Build: [AEA-4506] - Move to communal QC (#1402)

## Summary

- 🤖 Operational or Infrastructure Change

### Details

Replace the `quality-checks.yml` file in the repo with the communal one
shared across all EPS projects

Also removes the unused `create_certs.sh` script

Author: wildjames

.github/workflows/ci.yml

@@ -9,7 +9,7 @@ env:
 
 jobs:
   quality_checks:
-    uses: ./.github/workflows/quality_checks.yml
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v3.0.0
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 

.github/workflows/pr-link.yml

@@ -14,10 +14,25 @@ jobs:
 
       - name: Grab ticket name
         if: contains(github.event.pull_request.head.ref, 'aea-') || contains(github.event.pull_request.head.ref, 'AEA-') || contains(github.event.pull_request.head.ref, 'apm-') || contains(github.event.pull_request.head.ref, 'APM-') || contains(github.event.pull_request.head.ref, 'apmspii-') || contains(github.event.pull_request.head.ref, 'APMSPII-') || contains(github.event.pull_request.head.ref, 'adz-') || contains(github.event.pull_request.head.ref, 'ADZ-') || contains(github.event.pull_request.head.ref, 'amb-') || contains(github.event.pull_request.head.ref, 'AMB-')
-        run: echo name=TICKET_NAME::"$(echo "$REF" | grep -i -o '\(aea-[0-9]\+\)\|\(apm-[0-9]\+\)\|\(apmspii-[0-9]\+\)\|\(adz-[0-9]\+\)|\(amb-[0-9]\+\)' | tr '[:lower:]' '[:upper:]')" >> "$GITHUB_ENV"
         continue-on-error: true
-        env:
-          ACTIONS_ALLOW_UNSECURE_COMMANDS: true
+        run: |
+          # Match ticket name patterns
+          REGEX='
+            (aea-[0-9]+)|
+            (apm-[0-9]+)|
+            (apmspii-[0-9]+)|
+            (adz-[0-9]+)|
+            (amb-[0-9]+)
+          '
+
+          # Remove whitespace and newlines from the regex
+          REGEX=$(echo "$REGEX" | tr -d '[:space:]')
+
+          # Extract the ticket name and convert to uppercase
+          TICKET_NAME=$(echo "$REF" | grep -i -E -o "$REGEX" | tr '[:lower:]' '[:upper:]')
+
+          # Set the environment variable
+          echo "TICKET_NAME=$TICKET_NAME" >> "$GITHUB_ENV"
 
       - name: Comment on PR with link to JIRA ticket
         if: contains(github.event.pull_request.head.ref, 'aea-') || contains(github.event.pull_request.head.ref, 'AEA-') || contains(github.event.pull_request.head.ref, 'apm-') || contains(github.event.pull_request.head.ref, 'APM-') || contains(github.event.pull_request.head.ref, 'apmspii-') || contains(github.event.pull_request.head.ref, 'APMSPII-') || contains(github.event.pull_request.head.ref, 'adz-') || contains(github.event.pull_request.head.ref, 'ADZ-') || contains(github.event.pull_request.head.ref, 'amb-') || contains(github.event.pull_request.head.ref, 'AMB-')
@@ -27,5 +42,5 @@ jobs:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:
           msg: |
-            This branch is work on a ticket in the NHS Digital APM JIRA Project. Here's a handy link to the ticket:
+            This branch is work on a ticket in an NHS Digital JIRA Project. Here's a handy link to the ticket:
             # [${{ env.TICKET_NAME }}](https://nhsd-jira.digital.nhs.uk/browse/${{ env.TICKET_NAME }})

.github/workflows/pull_request.yml

@@ -9,7 +9,7 @@ env:
 
 jobs:
   quality_checks:
-    uses: ./.github/workflows/quality_checks.yml
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v3.0.0
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 

.github/workflows/quality_checks.yml

@@ -5,7 +5,7 @@ on:
 
 jobs:
   quality_checks:
-    uses: ./.github/workflows/quality_checks.yml
+    uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/quality-checks.yml@v3.0.0
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 

.github/workflows/release.yml

@@ -266,7 +266,6 @@ Workflows are in the .github/workflows folder
 - `combine-dependabot-prs.yml`: Workflow for combining dependabot pull requests. Runs on demand
 - `delete_old_cloudformation_stacks.yml`: Workflow for deleting old cloud formation stacks. Runs daily
 - `pull_request.yml`: Called when pull request is opened or updated. Calls sam_package_code and sam_release_code to build and deploy the code. Deploys to dev AWS account. The main and sandbox stacks deployed have PR-<PULL_REQUEST_ID> in the name
-- `quality_checks.yml`: Runs check-licenses, lint, test and sonarcloud scan against the repo. Called from pull_request.yml and release.yml
 - `release.yml`: Runs on demand to create a release and deploy to all environments.
 - `sam_package_code.yml`: Packages code and uploads to a github artifact for later deployment
 - `sam_release_code.yml`: Release code built by sam_package_code.yml to an environment