Merge pull request #16517 from CDCgov/deployment/2024-11-12

Deployment of 2024-11-12

.environment/chatops/help.txt

@@ -3,7 +3,7 @@ ACTION
 USAGE
     [<@bot>] gh-deploy [<branch>] to [<branch>] [OPTIONAL: for <owner/repo>]
 EXAMPLES
-    @DevBot gh-deploy master to trialfrontend1
+    @DevBot gh-deploy main to trialfrontend1
 ==========================================================================
 ACTION
     Lock branch to prevent deployments
@@ -26,4 +26,4 @@ USAGE
     [<@bot>] gh-run [<workflow file>] [OPTIONAL: <owner/repo> <branch>] [OPTIONAL: --inputs <a:b,c:d>] 
 EXAMPLES
     @DevBot gh-run destroy_demo_environment.yml --inputs env_name:demo1
-    @DevBot gh-run destroy_demo_environment.yml CDCgov/prime-reportstream master --inputs env_name:demo1
+    @DevBot gh-run destroy_demo_environment.yml CDCgov/prime-reportstream main --inputs env_name:demo1

.github/ISSUE_TEMPLATE/up-receiver-migration-set-up-receiver-settings.md

@@ -19,9 +19,9 @@ As a developer, I want to compare the messages generated from the Covid and Univ
 ### Dev Notes:
 
 - [ ] Fetch [STLT] organization settings from production and load them locally
-- [ ] Use the attached SimpleReport covid postman collection and make sure the message gets routed to [STLT] locally. Modify the message to meet [STLT] filter if needed [Simple Report Covid.postman_collection](https://github.com/CDCgov/prime-reportstream/blob/master/prime-router/docs/onboarding-users/samples/SimpleReport/Simple%20Report%20Covid.postman_collection.json)
-- [ ] Make a copy of the [STLT] organization settings to onboard them to the UP. See How to Migrate an existing receiver to the UP documentation for more details: https://github.com/CDCgov/prime-reportstream/blob/master/prime-router/docs/onboarding-users/migrating-receivers.md
-- [ ] Use this Postman collection to send a FHIR bundle the UP and make sure the message gets routed to the new UP [STLT] receiver. You may need to update the Simple Report sender to use the simple-report-sender-transform.yml if it's not using it. [Simple Report UP.postman_collection](https://github.com/CDCgov/prime-reportstream/blob/master/prime-router/docs/onboarding-users/samples/SimpleReport/Simple%20Report%20UP.postman_collection.json)
+- [ ] Use the attached SimpleReport covid postman collection and make sure the message gets routed to [STLT] locally. Modify the message to meet [STLT] filter if needed [Simple Report Covid.postman_collection](https://github.com/CDCgov/prime-reportstream/blob/main/prime-router/docs/onboarding-users/samples/SimpleReport/Simple%20Report%20Covid.postman_collection.json)
+- [ ] Make a copy of the [STLT] organization settings to onboard them to the UP. See How to Migrate an existing receiver to the UP documentation for more details: https://github.com/CDCgov/prime-reportstream/blob/main/prime-router/docs/onboarding-users/migrating-receivers.md
+- [ ] Use this Postman collection to send a FHIR bundle the UP and make sure the message gets routed to the new UP [STLT] receiver. You may need to update the Simple Report sender to use the simple-report-sender-transform.yml if it's not using it. [Simple Report UP.postman_collection](https://github.com/CDCgov/prime-reportstream/blob/main/prime-router/docs/onboarding-users/samples/SimpleReport/Simple%20Report%20UP.postman_collection.json)
 - To migrate the Covid translation settings start by looking at their current translation settings. If the receiver uses  any of the following settings you will need to create a receiver schema:
 	- receivingApplicationName
 	- receivingApplicationOID
@@ -45,7 +45,7 @@ As a developer, I want to compare the messages generated from the Covid and Univ
     - useOrderingFacilityName not STANDARD
     - receivingOrganization
     - stripInvalidCharsRegex
-    
+
 - More documentation on how to set-up these transforms in the UP will be provided, but for now you can look for examples on how to set this up in either the NY-receiver-transforms or CA-receiver-transforms
 
 - If the receiver uses any of those transforms you will need to create a receiver transform under `metadata/hl7_mapping/receivers/STLTs/` and update the receiver settings to point to this schema.
@@ -60,11 +60,10 @@ As a developer, I want to compare the messages generated from the Covid and Univ
 - If there are no major differences we can move on to sending test messages to the STLTs staging environment.
 
