE" == "closed" ]; then + echo "** going to delete stack $i as state is ${STATE} **" + aws cloudformation delete-stack --stack-name "${i}" + echo "** Sleeping for 60 seconds to avoid 429 on delete stack **" + sleep 60 + else + echo "not going to delete stack $i as state is ${STATE}" + fi + done +} + +delete_cname_records() { + HOSTED_ZONE_ID=$(aws route53 list-hosted-zones-by-name --dns-name dev.eps.national.nhs.uk. | jq -r ".HostedZones[0] | .Id") + CNAME_RECORDS=$(aws route53 list-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" \ + --query "ResourceRecordSets[?Type == 'CNAME' && contains(Name, '${CNAME_QUERY}')]" \ + | jq -r " .[] | .Name") + + mapfile -t CNAME_RECORDS_ARRAY <<< "$CNAME_RECORDS" + + for i in "${CNAME_RECORDS_ARRAY[@]}" + do + echo "Checking if CNAME record $i has open pull request" + + PULL_REQUEST=$(echo "$i" | grep -Po '(?<=-pr-)\d+') + echo "Checking pull request id ${PULL_REQUEST}" + URL="https://api.github.com/repos/NHSDigital/${REPO_NAME}/pulls/${PULL_REQUEST}" + RESPONSE=$(curl --url "${URL}" --header "Authorization: Bearer ${GITHUB_TOKEN}" 2>/dev/null) + STATE=$(echo "${RESPONSE}" | jq -r .state) + if [ "$STATE" == "closed" ]; then + echo "** going to delete CNAME record $i as state is ${STATE} **" + record_set=$(aws route53 list-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" \ + --query "ResourceRecordSets[?Name == '$i']" --output json | jq .[0]) + + jq -n --argjson record_set "${record_set}" \ + '{Changes: [{Action: "DELETE", ResourceRecordSet: $record_set}]}' > /tmp/payload.json + + aws route53 change-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" --change-batch file:///tmp/payload.json + + echo "CNAME record $i deleted" + else + echo "not going to delete CNAME record $i as state is ${STATE} **" + fi + done +} + +main diff --git a/.github/scripts/fix_cdk_json.sh b/.github/scripts/fix_cdk_json.sh new file mode 100755 index 00000000..189b9c68 --- /dev/null +++ b/.github/scripts/fix_cdk_json.sh @@ -0,0 +1,53 @@ +#!/usr/bin/env bash +set -e + +# script used to set context key values in cdk.json pre deployment from environment variables + +# helper function to set string values +fix_string_key() { + KEY_NAME=$1 + KEY_VALUE=$2 + if [ -z "${KEY_VALUE}" ]; then + echo "${KEY_NAME} value is unset or set to the empty string" + exit 1 + fi + echo "Setting ${KEY_NAME}" + jq \ + --arg key_value "${KEY_VALUE}" \ + --arg key_name "${KEY_NAME}" \ + '.context += {($key_name): $key_value}' .build/cdk.json > .build/cdk.new.json + mv .build/cdk.new.json .build/cdk.json +} + +# helper function to set boolean and number values (without quotes) +fix_boolean_number_key() { + KEY_NAME=$1 + KEY_VALUE=$2 + if [ -z "${KEY_VALUE}" ]; then + echo "${KEY_NAME} value is unset or set to the empty string" + exit 1 + fi + echo "Setting ${KEY_NAME}" + jq \ + --argjson key_value "${KEY_VALUE}" \ + --arg key_name "${KEY_NAME}" \ + '.context += {($key_name): $key_value}' .build/cdk.json > .build/cdk.new.json + mv .build/cdk.new.json .build/cdk.json +} + +# get some values from AWS +TRUSTSTORE_BUCKET_ARN=$(aws cloudformation describe-stacks --stack-name account-resources --query "Stacks[0].Outputs[?OutputKey=='TrustStoreBucket'].OutputValue" --output text) +TRUSTSTORE_BUCKET_NAME=$(echo "${TRUSTSTORE_BUCKET_ARN}" | cut -d ":" -f 6) +TRUSTSTORE_VERSION=$(aws s3api list-object-versions --bucket "${TRUSTSTORE_BUCKET_NAME}" --prefix "${TRUSTSTORE_FILE}" --query 'Versions[?IsLatest].