Merge pull request #4948 from nhsuk/next

Version 5.2.2

Author: benilovj

.github/workflows/build-and-push-image.yml

@@ -1,5 +1,5 @@
-name: Build and push image
-run-name: Build and push image for ${{ inputs.git-sha || github.sha }}
+name: Build and push images
+run-name: Build and push images for ${{ inputs.git-sha || github.sha }}
 
 on:
   workflow_dispatch:
@@ -26,10 +26,15 @@ jobs:
   check-image-presence:
     name: Check if images already exist
     runs-on: ubuntu-latest
+    strategy:
+      fail-fast: true
+      matrix:
+        image_type: ["webapp", "ops"]
     permissions:
       id-token: write
     outputs:
-      build-needed: ${{ steps.check-dev-image.outputs.build-needed || steps.check-prod-image.outputs.build-needed }}
+      webapp-build-needed: ${{ steps.check-dev-image.outputs.webapp-build-needed || steps.check-prod-image.outputs.webapp-build-needed }}
+      ops-build-needed: ${{ steps.check-dev-image.outputs.ops-build-needed || steps.check-prod-image.outputs.ops-build-needed }}
     steps:
       - name: Configure AWS Dev Credentials
         uses: aws-actions/configure-aws-credentials@v5
@@ -39,11 +44,11 @@ jobs:
       - name: Check if dev image exists
         id: check-dev-image
         run: |
-          if aws ecr describe-images --repository-name mavis/webapp --image-ids imageTag=$git_ref > /dev/null 2>&1; then
+          if aws ecr describe-images --repository-name mavis/${{ matrix.image_type }} --image-ids imageTag=$git_ref > /dev/null 2>&1; then
             echo "Dev image with given tag already exists"
           else
             echo "Dev image does not exist. Build needed"
-            echo "build-needed=true" >> $GITHUB_OUTPUT
+            echo "${{ matrix.image_type }}-build-needed=true" >> $GITHUB_OUTPUT
           fi
       - name: Configure AWS Production credentials
         if: env.PUSH_IMAGE_TO_PRODUCTION == 'true'
@@ -55,33 +60,12 @@ jobs:
         if: env.PUSH_IMAGE_TO_PRODUCTION == 'true'
         id: check-prod-image
         run: |
-          if aws ecr describe-images --repository-name mavis/webapp --image-ids imageTag=$git_ref > /dev/null 2>&1; then
+          if aws ecr describe-images --repository-name mavis/${{ matrix.image_type }} --image-ids imageTag=$git_ref > /dev/null 2>&1; then
             echo "Production image with given tag already exists"
           else
             echo "Production image does not exist. Build needed"
-            echo "build-needed=true" >> $GITHUB_OUTPUT
+            echo "${{ matrix.image_type }}-build-needed=true" >> $GITHUB_OUTPUT
           fi
-
-  build:
-    needs: check-image-presence
-    if: needs.check-image-presence.outputs.build-needed == 'true'
-    runs-on: ubuntu-latest
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@v5
-        with:
-          ref: ${{ env.git_ref }}
-      - name: Write build SHA
-        run: git rev-parse HEAD > public/sha
-      - name: Build Docker image
-        run: docker build -t "mavis:latest" .
-      - name: Save Docker image
-        run: docker save -o image.tar mavis:latest
-      - name: Upload Docker image
-        uses: actions/upload-artifact@v4
-        with:
-          name: image
-          path: image.tar
   define-matrix:
     name: Determine AWS roles to push the image
     runs-on: ubuntu-latest
@@ -97,6 +81,37 @@ jobs:
           else
             echo 'aws-roles=["arn:aws:iam::393416225559:role/GithubDeployMavisAndInfrastructure"]' >> $GITHUB_OUTPUT
           fi
+  build:
+    needs: check-image-presence
+    if: needs.check-image-presence.outputs.webapp-build-needed == 'true' || needs.check-image-presence.outputs.ops-build-needed  == 'true'
+    runs-on: ubuntu-latest
+    permissions:
+      id-token: write
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v5
+        with:
+          ref: ${{ env.git_ref }}
+      - name: Write build SHA
+        run: git rev-parse HEAD > public/sha
+      - name: Build webapp docker image
+        run: docker build -t "mavis-webapp:latest" .
+      - name: Save web image
+        run: docker save -o image.tar mavis-webapp:latest
+      - name: Upload web image
+        uses: actions/upload-artifact@v4
+        with:
+          name: webapp-image
+          path: image.tar
+      - name: Build ops docker image
+        run: docker build -f ops.Dockerfile -t "mavis-ops:latest" .
+      - name: Save ops image
+        run: docker save -o image.tar mavis-ops:latest
+      - name: Upload ops image
+        uses: actions/upload-artifact@v4
+        with:
+          name: ops-image
+          path: image.tar
   push:
     runs-on: ubuntu-latest
     needs: [build, define-matrix]
@@ -105,11 +120,12 @@ jobs:
     strategy:
       matrix:
         aws-role: ${{ fromJSON(needs.define-matrix.outputs.aws-roles) }}
+        image_type: ["webapp", "ops"]
     steps:
       - name: Download Docker image
         uses: actions/download-artifact@v5
         with:
-          name: image
+          name: ${{ matrix.image_type }}-image
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v5
         with:
@@ -121,6 +137,6 @@ jobs:
       - name: Load Docker image
         run: docker load -i image.tar
       - name: Tag Docker image
-        run: docker tag mavis:latest "${{ steps.login-ecr.outputs.registry }}/mavis/webapp":"$git_ref"
+        run: docker tag mavis-${{ matrix.image_type }}:latest "${{ steps.login-ecr.outputs.registry }}/mavis/${{ matrix.image_type }}":"$git_ref"
       - name: Push Docker image
-        run: docker push "${{ steps.login-ecr.outputs.registry }}/mavis/webapp":"$git_ref"
+        run: docker push "${{ steps.login-ecr.outputs.registry }}/mavis/${{ matrix.image_type }}":"$git_ref"

