From 53873be7b113952d138aa8802c24ccf20edfb9f9 Mon Sep 17 00:00:00 2001 From: srh-sloan <srh-sloan@users.noreply.github.com> Date: Thu, 19 Oct 2023 15:05:28 +0100 Subject: [PATCH 01/19] Fixing language bug for yes/no fields (#169) --- scripts/all_questions/metadata_utils.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/all_questions/metadata_utils.py b/scripts/all_questions/metadata_utils.py index 8a7cea39..132fd214 100644 --- a/scripts/all_questions/metadata_utils.py +++ b/scripts/all_questions/metadata_utils.py @@ -406,6 +406,7 @@ def build_components_from_page( condition_value, list_name=c["list"] if "list" in c else None, form_lists=form_lists, + lang=lang, ) text.append( f"If '{condition_text}', go to <strong>{destination}</strong>" From 36fd8071fa5625d8e3ee92731f922050b32958f3 Mon Sep 17 00:00:00 2001 From: Adam Wallace <adam.wallace@communities.gov.uk> Date: Fri, 20 Oct 2023 14:31:47 +0100 Subject: [PATCH 02/19] add url and script to ammend in place (#171) --- README.md | 97 ++++++++++++------- config/fund_loader_config/cyp/cyp_r1.py | 7 +- .../patch_cypr1_guidance_201023.py | 33 +++++++ 3 files changed, 101 insertions(+), 36 deletions(-) create mode 100644 scripts/data_updates/patch_cypr1_guidance_201023.py diff --git a/README.md b/README.md index 92de6866..fcbb4ff5 100644 --- a/README.md +++ b/README.md @@ -18,63 +18,78 @@ Clone the repository. ### Create a Virtual environment +```bash python3 -m venv .venv +``` ### Enter the virtual environment ...either macOS using bash: +```bash source .venv/bin/activate +``` ...or if on Windows using Command Prompt: +```bash .venv\Scripts\activate.bat +``` ### Install dependencies From the top-level directory enter the command to install pip and the dependencies of the project +```bash python3 -m pip install --upgrade pip && pip install -r requirements-dev.txt - +``` NOTE: requirements-dev.txt and requirements.txt are updated using [pip-tools pip-compile](https://github.com/jazzband/pip-tools) To update requirements please manually add the dependencies in the .in files (not the requirements.txt files) Then run: +```bash pip-compile requirements.in pip-compile requirements-dev.in +``` ## How to use Enter the virtual environment as described above, then: +```bash flask run - +``` ### Run with Gunicorn In deployed environments the service is run with gunicorn. You can run the service locally with gunicorn to test First set the FLASK_ENV environment you wish to test eg: +```bash export FLASK_ENV=dev - +``` Then run gunicorn using the following command: +```bash gunicorn wsgi:app -c run/gunicorn/local.py - +``` ### Setting up for database development This service is designed to use PostgreSQL as a database, via SqlAlchemy When running the service (eg. `flask run`) you need to set the DATABASE_URL environment variable to the URL of the database you want to test with. Initialise the database: - +```bash flask db init +``` Then run existing migrations: - +```bash flask db upgrade +``` Whenever you make changes to database models, please run: - +```bash flask db migrate +``` This will create the migration files for your changes in /db/migrations. Please then commit and push these to github so that the migrations will be run in the pipelines to correctly @@ -83,58 +98,66 @@ upgrade the deployed db instances with your changes. # Database on Paas Create db service with: +```bash cf create-service postgres medium-13 fund-store-dev-db +``` Ensure the following elements are present in your `manifest.yml`. The `run_migrations_paas.py` is what initialises the database, and the `services` element binds the application to the database service. +```yaml command: scripts/run_migrations_paas.py && gunicorn wsgi:app -c run/gunicorn/devtest.py services: - fund-store-dev-db +``` # Seeding Fund Data To seed fund & round data to db for a specific fund-round (example): -``` -docker exec -ti $(docker ps -qf "name=fund-store") python -m scripts.fund_round_loaders.load_cof_r2 +```bash + docker exec -ti $(docker ps -qf "name=fund-store") python -m scripts.fund_round_loaders.load_cof_r2 ``` To seed all fund-round data to db: -``` -docker exec -ti $(docker ps -qf "name=fund-store") python -m scripts.load_all_fund_rounds +```bash + docker exec -ti $(docker ps -qf "name=fund-store") python -m scripts.load_all_fund_rounds ``` To load on an environment via cloudfoundry (modify appropriately): ```bash -cf run-task funding-service-design-fund-store[-dev|-test] --command "python -m scripts.load_all_fund_rounds" + cf run-task funding-service-design-fund-store[-dev|-test] --command "python -m scripts.load_all_fund_rounds" ``` To amend the round dates -``` -docker exec -ti $(docker ps -qf "name=fund-store") python -m scripts.amend_round_dates --round_id c603d114-5364-4474-a0c4-c41cbf4d3bbd --deadline_date "2023-03-30 12:00:00" -``` -``` -docker exec -ti $(docker ps -qf "name=fund-store") python -m scripts.amend_round_dates --round_id c603d114-5364-4474-a0c4-c41cbf4d3bbd --opens_date "2022-10-04 12:00:00" --deadline_date "2022-12-14 11:59:00" --assessment_deadline_date "2023-03-30 12:00:00" +```bash + docker exec -ti $(docker ps -qf "name=fund-store") python -m scripts.amend_round_dates --round_id c603d114-5364-4474-a0c4-c41cbf4d3bbd --deadline_date "2023-03-30 12:00:00" + + docker exec -ti $(docker ps -qf "name=fund-store") python -m scripts.amend_round_dates --round_id c603d114-5364-4474-a0c4-c41cbf4d3bbd --opens_date "2022-10-04 12:00:00" --deadline_date "2022-12-14 11:59:00" --assessment_deadline_date "2023-03-30 12:00:00" ``` + To truncate data before re-loading it run +```bash docker exec -it $(docker ps -qf "name=fund-store") inv truncate-data +``` ### Create and seed local DB - Make sure your local `DATABASE_URL` env var is set to your local postgres db (this doesn't need to actually exist yet), eg: - ``` - # pragma: allowlist nextline secret - DATABASE_URL=postgresql://postgres:postgres@127.0.0.1:5432/fsd_fund_store - ``` +```bash + # pragma: allowlist nextline secret + DATABASE_URL=postgresql://postgres:postgres@127.0.0.1:5432/fsd_fund_store +``` - Create and seed using the following scripts: +```bash python -m scripts.fund_round_loaders.