[VersionId]' --output text) + +# go through all the key values we need to set +fix_string_key accountId "${ACCOUNT_ID}" +fix_string_key stackName "${STACK_NAME}" +fix_string_key versionNumber "${VERSION_NUMBER}" +fix_string_key commitId "${COMMIT_ID}" +fix_string_key logRetentionInDays "${LOG_RETENTION_IN_DAYS}" +fix_string_key logLevel "${LOG_LEVEL}" +fix_string_key targetSpineServer "${TARGET_SPINE_SERVER}" +fix_boolean_number_key enableMutualTls "${ENABLE_MUTUAL_TLS}" +fix_string_key trustStoreFile "${TRUSTSTORE_FILE}" +fix_string_key trustStoreVersion "${TRUSTSTORE_VERSION}" diff --git a/.github/scripts/get_current_dev_tag b/.github/scripts/get_current_dev_tag new file mode 100644 index 00000000..303fedbf --- /dev/null +++ b/.github/scripts/get_current_dev_tag @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +dev_tag=$(aws cloudformation describe-stacks --stack-name cpt --query "Stacks[0].Tags[?Key=='version'].Value" --output text) + +echo "DEV_TAG=${dev_tag}" >> "$GITHUB_ENV" diff --git a/.github/scripts/get_target_deployed_tag.sh b/.github/scripts/get_target_deployed_tag.sh new file mode 100755 index 00000000..80ebe2db --- /dev/null +++ b/.github/scripts/get_target_deployed_tag.sh @@ -0,0 +1,5 @@ +#!/usr/bin/env bash + +current_deployed_tag=$(aws cloudformation describe-stacks --stack-name epsam --query "Stacks[0].Tags[?Key=='version'].Value" --output text) + +echo "CURRENT_DEPLOYED_TAG=${current_deployed_tag}" >> "$GITHUB_ENV" From 6fd63413ad2fd5117874635a6c9d977bd321fe67 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Fri, 11 Jul 2025 18:21:39 +0000 Subject: [PATCH 06/14] Update key values to fix --- .github/scripts/fix_cdk_json.sh | 9 --------- .github/workflows/cdk_release_code.yml | 4 ---- .github/workflows/ci.yml | 1 - .github/workflows/pull_request.yml | 1 - .github/workflows/release.yml | 1 - 5 files changed, 16 deletions(-) diff --git a/.github/scripts/fix_cdk_json.sh b/.github/scripts/fix_cdk_json.sh index 189b9c68..417270b4 100755 --- a/.github/scripts/fix_cdk_json.sh +++ b/.github/scripts/fix_cdk_json.sh @@ -35,11 +35,6 @@ fix_boolean_number_key() { mv .build/cdk.new.json .build/cdk.json } -# get some values from AWS -TRUSTSTORE_BUCKET_ARN=$(aws cloudformation describe-stacks --stack-name account-resources --query "Stacks[0].Outputs[?OutputKey=='TrustStoreBucket'].OutputValue" --output text) -TRUSTSTORE_BUCKET_NAME=$(echo "${TRUSTSTORE_BUCKET_ARN}" | cut -d ":" -f 6) -TRUSTSTORE_VERSION=$(aws s3api list-object-versions --bucket "${TRUSTSTORE_BUCKET_NAME}" --prefix "${TRUSTSTORE_FILE}" --query 'Versions[?IsLatest].[VersionId]' --output text) - # go through all the key values we need to set fix_string_key accountId "${ACCOUNT_ID}" fix_string_key stackName "${STACK_NAME}" @@ -47,7 +42,3 @@ fix_string_key versionNumber "${VERSION_NUMBER}" fix_string_key commitId "${COMMIT_ID}" fix_string_key logRetentionInDays "${LOG_RETENTION_IN_DAYS}" fix_string_key logLevel "${LOG_LEVEL}" -fix_string_key targetSpineServer "${TARGET_SPINE_SERVER}" -fix_boolean_number_key enableMutualTls "${ENABLE_MUTUAL_TLS}" -fix_string_key trustStoreFile "${TRUSTSTORE_FILE}" -fix_string_key trustStoreVersion "${TRUSTSTORE_VERSION}" diff --git a/.github/workflows/cdk_release_code.yml b/.github/workflows/cdk_release_code.yml index e214b6be..f81ef88d 100644 --- a/.github/workflows/cdk_release_code.yml +++ b/.github/workflows/cdk_release_code.yml @@ -24,9 +24,6 @@ on: LOG_LEVEL: required: true type: string - ENABLE_MUTUAL_TLS: - required: true - type: boolean MARK_JIRA_RELEASED: type: boolean default: false @@ -110,7 +107,6 @@ jobs: COMMIT_ID: "${{ inputs.COMMIT_ID }}" LOG_RETENTION_IN_DAYS: "${{ inputs.LOG_RETENTION_IN_DAYS }}" LOG_LEVEL: "${{ inputs.LOG_LEVEL }}" - ENABLE_MUTUAL_TLS: "${{ inputs.ENABLE_MUTUAL_TLS }}" - name: Show