Merge branch 'master' into bugfix/VED-872-improve-given-name-validation

Author: dlzhry2nhs

.github/workflows/continuous-deployment.yml

@@ -0,0 +1,84 @@
+name: Continuous Deployment Pipeline
+
+on:
+  push:
+    branches:
+      - master
+
+jobs:
+  deploy-internal-dev-backend:
+    uses: ./.github/workflows/deploy-backend.yml
+    with:
+      apigee_environment: internal-dev
+      create_mns_subscription: true
+      environment: dev
+      sub_environment: internal-dev
+
+  run-internal-dev-sandbox-tests:
+    # Technically the first step is not a pre-requisite - sandbox backend deployment is handled by APIM
+    # Stipulating this condition simply makes it more likely the environment will be ready when tests are invoked
+    needs: [deploy-internal-dev-backend]
+    uses: ./.github/workflows/run-e2e-tests.yml
+    with:
+      apigee_environment: internal-dev-sandbox
+      environment: dev
+      sub_environment: internal-dev-sandbox
+    secrets:
+      APIGEE_PASSWORD: ${{ secrets.APIGEE_PASSWORD }}
+      APIGEE_BASIC_AUTH_TOKEN: ${{ secrets.APIGEE_BASIC_AUTH_TOKEN }}
+      APIGEE_OTP_KEY: ${{ secrets.APIGEE_OTP_KEY }}
+      STATUS_API_KEY: ${{ secrets.STATUS_API_KEY }}
+
+  run-sandbox-tests:
+    needs: [run-internal-dev-sandbox-tests]
+    uses: ./.github/workflows/run-e2e-tests.yml
+    with:
+      apigee_environment: sandbox
+      environment: dev
+      sub_environment: sandbox
+    secrets:
+      APIGEE_PASSWORD: ${{ secrets.APIGEE_PASSWORD }}
+      APIGEE_BASIC_AUTH_TOKEN: ${{ secrets.APIGEE_BASIC_AUTH_TOKEN }}
+      APIGEE_OTP_KEY: ${{ secrets.APIGEE_OTP_KEY }}
+      STATUS_API_KEY: ${{ secrets.STATUS_API_KEY }}
+
+  run-internal-dev-tests:
+    needs: [deploy-internal-dev-backend]
+    uses: ./.github/workflows/run-e2e-tests.yml
+    with:
+      apigee_environment: internal-dev
+      environment: dev
+      sub_environment: internal-dev
+    secrets:
+      APIGEE_PASSWORD: ${{ secrets.APIGEE_PASSWORD }}
+      APIGEE_BASIC_AUTH_TOKEN: ${{ secrets.APIGEE_BASIC_AUTH_TOKEN }}
+      APIGEE_OTP_KEY: ${{ secrets.APIGEE_OTP_KEY }}
+      STATUS_API_KEY: ${{ secrets.STATUS_API_KEY }}
+
+  deploy-higher-dev-envs:
+    needs: [run-internal-dev-tests]
+    strategy:
+      matrix:
+        sub_environment_name: [ref, int]
+    uses: ./.github/workflows/deploy-backend.yml
+    with:
+      apigee_environment: ${{ matrix.sub_environment_name }}
+      create_mns_subscription: true
+      environment: dev
+      sub_environment: ${{ matrix.sub_environment_name }}
+
+  run-higher-dev-env-tests:
+    needs: [deploy-higher-dev-envs]
+    strategy:
+      matrix:
+        sub_environment_name: [ref, int]
+    uses: ./.github/workflows/run-e2e-tests.yml
+    with:
+      apigee_environment: ${{ matrix.sub_environment_name }}
+      environment: dev
+      sub_environment: ${{ matrix.sub_environment_name }}
+    secrets:
+      APIGEE_PASSWORD: ${{ secrets.APIGEE_PASSWORD }}
+      APIGEE_BASIC_AUTH_TOKEN: ${{ secrets.APIGEE_BASIC_AUTH_TOKEN }}
+      APIGEE_OTP_KEY: ${{ secrets.APIGEE_OTP_KEY }}
+      STATUS_API_KEY: ${{ secrets.STATUS_API_KEY }}