{load_config_script} +``` ### Build with Paketo @@ -142,30 +165,31 @@ To truncate data before re-loading it run [Paketo buildpacks](https://paketo.io/) -```pack build <name your image> --builder paketobuildpacks/builder:base``` +```bash + pack build <name your image> --builder paketobuildpacks/builder:base +``` Example: -``` -[~/work/repos/funding-service-design-fund-store] pack build paketo-demofsd-app --builder paketobuildpacks/builder:base -*** -Successfully built image paketo-demofsd-app -``` + [~/work/repos/funding-service-design-fund-store] pack build paketo-demofsd-app --builder paketobuildpacks/builder:base + *** + Successfully built image paketo-demofsd-app + You can then use that image with docker to run a container -``` -docker run -d -p 8080:8080 --env PORT=8080 --env FLASK_ENV=dev [envs] paketo-demofsd-app +```bash + docker run -d -p 8080:8080 --env PORT=8080 --env FLASK_ENV=dev [envs] paketo-demofsd-app ``` `envs` needs to include values for each of: SENTRY_DSN GITHUB_SHA -``` -docker ps -a -CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES -42633142c619 paketo-demofsd-app "/cnb/process/web" 8 seconds ago Up 7 seconds 0.0.0.0:8080->8080/tcp peaceful_knuth +```bash + docker ps -a + CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES + 42633142c619 paketo-demofsd-app "/cnb/process/web" 8 seconds ago Up 7 seconds 0.0.0.0:8080->8080/tcp peaceful_knuth ``` # Pipelines @@ -180,17 +204,20 @@ Place brief descriptions of Pipelines here ## Unit To run all tests in a development environment run: - +```bash pytest +``` # Extras This repo comes with a .pre-commit-config.yaml, if you wish to use this do the following while in your virtual enviroment: +```bash pip install pre-commit black pre-commit install +``` Once the above is done you will have autoformatting and pep8 compliance built into your workflow. You will be notified of any pep8 errors during commits. @@ -206,7 +233,7 @@ For each AWS account, these commands will need to be run _once_ to initialise th `copilot app init pre-award` - this links the pre-award app with the current service, and associates the next commands with the service. Essentially, this provides context for the service to run under -``` +```bash copilot init \ --name fsd-fund-store \ --app pre-award \ diff --git a/config/fund_loader_config/cyp/cyp_r1.py b/config/fund_loader_config/cyp/cyp_r1.py index 89222e7e..4806d0aa 100644 --- a/config/fund_loader_config/cyp/cyp_r1.py +++ b/config/fund_loader_config/cyp/cyp_r1.py @@ -171,7 +171,12 @@ "feedback_link": "", "project_name_field_id": "bsUoNG", "application_guidance": CYP_APPLICATION_GUIDANCE, - "guidance_url": "", # todo, fill in once we have, and re-run import script. + "guidance_url": ( + "https://www.gov.uk/government/publications/" + "the-children-and-young-peoples-resettlement-" + "fund-prospectus/the-children-and-young-peoples-" + "resettlement-fund-prospectus#scoring-criteria" + ), "all_uploaded_documents_section_available": False, "application_fields_download_available": False, "display_logo_on_pdf_exports": False, diff --git a/scripts/data_updates/patch_cypr1_guidance_201023.py b/scripts/data_updates/patch_cypr1_guidance_201023.py new file mode 100644 index 00000000..c6e17154 --- /dev/null +++ b/scripts/data_updates/patch_cypr1_guidance_201023.py @@ -0,0 +1,33 @@ +import config.fund_loader_config.cyp.cyp_r1 as cyp_r1 +from db import db +from db.models.round import Round +from flask import current_app +from sqlalchemy import update + + +def update_round_guidance(round_config): + current_app.logger.info( + f"Round: {round_config['short_name']}, id: {round_config['id']}" + ) + current_app.logger.info("\t\tUpdating round guidance") + stmt = ( + update(Round) + .where(Round.id == round_config["id"]) + .values(guidance_url=round_config["guidance_url"]) + ) + + db.session.execute(stmt) + db.session.commit() + + +def main() -> None: + current_app.logger.info("Updating guidance url for CYP R1") + update_round_guidance(cyp_r1.round_config[0]) + current_app.logger.info("Updates complete") + + +if __name__ == "__main__": + from app import app + + with app.app_context(): + main() From aecc0ffc1f2b8545a90033a37d2a2ce2996e5dcb Mon Sep 17 00:00:00 2001 From: Thomas <117724519+tferns@users.noreply.github.com> Date: Mon, 23 Oct 2023 13:41:17 +0100 Subject: [PATCH 03/19] FS-3657: Add CYP flag allocation config (#172) --- api/routes.py | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/api/routes.py b/api/routes.py index c71f67f1..af1fa5ec 100644 --- a/api/routes.py +++ b/api/routes.py @@ -149,6 +149,7 @@ def get_available_flag_allocations(fund_id, round_id): from config.fund_loader_config.cof.cof_r2 import COF_ROUND_2_WINDOW_3_ID from config.fund_loader_config.night_shelter.ns_r2 import NIGHT_SHELTER_ROUND_2_ID from config.fund_loader_config.night_shelter.ns_r2 import NIGHT_SHELTER_FUND_ID + from config.fund_loader_config.cyp.cyp_r1 import CYP_FUND_ID, CYP_ROUND_1_ID cof_teams = [ {"key": "ASSESSOR", "value": "Assessor"}, @@ -166,7 +167,12 @@ def get_available_flag_allocations(fund_id, round_id): {"key": "RS_ADVISORS", "value": "RS Advisors"}, ] - if fund_id == COF_FUND_ID and round_id == COF_ROUND_2_WINDOW_2_ID: + cyp_teams = [ + {"key": "COMMERCIAL_ASSESSOR", "value": "Commercial Assessor"}, + {"key": "LEAD_ASSESSOR", "value": "Lead Assessor"}, + ] + + if fund_id == COF_FUND_ID and round_id in COF_ROUND_2_WINDOW_2_ID: return cof_teams elif fund_id == COF_FUND_ID and round_id == COF_ROUND_2_WINDOW_3_ID: return cof_teams @@ -176,5 +182,7 @@ def get_available_flag_allocations(fund_id, round_id): return cof_teams elif fund_id == NIGHT_SHELTER_FUND_ID and round_id == NIGHT_SHELTER_ROUND_2_ID: return nstf_teams + elif fund_id == CYP_FUND_ID and round_id == CYP_ROUND_1_ID: + return cyp_teams else: abort(404) From 882854db351754ee09e1133acff2949274b11c16 Mon Sep 17 00:00:00 2001 From: srh-sloan <srh-sloan@users.noreply.github.com> Date: Fri, 27 Oct 2023 13:34:36 +0100 Subject: [PATCH 04/19] fs-3704 fixing max words by adding more field types (#173) * fs-3704 fixing max words by adding more field types * [pre-commit.ci] auto fixes from pre-commit.com hooks for more information, see https://pre-commit.ci --------- Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com> --- scripts/all_questions/metadata_utils.py | 9 ++++++--- tests/test_generate_all_questions.py | 3 ++- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/scripts/all_questions/metadata_utils.py b/scripts/all_questions/metadata_utils.py index 132fd214..7461829a 100644 --- a/scripts/all_questions/metadata_utils.py +++ b/scripts/all_questions/metadata_utils.py @@ -14,6 +14,8 @@ from scripts.all_questions.read_forms import remove_lowest_in_hierarchy from scripts.all_questions.read_forms import strip_leading_numbers +FIELD_TYPES_WITH_MAX_WORDS = ["freetextfield", "multilinetextfield"] + def get_all_child_nexts(page: dict, child_nexts: list, all_pages: dict): """Recursively builds a list of everything that could come next from this page, @@ -298,7 +300,7 @@ def determine_title_and_text_for_component( child_title, child_text = determine_title_and_text_for_component( child, include_html_components, form_lists, is_child=True ) - if child["type"].casefold() == "multilinetextfield": + if child["type"].casefold() in FIELD_TYPES_WITH_MAX_WORDS: first_column_title = component["options"]["columnTitles"][0].casefold() text.append( f"{child_title} (Max {child['options']['maxWords']} words per" @@ -325,8 +327,9 @@ def determine_title_and_text_for_component( text = [] extract_from_html(soup, text) update_wording_for_multi_input_fields(text) - if component["type"].casefold() == "multilinetextfield" and not is_child: - text.append(f"(Max {component['options']['maxWords']} words)") + + if component["type"].casefold() in FIELD_TYPES_WITH_MAX_WORDS and not is_child: + text.append(f"(Max {component['options']['maxWords']} words)") if "list" in component: # include available options for lists diff --git a/tests/test_generate_all_questions.py b/tests/test_generate_all_questions.py index a720e72f..f6fabd35 100644 --- a/tests/test_generate_all_questions.py +++ b/tests/test_generate_all_questions.py @@ -404,7 +404,8 @@ def test_build_components_bullets_in_hint(): ) components = build_components_from_page(page_json, include_html_components=False) assert len(components) == 1 - assert len(components[0]["text"]) == 2 + assert len(components[0]["text"]) == 3 + assert components[0]["text"][2] == "(Max 250 words)" assert len(components[0]["text"][1]) == 3 From dfb981b001685ece0cf276c5a9d9f7e83563d6cc Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 08:45:31 +0000 Subject: [PATCH 05/19] FS-3627 - Amend workflow for copilot --- .github/workflows/copilot.yml | 59 ----------- .github/workflows/copilot_deploy.yml | 145 +++++++++++++++++++++++++++ .github/workflows/deploy.yml | 58 ----------- 3 files changed, 145 insertions(+), 117 deletions(-) delete mode 100644 .github/workflows/copilot.yml create mode 100644 .github/workflows/copilot_deploy.yml diff --git a/.github/workflows/copilot.yml b/.github/workflows/copilot.yml deleted file mode 100644 index c365e9ef..00000000 --- a/.github/workflows/copilot.yml +++ /dev/null @@ -1,59 +0,0 @@ -name: Copilot Workflows -on: - push: - branches: - - main - workflow_dispatch: - inputs: - environment: - description: Which AWS Account to use - type: choice - required: true - options: - - test - # Shared workflow consideration - # application: - # description: Application Name - # type: string/choice - # - notification - # required: true - init: - description: Initialise the application? - type: boolean - default: false - service: - description: Service Name - type: string - required: true - default: 'funding-service-design-fund-store' - port: - description: Access port - type: string - default: '80' - type: - description: Type of service to deploy - type: choice - options: - - 'Backend Service' - - 'Load