-
Notifications
You must be signed in to change notification settings - Fork 1
135 lines (122 loc) · 5.58 KB
/
pull_request.yml
File metadata and controls
135 lines (122 loc) · 5.58 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
name: build_pr
on:
pull_request:
branches: [main]
env:
BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
jobs:
get_config_values:
runs-on: ubuntu-22.04
outputs:
tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
devcontainer_version: ${{ steps.load-config.outputs.DEVCONTAINER_VERSION }}
devcontainer_image: ${{ steps.load-config.outputs.DEVCONTAINER_IMAGE }}
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
- name: Load config value
id: load-config
run: |
TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
DEVCONTAINER_IMAGE=$(jq -r '.build.args.IMAGE_NAME' .devcontainer/devcontainer.json)
DEVCONTAINER_VERSION=$(jq -r '.build.args.IMAGE_VERSION' .devcontainer/devcontainer.json)
{
echo "TAG_FORMAT=$TAG_FORMAT"
echo "DEVCONTAINER_IMAGE=$DEVCONTAINER_IMAGE"
echo "DEVCONTAINER_VERSION=$DEVCONTAINER_VERSION"
} >> "$GITHUB_OUTPUT"
dependabot-auto-approve-and-merge:
needs: quality_checks
uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
secrets:
AUTOMERGE_APP_ID: ${{ secrets.AUTOMERGE_APP_ID }}
AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}
pr_title_format_check:
uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@d215f841eb18b803e339e4ed597ed1f30e086e17
quality_checks:
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@36677e1d6bfaa010d7b78942a1ade12fbefecb80
needs: [get_config_values, get_commit_id]
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
run_docker_scan: true
docker_images: "eps-cdk-utils"
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
get_issue_number:
runs-on: ubuntu-22.04
outputs:
issue_number: ${{steps.get_issue_number.outputs.result}}
steps:
- uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd
name: get issue number
id: get_issue_number
with:
script: |
if (context.issue.number) {
// Return issue number if present
return context.issue.number;
} else {
// Otherwise return issue number from commit
return (
await github.rest.repos.listPullRequestsAssociatedWithCommit({
commit_sha: context.sha,
owner: context.repo.owner,
repo: context.repo.repo,
})
).data[0].number;
}
result-encoding: string
get_commit_id:
runs-on: ubuntu-22.04
outputs:
commit_id: ${{ steps.commit_id.outputs.commit_id }}
sha_short: ${{ steps.commit_id.outputs.sha_short }}
steps:
- name: Checkout code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
with:
ref: ${{ env.BRANCH_NAME }}
- name: Get Commit ID
id: commit_id
run: |
echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
echo "sha_short=$(git rev-parse --short HEAD)" >> "$GITHUB_OUTPUT"
package_docker_image:
needs: [get_issue_number, quality_checks, get_commit_id, get_config_values]
uses: ./.github/workflows/docker_image_build.yml
with:
VERSION_NUMBER: PR-${{ needs.get_issue_number.outputs.issue_number }}
COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }}
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: false
package_npm_code:
needs: [quality_checks, get_commit_id, get_config_values]
uses: ./.github/workflows/package_npm_code.yml
with:
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: false
release_docker_image:
needs:
[get_issue_number, package_docker_image, get_commit_id, get_config_values]
uses: ./.github/workflows/docker_image_upload.yml
with:
AWS_ENVIRONMENT: dev
VERSION_NUMBER: PR-${{ needs.get_issue_number.outputs.issue_number }}
COMMIT_ID: ${{ needs.get_commit_id.outputs.commit_id }}
TAG_LATEST: false
DOCKER_IMAGE_TAG: PR-${{ needs.get_issue_number.outputs.issue_number }}-${{ needs.get_commit_id.outputs.sha_short }}
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: false
secrets:
CDK_PUSH_IMAGE_ROLE: ${{ secrets.DEV_CDK_PUSH_IMAGE_ROLE }}
tag_release:
needs: [get_commit_id, get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@36677e1d6bfaa010d7b78942a1ade12fbefecb80
with:
dry_run: true
runtime_docker_image: "${{ needs.get_config_values.outputs.devcontainer_image }}:githubactions-${{ needs.get_config_values.outputs.devcontainer_version }}"
verify_published_from_main_image: false
branch_name: ${{ github.event.pull_request.head.ref }}
publish_packages: packages/cdkConstructs,packages/deploymentUtils
tag_format: ${{ needs.get_config_values.outputs.tag_format }}
secrets: inherit