 
-### Acceptance Criteria 
+### Acceptance Criteria
 - [ ] Created and sent data to [STLT] through the covid pipeline locally
 - [ ] Created and sent data to [STLTS] through the universal pipeline locally
 - [ ] Migrated  Covid receiver translation settings to the UP receiver settings
 - [ ] Successfully generated a message with migrated UP receiver settings
 - [ ] Review transforms settings with the team
 - [ ] Compared messages from the covid and universal pipelines and documented differences and review with team
-

.github/actions/build-vars/action.yml

@@ -103,8 +103,8 @@ runs:
     - name: Set Build Environment - STAGING
       id: build_staging
       if: |
-        (github.event_name != 'pull_request' && github.ref_name == 'master') ||
-        (github.event_name == 'pull_request' && github.base_ref == 'master')
+        (github.event_name != 'pull_request' && github.ref_name == 'main') ||
+        (github.event_name == 'pull_request' && github.base_ref == 'main')
       shell: bash
       run: |
         echo "env_name=staging" >> $GITHUB_OUTPUT

.github/actions/action-connect-ovpn/action.yml → .github/actions/connect-ovpn/action.yml

@@ -34,6 +34,12 @@ runs:
         sudo apt-get install openvpn-systemd-resolved
       shell: bash
 
+    - name: Validate OpenVPN Version
+      run: |
+        echo -e "\nOpenVPN Version:" ;
+        openvpn --version ;
+      shell: bash
+
     - name: Connect VPN
       env:
         TLS_KEY: ${{ inputs.TLS_KEY }}
@@ -48,6 +54,8 @@ runs:
         echo "$USER_CRT" | base64 -d > user.crt
         echo "$USER_KEY" | base64 -d > user.key
         echo "$SECRET" | base64 -d > secret.txt
+
+        echo -e "sudo openvpn --config ${{ inputs.FILE_OVPN }} --daemon" ;
         sudo openvpn --config ${{ inputs.FILE_OVPN }} --daemon
 
     - name: VPN Status
@@ -58,7 +66,14 @@ runs:
       run: |
         sleep 5
         if ping -c 2 $PING_URL > /dev/null 2>&1; then
+
+          # echo -e "\nPinging URL: ${{ inputs.PING_URL }}" ;
+          # ping -c 3 ${{ inputs.PING_URL }} ;
+
           echo "vpn-status=true" >> $GITHUB_OUTPUT
+
+          echo -e "\nIP Route:" ;
+          ip route ;
         else
           echo "vpn-status=false" >> $GITHUB_OUTPUT
         fi

.github/actions/demo-env/action.yml

@@ -174,7 +174,7 @@ runs:
       with:
         owner: CDCgov
         repo: prime-reportstream
-        ref: master
+        ref: main
         github_token: ${{ inputs.github-token }}
         workflow_file_name: restore_databases.yml
         wait_interval: 120

.github/actions/vpn-azure/action.yml

@@ -40,9 +40,7 @@ runs:
         sed -i "s/\(dhcp-option DNS \).*/\1${{ inputs.dns-ip }}/" .github/vpn/${{ inputs.env-name }}.ovpn
       shell: bash
 
-    - uses: josiahsiegel/action-connect-ovpn@794339aff94452216c97f609476c367a43a31295
-    ## DevSecOps - Aquia (Replace) - uses: ./.github/actions/action-connect-ovpn
-
+    - uses: ./.github/actions/connect-ovpn
       if: inputs.env-name && inputs.ca-cert != 'false'
       id: connect_vpn
       with:

.github/changelog_config.json

@@ -113,6 +113,6 @@
       }
     },
     "base_branches": [
-      "master"
+      "main"
     ]
 }

.github/dependabot.yml

@@ -121,7 +121,7 @@ updates:
       interval: "daily"
 
   - package-ecosystem: "github-actions"
-    directory: "/.github/actions/action-connect-ovpn"
+    directory: "/.github/actions/connect-ovpn"
     schedule:
       interval: "daily"
 
@@ -136,64 +136,145 @@ updates:
       timezone: "US/Eastern"
     rebase-strategy: "disabled"
     groups:
-      mdx:
+      project:
         patterns:
-          - "*mdx*"
-      storybook:
-        patterns:
-          - "*storybook*"
-      testing-library:
-        patterns:
-          - "*testing-library/*"
-      eslint:
-        patterns:
-          - "eslint*"
-        exclude-patterns:
-          - "*prettier"
-          - "*vitest*"
-          - "*storybook"
-          - "*testing-library"
-          - "*playwright*"
-      vitest:
-        patterns:
-          - "*vitest*"
-      msw:
-        patterns:
-          - "*msw*"
-      prettier:
-        patterns:
-          - "*prettier*"
+          - "husky"
+          - "lint-staged"
+          - "dotenv-flow"
+          - "@types/dotenv-flow"
+          - "cross-env"
+          - "browserslist*"
+          - "@types/node"
+          - "npm-run-all"
+          - "patch-package"
       typescript:
         patterns:
-          - "typescript"
+          - "*typescript*"
           - "tslib"
           - "ts-node"
-          - "@typescript-eslint*"
+          - "tsx"
+      typescript-types:
+        patterns:
+          - "@types/*"
+        exclude-patterns:
+          - "*dotenv-flow"
+          - "*node"
+          - "*eslint__js"
+          - "*mdx"
+          - "@types/react"
+          - "@types/react-dom"
+          - "*react-router*"
+          - "*html-to-text"
+          - "*lodash"
+          - "*dompurify"
+          - "*sanitize-html"
+          - "*react-scroll-sync"
+          - "*downloadjs"
       react:
         patterns:
           - "react"
           - "react-dom"
-      react-router:
+          - "@types/react"
+          - "@types/react-dom"
+          - "eslint-plugin-react"
+          - "eslint-plugin-react-hooks"
+          - "eslint-plugin-react-refresh"
+      ui:
         patterns:
-          - "*react-router*"
-      playwright:
+          - "@uswds/*"
+          - "@trussworks/react-uswds"
+          - "react-loader-spinner"
+          - "react-toastify"
+          - "react-scroll-sync"
+          - "@types/react-scroll-sync"
+          - "focus-trap-react"
+          - "react-error-boundary"
+      utils:
+       patterns:
+         - "*lodash*"
+         - "use-deep-compare-effect"
+         - "uuid"
+         - "p-limit"
+         - "history"
+         - "date-fns*"
+         - "export-to-csv-fix-source-map"
+         - "classnames"
+      sanitizers:
         patterns:
-          - "*playwright*"
-      vite:
+         - "*sanitize-html"
+         - "*html-to-text"
+         - "*dompurify"
+      bundler:
+        patterns:
+          - "vite"
+          - "vite-plugin-*"
+          - "@vitejs/*"
+      linting-and-formatting:
+        patterns:
+          - "@eslint/*"
+          - "@types/eslint__js"
+          - "eslint"
+          - "*prettier*"
+      lint-plugins:
         patterns:
-          - "vite*"
-          - "@vitejs*"
+          - "eslint-*"
         exclude-patterns:
-          - "@storybook*"
-          - "vitest*"
-      okta:
+          - "*-plugin-jest-dom"
+          - "*-plugin-playwright"
+          - "*-plugin-react"
+          - "*-plugin-react-hooks"
+          - "*-plugin-react-refresh"
+          - "*-plugin-storybook"
+          - "*-plugin-testing-library"
+          - "*-plugin-vitest"
+      mocking:
+       patterns:
+          - "mockdate"
+          - "*msw*"
+      unit-testing:
+        patterns:
+          - "*vitest*"
+          - "eslint-plugin-jest-dom"
+          - "jsdom"
+          - "*testing-library/*"
+          - "undici"
+          - "globals"
+      e2e-testing:
+        patterns:
+          - "*playwright*"
+          - "otpauth"
+      storybook:
         patterns:
-          - "@okta*"
-      applicationinsights:
+          - "chromatic"
+          - "storybook"
+          - "@storybook/*"
+          - "eslint-plugin-storybook"
+      css:
+       patterns:
+         - "sass"
+         - "postcss"
+         - "autoprefixer"
+      analytics:
         patterns:
           - "@microsoft/applicationinsights*"
-      react-query:
+          - "web-vitals"
+      markdown:
+        patterns:
+          - "@mdx-js/*"
+          - "@types/mdx"
+          - "remark-*"
+          - "rehype-*"
+          - "react-markdown"
+      router:
+        patterns:
+          - "*react-router*"
+      auth:
+        patterns:
+          - "@okta/*"
+      fetching:
         patterns:
+          - "*downloadjs"
+          - "axios"
           - "*react-query*"
 
   # IAC

.github/pull_request_template.md

@@ -1,6 +1,6 @@
 This PR ...
 
-**If you are suggesting a fix for a currently exploitable issue, please disclose the issue to the prime-reportstream team directly outside of GitHub instead of filing a PR, so we may immediately patch the affected systems before a disclosure. See [SECURITY.md/Reporting a Vulnerability](https://github.com/CDCgov/prime-reportstream/blob/master/SECURITY.md#reporting-a-vulnerability) for more information.**
+**If you are suggesting a fix for a currently exploitable issue, please disclose the issue to the prime-reportstream team directly outside of GitHub instead of filing a PR, so we may immediately patch the affected systems before a disclosure. See [SECURITY.md/Reporting a Vulnerability](https://github.com/CDCgov/prime-reportstream/blob/main/SECURITY.md#reporting-a-vulnerability) for more information.**
 
 Test Steps:
 1. *Include steps to test these changes*
@@ -14,7 +14,7 @@ Test Steps:
 ### Testing
 - [ ] Tested locally?
 - [ ] Ran `./prime test` or `./gradlew testSmoke` against local Docker ReportStream container?
-- [ ] (For Changes to /frontend-react/...) Ran `npm run lint:write`? 
+- [ ] (For Changes to /frontend-react/...) Ran `npm run lint:write`?
 - [ ] Added tests?
 
 ### Process

.github/scripts/alert_stale_branches/stale_branch_check.sh

@@ -23,7 +23,7 @@ get_branches () {
 count=0
 for k in $branches
 do
-  if [[ "$k" != *"HEAD"* ]] && [[ "$k" != *"->"* ]] && [[ "$k" != *"master"* ]]
+  if [[ "$k" != *"HEAD"* ]] && [[ "$k" != *"->"* ]] && [[ "$k" != *"main"* ]]
     then
       if [ -z "$(git log -1 --since='6 months ago' -s $k)" ]
         then

.github/vpn/test.ovpn

@@ -45,4 +45,4 @@ key user.key
 script-security 2
 up /etc/openvpn/update-systemd-resolved
 down /etc/openvpn/update-systemd-resolved
-down-pre
+down-pre