diff run: | diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 825f0404..63641ea9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -112,7 +112,6 @@ jobs: CDK_APP_NAME: CptsApiApp LOG_RETENTION_IN_DAYS: 30 LOG_LEVEL: DEBUG - ENABLE_MUTUAL_TLS: false MARK_JIRA_RELEASED: false secrets: CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }} diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index 0298d316..8874b865 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -70,7 +70,6 @@ jobs: CDK_APP_NAME: EpsAssistMeApp LOG_RETENTION_IN_DAYS: 30 LOG_LEVEL: DEBUG - ENABLE_MUTUAL_TLS: false secrets: CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }} diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 4843a58b..94702275 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -131,7 +131,6 @@ jobs: CDK_APP_NAME: EpsAssistMeApp LOG_RETENTION_IN_DAYS: 30 LOG_LEVEL: DEBUG - ENABLE_MUTUAL_TLS: false secrets: CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }} CDK_PULL_IMAGE_ROLE: ${{ secrets.DEV_CDK_PULL_IMAGE_ROLE }} From ba8b33b4376971dfef0d13a63b6fd0fa47594db5 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Sun, 13 Jul 2025 10:29:41 +0000 Subject: [PATCH 07/14] Update confluence page id --- .github/workflows/create_release_notes.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/create_release_notes.yml b/.github/workflows/create_release_notes.yml index 4fe34e18..0a71573c 100644 --- a/.github/workflows/create_release_notes.yml +++ b/.github/workflows/create_release_notes.yml @@ -52,7 +52,7 @@ jobs: with: TARGET_ENVIRONMENT: int RELEASE_TAG: ${{ inputs.VERSION_NUMBER }} - CONFLUENCE_PAGE_ID: "768067994" + CONFLUENCE_PAGE_ID: "1128205588" CREATE_RC_RELEASE_NOTES: true DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }} TARGET_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }} @@ -63,7 +63,7 @@ jobs: if: ${{ inputs.CREATE_INT_RELEASE_NOTES == true && always() && !failure() && !cancelled() }} with: TARGET_ENVIRONMENT: int - CONFLUENCE_PAGE_ID: "768067990" + CONFLUENCE_PAGE_ID: "1128205584" CREATE_RC_RELEASE_NOTES: false DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }} TARGET_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }} @@ -74,7 +74,7 @@ jobs: if: ${{ inputs.CREATE_PROD_RELEASE_NOTES == true && always() && !failure() && !cancelled() }} with: TARGET_ENVIRONMENT: prod - CONFLUENCE_PAGE_ID: "768067992" + CONFLUENCE_PAGE_ID: "1128205586" CREATE_RC_RELEASE_NOTES: false DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }} TARGET_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }} From 5b8cd89373a6ea953e935c552cad422a40cf35a3 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Sun, 13 Jul 2025 10:46:15 +0000 Subject: [PATCH 08/14] Update checkout gh-pages step --- .github/workflows/cdk_release_code.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/cdk_release_code.yml b/.github/workflows/cdk_release_code.yml index f81ef88d..e4782a67 100644 --- a/.github/workflows/cdk_release_code.yml +++ b/.github/workflows/cdk_release_code.yml @@ -149,7 +149,7 @@ jobs: RELEASE_TAG: ${{ inputs.VERSION_NUMBER }} DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} - name: Checkout gh-pages - if: ${{ !startsWith(inputs.STACK_NAME, 'cpt-pr-') }} + if: ${{ !startsWith(inputs.STACK_NAME, 'epsam-pr-') }} uses: actions/checkout@v4 with: ref: gh-pages From 5c9e1e2de1dc015bb925bdbfa64be64cef2ce9b1 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Sun, 13 Jul 2025 10:48:21 +0000 Subject: [PATCH 09/14] Update release notes page title --- .github/scripts/create_env_release_notes.