podaac
diff --git a/‎.github/workflows/diff.yml‎
Lines changed: 28 additions & 0 deletions b/‎.github/workflows/diff.yml‎
Lines changed: 28 additions & 0 deletions
diff --git a/‎.github/workflows/new_regression.yml‎
Lines changed: 10 additions & 17 deletions b/‎.github/workflows/new_regression.yml‎
Lines changed: 10 additions & 17 deletions
diff --git a/‎.github/workflows/process_chunk.yml‎
Lines changed: 10 additions & 20 deletions b/‎.github/workflows/process_chunk.yml‎
Lines changed: 10 additions & 20 deletions
diff --git a/‎.github/workflows/verify.yml‎
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/verify.yml‎
Lines changed: 1 addition & 1 deletion
@@ -84,12 +84,25 @@ jobs:
           app_id: ${{ secrets.CICD_APP_ID }}
           private_key: ${{ secrets.CICD_APP_PRIVATE_KEY }}
       - uses: actions/checkout@v4
+      - name: Check for existing PR
+        id: existing_pr
+        env:
+          GH_TOKEN: ${{ steps.podaac-cicd.outputs.token }}
+        run: |
+          pr_count=$(gh pr list --head "diff/uat/${{ matrix.data.concept_id }}" --state open --json number --jq 'length')
+          if [ "$pr_count" -gt 0 ]; then
+            echo "exists=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "exists=false" >> "$GITHUB_OUTPUT"
+          fi
       - name: Update uat_associations
+        if: steps.existing_pr.outputs.exists != 'true'
         run: |
           mkdir -p $GITHUB_WORKSPACE/tests/cmr/l2ss-py/uat
           echo "${{ matrix.data.concept_id }}" > $GITHUB_WORKSPACE/tests/cmr/l2ss-py/uat/${{ matrix.data.concept_id }}
       - name: Create Pull Request for ${{ env.SHORT_NAME }}
         id: cpr
+        if: steps.existing_pr.outputs.exists != 'true'
         uses: peter-evans/create-pull-request@v6
         with:
           token: ${{ steps.podaac-cicd.outputs.token }}
@@ -106,6 +119,7 @@ jobs:
             unverified
             autotest
       - name: Enable Pull Request Automerge
+        if: steps.existing_pr.outputs.exists != 'true'
         env:
           GH_TOKEN: ${{ github.token }}
         run: gh pr merge --merge --auto ${{ steps.cpr.outputs.pull-request-number }}
@@ -128,12 +142,25 @@ jobs:
           app_id: ${{ secrets.CICD_APP_ID }}
           private_key: ${{ secrets.CICD_APP_PRIVATE_KEY }}
       - uses: actions/checkout@v4
+      - name: Check for existing PR
+        id: existing_pr
+        env:
+          GH_TOKEN: ${{ steps.podaac-cicd.outputs.token }}
+        run: |
+          pr_count=$(gh pr list --head "diff/ops/${{ matrix.data.concept_id }}" --state open --json number --jq 'length')
+          if [ "$pr_count" -gt 0 ]; then
+            echo "exists=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "exists=false" >> "$GITHUB_OUTPUT"
+          fi
       - name: Update ops_associations
+        if: steps.existing_pr.outputs.exists != 'true'
         run: |
           mkdir -p $GITHUB_WORKSPACE/tests/cmr/l2ss-py/ops
           echo "${{ matrix.data.concept_id }}" > $GITHUB_WORKSPACE/tests/cmr/l2ss-py/ops/${{ matrix.data.concept_id }}
       - name: Create Pull Request for ${{ env.SHORT_NAME }}
         id: cpr
+        if: steps.existing_pr.outputs.exists != 'true'
         uses: peter-evans/create-pull-request@v6
         with:
           token: ${{ steps.podaac-cicd.outputs.token }}
@@ -150,6 +177,7 @@ jobs:
             unverified
             autotest
       - name: Enable Pull Request Automerge
+        if: steps.existing_pr.outputs.exists != 'true'
         env:
           GH_TOKEN: ${{ github.token }}
         run: gh pr merge --merge --auto ${{ steps.cpr.outputs.pull-request-number }}
 
@@ -135,30 +135,23 @@ jobs:
           pattern: job-status-*
           path: job-status
 
