Upgrade: [dependabot] - bump @aws-sdk/client-dynamodb from 3.932.0 to 3.936.0 #11092
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: deploy_pr | |
| on: | |
| pull_request: | |
| branches: [main] | |
| env: | |
| BRANCH_NAME: ${{ github.event.pull_request.head.ref }} | |
| jobs: | |
| dependabot-auto-approve-and-merge: | |
| needs: quality_checks | |
| uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@4fb41faab9c92d8a1444719bc1ab45a989caf756 | |
| secrets: | |
| AUTOMERGE_APP_ID: ${{ secrets.AUTOMERGE_APP_ID }} | |
| AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }} | |
| get_asdf_version: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| asdf_version: ${{ steps.asdf-version.outputs.version }} | |
| tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 | |
| - name: Get asdf version | |
| id: asdf-version | |
| run: echo "version=$(awk '!/^#/ && NF {print $1; exit}' .tool-versions.asdf)" >> "$GITHUB_OUTPUT" | |
| - name: Load config value | |
| id: load-config | |
| run: | | |
| TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml) | |
| echo "TAG_FORMAT=$TAG_FORMAT" >> "$GITHUB_OUTPUT" | |
| get_commit_message: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| commit_message: ${{ steps.commit_message.outputs.commit_message }} | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 | |
| with: | |
| ref: ${{ env.BRANCH_NAME }} | |
| fetch-depth: 0 | |
| - name: Get Commit message | |
| id: commit_message | |
| run: | | |
| echo "commit_message=$(git show -s --format=%s)" >> "$GITHUB_OUTPUT" | |
| quality_checks: | |
| # always run, but only block in the non-skip case | |
| needs: [get_commit_message, get_asdf_version] | |
| uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks.yml@3cba6a3733673bafc95526503478674332c26007 | |
| with: | |
| asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }} | |
| secrets: | |
| SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
| quality_gate: | |
| needs: get_commit_message | |
| runs-on: ubuntu-22.04 | |
| if: always() | |
| steps: | |
| - name: Wait for quality checks to succeed | |
| if: ${{ ! contains(needs.get_commit_message.outputs.commit_message, '#skip-qc') }} | |
| uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd | |
| with: | |
| github-token: ${{ secrets.GITHUB_TOKEN }} | |
| result-encoding: json | |
| script: | | |
| const owner = context.repo.owner; | |
| const repo = context.repo.repo; | |
| const runId = context.runId; | |
| // How many times to poll | |
| const pollTime = 10000; // 10 seconds | |
| const maxRetries = 120; // 20 minutes at 10 seconds each | |
| let attempts = 0; | |
| async function fetchQCJob() { | |
| const { data } = await github.rest.actions.listJobsForWorkflowRun({ | |
| owner, repo, run_id: runId | |
| }); | |
| return data.jobs.find(job => job.name === 'quality_checks / quality_checks'); | |
| } | |
| let qc = await fetchQCJob(); | |
| while ((!qc || qc.status !== 'completed') && attempts < maxRetries) { | |
| attempts++; | |
| console.log(`Attempt #${attempts}: ` + | |
| (qc | |
| ? `found job “${qc.name}” with status=${qc.status}` | |
| : 'no matching quality_checks job yet')); | |
| await new Promise(r => setTimeout(r, pollTime)); | |
| qc = await fetchQCJob(); | |
| } | |
| if (!qc) { | |
| core.setFailed( | |
| `Timed out waiting for a “quality_checks” job (after ${attempts} polls).` | |
| ); | |
| return; | |
| } | |
| if (qc.status !== 'completed') { | |
| core.setFailed( | |
| `Quality checks job never completed (last status=${qc.status}).` | |
| ); | |
| return; | |
| } | |
| if (qc.conclusion !== 'success') { | |
| core.setFailed( | |
| `Quality checks failed (conclusion=${qc.conclusion}).` | |
| ); | |
| } | |
| - name: Bypass QC gate | |
| if: ${{ contains(needs.get_commit_message.outputs.commit_message, '#skip-qc') }} | |
| run: echo "Skipping QC gate per commit message." | |
| pr_title_format_check: | |
| uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@3cba6a3733673bafc95526503478674332c26007 | |
| get_issue_number: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| issue_number: ${{steps.get_issue_number.outputs.result}} | |
| steps: | |
| - uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd | |
| name: get issue number | |
| id: get_issue_number | |
| with: | |
