Skip to content

Commit

Permalink
Add GitHub actions
Browse files Browse the repository at this point in the history
  • Loading branch information
@kris-szlapa
kris-szlapa committed Nov 30, 2023
1 parent f987908 commit c17d72b
Show file tree
Hide file tree
Showing 13 changed files with 1,093 additions and 0 deletions.
30 changes: 30 additions & 0 deletions .github/dependabot.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
#########################################################################
# Dependabot configuration file
#########################################################################

version: 2
updates:
- package-ecosystem: "github-actions"
# Workflow files stored in the
# default location of `.github/workflows`
directory: "/"
schedule:
interval: "daily"

###################################
# NPM workspace ##################
###################################
- package-ecosystem: "npm"
directory: "/"
schedule:
interval: "daily"
versioning-strategy: increase

###################################
# Poetry #########################
###################################
- package-ecosystem: "pip"
directory: "/"
schedule:
interval: "daily"
versioning-strategy: increase
30 changes: 30 additions & 0 deletions .github/pull_request_template.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
## Summary

**Remove items from this list if they are not relevant. Remove this line once this has been done**

- Routine Change
- :exclamation: Breaking Change
- :robot: Operational or Infrastructure Change
- :sparkles: New Feature
- :warning: Potential issues that might be caused by this change

### Details

Add any summary information of what is in the change. **Remove this line if you have nothing to add.**

## Reviews Required

**Check who should review this. Remove this line once this has been done**

- [x] Dev
- [ ] Test
- [ ] Tech Author
- [ ] Product Owner

## Review Checklist

:information_source: This section is to be filled in by the **reviewer**.

- [ ] I have reviewed the changes in this PR and they fill all or part of the acceptance criteria of the ticket, and the code is in a mergeable state.
- [ ] If there were infrastructure, operational, or build changes, I have made sure there is sufficient evidence that the changes will work.
- [ ] I have ensured the jira ticket has been updated with the github pull request link
21 changes: 21 additions & 0 deletions .github/workflows/adhoc_create_release_notes.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
name: Adhoc create confluence release notes

on:
workflow_dispatch:

jobs:
create_aws_int_release_notes:
uses: ./.github/workflows/create_confluence_release_notes.yml
with:
TARGET_ENVIRONMENT: int
secrets:
DEV_CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.INT_CLOUD_FORMATION_DEPLOY_ROLE }}

create_aws_prod_release_notes:
uses: ./.github/workflows/create_confluence_release_notes.yml
with:
TARGET_ENVIRONMENT: prod
secrets:
DEV_CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_DEPLOY_ROLE }}
151 changes: 151 additions & 0 deletions .github/workflows/combine-dependabot-prs.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,151 @@
name: 'Combine PRs'

# Controls when the action will run - in this case triggered manually
on:
workflow_dispatch:
inputs:
branchPrefix:
description: 'Branch prefix to find combinable PRs based on'
required: true
default: 'dependabot'
mustBeGreen:
description: 'Only combine PRs that are green (status is success)'
required: true
default: "true"
combineBranchName:
description: 'Name of the branch to combine PRs into'
required: true
default: 'combine-dependabot-PRs'
ignoreLabel:
description: 'Exclude PRs with this label'
required: true
default: 'nocombine'

# A workflow run is made up of one or more jobs that can run sequentially or in parallel
jobs:
# This workflow contains a single job called "combine-prs"
combine-prs:
# The type of runner that the job will run on
runs-on: ubuntu-latest

# Steps represent a sequence of tasks that will be executed as part of the job
steps:
- uses: actions/github-script@v7
id: create-combined-pr
name: Create Combined PR
with:
github-token: ${{secrets.GITHUB_TOKEN}}
script: |
const pulls = await github.paginate('GET /repos/:owner/:repo/pulls', {
owner: context.repo.owner,
repo: context.repo.repo
});
let branchesAndPRStrings = [];
let baseBranch = null;
let baseBranchSHA = null;
for (const pull of pulls) {
const branch = pull['head']['ref'];
console.log('Pull for branch: ' + branch);
if (branch.startsWith('${{ github.event.inputs.branchPrefix }}')) {
console.log('Branch matched prefix: ' + branch);
let statusOK = true;
if(${{ github.event.inputs.mustBeGreen }}) {
console.log('Checking green status: ' + branch);
const stateQuery = `query($owner: String!, $repo: String!, $pull_number: Int!) {
repository(owner: $owner, name: $repo) {
pullRequest(number:$pull_number) {
commits(last: 1) {
nodes {
commit {
statusCheckRollup {
state
}
}
}
}
}
}
}`
const vars = {
owner: context.repo.owner,
repo: context.repo.repo,
pull_number: pull['number']
};
const result = await github.graphql(stateQuery, vars);
const [{ commit }] = result.repository.pullRequest.commits.nodes;
const state = commit.statusCheckRollup.state
console.log('Validating status: ' + state);
if(state != 'SUCCESS') {
console.log('Discarding ' + branch + ' with status ' + state);
statusOK = false;
}
}
console.log('Checking labels: ' + branch);
const labels = pull['labels'];
for(const label of labels) {
const labelName = label['name'];
console.log('Checking label: ' + labelName);
if(labelName == '${{ github.event.inputs.ignoreLabel }}') {
console.log('Discarding ' + branch + ' with label ' + labelName);
statusOK = false;
}
}
if (statusOK) {
console.log('Adding branch to array: ' + branch);
const prString = '#' + pull['number'] + ' ' + pull['title'];
branchesAndPRStrings.push({ branch, prString });
baseBranch = pull['base']['ref'];
baseBranchSHA = pull['base']['sha'];
}
}
}
if (branchesAndPRStrings.length == 0) {
core.setFailed('No PRs/branches matched criteria');
return;
}
try {
await github.rest.git.createRef({
owner: context.repo.owner,
repo: context.repo.repo,
ref: 'refs/heads/' + '${{ github.event.inputs.combineBranchName }}',
sha: baseBranchSHA
});
} catch (error) {
console.log(error);
core.setFailed('Failed to create combined branch - maybe a branch by that name already exists?');
return;
}
let combinedPRs = [];
let mergeFailedPRs = [];
for(const { branch, prString } of branchesAndPRStrings) {
try {
await github.rest.repos.merge({
owner: context.repo.owner,
repo: context.repo.repo,
base: '${{ github.event.inputs.combineBranchName }}',
head: branch,
});
console.log('Merged branch ' + branch);
combinedPRs.push(prString);
} catch (error) {
console.log('Failed to merge branch ' + branch);
mergeFailedPRs.push(prString);
}
}
console.log('Creating combined PR');
const combinedPRsString = combinedPRs.join('\n');
let body = '✅ This PR was created by the Combine PRs action by combining the following PRs:\n' + combinedPRsString;
if(mergeFailedPRs.length > 0) {
const mergeFailedPRsString = mergeFailedPRs.join('\n');
body += '\n\n⚠️ The following PRs were left out due to merge conflicts:\n' + mergeFailedPRsString
}
await github.rest.pulls.create({
owner: context.repo.owner,
repo: context.repo.repo,
title: 'Combined PR',
head: '${{ github.event.inputs.combineBranchName }}',
base: baseBranch,
body: body
});
128 changes: 128 additions & 0 deletions .github/workflows/create_confluence_release_notes.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,128 @@
name: 'Create confluence release notes'

on:
workflow_call:
inputs:
TARGET_ENVIRONMENT:
required: true
type: string
secrets:
DEV_CLOUD_FORMATION_DEPLOY_ROLE:
required: true
TARGET_CLOUD_FORMATION_DEPLOY_ROLE:
required: true

jobs:
create_confluence_release_notes:
runs-on: ubuntu-latest
permissions:
id-token: write
contents: read
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ env.BRANCH_NAME }}

# using git commit sha for version of action to ensure we have stable version
- name: Install asdf
uses: asdf-vm/actions/setup@4f8f7939dd917fc656bb7c3575969a5988c28364
with:
asdf_branch: v0.11.3

- name: Cache asdf
uses: actions/cache@v3
with:
path: |
~/.asdf
key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }}
restore-keys: |
${{ runner.os }}-asdf-
- name: Install asdf dependencies in .tool-versions
uses: asdf-vm/actions/install@4f8f7939dd917fc656bb7c3575969a5988c28364
with:
asdf_branch: v0.11.3
env:
PYTHON_CONFIGURE_OPTS: --enable-shared

- name: make install
run: |
make install
- name: Configure target AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: eu-west-2
role-to-assume: ${{ secrets.TARGET_CLOUD_FORMATION_DEPLOY_ROLE }}
role-session-name: github-actions

- shell: bash
name: get target tag
run: |
target_tag=$(aws cloudformation describe-stacks --stack-name ${{ inputs.TARGET_ENVIRONMENT }}-ci --query "Stacks[0].Tags[?Key=='version'].Value" --output text)
export target_tag
echo "target_tag=${target_tag}" >> "$GITHUB_ENV"
- name: Configure dev AWS Credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-region: eu-west-2
role-to-assume: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
role-session-name: github-actions

- shell: bash
name: get dev tag
run: |
dev_tag=$(aws cloudformation describe-stacks --stack-name dev-ci --query "Stacks[0].Tags[?Key=='version'].Value" --output text)
export dev_tag
echo "dev_tag=${dev_tag}" >> "$GITHUB_ENV"
- shell: bash
name: create int release notes
if: inputs.TARGET_ENVIRONMENT == 'int'
run: |
ENV_VAR=release-notes:CreateReleaseNotesLambdaName
RELEASE_NOTES_LAMBDA=$(aws cloudformation list-exports \
--query "Exports[?Name=='$ENV_VAR'].Value" \
--output text)
cat <<EOF > payload.json
{
"currentTag": "$target_tag",
"targetTag": "$dev_tag",
"repoName": "electronic-prescription-service-clinical-prescription-tracker",
"targetEnvironment": "INT",
"productName": "Prescritpions for Patients AWS layer",
"releaseNotesPageId": "693750027",
"releaseNotesPageTitle": "Current PfP AWS layer release notes - INT"
}
EOF
cat payload.json
aws lambda invoke --function-name "${RELEASE_NOTES_LAMBDA}" \
--cli-binary-format raw-in-base64-out \
--payload file://payload.json out.txt
- shell: bash
name: create prod release notes
if: inputs.TARGET_ENVIRONMENT == 'prod'
run: |
ENV_VAR=release-notes:CreateReleaseNotesLambdaName
RELEASE_NOTES_LAMBDA=$(aws cloudformation list-exports \
--query "Exports[?Name=='$ENV_VAR'].Value" \
--output text)
cat <<EOF > payload.json
{
"currentTag": "$target_tag",
"targetTag": "$dev_tag",
"repoName": "electronic-prescription-service-clinical-prescription-tracker",
"targetEnvironment": "PROD",
"productName": "Prescritpions for Patients AWS layer",
"releaseNotesPageId": "693750029",
"releaseNotesPageTitle": "Current PfP AWS layer release notes - PROD"
}
EOF
cat payload.json
aws lambda invoke --function-name "${RELEASE_NOTES_LAMBDA}" \
--cli-binary-format raw-in-base64-out \
--payload file://payload.json out.txt
Loading

0 comments on commit c17d72b

Please sign in to comment.