Skip to content

Renovate Update Patch & Minor Updates #573

Renovate Update Patch & Minor Updates

Renovate Update Patch & Minor Updates #573

Workflow file for this run

name: "[Workflow] Pull Request Path"
concurrency:
group: ${{ github.ref }}-${{ github.workflow }}
on:
pull_request:
branches:
- main
permissions:
actions: read
checks: read
contents: write
deployments: none
issues: none
packages: none
pull-requests: write
repository-projects: none
security-events: write
statuses: none
defaults:
run:
shell: bash
jobs:
pr_label:
runs-on: ubuntu-latest
name: Label PR
steps:
- uses: actions/labeler@main
with:
configuration-path: ".github/labeller.yml"
repo-token: "${{ secrets.GITHUB_TOKEN }}"
sync-labels: true
branch_name:
name: "Generate a safe branch name"
uses: ministryofjustice/opg-github-workflows/.github/workflows/data-parse-branch-name.yml@main
set_variables:
name: output workflow variables
runs-on: ubuntu-latest
outputs:
environment_terraform_version: ${{ steps.terraform_version_environment.outputs.version }}
semver_tag: ${{ steps.semver_tag.outputs.created_tag }}
steps:
- name: Set terraform version - environment
id: terraform_version_environment
uses: ministryofjustice/opg-github-actions/.github/actions/[email protected]
with:
terraform_directory: "./terraform/environment"
- name: "Semver tag"
id: semver_tag
uses: ministryofjustice/opg-github-actions/.github/actions/[email protected]
with:
prerelease: true
with_v: true
github_token: ${{ secrets.GITHUB_TOKEN }}
terraform_environment_lint:
name: Terraform - Environment - Lint
needs:
- set_variables
uses: ministryofjustice/opg-github-workflows/.github/workflows/[email protected]
with:
terraform_version: ${{ needs.set_variables.outputs.environment_terraform_version }}
tflint_check: false
directory: "./terraform/environment"
python_unit_tests:
name: Python Unit Tests
needs:
- set_variables
uses: ./.github/workflows/_python_unit_tests.yml
docker_build_scan_push:
name: Build, Scan and Push
needs:
- set_variables
- python_unit_tests
- terraform_environment_lint
uses: ./.github/workflows/_docker_build_scan_push.yml
with:
semver_tag: ${{ needs.set_variables.outputs.semver_tag }}
secrets: inherit # pragma: allowlist secret
ephemeral_environment:
name: Create Ephemeral Environment
uses: ministryofjustice/opg-github-workflows/.github/workflows/[email protected]
needs:
- set_variables
- docker_build_scan_push
- branch_name
with:
terraform_version: ${{ needs.set_variables.outputs.environment_terraform_version }}
terraform_directory: "./terraform/environment"
terraform_workspace: ${{ github.event.pull_request.number }}${{ needs.branch_name.outputs.safe }}
is_ephemeral: true
workspace_manager_aws_account_id: "288342028542"
workspace_manager_aws_iam_role: integrations-ci
terraform_apply: true
terraform_variables: "-var=lambda_image_uri=${{ needs.docker_build_scan_push.outputs.ecr_image_uri }}"
secrets:
GITHUB_ACCESS_TOKEN: ${{ secrets.GITHUB_TOKEN }}
AWS_ACCESS_KEY_ID_ACTIONS: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
AWS_SECRET_ACCESS_KEY_ACTIONS: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
PAGERDUTY_TOKEN: ""
get_terraform_output:
name: Get Terraform Outputs
runs-on: ubuntu-latest
needs:
- ephemeral_environment
outputs:
data_lpa_api_url: ${{ steps.data_lpa_api_url.outputs.data_lpa_api_url }}
steps:
- name: Set Data LPA API URL
id: data_lpa_api_url
run: |
data_lpa_api_url=$(echo -e ${{ needs.ephemeral_environment.outputs.terraform_output_as_json }} | jq -r '.api_gateway_url.value')
echo data_lpa_api_url=${data_lpa_api_url} >> $GITHUB_OUTPUT
integration_tests:
name: Run Integration Tests on Ephemeral Environment
needs:
- ephemeral_environment
- get_terraform_output
uses: ./.github/workflows/_integration_tests.yml
with:
data_lpa_api_url: "https://${{ needs.get_terraform_output.outputs.data_lpa_api_url }}/v1"
working_directory: "./integration_tests"
tests_directory: "./integration_tests/v1"
secrets: inherit # pragma: allowlist secret