deploy to environments #39
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy to environments | |
| on: | |
| workflow_dispatch: | |
| env: | |
| BRANCH_NAME: ${{ github.event.ref.BRANCH_NAME }} | |
| jobs: | |
| quality_checks: | |
| uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/[email protected] | |
| secrets: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| get_commit_id: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| commit_id: ${{ steps.commit_id.outputs.commit_id }} | |
| steps: | |
| - name: Get Commit ID | |
| id: commit_id | |
| run: | | |
| echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" | |
| tag_release: | |
| needs: quality_checks | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| version_tag: ${{ steps.output_version_tag.outputs.VERSION_TAG }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v5 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| fetch-depth: 0 | |
| # using git commit sha for version of action to ensure we have stable version | |
| - name: Install asdf | |
| uses: asdf-vm/actions/setup@1902764435ca0dd2f3388eea723a4f92a4eb8302 | |
| with: | |
| asdf_branch: v0.14.1 | |
| - name: Cache asdf | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/.asdf | |
| key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} | |
| restore-keys: | | |
| ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} | |
| - name: Install asdf dependencies in .tool-versions | |
| uses: asdf-vm/actions/install@1902764435ca0dd2f3388eea723a4f92a4eb8302 | |
| with: | |
| asdf_branch: v0.14.1 | |
| env: | |
| PYTHON_CONFIGURE_OPTS: --enable-shared | |
| - name: Install dependencies | |
| run: | | |
| make install | |
| - name: Set VERSION_TAG to be next tag varsion | |
| id: output_version_tag | |
| run: | | |
| NEXT_VERSION=$(npx semantic-release --dry-run | grep -i 'The next release version is' | sed -E 's/.* ([[:digit:].]+)$/\1/') | |
| tagFormat=$(node -e "const config=require('./release.config.js'); console.log(config.tagFormat)") | |
| if [ "${tagFormat}" = "null" ] | |
| then | |
| tagFormat="v\${version}" | |
| fi | |
| # disabling shellcheck as replace does not work | |
| # shellcheck disable=SC2001 | |
| VERSION_TAG=$(echo "$tagFormat" | sed "s/\${version}/$NEXT_VERSION/") | |
| echo "## VERSION TAG : ${VERSION_TAG}" >> "$GITHUB_STEP_SUMMARY" | |
| echo "VERSION_TAG=${VERSION_TAG}" >> "$GITHUB_OUTPUT" | |
| echo "VERSION_TAG=${VERSION_TAG}" >> "$GITHUB_ENV" | |
| env: | |
| GITHUB_TOKEN: ${{ github.token }} | |
| - name: tag release | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| npx semantic-release | |
| - name: Get release for editing | |
| id: get_release | |
| # version 1.2.4 | |
| uses: cardinalby/git-get-release-action@5172c3a026600b1d459b117738c605fabc9e4e44 | |
| env: | |
| GITHUB_TOKEN: ${{ github.token }} | |
| with: | |
| tag: ${{ env.VERSION_TAG }} | |
| - name: Edit Release | |
| # version 1.2.0 | |
| uses: irongut/EditRelease@ccf529ad26dddf9996e7dd0f24ca5da4ea507cc2 | |
| with: | |
| token: ${{ secrets.GITHUB_TOKEN }} | |
| id: ${{ steps.get_release.outputs.id }} | |
| body: | | |
| ## Info | |
| [See code diff](${{ github.event.compare }}) | |
| [Release workflow run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) | |
| It was initialized by [${{ github.event.sender.login }}](${{ github.event.sender.html_url }}) | |
| package_code: | |
| needs: [tag_release, get_commit_id] | |
| uses: ./.github/workflows/cdk_package_code.yml | |
| with: | |
| VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}} | |
| COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}} | |
| release_dev: | |
| needs: [tag_release, package_code, get_commit_id] | |
| uses: ./.github/workflows/release_all_stacks.yml | |
| with: | |
| SERVICE_NAME: cpt-ui | |
| TARGET_ENVIRONMENT: dev | |
| VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}} | |
| COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}} | |
| useMockOidc: true | |
| primaryOidcIssuer: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare" | |
| primaryOidcAuthorizeEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/authorize" | |
| primaryOidcTokenEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/access_token" | |
| primaryOidcUserInfoEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/userinfo" | |
| primaryOidcjwksEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/connect/jwk_uri" | |
| mockOidcIssuer: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev" | |
| mockOidcAuthorizeEndpoint: "https://internal-dev.api.service.nhs.uk/oauth2-mock/authorize" | |
| mockOidcTokenEndpoint: "https://internal-dev.api.service.nhs.uk/oauth2-mock/token" | |
| mockOidcUserInfoEndpoint: "https://internal-dev.api.service.nhs.uk/oauth2-mock/userinfo" | |
| mockOidcjwksEndpoint: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev/protocol/openid-connect/certs" | |
| allowLocalhostAccess: true | |
| useCustomCognitoDomain: true | |
| APIGEE_CIS2_TOKEN_ENDPOINT: "https://internal-dev.api.service.nhs.uk/oauth2/token" | |
| APIGEE_MOCK_TOKEN_ENDPOINT: "https://internal-dev.api.service.nhs.uk/oauth2-mock/token" | |
| APIGEE_PRESCRIPTIONS_ENDPOINT: "https://internal-dev.api.service.nhs.uk/clinical-prescription-tracker/" | |
| APIGEE_PDS_ENDPOINT: "https://internal-dev.api.service.nhs.uk/personal-demographics/FHIR/R4/" | |
| APIGEE_DOHS_ENDPOINT: "https://int.api.service.nhs.uk/service-search-api/" | |
| JWT_KID: "eps-cpt-ui-dev" | |
| ROLE_ID: "555254242106" | |
| LOG_LEVEL: "DEBUG" | |
| WAF_ALLOW_GA_RUNNER_CONNECTIVITY: true | |
| USE_ZONE_APEX: false | |
| ROUTE53_EXPORT_NAME: EPS | |
| REACT_LOG_LEVEL: "debug" | |
| LOG_RETENTION_IN_DAYS: 30 | |
| CREATE_INT_RELEASE_NOTES: true | |
| CREATE_PROD_RELEASE_NOTES: true | |
| MARK_JIRA_RELEASED: false | |
| CREATE_INT_RC_RELEASE_NOTES: false | |
| IS_PULL_REQUEST: false | |
| secrets: inherit | |
| release_ref: | |
| needs: [tag_release, package_code, get_commit_id, release_dev] | |
| uses: ./.github/workflows/release_all_stacks.yml | |
| with: | |
| SERVICE_NAME: cpt-ui | |
| TARGET_ENVIRONMENT: ref | |
| VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}} | |
| COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}} | |
| useMockOidc: true | |
| primaryOidcIssuer: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare" | |
| primaryOidcAuthorizeEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/authorize" | |
| primaryOidcTokenEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/access_token" | |
| primaryOidcUserInfoEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/userinfo" | |
| primaryOidcjwksEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/connect/jwk_uri" | |
| mockOidcIssuer: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-ref" | |
| mockOidcAuthorizeEndpoint: "https://ref.api.service.nhs.uk/oauth2-mock/authorize" | |
| mockOidcTokenEndpoint: "https://ref.api.service.nhs.uk/oauth2-mock/token" | |
