Merge branch 'master' into APM-000-AMP-3654-removed-interactive-product-backlog

Author: nkinsler1

.github/dependabot.yml

@@ -58,6 +58,9 @@ updates:
       - "/mesh_processor"
       - "/recordprocessor"
       - "/redis_sync"
+      - "/lambdas/id_sync"
+      - "/lambdas/shared"
+      - "/mns_subscription"
     schedule:
       interval: "daily"
     open-pull-requests-limit: 1
@@ -71,7 +74,6 @@ updates:
     directories:
       - "/grafana/non-prod/terraform"
       - "/infra"
-      - "/mesh-infra"
       - "/terraform"
       - "/terraform_aws_backup/**"
     schedule:

.github/workflows/deploy-blue-green.yml

@@ -0,0 +1,18 @@
+name: Deploy Blue Green - INT
+
+on:
+  pull_request:
+    types: [closed]
+    branches: [master]
+
+jobs:
+  deploy-green:
+    uses: ./.github/workflows/deploy-template.yml
+    with:
+      environment: green
+
+  deploy-blue:
+    needs: deploy-green
+    uses: ./.github/workflows/deploy-template.yml
+    with:
+      environment: blue

.github/workflows/deploy-template.yml

@@ -0,0 +1,139 @@
+name: Deploy to INT and run E2e test
+on:
+  workflow_call:
+    inputs:
+      environment:
+        required: true
+        type: string
+
+jobs:
+  terraform-plan:
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Debug OIDC
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: eu-west-2
+          role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/auto-ops
+          role-session-name: github-actions
+
+      - name: Whoami
+        run: aws sts get-caller-identity
+
+      - name: Checkout
+        uses: actions/checkout@v4
+        with:
+          fetch-depth: 1
+
+      - uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.12.2"
+
+      - name: Terraform Init
+        working-directory: ${{ vars.TERRAFORM_DIR_PATH }}
+        run: |
+          export ENVIRONMENT=${{ inputs.environment }}
+          make init
+
+      - name: Terraform Plan
+        working-directory: ${{ vars.TERRAFORM_DIR_PATH }}
+        run: |
+          make plan environment=${{ inputs.environment }} aws_account_name=int
+
+  terraform-apply:
+    needs: terraform-plan
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    environment:
+      name: int
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: eu-west-2
+          role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/auto-ops
+          role-session-name: github-actions
+
+      - uses: hashicorp/setup-terraform@v3
+        with:
+          terraform_version: "1.12.2"
+
+      - name: Terraform Init
+        working-directory: ${{ vars.TERRAFORM_DIR_PATH }}
+        run: |
+          export ENVIRONMENT=${{ inputs.environment }}
+          make init
+
+      - name: Terraform Apply
+        working-directory: ${{ vars.TERRAFORM_DIR_PATH }}
+        run: |
+          make apply environment=${{ inputs.environment }} aws_account_name=int
+
+  e2e-tests:
+    needs: terraform-apply
+    if: ${{ vars.RUN_E2E == 'true' || inputs.environment == vars.ACTIVE_ENVIRONMENT }}
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+      contents: read
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: eu-west-2
+          role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/auto-ops
+          role-session-name: github-actions
+
+      - name: Set up Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.11"
+
+      - name: Install Poetry
+        run: |
+          curl -sSL https://install.python-poetry.org | python3 -
+          echo "$HOME/.local/bin" >> $GITHUB_PATH
+
+      - name: Set Poetry to use Python 3.11
+        working-directory: ${{ vars.E2E_DIR_PATH }}
+        run: |
+          poetry env use $(which python3.11)
+
+      - name: Install dependencies with Poetry
+        working-directory: ${{ vars.E2E_DIR_PATH }}
+        run: |
+          poetry install --no-root
+
+      - name: Run e2e tests
+        working-directory: ${{ vars.E2E_DIR_PATH }}
+        run: |
+          apigee_token=$(aws ssm get-parameter \
+            --name "/imms/apigee/non-prod/token" \
+            --with-decryption \
+            --query "Parameter.Value" \
+            --output text)
+
+          status_api_key=$(aws ssm get-parameter \
+            --name "/imms/apigee/non-prod/status-api-key" \
+            --with-decryption \
+            --query "Parameter.Value" \
+            --output text)
+
+          export APIGEE_ACCESS_TOKEN=$apigee_token
+          export [email protected]
+          export APIGEE_ENVIRONMENT=int
+          export STATUS_API_KEY=$status_api_key
+          export PROXY_NAME=immunisation-fhir-api-internal-dev
+          export SERVICE_BASE_PATH=immunisation-fhir-api/FHIR/R4
+          export SSO_LOGIN_URL=https://login.apigee.com
+
+          make run-immunization