Balanced Web Service' - - 'Request-Driven Web Service' - - 'Scheduled Job' - - 'Worker Service' - default: 'Backend Service' - - -jobs: - deployment: - concurrency: deploy-${{ inputs.environment || 'test' }} # Forces only one workflow at a time can run on the environment - permissions: - id-token: write # This is required for requesting the JWT - contents: read # This is required for actions/checkout - runs-on: ubuntu-latest - environment: ${{ inputs.environment || 'test' }} - steps: - - name: Git clone the repository - uses: actions/checkout@v3 - - - name: Get current date - id: currentdatetime - run: echo "::set-output name=datetime::$(date +'%Y%m%d%H%M%S')" diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml new file mode 100644 index 00000000..ee946bff --- /dev/null +++ b/.github/workflows/copilot_deploy.yml @@ -0,0 +1,145 @@ +name: Deploy to AWS +on: + workflow_dispatch: + inputs: + environment: + description: Which AWS Account to use + type: choice + required: true + options: + - dev + - test + - uat + - production + run_performance_tests: + required: false + default: false + type: boolean + description: Run performance tests + run_e2e_tests: + required: false + default: true + type: boolean + description: Run e2e tests + push: + # Ignore README markdown + # Only automatically deploy when something in the app or tests folder has changed + paths: + - '!**/README.md' + - 'app/**' + - 'tests/**' + +jobs: + paketo_build: + permissions: + packages: write + uses: communitiesuk/funding-service-design-workflows/.github/workflows/package.yml@main + with: + version_to_build: $(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') + owner: ${{ github.repository_owner }} + application: funding-service-design-fund-store + pre_deploy_tests: + secrets: + E2E_PAT: ${{secrets.E2E_PAT}} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/pre-deploy.yml@main + with: + # Note - no db-name, so defaults to postgres_db + postgres_unit_testing: true + copilot_deploy_dev: + if: inputs.environment == 'dev' || inputs.environment == '' + needs: [pre_deploy_tests, paketo_build] + concurrency: deploy-dev + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + runs-on: ubuntu-latest + environment: 'dev' + steps: + - name: Git clone the repository + uses: actions/checkout@v3 + + - name: Get current date + id: currentdatetime + run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT + + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy + role-session-name: NOTIFICATION_DEV_COPILOT_${{ steps.currentdatetime.outputs.datetime }} + aws-region: eu-west-2 + + - name: Install AWS Copilot CLI + run: | + curl -Lo aws-copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x aws-copilot && sudo mv aws-copilot /usr/local/bin/copilot + + - name: Inject Git SHA into manifest + run: | + yq -i '.variables.GITHUB_SHA = "${{ github.sha }}"' copilot/fsd-fund-store/manifest.yml + + - name: Inject replacement image into manifest + run: | + yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml + + - name: Run database migrations + run: scripts/migration-task-script.py dev 'fsd-fund-store' + + - name: Copilot deploy dev + id: dev_build + run: | + copilot svc deploy --env dev + + copilot_deploy_test: + if: inputs.environment == 'test' || inputs.environment == '' + needs: [pre_deploy_tests, paketo_build] + concurrency: deploy-test + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + runs-on: ubuntu-latest + environment: 'test' + steps: + - name: Git clone the repository + uses: actions/checkout@v3 + + - name: Get current date + id: currentdatetime + run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT + + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy + role-session-name: NOTIFICATION_TEST_COPILOT_${{ steps.currentdatetime.outputs.datetime }} + aws-region: eu-west-2 + + - name: Install AWS Copilot CLI + run: | + curl -Lo aws-copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x aws-copilot && sudo mv aws-copilot /usr/local/bin/copilot + + - name: Inject Git SHA into manifest + run: | + yq -i '.variables.GITHUB_SHA = "${{ github.sha }}"' copilot/fsd-fund-store/manifest.yml + + - name: Inject replacement image into manifest + run: | + yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml + + - name: Run database migrations + run: scripts/migration-task-script.py test 'fsd-fund-store' + + - name: Copilot deploy test + id: test_build + run: | + copilot svc deploy --env test + + # Can we realistically run E2E at this stage, or just plump for application on the grounds it checks fund-store is operational? + post_deploy_tests: + needs: copilot_deploy_test + secrets: + E2E_PAT: ${{secrets.E2E_PAT}} + uses: communitiesuk/funding-service-design-workflows/.github/workflows/post-deploy.yml@main + with: + run_performance_tests: ${{ inputs.run_performance_tests }} + run_e2e_tests: ${{ inputs.run_e2e_tests }} + app_name: application diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 8ecf52ac..e6311c14 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -42,61 +42,3 @@ jobs: CF_USER: ${{secrets.CF_USERNAME}} CF_PASSWORD: ${{secrets.CF_PASSWORD}} E2E_PAT: ${{secrets.E2E_PAT}} - paketo_build: - permissions: - packages: write - uses: communitiesuk/funding-service-design-workflows/.github/workflows/package.yml@main - with: - version_to_build: $(echo "${{ github.ref }}" | sed -e 's,.*/\(.