.github/workflows/deploy-backend.yml

@@ -27,12 +27,12 @@ on:
           - ref
           - prod
       create_mns_subscription:
-        description: Create an MNS Subscription. Only available in dev
+        description: Create an MNS Subscription programatically. Only available in AWS dev
         required: false
         type: boolean
         default: true
       environment:
-        type: string
+        type: choice
         description: Select the backend environment
         options:
           - dev
@@ -82,7 +82,7 @@ jobs:
       - name: Save Terraform Plan
         uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02
         with:
-          name: tfplan
+          name: ${{ env.ENVIRONMENT }}-${{ env.SUB_ENVIRONMENT }}-tfplan
           path: terraform/tfplan
 
   terraform-apply:
@@ -107,7 +107,7 @@ jobs:
       - name: Retrieve Terraform Plan
         uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0
         with:
-          name: tfplan
+          name: ${{ env.ENVIRONMENT }}-${{ env.SUB_ENVIRONMENT }}-tfplan
           path: terraform
 
       - name: Terraform Init

.github/workflows/pr-deploy-and-test.yml

@@ -0,0 +1,30 @@
+name: PR Deploy and Test
+
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+
+jobs:
+  deploy-pr-backend:
+    uses: ./.github/workflows/deploy-backend.yml
+    with:
+      apigee_environment: internal-dev
+      create_mns_subscription: true
+      environment: dev
+      sub_environment: pr-${{github.event.pull_request.number}}
+
+  run-e2e-tests:
+    needs: [deploy-pr-backend]
+    strategy:
+      matrix:
+        apigee_environment_name: [internal-dev, internal-dev-sandbox]
+    uses: ./.github/workflows/run-e2e-tests.yml
+    with:
+      apigee_environment: ${{ matrix.apigee_environment_name }}
+      environment: dev
+      sub_environment: pr-${{github.event.pull_request.number}}
+    secrets:
+      APIGEE_PASSWORD: ${{ secrets.APIGEE_PASSWORD }}
+      APIGEE_BASIC_AUTH_TOKEN: ${{ secrets.APIGEE_BASIC_AUTH_TOKEN }}
+      APIGEE_OTP_KEY: ${{ secrets.APIGEE_OTP_KEY }}
+      STATUS_API_KEY: ${{ secrets.STATUS_API_KEY }}

.github/workflows/run-e2e-tests.yml

@@ -12,13 +12,24 @@ on:
       sub_environment:
         required: true
         type: string
+    secrets:
+      APIGEE_PASSWORD:
+        required: true
+      APIGEE_BASIC_AUTH_TOKEN:
+        required: true
+      APIGEE_OTP_KEY:
+        required: true
+      STATUS_API_KEY:
+        required: true
   workflow_dispatch:
     inputs:
       apigee_environment:
         type: choice
         description: Select the Apigee proxy environment
         options:
           - internal-dev
+          - internal-dev-sandbox
+          - sandbox
           - int
           - ref
           - prod
@@ -102,34 +113,35 @@ jobs:
     environment: ${{ inputs.apigee_environment }}
     env:
       APIGEE_USERNAME: ${{ vars.APIGEE_USERNAME }}
+      TF_OUTPUTS_REQUIRED: ${{ vars.RUN_FULL_E2E_TESTS == 'true' || vars.RUN_PROXY_E2E_TESTS == 'true' }}
     steps:
       - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8
 
       - name: Connect to AWS
-        if: ${{ vars.RUN_FULL_E2E_TESTS == 'true' }}
+        if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
         uses: aws-actions/configure-aws-credentials@00943011d9042930efac3dcd3a170e4273319bc8
         with:
           aws-region: eu-west-2
           role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/auto-ops
           role-session-name: github-actions
 
       - uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd
-        if: ${{ vars.RUN_FULL_E2E_TESTS == 'true' }}
+        if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
         with:
           terraform_version: "1.12.2"
 
       - name: Terraform Init
-        if: ${{ vars.RUN_FULL_E2E_TESTS == 'true' }}
+        if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
         working-directory: terraform
         run: make init
 
       - name: Set Terraform workspace
-        if: ${{ vars.RUN_FULL_E2E_TESTS == 'true' }}
+        if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
         working-directory: terraform
         run: make workspace
 