.github/workflows/deploy-application.yml

@@ -24,6 +24,7 @@ on:
           - all
           - web
           - sidekiq
+          - ops
         default: all
       git_ref_to_deploy:
         description:
@@ -81,7 +82,7 @@ jobs:
         id: get-git-sha
         run: echo "git-sha=$(git rev-parse HEAD)" >> $GITHUB_OUTPUT
 
-  build-and-push-image:
+  build-and-push-images:
     permissions:
       id-token: write
     needs: determine-git-sha
@@ -92,13 +93,15 @@ jobs:
   prepare-deployment:
     name: Prepare deployment
     runs-on: ubuntu-latest
-    needs: [ determine-git-sha, build-and-push-image ]
+    needs: [ determine-git-sha, build-and-push-images ]
     permissions:
       id-token: write
     strategy:
       fail-fast: true
       matrix:
-        service: ${{ inputs.server_types == 'all' && fromJSON('["web", "sidekiq"]') || fromJSON(format('["{0}"]', inputs.server_types)) }}
+        service: ${{ inputs.server_types == 'all' && fromJSON('["web", "sidekiq", "ops"]') || fromJSON(format('["{0}"]', inputs.server_types)) }}
+    env:
+      repository_name: ${{ matrix.service == 'ops' && 'mavis/ops' || 'mavis/webapp' }}
     steps:
       - name: Checkout code
         uses: actions/checkout@v5
@@ -116,7 +119,7 @@ jobs:
           image_tag: ${{ needs.determine-git-sha.outputs.git-sha }}
         run: |
           digest=$(aws ecr describe-images \
-            --repository-name mavis/webapp \
+            --repository-name $repository_name \
             --image-ids imageTag=$image_tag \
             --query 'imageDetails[0].imageDigest' \
             --output text)
@@ -127,7 +130,7 @@ jobs:
         with:
           task-definition-family: "mavis-${{ matrix.service }}-task-definition-${{ inputs.environment }}-template"
           container-name: "application"
-          image: "${{ env.aws_account_id }}.dkr.ecr.eu-west-2.amazonaws.com/mavis/webapp@${{ steps.get-image-digest.outputs.digest }}"
+          image: "${{ env.aws_account_id }}.dkr.ecr.eu-west-2.amazonaws.com/${{ env.repository_name }}@${{ steps.get-image-digest.outputs.digest }}"
           environment-variables: |
             APP_VERSION=${{ env.app_version }}
       - name: Rename task definition file
@@ -145,7 +148,6 @@ jobs:
     environment: ${{ inputs.environment }}
     steps:
       - run: echo "Proceeding with deployment to $environment"
-
   deploy-service:
     name: Deploy service
     runs-on: ubuntu-latest
@@ -155,7 +157,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        service: ${{ inputs.server_types == 'all' && fromJSON('["web", "sidekiq"]') || fromJSON(format('["{0}"]', inputs.server_types)) }}
+        service: ${{ inputs.server_types == 'all' && fromJSON('["web", "sidekiq", "ops"]') || fromJSON(format('["{0}"]', inputs.server_types)) }}
     steps:
       - name: Configure AWS Credentials
         uses: aws-actions/configure-aws-credentials@v5

.github/workflows/deploy.yml

@@ -41,6 +41,7 @@ on:
           - all
           - web
           - sidekiq
+          - ops
           - none
         default: all
 

.github/workflows/lint.yml

@@ -16,7 +16,7 @@ jobs:
       - uses: ruby/setup-ruby@v1
         with:
           bundler-cache: true
-      - uses: actions/setup-node@v5
+      - uses: actions/setup-node@v6
         with:
           cache: yarn
           node-version-file: .tool-versions

.github/workflows/test.yml

@@ -62,7 +62,7 @@ jobs:
       RAILS_ENV: test
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v5
+      - uses: actions/setup-node@v6
         with:
           node-version-file: .tool-versions
           cache: yarn
@@ -81,7 +81,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v5
-      - uses: actions/setup-node@v5
+      - uses: actions/setup-node@v6
         with:
           node-version-file: .tool-versions
           cache: yarn