| script: | | |
| if (context.issue.number) { | |
| // Return issue number if present | |
| return context.issue.number; | |
| } else { | |
| // Otherwise return issue number from commit | |
| return ( | |
| await github.rest.repos.listPullRequestsAssociatedWithCommit({ | |
| commit_sha: context.sha, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| }) | |
| ).data[0].number; | |
| } | |
| result-encoding: string | |
| tag_release: | |
| needs: [get_asdf_version] | |
| uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml@a7daff06de7b695f601d9b1723ca184daca7d898 | |
| with: | |
| dry_run: true | |
| asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }} | |
| branch_name: ${{ github.event.pull_request.head.ref }} | |
| publish_package: false | |
| tag_format: ${{ needs.get_asdf_version.outputs.tag_format }} | |
| secrets: inherit | |
| get_commit_id: | |
| runs-on: ubuntu-22.04 | |
| outputs: | |
| commit_id: ${{ steps.commit_id.outputs.commit_id }} | |
| steps: | |
| - name: Get Commit ID | |
| id: commit_id | |
| run: | | |
| echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" | |
| package_code: | |
| needs: [get_issue_number, get_commit_id, quality_gate] | |
| if: | | |
| always() && | |
| ! contains(needs.*.result, 'failure') && | |
| ! contains(needs.*.result, 'cancelled') | |
| uses: ./.github/workflows/cdk_package_code.yml | |
| with: | |
| VERSION_NUMBER: PR-${{ needs.get_issue_number.outputs.issue_number }} | |
| COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} | |
| release_code: | |
| needs: [get_issue_number, package_code, get_commit_id] | |
| if: | | |
| always() && | |
| ! contains(needs.*.result, 'failure') && | |
| ! contains(needs.*.result, 'cancelled') | |
| uses: ./.github/workflows/release_all_stacks.yml | |
| with: | |
| SERVICE_NAME: cpt-ui-pr-${{needs.get_issue_number.outputs.issue_number}} | |
| TARGET_ENVIRONMENT: dev-pr | |
| VERSION_NUMBER: PR-${{ needs.get_issue_number.outputs.issue_number }} | |
| COMMIT_ID: "static-pr" | |
| useMockOidc: true | |
| primaryOidcIssuer: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare" | |
| primaryOidcAuthorizeEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/authorize" | |
| primaryOidcTokenEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/access_token" | |
| primaryOidcUserInfoEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/userinfo" | |
| primaryOidcjwksEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/connect/jwk_uri" | |
| mockOidcIssuer: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev" | |
| mockOidcAuthorizeEndpoint: "https://internal-dev.api.service.nhs.uk/oauth2-mock/authorize" | |
| mockOidcTokenEndpoint: "https://internal-dev.api.service.nhs.uk/oauth2-mock/token" | |
| mockOidcUserInfoEndpoint: "https://internal-dev.api.service.nhs.uk/oauth2-mock/userinfo" | |
| mockOidcjwksEndpoint: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev/protocol/openid-connect/certs" | |
| allowLocalhostAccess: true | |
| useCustomCognitoDomain: false | |
| APIGEE_CIS2_TOKEN_ENDPOINT: "https://internal-dev.api.service.nhs.uk/oauth2/token" | |
| APIGEE_MOCK_TOKEN_ENDPOINT: "https://internal-dev.api.service.nhs.uk/oauth2-mock/token" | |
| APIGEE_PRESCRIPTIONS_ENDPOINT: "https://internal-dev.api.service.nhs.uk/clinical-prescription-tracker/" | |
| APIGEE_PDS_ENDPOINT: "https://internal-dev.api.service.nhs.uk/personal-demographics/FHIR/R4/" | |
| APIGEE_DOHS_ENDPOINT: "https://int.api.service.nhs.uk/service-search-api/" | |
| JWT_KID: "eps-cpt-ui-dev" | |
| ROLE_ID: "555254242106" | |
| LOG_LEVEL: "DEBUG" | |
| RUN_REGRESSION_TESTS: true | |
| WAF_ALLOW_GA_RUNNER_CONNECTIVITY: true | |
| USE_ZONE_APEX: false | |
| ROUTE53_EXPORT_NAME: EPS | |
| REACT_LOG_LEVEL: "debug" | |
| LOG_RETENTION_IN_DAYS: 30 | |
| IS_PULL_REQUEST: true | |
| FORWARD_CSOC_LOGS: false | |
| secrets: inherit | |
| report_deployed_url: | |
| needs: [release_code, get_issue_number] | |
| if: | | |
| always() && | |
| ! contains(needs.*.result, 'failure') && | |
| ! contains(needs.*.result, 'cancelled') | |
| runs-on: ubuntu-22.04 | |
| steps: | |
| - name: Report Deployed URL | |
| run: | | |
| echo "Deployed URL: https://cpt-ui-pr-${{ needs.get_issue_number.outputs.issue_number }}.dev.eps.national.nhs.uk" >> "$GITHUB_STEP_SUMMARY" |