eps-FHIR-validator-lambda/.github/workflows/ci.yml at main · NHSDigital/eps-FHIR-validator-lambda · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
name: merge to main workflow

on:
  push:
    branches: [main]

env:
  BRANCH_NAME: ${{ github.event.ref.BRANCH_NAME }}

jobs:
  get_config_values:
    uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@383f3f9eaf3cb553ebcd74897bfed4d5e387629e
    with:
      verify_published_from_main_image: true
  quality_checks:
    uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@383f3f9eaf3cb553ebcd74897bfed4d5e387629e
    needs: [get_config_values]
    secrets:
      SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
    with:
      pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}

  get_commit_id:
    runs-on: ubuntu-22.04
    outputs:
      commit_id: ${{ steps.commit_id.outputs.commit_id }}
    steps:
      - name: Get Commit ID
        id: commit_id
        run: |
          echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"

  tag_release:
    needs: [quality_checks, get_commit_id, get_config_values]
    uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@383f3f9eaf3cb553ebcd74897bfed4d5e387629e
    with:
      dry_run: true
      pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
      branch_name: main
      tag_format: ${{ needs.get_config_values.outputs.tag_format }}
    secrets: inherit

  package_code:
    needs: [tag_release, get_config_values]
    uses: ./.github/workflows/sam_package_code.yml
    with:
      pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}

  release_dev:
    needs: [tag_release, package_code, get_commit_id, get_config_values]
    uses: ./.github/workflows/sam_release_code.yml
    with:
      pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
      ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
      STACK_NAME: fhir-validator
      TARGET_ENVIRONMENT: dev
      BUILD_ARTIFACT: packaged_code
      VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}}
      COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
      LOG_LEVEL: INFO
      LOG_RETENTION_DAYS: 30
      CREATE_INT_RELEASE_NOTES: true
      CREATE_PROD_RELEASE_NOTES: true
      ENABLE_ALERTS: true
    secrets:
      CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
      DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
      INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
      PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
      DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}

  release_qa:
    needs: [tag_release, release_dev, package_code, get_commit_id, get_config_values]
    uses: ./.github/workflows/sam_release_code.yml
    with:
      pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
      ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
      STACK_NAME: fhir-validator
      TARGET_ENVIRONMENT: qa
      BUILD_ARTIFACT: packaged_code
      VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}}
      COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
      LOG_LEVEL: INFO
      LOG_RETENTION_DAYS: 30
      ENABLE_ALERTS: true
    secrets:
      CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.QA_CLOUD_FORMATION_DEPLOY_ROLE }}