New: [AEA-4497] - deploy cognito #758
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: deploy_pr | |
on: | |
pull_request: | |
branches: [main] | |
env: | |
BRANCH_NAME: ${{ github.event.pull_request.head.ref }} | |
jobs: | |
quality_checks: | |
uses: NHSDigital/eps-workflow-quality-checks/.github/workflows/[email protected] | |
secrets: | |
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} | |
pr_title_format_check: | |
uses: ./.github/workflows/pr_title_check.yml | |
get_issue_number: | |
runs-on: ubuntu-latest | |
outputs: | |
issue_number: ${{steps.get_issue_number.outputs.result}} | |
steps: | |
- uses: actions/github-script@v7 | |
name: get issue number | |
id: get_issue_number | |
with: | |
script: | | |
if (context.issue.number) { | |
// Return issue number if present | |
return context.issue.number; | |
} else { | |
// Otherwise return issue number from commit | |
return ( | |
await github.rest.repos.listPullRequestsAssociatedWithCommit({ | |
commit_sha: context.sha, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
}) | |
).data[0].number; | |
} | |
result-encoding: string | |
get_commit_id: | |
runs-on: ubuntu-latest | |
outputs: | |
commit_id: ${{ steps.commit_id.outputs.commit_id }} | |
steps: | |
- name: Get Commit ID | |
id: commit_id | |
run: | | |
echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" | |
package_code: | |
needs: [get_issue_number, get_commit_id, quality_checks] | |
uses: ./.github/workflows/cdk_package_code.yml | |
with: | |
VERSION_NUMBER: PR-${{ needs.get_issue_number.outputs.issue_number }} | |
COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} | |
release_code: | |
needs: [get_issue_number, package_code, get_commit_id, quality_checks] | |
uses: ./.github/workflows/release_all_stacks.yml | |
with: | |
SERVICE_NAME: cpt-ui-pr-${{needs.get_issue_number.outputs.issue_number}} | |
TARGET_ENVIRONMENT: dev-pr | |
VERSION_NUMBER: PR-${{ needs.get_issue_number.outputs.issue_number }} | |
COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }} | |
useMockOidc: true | |
primaryOidcIssuer: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare" | |
primaryOidcAuthorizeEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/authorize" | |
primaryOidcTokenEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/access_token" | |
primaryOidcUserInfoEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/userinfo" | |
primaryOidcjwksEndpoint: "https://am.nhsint.auth-ptl.cis2.spineservices.nhs.uk:443/openam/oauth2/realms/root/realms/NHSIdentity/realms/Healthcare/connect/jwk_uri" | |
mockOidcIssuer: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev" | |
mockOidcAuthorizeEndpoint: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev/protocol/openid-connect/auth" | |
mockOidcTokenEndpoint: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev/protocol/openid-connect/token" | |
mockOidcUserInfoEndpoint: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev/protocol/openid-connect/userinfo" | |
mockOidcjwksEndpoint: "https://identity.ptl.api.platform.nhs.uk/realms/Cis2-mock-internal-dev/protocol/openid-connect/certs" | |
secrets: | |
CDK_PULL_IMAGE_ROLE: ${{ secrets.DEV_CDK_PULL_IMAGE_ROLE }} | |
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }} | |
primaryOidcClientId: ${{ secrets.PTL_PRIMARY_OIDC_CLIENT_ID }} | |
primaryOidClientSecret: ${{ secrets.PTL_PRIMARY_OIDC_CLIENT_SECRET }} | |
mockOidcClientId: ${{ secrets.PTL_MOCK_CLIENT_ID }} | |
mockOidClientSecret: ${{ secrets.PTL_MOCK_CLIENT_SECRET }} | |
CIS2_PRIVATE_KEY: ${{ secrets.PTL_CIS2_PRIVATE_KEY }} |