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/scripts/create_env_release_notes.sh b/.github/scripts/create_env_release_notes.sh index 2561e598..1b1b3296 100755 --- a/.github/scripts/create_env_release_notes.sh +++ b/.github/scripts/create_env_release_notes.sh @@ -8,7 +8,7 @@ cat < payload.json "targetEnvironment": "$ENV", "productName": "EPS Assist Me", "releaseNotesPageId": "$PAGE_ID", - "releaseNotesPageTitle": "Current EPSAM release notes - $ENV" + "releaseNotesPageTitle": "Current EPS Assist Me release notes - $ENV" } EOF cat payload.json From 3e8f348d2057ff27afcc7c551a50a604e35abf7a Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Sun, 13 Jul 2025 11:17:12 +0000 Subject: [PATCH 10/14] Add an empty line --- .github/workflows/cdk_release_code.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/cdk_release_code.yml b/.github/workflows/cdk_release_code.yml index e4782a67..76a1c434 100644 --- a/.github/workflows/cdk_release_code.yml +++ b/.github/workflows/cdk_release_code.yml @@ -148,6 +148,7 @@ jobs: with: RELEASE_TAG: ${{ inputs.VERSION_NUMBER }} DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} + - name: Checkout gh-pages if: ${{ !startsWith(inputs.STACK_NAME, 'epsam-pr-') }} uses: actions/checkout@v4 From b6a1d7020a65815bb5c2eb09498a4505370b0166 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Sun, 13 Jul 2025 17:23:05 +0000 Subject: [PATCH 11/14] Add jest config files --- jest.default.config.ts | 35 +++++++++++++++++++++++++++++++ packages/cdk/jest.config.ts | 9 ++++++++ packages/cdk/jest.debug.config.ts | 9 ++++++++ 3 files changed, 53 insertions(+) create mode 100644 jest.default.config.ts create mode 100644 packages/cdk/jest.config.ts create mode 100644 packages/cdk/jest.debug.config.ts diff --git a/jest.default.config.ts b/jest.default.config.ts new file mode 100644 index 00000000..3e9abbcb --- /dev/null +++ b/jest.default.config.ts @@ -0,0 +1,35 @@ +/* + * For a detailed explanation regarding each configuration property and type check, visit: + * https://jestjs.io/docs/configuration + */ + +import type {JestConfigWithTsJest} from "ts-jest" + +const esModules = ["@middy"].join("|") +const jestConfig: JestConfigWithTsJest = { + preset: "ts-jest/presets/default-esm", + moduleFileExtensions: ["js", "json", "ts", "d.ts"], + moduleNameMapper: { + "^(\\.{1,2}/.*)\\.js$": "$1" + }, + transform: { + "^.+\\.ts?$": [ + "ts-jest", + { + useESM: true, + tsconfig: "./tsconfig.json" + } + ] + }, + clearMocks: true, + collectCoverage: true, + coverageDirectory: "coverage", + coverageProvider: "v8", + testMatch: ["**/tests/*.test.ts"], + testEnvironment: "node", + extensionsToTreatAsEsm: [".ts"], + verbose: true, + transformIgnorePatterns: [`node_modules/(?!${esModules})`] +} + +export default jestConfig diff --git a/packages/cdk/jest.config.ts b/packages/cdk/jest.config.ts new file mode 100644 index 00000000..fb4d05f2 --- /dev/null +++ b/packages/cdk/jest.config.ts @@ -0,0 +1,9 @@ +import type {JestConfigWithTsJest} from "ts-jest" +import defaultConfig from "../../jest.default.config" + +const jestConfig: JestConfigWithTsJest = { + ...defaultConfig, + "rootDir": "./" +} + +export default jestConfig diff --git a/packages/cdk/jest.debug.config.ts b/packages/cdk/jest.debug.config.ts new file mode 100644 index 00000000..a3062738 --- /dev/null +++ b/packages/cdk/jest.debug.config.ts @@ -0,0 +1,9 @@ +import config from "./jest.config" +import type {JestConfigWithTsJest} from "ts-jest" + +const debugConfig: JestConfigWithTsJest = { + ...config, + "preset": "ts-jest" +} + +export default debugConfig From 860f89de97df0493e2a87bc5073ab1ea0590a7c7 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Sun, 