*\),\1,') - owner: ${{ github.repository_owner }} - application: funding-service-design-fund-store - pre_deploy_tests: - if: ${{github.event.inputs.copilot == 'true'}} - secrets: - E2E_PAT: ${{secrets.E2E_PAT}} - uses: communitiesuk/funding-service-design-workflows/.github/workflows/pre-deploy.yml@main - with: - # Note - no db-name, so defaults to postgres_db - postgres_unit_testing: true - copilot_build: - if: ${{github.event.inputs.copilot == 'true'}} - needs: [pre_deploy_tests, paketo_build] - concurrency: deploy-${{ inputs.environment || 'test' }} - permissions: - id-token: write # This is required for requesting the JWT - contents: read # This is required for actions/checkout - runs-on: ubuntu-latest - environment: ${{ inputs.environment || 'test' }} - steps: - - name: Git clone the repository - uses: actions/checkout@v3 - - - name: Get current date - id: currentdatetime - run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT - - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy - role-session-name: FUNDSTORE_COPILOT_${{ steps.currentdatetime.outputs.datetime }} - aws-region: eu-west-2 - - - name: Install AWS Copilot CLI - run: | - curl -Lo aws-copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x aws-copilot && sudo mv aws-copilot /usr/local/bin/copilot - - - name: Inject Git SHA into manifest - run: | - yq -i '.variables.GITHUB_SHA = "${{ github.sha }}"' copilot/fsd-fund-store/manifest.yml - - - name: Inject replacement image into manifest - run: | - yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml - - - name: Run database migrations - run: scripts/migration-task-script.py ${{ inputs.environment || 'test' }} 'fsd-fund-store' - - - name: Copilot deploy - run: | - copilot svc deploy --env ${{ inputs.environment || 'test' }} From eb7c13c4ce718bc484c2e3e89101ec0aab161cca Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 08:48:38 +0000 Subject: [PATCH 06/19] Allow deploy for any change for testing --- .github/workflows/copilot_deploy.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index ee946bff..bb9730b9 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -24,10 +24,10 @@ on: push: # Ignore README markdown # Only automatically deploy when something in the app or tests folder has changed - paths: - - '!**/README.md' - - 'app/**' - - 'tests/**' +# paths: +# - '!**/README.md' +# - 'app/**' +# - 'tests/**' jobs: paketo_build: From 6ad8acb2ed3e7147bfb81850680e09b91de5e0ab Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 08:54:35 +0000 Subject: [PATCH 07/19] Try deploying first without DB migrations --- .github/workflows/copilot_deploy.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index bb9730b9..640f94c3 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -81,8 +81,9 @@ jobs: run: | yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml - - name: Run database migrations - run: scripts/migration-task-script.py dev 'fsd-fund-store' +#Remove once so the deploy has happened first??? Surely not the way... +# - name: Run database migrations +# run: scripts/migration-task-script.py dev 'fsd-fund-store' - name: Copilot deploy dev id: dev_build From 18adea18943dc9e6e6d02b82680af2ff593c5ae6 Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 08:56:32 +0000 Subject: [PATCH 08/19] Remove copilot reference from cloudfoundry deploy --- .github/workflows/deploy.yml | 13 ------------- 1 file changed, 13 deletions(-) diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index e6311c14..0bada2f1 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -3,18 +3,6 @@ name: Deploy fsd-fund-store to Gov PaaS on: workflow_dispatch: inputs: - environment: - description: Which AWS Account to use - type: choice - required: true - options: - - test - - uat - copilot: - description: Whether to deploy to AWS? - type: boolean - required: false - default: false deploy_to_dev: required: false default: false @@ -26,7 +14,6 @@ on: jobs: test_and_deploy: - if: ${{github.event.inputs.copilot != 'true'}} uses: communitiesuk/funding-service-design-workflows/.github/workflows/deploy.yml@main with: app_name: ${{ github.event.repository.name }} From 5c1677589e6cf11449fabf5aa06fffe311942c5d Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 09:18:38 +0000 Subject: [PATCH 09/19] Add bastion SG --- .github/workflows/copilot_deploy.yml | 7 +++---- copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml | 2 ++ 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index 640f94c3..fa3b284b 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -81,15 +81,14 @@ jobs: run: | yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml -#Remove once so the deploy has happened first??? Surely not the way... -# - name: Run database migrations -# run: scripts/migration-task-script.py dev 'fsd-fund-store' - - name: Copilot deploy dev id: dev_build run: | copilot svc deploy --env dev + - name: Run database migrations + run: scripts/migration-task-script.py dev 'fsd-fund-store' + copilot_deploy_test: if: inputs.environment == 'test' || inputs.environment == '' needs: [pre_deploy_tests, paketo_build] diff --git a/copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml b/copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml index 068b4516..2774eb11 100644 --- a/copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml +++ b/copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml @@ -21,6 +21,8 @@ Mappings: "DBMinCapacity": 0.5 # AllowedValues: from 0.5 through 128 "DBMaxCapacity": 8 # AllowedValues: from 0.5 through 128 BastionMap: + dev: + "SecurityGroup": "sg-0b6c7aabb95bf14a9" test: "SecurityGroup": "sg-0cf75a004dbade7b8" From 1df2372eaea0b7e43d1eee44a503f86dc45d5cb4 Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 09:26:12 +0000 Subject: [PATCH 10/19] Move test db migration --- .github/workflows/copilot_deploy.