| mockOidcUserInfoEndpoint: "https://ref.api.service.nhs.uk/oauth2-mock/userinfo" | |
| mockOidcjwksEndpoint: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-ref/protocol/openid-connect/certs" | |
| allowLocalhostAccess: false | |
| useCustomCognitoDomain: true | |
| APIGEE_CIS2_TOKEN_ENDPOINT: "https://ref.api.service.nhs.uk/oauth2/token" | |
| APIGEE_MOCK_TOKEN_ENDPOINT: "https://ref.api.service.nhs.uk/oauth2-mock/token" | |
| APIGEE_PRESCRIPTIONS_ENDPOINT: "https://ref.api.service.nhs.uk/clinical-prescription-tracker/" | |
| APIGEE_PDS_ENDPOINT: "https://ref.api.service.nhs.uk/personal-demographics/FHIR/R4/" | |
| APIGEE_DOHS_ENDPOINT: "https://int.api.service.nhs.uk/service-search-api/" | |
| JWT_KID: "eps-cpt-ui-ref" | |
| ROLE_ID: "555254242106" | |
| LOG_LEVEL: "DEBUG" | |
| WAF_ALLOW_GA_RUNNER_CONNECTIVITY: true | |
| USE_ZONE_APEX: false | |
| ROUTE53_EXPORT_NAME: EPS | |
| REACT_LOG_LEVEL: "debug" | |
| LOG_RETENTION_IN_DAYS: 30 | |
| IS_PULL_REQUEST: false | |
| secrets: inherit | |
| release_qa: | |
| needs: [tag_release, package_code, get_commit_id, release_dev] | |
| uses: ./.github/workflows/release_all_stacks.yml | |
| with: | |
| SERVICE_NAME: cpt-ui | |
| TARGET_ENVIRONMENT: qa | |
| VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}} | |
| COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}} | |
| useMockOidc: true | |
| primaryOidcIssuer: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare" | |
| primaryOidcAuthorizeEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/authorize" | |
| primaryOidcTokenEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/access_token" | |
| primaryOidcUserInfoEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/userinfo" | |
| primaryOidcjwksEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/connect/jwk_uri" | |
| mockOidcIssuer: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-qa" | |
| mockOidcAuthorizeEndpoint: "https://internal-qa.api.service.nhs.uk/oauth2-mock/authorize" | |
| mockOidcTokenEndpoint: "https://internal-qa.api.service.nhs.uk/oauth2-mock/token" | |
| mockOidcUserInfoEndpoint: "https://internal-qa.api.service.nhs.uk/oauth2-mock/userinfo" | |
| mockOidcjwksEndpoint: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-qa/protocol/openid-connect/certs" | |
| allowLocalhostAccess: false | |
| useCustomCognitoDomain: true | |
| APIGEE_CIS2_TOKEN_ENDPOINT: "https://internal-qa.api.service.nhs.uk/oauth2-int/token" | |
| APIGEE_MOCK_TOKEN_ENDPOINT: "https://internal-qa.api.service.nhs.uk/oauth2-mock/token" | |
| APIGEE_PRESCRIPTIONS_ENDPOINT: "https://internal-qa.api.service.nhs.uk/clinical-prescription-tracker/" | |
| APIGEE_PDS_ENDPOINT: "https://internal-qa.api.service.nhs.uk/personal-demographics/FHIR/R4/" | |
| APIGEE_DOHS_ENDPOINT: "https://int.api.service.nhs.uk/service-search-api/" | |
| JWT_KID: "eps-cpt-ui-qa" | |
| ROLE_ID: "555254242106" | |
| LOG_LEVEL: "DEBUG" | |
| WAF_ALLOW_GA_RUNNER_CONNECTIVITY: true | |
| USE_ZONE_APEX: false | |
| ROUTE53_EXPORT_NAME: EPS | |
| REACT_LOG_LEVEL: "debug" | |
| LOG_RETENTION_IN_DAYS: 30 | |
| IS_PULL_REQUEST: false | |
| secrets: inherit | |
| release_int: | |
| needs: [tag_release, package_code, get_commit_id, release_qa] | |
| uses: ./.github/workflows/release_all_stacks.yml | |
| with: | |
| SERVICE_NAME: cpt-ui | |
| TARGET_ENVIRONMENT: int | |
| VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}} | |
| COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}} | |
| useMockOidc: false | |
| primaryOidcIssuer: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare" | |
| primaryOidcAuthorizeEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/authorize" | |
| primaryOidcTokenEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/access_token" | |
| primaryOidcUserInfoEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/userinfo" | |
| primaryOidcjwksEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/connect/jwk_uri" | |
| allowLocalhostAccess: false | |
| useCustomCognitoDomain: true | |
| APIGEE_CIS2_TOKEN_ENDPOINT: "https://int.api.service.nhs.uk/oauth2/token" | |
| APIGEE_MOCK_TOKEN_ENDPOINT: "UNUSED" | |
| APIGEE_PRESCRIPTIONS_ENDPOINT: "https://int.api.service.nhs.uk/clinical-prescription-tracker/" | |
| APIGEE_PDS_ENDPOINT: "https://int.api.service.nhs.uk/personal-demographics/FHIR/R4/" | |
| APIGEE_DOHS_ENDPOINT: "https://int.api.service.nhs.uk/service-search-api/" | |
| JWT_KID: "eps-cpt-ui-int" | |
| ROLE_ID: "555254242106" | |
| LOG_LEVEL: "DEBUG" | |
| RUN_REGRESSION_TESTS: false | |
| WAF_ALLOW_GA_RUNNER_CONNECTIVITY: false | |
| USE_ZONE_APEX: true | |
| ROUTE53_EXPORT_NAME: CPT | |
| REACT_LOG_LEVEL: "debug" # change this before pilot | |
| LOG_RETENTION_IN_DAYS: 30 | |
| CREATE_INT_RELEASE_NOTES: true | |
| CREATE_PROD_RELEASE_NOTES: true | |
| MARK_JIRA_RELEASED: false | |
| CREATE_INT_RC_RELEASE_NOTES: true | |
| IS_PULL_REQUEST: false | |
| secrets: inherit | |
| release_prod: | |
| needs: [tag_release, package_code, get_commit_id, release_int] | |
| uses: ./.github/workflows/release_all_stacks.yml | |
| with: | |
| SERVICE_NAME: cpt-ui | |
| TARGET_ENVIRONMENT: prod | |
| VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}} | |
| COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}} | |
| useMockOidc: false | |
| primaryOidcIssuer: "https://am.nhsidentity.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare" | |
| primaryOidcAuthorizeEndpoint: "https://am.nhsidentity.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/authorize" | |
| primaryOidcTokenEndpoint: "https://am.nhsidentity.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/access_token" | |
| primaryOidcUserInfoEndpoint: "https://am.nhsidentity.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/userinfo" | |
| primaryOidcjwksEndpoint: "https://am.nhsidentity.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/connect/jwk_uri" | |
| allowLocalhostAccess: false | |
| useCustomCognitoDomain: true | |
| APIGEE_CIS2_TOKEN_ENDPOINT: "https://api.service.nhs.uk/oauth2/token" | |
| APIGEE_MOCK_TOKEN_ENDPOINT: "UNUSED" | |
| APIGEE_PRESCRIPTIONS_ENDPOINT: "https://api.service.nhs.uk/clinical-prescription-tracker/" | |
| APIGEE_PDS_ENDPOINT: "https://api.service.nhs.uk/personal-demographics/FHIR/R4/" | |
| APIGEE_DOHS_ENDPOINT: "https://api.service.nhs.uk/service-search-api/" | |
| JWT_KID: "eps-cpt-ui-prod" | |
| ROLE_ID: "555254242106" | |
| LOG_LEVEL: "DEBUG" | |
| RUN_REGRESSION_TESTS: false | |
| WAF_ALLOW_GA_RUNNER_CONNECTIVITY: false | |
| USE_ZONE_APEX: true | |
| ROUTE53_EXPORT_NAME: CPT | |
| REACT_LOG_LEVEL: "debug" # change this before pilot | |
| LOG_RETENTION_IN_DAYS: 731 | |
| CREATE_INT_RELEASE_NOTES: true | |
| CREATE_PROD_RELEASE_NOTES: true | |
| MARK_JIRA_RELEASED: false | |
| CREATE_INT_RC_RELEASE_NOTES: false | |
| IS_PULL_REQUEST: false | |
| secrets: inherit |