Add support for conditional recordprocessor image builds in deployment workflows

- Introduced a new input parameter `build_recordprocessor_image` in the deployment workflows to control the building of the recordprocessor Docker image.
- Updated the `deploy-backend.yml` to include logic for building the image based on changes detected in the PR.
- Added a new job in `pr-deploy-and-test.yml` to detect changes in the recordprocessor directory, influencing the deployment process.
- Enhanced the handling of image tags to default to 'latest' if no build is triggered, improving deployment flexibility.

Author: Thomas-Boyle

.github/workflows/continuous-deployment.yml

@@ -20,6 +20,7 @@ jobs:
     uses: ./.github/workflows/deploy-backend.yml
     with:
       apigee_environment: internal-dev
+      build_recordprocessor_image: true
       create_mns_subscription: true
       environment: dev
       sub_environment: internal-dev
@@ -82,6 +83,7 @@ jobs:
     uses: ./.github/workflows/deploy-backend.yml
     with:
       apigee_environment: ${{ matrix.sub_environment_name }}
+      build_recordprocessor_image: true
       create_mns_subscription: true
       environment: dev
       sub_environment: ${{ matrix.sub_environment_name }}

.github/workflows/deploy-backend.yml

@@ -6,6 +6,10 @@ on:
       apigee_environment:
         required: true
         type: string
+      build_recordprocessor_image:
+        required: false
+        type: boolean
+        default: false
       create_mns_subscription:
         required: false
         type: boolean
@@ -39,6 +43,11 @@ on:
           - dev
           - preprod
           - prod
+      build_recordprocessor_image:
+        description: Build and push a new recordprocessor image for this deployment
+        required: false
+        type: boolean
+        default: false
       sub_environment:
         type: string
         description: Set the sub environment name e.g. pr-xxx, or green/blue in higher environments
@@ -70,17 +79,20 @@ jobs:
         uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98
 
       - name: Connect to AWS
+        if: ${{ inputs.build_recordprocessor_image }}
         uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7
         with:
           aws-region: eu-west-2
           role-to-assume: arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/auto-ops
           role-session-name: github-actions
 
       - name: Login to Amazon ECR
+        if: ${{ inputs.build_recordprocessor_image }}
         id: login-ecr
         uses: aws-actions/amazon-ecr-login@062b18b96a7aff071d4dc91bc00c4c1a7945b076
 
       - name: Build and push Docker image
+        if: ${{ inputs.build_recordprocessor_image }}
         env:
           ECR_REGISTRY: ${{ steps.login-ecr.outputs.registry }}
         working-directory: lambdas
@@ -92,14 +104,18 @@ jobs:
           docker build -f recordprocessor/Dockerfile -t "${IMAGE_URI}" .
           docker push "${IMAGE_URI}"
 
+      - name: Skip image build
+        if: ${{ !inputs.build_recordprocessor_image }}
+        run: echo "No recordprocessor changes detected and no manual override provided. Skipping image build."
+
   terraform-plan:
     permissions:
       id-token: write
       contents: read
     needs: build-and-push-recordprocessor
     runs-on: ubuntu-latest
     env:
-      TF_VAR_recordprocessor_image_tag: ${{ github.sha }}
+      TF_VAR_recordprocessor_image_tag: ${{ inputs.build_recordprocessor_image && github.sha || 'latest' }}
     environment:
       name: ${{ inputs.environment }}
     steps:
@@ -141,7 +157,7 @@ jobs:
     needs: terraform-plan
     runs-on: ubuntu-latest
     env:
-      TF_VAR_recordprocessor_image_tag: ${{ github.sha }}
+      TF_VAR_recordprocessor_image_tag: ${{ inputs.build_recordprocessor_image && github.sha || 'latest' }}
     environment:
       name: ${{ inputs.environment }}
     steps:

.github/workflows/pr-deploy-and-test.yml

@@ -9,16 +9,38 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
+  detect-recordprocessor-changes:
+    runs-on: ubuntu-latest
+    outputs:
+      has_changes: ${{ steps.detect.outputs.has_changes }}
+    steps:
+      - name: Checkout
+        uses: actions/checkout@0c366fd6a839edf440554fa01a7085ccba70ac98
+        with:
+          fetch-depth: 0
+
+      - name: Detect recordprocessor changes in PR
+        id: detect
+        run: |
+          git fetch origin "${{ github.event.pull_request.base.ref }}"
+
+          if git diff --name-only "origin/${{ github.event.pull_request.base.ref }}" "${{ github.sha }}" | grep -q '^lambdas/recordprocessor/'; then
+            echo "has_changes=true" >> "$GITHUB_OUTPUT"
+          else
+            echo "has_changes=false" >> "$GITHUB_OUTPUT"
+          fi
+
   run-quality-checks:
     uses: ./.github/workflows/quality-checks.yml
     secrets:
       SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
 
   deploy-pr-backend:
-    needs: [run-quality-checks]
+    needs: [run-quality-checks, detect-recordprocessor-changes]
     uses: ./.github/workflows/deploy-backend.yml
     with:
       apigee_environment: internal-dev
+      build_recordprocessor_image: ${{ github.event.action == 'opened' || needs.detect-recordprocessor-changes.outputs.has_changes == 'true' }}
       create_mns_subscription: true
       environment: dev
       sub_environment: pr-${{github.event.pull_request.number}}