-      - name: Set CMR bearer token dynamically
-        id: set-cmr-token
-        run: |
-          case "${{ needs.setup-and-chunk.outputs.environment_upper }}" in
-            UAT)
-              echo "CMR_BEARER_TOKEN=${{ secrets.UAT_URS_TOKEN }}" >> $GITHUB_ENV
-              ;;
-            OPS)
-              echo "CMR_BEARER_TOKEN=${{ secrets.OPS_URS_TOKEN }}" >> $GITHUB_ENV
-              ;;
-            *)
-              echo "❌ Unknown environment: ${{ needs.setup-and-chunk.outputs.environment_upper }}" >&2
-              exit 1
-              ;;
-          esac
+      - name: Configure AWS credentials for UAT
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CUMULUS_UAT }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CUMULUS_UAT }}
+          aws-region: us-west-2
 
       - name: Aggregate failed jobs and print URLs and reasons
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           GITHUB_REPOSITORY: ${{ github.repository }}
           REGRESSION_ENV: ${{ needs.setup-and-chunk.outputs.environment_upper }}
+          CMR_TOKEN_PROVIDER: lambda
+          CMR_TOKEN_LAMBDA_FUNCTION_NAME: ${{ needs.setup-and-chunk.outputs.environment }}-launchpad_token_dispenser
+          CMR_TOKEN_LAMBDA_REGION: us-west-2
           CMR_USER: ${{ secrets.CMR_USER }}
           CMR_PASS: ${{ secrets.CMR_PASS }}
           OPENROUTER_API_KEY: ${{ secrets.OPENROUTER_API_KEY }}
-          CMR_BEARER_TOKEN: ${{ env.CMR_BEARER_TOKEN }}
         run: |
-          poetry run python tests/aggregate_results.py
+          poetry run python tests/aggregate_results.py
@@ -36,22 +36,6 @@ jobs:
         include: ${{ fromJson(inputs.chunk-data) }}
     steps:
 
-      - name: Set CMR bearer token dynamically
-        id: set-cmr-token
-        run: |
-          case "${{ inputs.environment }}" in
-            UAT)
-              echo "CMR_BEARER_TOKEN=${{ secrets.UAT_URS_TOKEN }}" >> $GITHUB_ENV
-              ;;
-            OPS)
-              echo "CMR_BEARER_TOKEN=${{ secrets.OPS_URS_TOKEN }}" >> $GITHUB_ENV
-              ;;
-            *)
-              echo "❌ Unknown environment: ${{ inputs.environment }}" >&2
-              exit 1
-              ;;
-          esac
-
       - name: Get matrix job URL
         run: |
           echo "Fetching job URL for matrix job (env=${{ matrix.env }}, file=${{ matrix.file }})..."
@@ -135,14 +119,20 @@ jobs:
       - name: Poetry Install
         run: poetry install
 
-      - name: Run Regression
-        id: regression
-        env:
-            CMR_BEARER_TOKEN: ${{ env.CMR_BEARER_TOKEN }}
+      - name: Configure AWS credentials for UAT
+        uses: aws-actions/configure-aws-credentials@v3
+        with:
+          aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_CUMULUS_UAT }}
+          aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_CUMULUS_UAT }}
+          aws-region: us-west-2
+
+      - name: Run Regression with Lambda Token Provider
+        id: regression_with_token
         working-directory: tests
         run: |
           poetry run pytest -s -n 2 verify_collection.py \
             --env ${{ matrix.env }} \
+            --token-provider lambda \
             --concept_id ${{ matrix.file }} \
             --tb=short | tee ../pytest_output.log
 
 
@@ -56,7 +56,7 @@ jobs:
           CMR_USER: ${{ secrets.CMR_USER }}
           CMR_PASS: ${{ secrets.CMR_PASS }}
         run: |
-          poetry run pytest verify_collection.py --concept_id $CONCEPT_ID --env $TEST_ENV --junitxml=$GITHUB_WORKSPACE/test-results/test_report.xml --html=$GITHUB_WORKSPACE/test-results/test_report.html || true
+          poetry run pytest verify_collection.py --concept_id $CONCEPT_ID --env $TEST_ENV --token-provider lambda --junitxml=$GITHUB_WORKSPACE/test-results/test_report.xml --html=$GITHUB_WORKSPACE/test-results/test_report.html || true
 
       - name: Convert XML to JSON
         id: run-xml-to-json