From 89fa641e202261420f7e045ab73d558712368355 Mon Sep 17 00:00:00 2001
From: jasonchung1871 <101672465+jasonchung1871@users.noreply.github.com>
Date: Mon, 5 Feb 2024 16:42:55 -0800
Subject: [PATCH] inherit secrets and workflow_dispatch (#1267)

* inherit secrets and workflow_dispatch

require manual action running and inherit the secrets

* clean up

separated the steps of the workflow into separate jobs

* reverting back to old pr workflow

we are reverting back to the old pr workflow until we can find an alternative that works and is secure

* reverted more

reverted the job to steps for on_push and undid changes to unit-tests

* Update on_push.yaml

removed inherit secrets
---
 .github/workflows/on_pr_opened.yaml           | 11 +--
 .../workflows/on_pr_opened_collaborator.yaml  | 73 -------------------
 2 files changed, 4 insertions(+), 80 deletions(-)
 delete mode 100644 .github/workflows/on_pr_opened_collaborator.yaml

diff --git a/.github/workflows/on_pr_opened.yaml b/.github/workflows/on_pr_opened.yaml
index 979313871..567a9418f 100644
--- a/.github/workflows/on_pr_opened.yaml
+++ b/.github/workflows/on_pr_opened.yaml
@@ -19,10 +19,7 @@ concurrency:
 jobs:
   build:
     name: Build & Push
-    if: "github.event.pull_request.author_association != 'COLLABORATOR' && github.event.review.author_association != 'OWNER'"
-    environment:
-      name: pr-external
-      url: https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}
+    if: "! github.event.pull_request.head.repo.fork"
     runs-on: ubuntu-latest
     timeout-minutes: 10
     steps:
@@ -37,12 +34,12 @@ jobs:
           github_token: ${{ secrets.GITHUB_TOKEN }}
           app_title: Common Hosted Forms - PR-${{ github.event.number }}
           route_path: /pr-${{ github.event.number }}
-          app_contact: ${{ secrets.VITE_CONTACT }}
+          app_contact: ${{ vars.CHEFS_CONTACT }}
 
   deploy-pr-dev:
     name: Deploy Pull Request to Dev
     environment:
-      name: pr-external
+      name: pr
       url: https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}
     runs-on: ubuntu-latest
     needs: build
@@ -70,4 +67,4 @@ jobs:
         with:
           header: release
           message: |
-            Release ${{ github.sha }} deployed at <https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}>
+            Release ${{ github.sha }} deployed at <https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}>
\ No newline at end of file
diff --git a/.github/workflows/on_pr_opened_collaborator.yaml b/.github/workflows/on_pr_opened_collaborator.yaml
deleted file mode 100644
index a58db844c..000000000
--- a/.github/workflows/on_pr_opened_collaborator.yaml
+++ /dev/null
@@ -1,73 +0,0 @@
-name: Pull Request Opened Collaborator
-
-env:
-  ACRONYM: chefs
-
-on:
-  pull_request:
-    branches:
-      - main
-    types:
-      - opened
-      - reopened
-      - synchronize
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
-  cancel-in-progress: true
-
-jobs:
-  build:
-    name: Build & Push
-    if: "github.event.pull_request.author_association == 'COLLABORATOR' || github.event.review.author_association == 'OWNER'"
-    environment:
-      name: pr
-      url: https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}
-    runs-on: ubuntu-latest
-    timeout-minutes: 10
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Build & Push
-        uses: ./.github/actions/build-push-container
-        with:
-          context: .
-          image_name: ${{ vars.APP_NAME }}
-          github_username: ${{ github.repository_owner }}
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          app_title: Common Hosted Forms - PR-${{ github.event.number }}
-          route_path: /pr-${{ github.event.number }}
-          app_contact: ${{ secrets.VITE_CONTACT }}
-
-  deploy-pr-dev:
-    name: Deploy Pull Request to Dev
-    environment:
-      name: pr
-      url: https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}
-    runs-on: ubuntu-latest
-    needs: build
-    timeout-minutes: 12
-    steps:
-      - name: Checkout
-        uses: actions/checkout@v3
-      - name: Deploy to Dev
-        uses: ./.github/actions/deploy-to-environment
-        with:
-          app_name: ${{ vars.APP_NAME }}
-          acronym: ${{ env.ACRONYM }}
-          environment: pr
-          job_name: pr-${{ github.event.number }}
-          namespace_prefix: ${{ vars.NAMESPACE_PREFIX }}
-          namespace_environment: dev
-          openshift_server: ${{ secrets.OPENSHIFT_SERVER }}
-          openshift_token: ${{ secrets.OPENSHIFT_TOKEN }}
-          server_host: ${{ vars.SERVER_HOST }}
-          route_path: /pr-${{ github.event.number }}
-          route_prefix: ${{ vars.ROUTE_PREFIX }}
-      - name: Release Comment on PR
-        uses: marocchino/sticky-pull-request-comment@v2
-        if: success()
-        with:
-          header: release
-          message: |
-            Release ${{ github.sha }} deployed at <https://${{ env.ACRONYM }}-dev.apps.silver.devops.gov.bc.ca/pr-${{ github.event.number }}>