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index fa3b284b..60a8878d 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -125,14 +125,14 @@ jobs: run: | yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml - - name: Run database migrations - run: scripts/migration-task-script.py test 'fsd-fund-store' - - name: Copilot deploy test id: test_build run: | copilot svc deploy --env test + - name: Run database migrations + run: scripts/migration-task-script.py test 'fsd-fund-store' + # Can we realistically run E2E at this stage, or just plump for application on the grounds it checks fund-store is operational? post_deploy_tests: needs: copilot_deploy_test From 67b7725d16e6812e358c9d88057a47305942249f Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 09:37:50 +0000 Subject: [PATCH 11/19] Add UAT SG --- copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml b/copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml index 2774eb11..bcfa5791 100644 --- a/copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml +++ b/copilot/fsd-fund-store/addons/fsd-fund-store-cluster.yml @@ -25,6 +25,8 @@ Mappings: "SecurityGroup": "sg-0b6c7aabb95bf14a9" test: "SecurityGroup": "sg-0cf75a004dbade7b8" + uat: + "SecurityGroup": "sg-04017abfef2079894" Resources: fsdfundstoreclusterDBSubnetGroup: From 033852c7bfdab49ce3ef3ef72cd039a14cba05e9 Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 09:45:35 +0000 Subject: [PATCH 12/19] Just trigger another build --- .github/workflows/copilot_deploy.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index 60a8878d..f6b18ecc 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -24,6 +24,7 @@ on: push: # Ignore README markdown # Only automatically deploy when something in the app or tests folder has changed +# Temp removed # paths: # - '!**/README.md' # - 'app/**' From 014ebe6023468523e986892791b4bddca4abb60b Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 10:24:38 +0000 Subject: [PATCH 13/19] Put the correct paths back --- .github/workflows/copilot_deploy.yml | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index f6b18ecc..b2c71fd4 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -24,11 +24,10 @@ on: push: # Ignore README markdown # Only automatically deploy when something in the app or tests folder has changed -# Temp removed -# paths: -# - '!**/README.md' -# - 'app/**' -# - 'tests/**' + paths: + - '!**/README.md' + - 'app/**' + - 'tests/**' jobs: paketo_build: From 59dd0a97764ffc9722f8d88edf988ef613837439 Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 13:02:51 +0000 Subject: [PATCH 14/19] FS-3718 - Add other environments and auto-deply to dev/test --- .github/workflows/copilot_deploy.yml | 107 +++++++-------------------- .github/workflows/environment.yml | 46 ++++++++++++ 2 files changed, 73 insertions(+), 80 deletions(-) create mode 100644 .github/workflows/environment.yml diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index b2c71fd4..b8fd72cd 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -24,10 +24,10 @@ on: push: # Ignore README markdown # Only automatically deploy when something in the app or tests folder has changed - paths: - - '!**/README.md' - - 'app/**' - - 'tests/**' +# paths: +# - '!**/README.md' +# - 'app/**' +# - 'tests/**' jobs: paketo_build: @@ -45,93 +45,40 @@ jobs: with: # Note - no db-name, so defaults to postgres_db postgres_unit_testing: true + copilot_deploy_dev: if: inputs.environment == 'dev' || inputs.environment == '' needs: [pre_deploy_tests, paketo_build] concurrency: deploy-dev - permissions: - id-token: write # This is required for requesting the JWT - contents: read # This is required for actions/checkout - runs-on: ubuntu-latest - environment: 'dev' - steps: - - name: Git clone the repository - uses: actions/checkout@v3 - - - name: Get current date - id: currentdatetime - run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT - - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy - role-session-name: NOTIFICATION_DEV_COPILOT_${{ steps.currentdatetime.outputs.datetime }} - aws-region: eu-west-2 - - - name: Install AWS Copilot CLI - run: | - curl -Lo aws-copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x aws-copilot && sudo mv aws-copilot /usr/local/bin/copilot - - - name: Inject Git SHA into manifest - run: | - yq -i '.variables.GITHUB_SHA = "${{ github.sha }}"' copilot/fsd-fund-store/manifest.yml - - - name: Inject replacement image into manifest - run: | - yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml - - - name: Copilot deploy dev - id: dev_build - run: | - copilot svc deploy --env dev - - - name: Run database migrations - run: scripts/migration-task-script.py dev 'fsd-fund-store' + uses: ./.github/workflows/environment.yml + with: + workspace: 'dev' copilot_deploy_test: if: inputs.environment == 'test' || inputs.environment == '' needs: [pre_deploy_tests, paketo_build] concurrency: deploy-test - permissions: - id-token: write # This is required for requesting the JWT - contents: read # This is required for actions/checkout - runs-on: ubuntu-latest - environment: 'test' - steps: - - name: Git clone the repository - uses: actions/checkout@v3 - - - name: Get current date - id: currentdatetime - run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT - - - name: configure aws credentials - uses: aws-actions/configure-aws-credentials@v2 - with: - role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy - role-session-name: NOTIFICATION_TEST_COPILOT_${{ steps.currentdatetime.outputs.datetime }} - aws-region: eu-west-2 - - - name: Install AWS Copilot CLI - run: | - curl -Lo aws-copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x aws-copilot && sudo mv aws-copilot /usr/local/bin/copilot - - - name: Inject Git SHA into manifest - run: | - yq -i '.variables.GITHUB_SHA = "${{ github.sha }}"' copilot/fsd-fund-store/manifest.yml - - - name: Inject replacement image into manifest - run: | - yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml + uses: ./.github/workflows/environment.yml + with: + workspace: 'test' - - name: Copilot deploy test - id: test_build - run: | - copilot svc deploy --env test + # Allow the capability to override UAT with another branch, but ideally uat and production should be in sync as much as possible + copilot_deploy_uat: + if: inputs.environment == 'uat' || inputs.environment == '' + needs: [pre_deploy_tests, paketo_build] + concurrency: deploy-uat + uses: ./.github/workflows/environment.yml + with: + workspace: 'uat' - - name: Run database migrations - run: scripts/migration-task-script.py test 'fsd-fund-store' + # Only run this if the branch being deployed is main + copilot_deploy_production: + if: (inputs.environment == 'production' || inputs.environment == '') && github.ref == 'refs/heads/main' + needs: [pre_deploy_tests, paketo_build] + concurrency: deploy-production + uses: ./.github/workflows/environment.yml + with: + workspace: 'production' # Can we realistically run E2E at this stage, or just plump for application on the grounds it checks fund-store is operational? post_deploy_tests: diff --git a/.github/workflows/environment.yml b/.github/workflows/environment.yml new file mode 100644 index 00000000..85bf1f26 --- /dev/null +++ b/.github/workflows/environment.yml @@ -0,0 +1,46 @@ +name: Environment Deployment +on: + workflow_call: + inputs: + workspace: + required: true + type: string + +jobs: + copilot_deploy: + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + runs-on: ubuntu-latest + environment: ${{ inputs.workspace }} + steps: + - name: Git clone the repository + uses: actions/checkout@v3 + + - name: Get current date + id: currentdatetime + run: echo "datetime=$(date +'%Y%m%d%H%M%S')" >> $GITHUB_OUTPUT + + - name: configure aws credentials + uses: aws-actions/configure-aws-credentials@v2 + with: + role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy + role-session-name: NOTIFICATION_${{ inputs.workspace }}_COPILOT_${{ steps.currentdatetime.outputs.datetime }} + aws-region: eu-west-2 + + - name: Install AWS Copilot CLI + run: | + curl -Lo aws-copilot https://github.com/aws/copilot-cli/releases/latest/download/copilot-linux && chmod +x aws-copilot && sudo mv aws-copilot /usr/local/bin/copilot + + - name: Inject Git SHA into manifest + run: | + yq -i '.variables.GITHUB_SHA = "${{ github.sha }}"' copilot/fsd-fund-store/manifest.yml + + - name: Inject replacement image into manifest + run: | + yq -i '.image.location = "ghcr.io/communitiesuk/funding-service-design-fund-store:${{ github.ref_name == 'main' && 'latest' || github.ref_name }}"' copilot/fsd-fund-store/manifest.yml + + - name: Copilot ${{ inputs.workspace }} deploy + id: deploy_build + run: | + copilot svc deploy --env ${{ inputs.workspace }} From aadce2f37ddfbb9172919a5f108104a5c23c16d8 Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 13:39:48 +0000 Subject: [PATCH 15/19] Permissions --- .github/workflows/copilot_deploy.yml | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index b8fd72cd..739428b8 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -51,6 +51,9 @@ jobs: needs: [pre_deploy_tests, paketo_build] concurrency: deploy-dev uses: ./.github/workflows/environment.yml + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout with: workspace: 'dev' @@ -59,6 +62,9 @@ jobs: needs: [pre_deploy_tests, paketo_build] concurrency: deploy-test uses: ./.github/workflows/environment.yml + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout with: workspace: 'test' @@ -68,6 +74,9 @@ jobs: needs: [pre_deploy_tests, paketo_build] concurrency: deploy-uat uses: ./.github/workflows/environment.yml + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout with: workspace: 'uat' @@ -77,6 +86,9 @@ jobs: needs: [pre_deploy_tests, paketo_build] concurrency: deploy-production uses: ./.github/workflows/environment.yml + permissions: + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout with: workspace: 'production' From 353db6bd9c711d19cddda5f6e9fd57a26a1846ad Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 16:33:40 +0000 Subject: [PATCH 16/19] Remove testing --- .github/workflows/copilot_deploy.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index 739428b8..68fee0a1 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -24,10 +24,10 @@ on: push: # Ignore README markdown # Only automatically deploy when something in the app or tests folder has changed -# paths: -# - '!