Gemfile.lock

@@ -113,7 +113,7 @@ GEM
     ast (2.4.3)
     attr_required (1.0.2)
     aws-eventstream (1.4.0)
-    aws-partitions (1.1172.0)
+    aws-partitions (1.1174.0)
     aws-sdk-accessanalyzer (1.78.0)
       aws-sdk-core (~> 3, >= 3.231.0)
       aws-sigv4 (~> 1.5)
@@ -125,7 +125,7 @@ GEM
       bigdecimal
       jmespath (~> 1, >= 1.6.1)
       logger
-    aws-sdk-ec2 (1.561.0)
+    aws-sdk-ec2 (1.564.0)
       aws-sdk-core (~> 3, >= 3.231.0)
       aws-sigv4 (~> 1.5)
     aws-sdk-ecr (1.110.0)
@@ -140,7 +140,7 @@ GEM
     aws-sdk-rds (1.296.0)
       aws-sdk-core (~> 3, >= 3.231.0)
       aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.199.1)
+    aws-sdk-s3 (1.200.0)
       aws-sdk-core (~> 3, >= 3.231.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.5)
@@ -218,7 +218,7 @@ GEM
     dry-cli (1.3.0)
     email_validator (2.2.4)
       activemodel
-    erb (5.0.2)
+    erb (5.1.1)
     erubi (1.13.1)
     et-orbi (1.3.0)
       tzinfo
@@ -246,8 +246,8 @@ GEM
       concurrent-ruby (~> 1.1)
       webrick (~> 1.7)
       websocket-driver (~> 0.7)
-    ffi (1.17.1-arm64-darwin)
-    ffi (1.17.1-x86_64-linux-gnu)
+    ffi (1.17.2-arm64-darwin)
+    ffi (1.17.2-x86_64-linux-gnu)
     fhir_models (5.0.0)
       bcp47 (>= 0.3)
       date_time_precision (>= 0.8)
@@ -288,7 +288,7 @@ GEM
       tilt
     hashdiff (1.1.2)
     hashie (5.0.0)
-    hotwire-livereload (2.0.0)
+    hotwire-livereload (2.1.1)
       actioncable (>= 7.0.0)
       listen (>= 3.0.0)
       railties (>= 7.0.0)
@@ -369,7 +369,7 @@ GEM
       mime-types-data (~> 3.2015)
     mime-types-data (3.2025.0107)
     mini_mime (1.1.5)
-    minitest (5.25.5)
+    minitest (5.26.0)
     msgpack (1.8.0)
     net-http (0.6.0)
       uri
@@ -429,7 +429,7 @@ GEM
     pg (1.6.2-arm64-darwin)
     pg (1.6.2-x86_64-linux)
     phonelib (0.10.12)
-    pp (0.6.2)
+    pp (0.6.3)
       prettyprint
     prettier_print (1.2.1)
     prettyprint (0.2.0)
@@ -516,9 +516,10 @@ GEM
       ffi (~> 1.0)
     rbs (3.9.5)
       logger
-    rdoc (6.14.2)
+    rdoc (6.15.0)
       erb
       psych (>= 4.0.0)
+      tsort
     redcarpet (3.6.1)
     redis-client (0.26.1)
       connection_pool
@@ -606,7 +607,7 @@ GEM
       rubyzip (>= 1.3.0)
     rubyntlm (0.6.5)
       base64
-    rubyzip (3.1.1)
+    rubyzip (3.2.0)
     rufo (0.18.1)
     rufus-scheduler (3.9.2)
       fugit (~> 1.1, >= 1.11.1)
@@ -713,7 +714,7 @@ GEM
     unicode-display_width (3.2.0)
       unicode-emoji (~> 4.1)
     unicode-emoji (4.1.0)
-    uri (1.0.3)
+    uri (1.0.4)
     useragent (0.16.11)
     validate_url (1.0.15)
       activemodel (>= 3.0.0)

app/components/app_activity_log_component.rb

@@ -114,7 +114,7 @@ def initialize(team:, patient:, session: nil)
               :vaccination_records
 
   def events_by_day
-    all_events.sort_by { -it[:at].to_i }.group_by { it[:at].to_date }
+    all_events.sort_by { it[:at] }.reverse.group_by { it[:at].to_date }
   end
 
   def all_events

app/components/app_patient_programmes_table_component.rb

@@ -112,8 +112,10 @@ def status_for_programme(vaccination_status:, programme:, academic_year:)
       return "-"
     end
 
-    label = I18n.t(vaccination_status.status, scope: "status.programme.label")
-    colour = I18n.t(vaccination_status.status, scope: "status.programme.colour")
+    status = vaccination_status.status
+
+    label = I18n.t(status, scope: %i[status vaccination label])
+    colour = I18n.t(status, scope: %i[status vaccination colour])
     tag.strong(label, class: "nhsuk-tag nhsuk-tag--#{colour}")
   end