13 Jul 2025 18:29:35 +0000 Subject: [PATCH 12/14] Add eslint config file --- eslint.config.mjs | 127 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 127 insertions(+) create mode 100644 eslint.config.mjs diff --git a/eslint.config.mjs b/eslint.config.mjs new file mode 100644 index 00000000..d38407fa --- /dev/null +++ b/eslint.config.mjs @@ -0,0 +1,127 @@ +import globals from "globals"; +import tsParser from "@typescript-eslint/parser"; +import tsPlugin from "@typescript-eslint/eslint-plugin"; +import eslintJsPlugin from "@eslint/js"; +import importNewlines from "eslint-plugin-import-newlines"; + +const commonConfig = { + plugins: { + "@typescript-eslint": tsPlugin, + "import-newlines": importNewlines, + }, + rules: { + ...tsPlugin.configs.recommended.rules, + "@typescript-eslint/array-type": [ + "error", + { + default: "generic", + }, + ], + + "@typescript-eslint/consistent-type-assertions": [ + "error", + { + assertionStyle: "as", + objectLiteralTypeAssertions: "never", + }, + ], + + "block-spacing": "error", + "brace-style": ["error", "1tbs"], + "comma-dangle": ["error", "never"], + + "comma-spacing": [ + "error", + { + before: false, + after: true, + }, + ], + + "dot-location": ["error", "property"], + "eol-last": ["error", "always"], + eqeqeq: "error", + "func-call-spacing": "error", + + "func-style": [ + "error", + "declaration", + { + allowArrowFunctions: true, + }, + ], + + "import-newlines/enforce": [ + "error", + { + items: 3, + "max-len": 120, + semi: false, + }, + ], + + indent: [ + "error", + 2, + { + SwitchCase: 1, + }, + ], + + "max-len": ["error", 120], + "no-multi-spaces": "error", + + "no-multiple-empty-lines": [ + "error", + { + max: 1, + }, + ], + + "no-trailing-spaces": "error", + "object-curly-spacing": ["error", "never"], + + quotes: [ + "error", + "double", + { + allowTemplateLiterals: true, + avoidEscape: true, + }, + ], + + semi: ["error", "never"], + }, +}; + +export default [ + { + ignores: ["**/lib/*", "**/coverage/*"], + }, + { + rules: eslintJsPlugin.configs.recommended.rules, + }, + { + files: ["**/*.ts"], + + languageOptions: { + parser: tsParser, + globals: { + ...globals.node, + }, + }, + ...commonConfig, + }, + { + files: ["**/tests/**/*.ts"], + + languageOptions: { + parser: tsParser, + globals: { + ...globals.jest, + ...globals.node, + }, + }, + ...commonConfig, + }, +]; From 7f1ac15d78ccada5d0d613464eddad886ed60820 Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Sun, 13 Jul 2025 18:57:32 +0000 Subject: [PATCH 13/14] Capitalise stack name --- packages/cdk/stacks/{epsAssistMeStack.ts => EpsAssistMeStack.ts} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename packages/cdk/stacks/{epsAssistMeStack.ts => EpsAssistMeStack.ts} (100%) diff --git a/packages/cdk/stacks/epsAssistMeStack.ts b/packages/cdk/stacks/EpsAssistMeStack.ts similarity index 100% rename from packages/cdk/stacks/epsAssistMeStack.ts rename to packages/cdk/stacks/EpsAssistMeStack.ts From e253d482c0259b43256b05c666ade9e1333dcb6e Mon Sep 17 00:00:00 2001 From: Kris Szlapa Date: Sun, 13 Jul 2025 19:16:32 +0000 Subject: [PATCH 14/14] Updated stack import --- packages/cdk/bin/EpsAssistMeApp.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/packages/cdk/bin/EpsAssistMeApp.ts b/packages/cdk/bin/EpsAssistMeApp.ts index 917292ca..3119b58b 100644 --- a/packages/cdk/bin/EpsAssistMeApp.ts +++ b/packages/cdk/bin/EpsAssistMeApp.ts @@ -1,6 +1,6 @@ #!/usr/bin/env node import * as cdk from 'aws-cdk-lib' -import {EpsAssistMeStack} from '../stacks/epsAssistMeStack' +import {EpsAssistMeStack} from '../stacks/EpsAssistMeStack' const app = new cdk.App()