**/README.md' -# - 'app/**' -# - 'tests/**' + paths: + - '!**/README.md' + - 'app/**' + - 'tests/**' jobs: paketo_build: From 0435b0e0edaced6cb05eac094bcb907f0c21225a Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 16:37:54 +0000 Subject: [PATCH 17/19] Swap order of words to make clearer --- .github/workflows/copilot_deploy.yml | 18 +++++++++++++----- .github/workflows/environment.yml | 3 +++ 2 files changed, 16 insertions(+), 5 deletions(-) diff --git a/.github/workflows/copilot_deploy.yml b/.github/workflows/copilot_deploy.yml index 68fee0a1..db127fc5 100644 --- a/.github/workflows/copilot_deploy.yml +++ b/.github/workflows/copilot_deploy.yml @@ -46,10 +46,12 @@ jobs: # Note - no db-name, so defaults to postgres_db postgres_unit_testing: true - copilot_deploy_dev: + dev_copilot_deploy: if: inputs.environment == 'dev' || inputs.environment == '' needs: [pre_deploy_tests, paketo_build] concurrency: deploy-dev + secrets: + AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} uses: ./.github/workflows/environment.yml permissions: id-token: write # This is required for requesting the JWT @@ -57,10 +59,12 @@ jobs: with: workspace: 'dev' - copilot_deploy_test: + test_copilot_deploy: if: inputs.environment == 'test' || inputs.environment == '' needs: [pre_deploy_tests, paketo_build] concurrency: deploy-test + secrets: + AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} uses: ./.github/workflows/environment.yml permissions: id-token: write # This is required for requesting the JWT @@ -69,10 +73,12 @@ jobs: workspace: 'test' # Allow the capability to override UAT with another branch, but ideally uat and production should be in sync as much as possible - copilot_deploy_uat: + uat_copilot_deploy: if: inputs.environment == 'uat' || inputs.environment == '' needs: [pre_deploy_tests, paketo_build] concurrency: deploy-uat + secrets: + AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} uses: ./.github/workflows/environment.yml permissions: id-token: write # This is required for requesting the JWT @@ -81,10 +87,12 @@ jobs: workspace: 'uat' # Only run this if the branch being deployed is main - copilot_deploy_production: + production_copilot_deploy: if: (inputs.environment == 'production' || inputs.environment == '') && github.ref == 'refs/heads/main' needs: [pre_deploy_tests, paketo_build] concurrency: deploy-production + secrets: + AWS_ACCOUNT: ${{ secrets.AWS_ACCOUNT }} uses: ./.github/workflows/environment.yml permissions: id-token: write # This is required for requesting the JWT @@ -94,7 +102,7 @@ jobs: # Can we realistically run E2E at this stage, or just plump for application on the grounds it checks fund-store is operational? post_deploy_tests: - needs: copilot_deploy_test + needs: test_copilot_deploy secrets: E2E_PAT: ${{secrets.E2E_PAT}} uses: communitiesuk/funding-service-design-workflows/.github/workflows/post-deploy.yml@main diff --git a/.github/workflows/environment.yml b/.github/workflows/environment.yml index 85bf1f26..c78440bc 100644 --- a/.github/workflows/environment.yml +++ b/.github/workflows/environment.yml @@ -5,6 +5,9 @@ on: workspace: required: true type: string + secrets: + AWS_ACCOUNT: + required: true jobs: copilot_deploy: From e9b00945dee64d2295807dc8482523c28f91a6bb Mon Sep 17 00:00:00 2001 From: Robert Kibble <robert.kibble@version1.com> Date: Thu, 2 Nov 2023 16:55:28 +0000 Subject: [PATCH 18/19] Session name change --- .github/workflows/environment.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/environment.yml b/.github/workflows/environment.yml index c78440bc..62c021a7 100644 --- a/.github/workflows/environment.yml +++ b/.github/workflows/environment.yml @@ -28,7 +28,7 @@ jobs: uses: aws-actions/configure-aws-credentials@v2 with: role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT }}:role/GithubCopilotDeploy - role-session-name: NOTIFICATION_${{ inputs.workspace }}_COPILOT_${{ steps.currentdatetime.outputs.datetime }} + role-session-name: FUND_STORE_${{ inputs.workspace }}_COPILOT_${{ steps.currentdatetime.outputs.datetime }} aws-region: eu-west-2 - name: Install AWS Copilot CLI From d9fe9229518ec37c8486e5e6db7a658d92eec5e0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 2 Nov 2023 16:59:35 +0000 Subject: [PATCH 19/19] Bump actions/download-artifact from 2 to 3 Bumps [actions/download-artifact](https://github.com/actions/download-artifact) from 2 to 3. - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](https://github.com/actions/download-artifact/compare/v2...v3) --- updated-dependencies: - dependency-name: actions/download-artifact dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> --- .github/workflows/manual-dev-deploy.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/manual-dev-deploy.yml b/.github/workflows/manual-dev-deploy.yml index 35b29834..0f9b6583 100644 --- a/.github/workflows/manual-dev-deploy.yml +++ b/.github/workflows/manual-dev-deploy.yml @@ -20,7 +20,7 @@ - name: install dependencies run: source .venv/bin/activate && python -m pip install --upgrade pip && pip install -r requirements.txt - name: download previous build - uses: actions/download-artifact@v2 + uses: actions/download-artifact@v3 - name: Deploy to Gov PaaS uses: citizen-of-planet-earth/cf-cli-action@v2 with: