Skip to content

Commit f601ba7

Browse files
anthony-nhsanthony-nhs
authored
Chore: [AEA-0000] - use new common workflows (#965)
## Summary - Routine Change ### Details - use new common workflows
1 parent d0944ae commit f601ba7

5 files changed

Lines changed: 38 additions & 122 deletions

File tree

.github/workflows/cdk_package_code.yml

Lines changed: 2 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -3,24 +3,15 @@ name: cdk package code
33
on:
44
workflow_call:
55
inputs:
6-
runtime_docker_image:
6+
pinned_image:
77
type: string
88
required: true
9-
verify_published_from_main_image:
10-
type: boolean
11-
required: true
129

1310
jobs:
14-
verify_attestation:
15-
uses: NHSDigital/eps-common-workflows/.github/workflows/verify-attestation.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
16-
with:
17-
runtime_docker_image: "${{ inputs.runtime_docker_image }}"
18-
verify_published_from_main_image: ${{ inputs.verify_published_from_main_image }}
1911
package_code:
2012
runs-on: ubuntu-22.04
21-
needs: verify_attestation
2213
container:
23-
image: ${{ needs.verify_attestation.outputs.pinned_image }}
14+
image: ${{ inputs.pinned_image }}
2415
options: --user 1001:1001 --group-add 128
2516
defaults:
2617
run:

.github/workflows/cdk_release_code.yml

Lines changed: 2 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -33,12 +33,9 @@ on:
3333
MARK_JIRA_RELEASED:
3434
type: boolean
3535
default: false
36-
runtime_docker_image:
36+
pinned_image:
3737
type: string
3838
required: true
39-
verify_published_from_main_image:
40-
type: boolean
41-
required: true
4239
IS_PULL_REQUEST:
4340
type: boolean
4441
required: true
@@ -57,17 +54,11 @@ on:
5754
required: false
5855

5956
jobs:
60-
verify_attestation:
61-
uses: NHSDigital/eps-common-workflows/.github/workflows/verify-attestation.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
62-
with:
63-
runtime_docker_image: "${{ inputs.runtime_docker_image }}"
64-
verify_published_from_main_image: ${{ inputs.verify_published_from_main_image }}
6557

6658
release_code:
6759
runs-on: ubuntu-22.04
68-
needs: verify_attestation
6960
container:
70-
image: ${{ needs.verify_attestation.outputs.pinned_image }}
61+
image: ${{ inputs.pinned_image }}
7162
options: --user 1001:1001 --group-add 128
7263
defaults:
7364
run:

.github/workflows/ci.yml

Lines changed: 10 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -9,31 +9,14 @@ env:
99

1010
jobs:
1111
get_config_values:
12-
runs-on: ubuntu-22.04
13-
outputs:
14-
tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
15-
devcontainer_version: ${{ steps.load-config.outputs.DEVCONTAINER_VERSION }}
16-
devcontainer_image: ${{ steps.load-config.outputs.DEVCONTAINER_IMAGE }}
17-
steps:
18-
- name: Checkout code
19-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
20-
21-
- name: Load config value
22-
id: load-config
23-
run: |
24-
TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
25-
DEVCONTAINER_IMAGE=$(jq -r '.build.args.IMAGE_NAME' .devcontainer/devcontainer.json)
26-
DEVCONTAINER_VERSION=$(jq -r '.build.args.IMAGE_VERSION' .devcontainer/devcontainer.json)
27-
{
28-
echo "TAG_FORMAT=$TAG_FORMAT"
29-
echo "DEVCONTAINER_IMAGE=$DEVCONTAINER_IMAGE"
30-
echo "DEVCONTAINER_VERSION=$DEVCONTAINER_VERSION"
31-
} >> "$GITHUB_OUTPUT"
12+
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
13+
with:
14+
verify_published_from_main_image: true
3215
quality_checks:
33-
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
16+
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
3417
needs: [get_config_values]
3518
with:
36-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
19+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
3720
secrets:
3821
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
3922

@@ -49,28 +32,25 @@ jobs:
4932
5033
tag_release:
5134
needs: [quality_checks, get_commit_id, get_config_values]
52-
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
35+
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
5336
with:
5437
dry_run: true
55-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
38+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
5639
branch_name: main
5740
tag_format: ${{ needs.get_config_values.outputs.tag_format }}
58-
verify_published_from_main_image: true
5941
secrets: inherit
6042

6143
package_code:
6244
needs: [tag_release, get_config_values]
6345
uses: ./.github/workflows/cdk_package_code.yml
6446
with:
65-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
66-
verify_published_from_main_image: true
47+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
6748

6849
release_dev:
6950
needs: [tag_release, package_code, get_commit_id, get_config_values]
7051
uses: ./.github/workflows/cdk_release_code.yml
7152
with:
72-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
73-
verify_published_from_main_image: true
53+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
7454
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
7555
STACK_NAME: dashboards
7656
TARGET_ENVIRONMENT: dev
@@ -92,8 +72,7 @@ jobs:
9272
needs: [tag_release, release_dev, package_code, get_commit_id, get_config_values]
9373
uses: ./.github/workflows/cdk_release_code.yml
9474
with:
95-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
96-
verify_published_from_main_image: true
75+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
9776
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
9877
STACK_NAME: dashboards
9978
TARGET_ENVIRONMENT: qa

.github/workflows/pull_request.yml

Lines changed: 11 additions & 31 deletions
Original file line numberDiff line numberDiff line change
@@ -9,43 +9,26 @@ env:
99

1010
jobs:
1111
get_config_values:
12-
runs-on: ubuntu-22.04
13-
outputs:
14-
tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
15-
devcontainer_version: ${{ steps.load-config.outputs.DEVCONTAINER_VERSION }}
16-
devcontainer_image: ${{ steps.load-config.outputs.DEVCONTAINER_IMAGE }}
17-
steps:
18-
- name: Checkout code
19-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
20-
21-
- name: Load config value
22-
id: load-config
23-
run: |
24-
TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
25-
DEVCONTAINER_IMAGE=$(jq -r '.build.args.IMAGE_NAME' .devcontainer/devcontainer.json)
26-
DEVCONTAINER_VERSION=$(jq -r '.build.args.IMAGE_VERSION' .devcontainer/devcontainer.json)
27-
{
28-
echo "TAG_FORMAT=$TAG_FORMAT"
29-
echo "DEVCONTAINER_IMAGE=$DEVCONTAINER_IMAGE"
30-
echo "DEVCONTAINER_VERSION=$DEVCONTAINER_VERSION"
31-
} >> "$GITHUB_OUTPUT"
12+
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
13+
with:
14+
verify_published_from_main_image: false
3215

3316
dependabot-auto-approve-and-merge:
34-
uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
17+
uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
3518
secrets:
3619
AUTOMERGE_APP_ID: ${{ secrets.AUTOMERGE_APP_ID }}
3720
AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}
3821

3922
quality_checks:
40-
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
23+
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
4124
needs: [get_config_values]
4225
with:
43-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
26+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
4427
secrets:
4528
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
4629

4730
pr_title_format_check:
48-
uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
31+
uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
4932

5033
get_issue_number:
5134
runs-on: ubuntu-22.04
@@ -75,13 +58,12 @@ jobs:
7558

7659
tag_release:
7760
needs: [get_config_values]
78-
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
61+
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
7962
with:
8063
dry_run: true
81-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
64+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
8265
branch_name: ${{ github.event.pull_request.head.ref }}
8366
tag_format: ${{ needs.get_config_values.outputs.tag_format }}
84-
verify_published_from_main_image: false
8567
secrets: inherit
8668

8769
get_commit_id:
@@ -98,14 +80,12 @@ jobs:
9880
uses: ./.github/workflows/cdk_package_code.yml
9981
needs: [get_config_values]
10082
with:
101-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
102-
verify_published_from_main_image: false
83+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
10384
release_code:
10485
needs: [get_issue_number, package_code, get_commit_id, quality_checks, get_config_values]
10586
uses: ./.github/workflows/cdk_release_code.yml
10687
with:
107-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
108-
verify_published_from_main_image: false
88+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
10989
STACK_NAME: dashboards-pr-${{needs.get_issue_number.outputs.issue_number}}
11090
ARTIFACT_BUCKET_PREFIX: PR-${{needs.get_issue_number.outputs.issue_number}}
11191
TARGET_ENVIRONMENT: dev-pr

.github/workflows/release.yml

Lines changed: 13 additions & 38 deletions
Original file line numberDiff line numberDiff line change
@@ -8,32 +8,14 @@ env:
88

99
jobs:
1010
get_config_values:
11-
runs-on: ubuntu-22.04
12-
outputs:
13-
tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
14-
devcontainer_version: ${{ steps.load-config.outputs.DEVCONTAINER_VERSION }}
15-
devcontainer_image: ${{ steps.load-config.outputs.DEVCONTAINER_IMAGE }}
16-
steps:
17-
- name: Checkout code
18-
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
19-
20-
- name: Load config value
21-
id: load-config
22-
run: |
23-
TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
24-
DEVCONTAINER_IMAGE=$(jq -r '.build.args.IMAGE_NAME' .devcontainer/devcontainer.json)
25-
DEVCONTAINER_VERSION=$(jq -r '.build.args.IMAGE_VERSION' .devcontainer/devcontainer.json)
26-
{
27-
echo "TAG_FORMAT=$TAG_FORMAT"
28-
echo "DEVCONTAINER_IMAGE=$DEVCONTAINER_IMAGE"
29-
echo "DEVCONTAINER_VERSION=$DEVCONTAINER_VERSION"
30-
} >> "$GITHUB_OUTPUT"
31-
11+
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
12+
with:
13+
verify_published_from_main_image: true
3214
quality_checks:
33-
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
15+
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
3416
needs: [get_config_values]
3517
with:
36-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
18+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
3719
secrets:
3820
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
3921

@@ -49,28 +31,25 @@ jobs:
4931
5032
tag_release:
5133
needs: [quality_checks, get_commit_id, get_config_values]
52-
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
34+
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@8404cf6e3a61ac8de4d1644e175e288aa4965815
5335
with:
5436
dry_run: false
55-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
37+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
5638
branch_name: main
5739
tag_format: ${{ needs.get_config_values.outputs.tag_format }}
58-
verify_published_from_main_image: true
5940
secrets: inherit
6041

6142
package_code:
6243
needs: [tag_release, get_config_values]
6344
uses: ./.github/workflows/cdk_package_code.yml
6445
with:
65-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
66-
verify_published_from_main_image: true
46+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
6747

6848
release_dev:
6949
needs: [tag_release, package_code, get_commit_id, get_config_values]
7050
uses: ./.github/workflows/cdk_release_code.yml
7151
with:
72-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
73-
verify_published_from_main_image: true
52+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
7453
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
7554
STACK_NAME: dashboards
7655
TARGET_ENVIRONMENT: dev
@@ -92,8 +71,7 @@ jobs:
9271
needs: [tag_release, release_dev, package_code, get_commit_id, get_config_values]
9372
uses: ./.github/workflows/cdk_release_code.yml
9473
with:
95-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
96-
verify_published_from_main_image: true
74+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
9775
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
9876
STACK_NAME: dashboards
9977
TARGET_ENVIRONMENT: ref
@@ -109,8 +87,7 @@ jobs:
10987
needs: [tag_release, release_dev, package_code, get_commit_id, get_config_values]
11088
uses: ./.github/workflows/cdk_release_code.yml
11189
with:
112-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
113-
verify_published_from_main_image: true
90+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
11491
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
11592
STACK_NAME: dashboards
11693
TARGET_ENVIRONMENT: qa
@@ -126,8 +103,7 @@ jobs:
126103
needs: [tag_release, release_qa, package_code, get_commit_id, get_config_values]
127104
uses: ./.github/workflows/cdk_release_code.yml
128105
with:
129-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
130-
verify_published_from_main_image: true
106+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
131107
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
132108
STACK_NAME: dashboards
133109
TARGET_ENVIRONMENT: int
@@ -149,8 +125,7 @@ jobs:
149125
needs: [tag_release, release_int, package_code, get_commit_id, get_config_values]
150126
uses: ./.github/workflows/cdk_release_code.yml
151127
with:
152-
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
153-
verify_published_from_main_image: true
128+
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
154129
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
155130
STACK_NAME: dashboards
156131
TARGET_ENVIRONMENT: prod

0 commit comments

Comments
 (0)