       - name: Read Terraform outputs
-        if: ${{ vars.RUN_FULL_E2E_TESTS == 'true' }}
+        if: ${{ env.TF_OUTPUTS_REQUIRED == 'true' }}
         working-directory: terraform
         run: |
           echo "IMMS_DELTA_TABLE_NAME=$(make -s output name=imms_delta_table_name)" >> $GITHUB_ENV
@@ -173,10 +185,6 @@ jobs:
           echo "::add-mask::$token"
           echo "APIGEE_ACCESS_TOKEN=$token" >> $GITHUB_ENV
 
-      - name: Run proxy deployment e2e test suite
-        working-directory: e2e
-        run: poetry run python -m unittest test_deployment
-
       - name: Run proxy e2e test suite
         if: ${{ vars.RUN_PROXY_E2E_TESTS == 'true' }}
         working-directory: e2e

Makefile

@@ -36,15 +36,13 @@ build-proxy:
 	scripts/build_proxy.sh
 
 #Files to loop over in release
-# VED-811: remove everything except for proxy related files as we move to Github Actions for backend deployment
-_dist_include="poetry.toml Makefile build/. specification sandbox terraform scripts"
+_dist_include="poetry.toml Makefile build/. specification sandbox scripts"
 
 #Create /dist/ sub-directory and copy files into directory
 #Ensure full dir structure is preserved for Lambdas
 release: clean publish build-proxy
 	mkdir -p dist
 	for f in $(_dist_include); do cp -r $$f dist; done
-	for f in $(PYTHON_PROJECT_DIRS); do cp --parents -r $$f dist; done
 	cp ecs-proxies-deploy.yml dist/ecs-deploy-sandbox.yml
 	cp ecs-proxies-deploy.yml dist/ecs-deploy-internal-qa-sandbox.yml
 	cp ecs-proxies-deploy.yml dist/ecs-deploy-internal-dev-sandbox.yml

azure/azure-pr-pipeline.yml

@@ -36,16 +36,7 @@ extends:
       - environment: internal-dev
         jinja_templates:
           DOMAIN_ENDPOINT: https://pr-${{ variables.pr_number }}.imms.dev.vds.platform.nhs.uk
-        post_deploy:
-          - template: ./templates/post-deploy.yml
-            parameters:
-              aws_account_type: "dev"
       - environment: internal-dev-sandbox
         proxy_path: sandbox
         jinja_templates:
           DOMAIN_ENDPOINT: just-dummy-value-for-successful-build
-        post_deploy:
-          - template: ./templates/post-deploy.yml
-            parameters:
-              aws_account_type: "dev"
-              subscribe_to_mns: false

azure/azure-prod-release-pipeline.yml

@@ -34,19 +34,10 @@ extends:
       - environment: internal-dev
         jinja_templates:
           DOMAIN_ENDPOINT: https://internal-dev.imms.dev.vds.platform.nhs.uk
-        post_deploy:
-          - template: ./templates/post-deploy.yml
-            parameters:
-              aws_account_type: "dev"
       - environment: internal-dev-sandbox
         proxy_path: sandbox
         jinja_templates:
           DOMAIN_ENDPOINT: just-dummy-value-for-successful-build
-        post_deploy:
-          - template: ./templates/post-deploy.yml
-            parameters:
-              aws_account_type: "dev"
-              subscribe_to_mns: false
       - environment: sandbox
         proxy_path: sandbox
         jinja_templates:
@@ -56,19 +47,10 @@ extends:
       - environment: ref
         depends_on:
           - internal_dev
-          - internal_dev_sandbox
         jinja_templates:
           DOMAIN_ENDPOINT: https://ref.imms.dev.vds.platform.nhs.uk
-        post_deploy:
-          - template: ./templates/post-deploy.yml
-            parameters:
-              aws_account_type: "dev"
       - environment: int
         depends_on:
           - internal_dev
         jinja_templates:
           DOMAIN_ENDPOINT: https://int.imms.dev.vds.platform.nhs.uk
-        post_deploy:
-          - template: ./templates/post-deploy.yml
-            parameters:
-              aws_account_type: "dev"