.github/workflows/sonarcloud.yml

@@ -7,6 +7,10 @@ on:
   pull_request:
     types: [labeled, opened, synchronize, reopened, unlabeled]
 
+env:
+  SHARED_PATH: ${{ github.workspace }}/lambdas/shared
+  LAMBDA_PATH: ${{ github.workspace }}/lambdas
+
 jobs:
   sonarcloud:
     name: SonarCloud
@@ -18,13 +22,11 @@ jobs:
           fetch-depth: 0
 
       - name: Install poetry
-        run: pip install poetry==1.8.4
+        run: pip install poetry==2.1.2
 
       - uses: actions/setup-python@v5
         with:
-          python-version: |
-            3.10
-            3.11
+          python-version: 3.11
           cache: 'poetry'
 
       - name: Set up AWS credentials
@@ -40,7 +42,6 @@ jobs:
         id: filenameprocessor
         continue-on-error: true
         run: |
-          poetry env use 3.10
           poetry install
           poetry run coverage run -m unittest discover || echo "filenameprocessor tests failed" >> ../failed_tests.txt
           poetry run coverage xml -o ../filenameprocessor-coverage.xml
@@ -50,7 +51,6 @@ jobs:
         id: recordprocessor
         continue-on-error: true
         run: |
-          poetry env use 3.10
           poetry install
           poetry run coverage run -m unittest discover || echo "recordprocessor tests failed" >> ../failed_tests.txt
           poetry run coverage xml -o ../recordprocessor-coverage.xml
@@ -63,7 +63,6 @@ jobs:
           PYTHONPATH: ${{ github.workspace }}/backend/src:${{ github.workspace }}/backend/tests
         continue-on-error: true
         run: |
-          poetry env use 3.11
           poetry install
           poetry run coverage run -m unittest discover -s "./tests" -p "*batch*.py" || echo "recordforwarder tests failed" >> ../failed_tests.txt
           poetry run coverage xml -o ../recordforwarder-coverage.xml
@@ -73,7 +72,6 @@ jobs:
         id: acklambda
         continue-on-error: true
         run: |
-          poetry env use 3.10
           poetry install
           poetry run coverage run -m unittest discover || echo "ack-lambda tests failed" >> ../failed_tests.txt
           poetry run coverage xml -o ../ack-lambda-coverage.xml
@@ -85,7 +83,6 @@ jobs:
             PYTHONPATH: delta_backend/src:delta_backend/tests
         continue-on-error: true
         run: |
-          poetry env use 3.11
           poetry install
           poetry run coverage run -m unittest discover || echo "delta tests failed" >> ../failed_tests.txt
           poetry run coverage xml -o ../delta-coverage.xml
@@ -97,7 +94,6 @@ jobs:
         id: fhirapi
         continue-on-error: true
         run: |
-          poetry env use 3.11
           poetry install
           poetry run coverage run -m unittest discover || echo "fhir-api tests failed" >> ../failed_tests.txt
           poetry run coverage xml -o ../backend-coverage.xml
@@ -107,23 +103,57 @@ jobs:
         id: meshprocessor
         continue-on-error: true
         run: |
-          poetry env use 3.10
           poetry install
           poetry run coverage run -m unittest discover || echo "mesh_processor tests failed" >> ../failed_tests.txt
           poetry run coverage xml -o ../mesh_processor-coverage.xml
 
+      - name: Run unittest with coverage-mns-subscription
+        working-directory: mns_subscription
+        env:
+          PYTHONPATH: ${{ github.workspace }}/mns_subscription/src:${{ github.workspace }}/mns_subscription/tests
+        id: mns_subscription
+        continue-on-error: true
+        run: |
+          poetry install
+          poetry run coverage run -m unittest discover || echo "mns_subscription tests failed" >> ../failed_tests.txt
+          poetry run coverage report -m
+          poetry run coverage xml -o ../mns_subscription-coverage.xml
+
       - name: Run unittest with redis_sync
         working-directory: redis_sync
         id: redis_sync
         env:
           PYTHONPATH: ${{ github.workspace }}/redis_sync/src:${{ github.workspace }}/redis_sync/tests
         continue-on-error: true
         run: |
-            poetry env use 3.11
             poetry install
             poetry run coverage run -m unittest discover || echo "redis_sync tests failed" >> ../failed_tests.txt
             poetry run coverage xml -o ../redis_sync-coverage.xml
 
+      - name: Run unittest with shared
+        working-directory: lambdas/shared
+        id: shared
+        env:
+          PYTHONPATH: ${{ env.SHARED_PATH }}/src
+        continue-on-error: true
+        run: |
+            poetry env use 3.11
+            poetry install
+            poetry run coverage run --rcfile=.coveragerc --source=src -m unittest discover -s tests -p "test_*.py" -v || echo "shared tests failed" >> ../../failed_tests.txt
+            poetry run coverage xml -o ../../shared-coverage.xml
+
+      - name: Run unittest with id_sync
+        working-directory: lambdas/id_sync
+        id: id_sync
+        env:
+          PYTHONPATH: ${{ env.LAMBDA_PATH }}/id_sync/src:${{ env.SHARED_PATH }}/src
+        continue-on-error: true
+        run: |
+            poetry env use 3.11
+            poetry install
+            poetry run coverage run --rcfile=.coveragerc --source=src -m unittest discover || echo "id_sync tests failed" >> ../../failed_tests.txt
+            poetry run coverage xml -o ../../id_sync-coverage.xml
+
       - name: Run Test Failure Summary
         id: check_failure
         run: |

.gitignore

@@ -29,4 +29,4 @@ openapi.json
 !**/.vscode/settings.json.default
 
 devtools/volume/
-backend/tests/.coverage
+**/.coverage

.tool-versions

@@ -0,0 +1,3 @@
+poetry 2.1.2
+nodejs 23.11.0
+python 3.11.12

Makefile

@@ -1,5 +1,8 @@
 SHELL=/usr/bin/env bash -euo pipefail
 
+PYTHON_PROJECT_DIRS_WITH_UNIT_TESTS = ack_backend backend delta_backend filenameprocessor mesh_processor recordprocessor redis_sync lambdas/id_sync lambdas/shared mns_subscription
+PYTHON_PROJECT_DIRS = e2e e2e_batch $(PYTHON_PROJECT_DIRS_WITH_UNIT_TESTS)
+
 #Installs dependencies using poetry.
 install-python:
 	poetry lock --no-update
@@ -38,7 +41,7 @@ build-proxy:
 	scripts/build_proxy.sh
 
 #Files to loop over in release
-_dist_include="pytest.ini poetry.lock poetry.toml pyproject.toml Makefile build/. e2e e2e_batch specification sandbox terraform scripts backend delta_backend ack_backend filenameprocessor recordprocessor mesh_processor redis_sync"
+_dist_include="pytest.ini poetry.lock poetry.toml pyproject.toml Makefile build/. specification sandbox terraform scripts $(PYTHON_PROJECT_DIRS) $(PYTHON_LAMBDA_DEPENDENCIES)"
 
 
 #Create /dist/ sub-directory and copy files into directory
@@ -85,3 +88,39 @@ test-prod:
 
 setup-python-envs:
 	scripts/setup-python-envs.sh
+
+initialise-all-python-venvs:
+	for dir in $(PYTHON_PROJECT_DIRS); do ( \
+		cd $$dir && \
+		pwd && \
+		rm -rf .venv && \
+		python -m venv .venv && \
+		source .venv/bin/activate && \
+		poetry install --no-root && \
+		deactivate \
+	); done
+
+update-all-python-dependencies:
+	for dir in $(PYTHON_PROJECT_DIRS); do ( \
+		cd $$dir && \
+		pwd && \
+		source .venv/bin/activate && \
+		poetry update && \
+		deactivate \
+	); done
+
+run-all-python-unit-tests:
+	for dir in $(PYTHON_PROJECT_DIRS_WITH_UNIT_TESTS); do ( \
+		cd $$dir && \
+		pwd && \
+		source .venv/bin/activate && \
+		poetry run make test && \
+		deactivate \
+	); done
+
+build-all-docker-images:
+	for dir in $(PYTHON_PROJECT_DIRS_WITH_UNIT_TESTS); do \
+		for dockerfile in $$(ls $$dir/*Dockerfile); do \
+			echo $$dockerfile && docker build --file $$dockerfile $$dir; \
+		done; \
+	done