refactoring other workflows to use reusable deploy

Author: francisco-videira-nhs

.github/workflows/deploy-dynamic-env-proxy.yaml

@@ -1,5 +1,5 @@
-name: Deploy proxy to environment
-run-name: Proxygen Deployment for internal-dev
+name: Deploy dynamic PR environment proxy
+run-name: Deploy proxy for PR environment on internal-dev by @${{ github.actor }}
 
 on:
   workflow_dispatch:
@@ -15,22 +15,23 @@ permissions:
   packages: read
 
 jobs:
-  deploy-environment:
+  deploy-pr-proxy:
     runs-on: ubuntu-latest
-    name: Deploy to Environment
+    name: Deploy proxy to dynamic PR environment
     steps:
       - name: Checkout
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6
-        with:
-          node-version: 22
 
-      - name: Npm install
+      - name: Install dependencies
         uses: ./.github/actions/node-install
         with:
-          node-version: 22
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
+      - name: Resolve nodejs version
+        id: toolversions
+        run: echo "nodejs_version=$(grep '^nodejs\s' .tool-versions | cut -f2 -d' ')" >>
+          "$GITHUB_OUTPUT"
+
       - name: "Check if pull request exists for this branch and set
           ENVIRONMENT/APIM_ENV"
         id: pr_exists
@@ -60,23 +61,27 @@ jobs:
           echo "ENVIRONMENT=$ENVIRONMENT" >> $GITHUB_ENV
           echo "APIM_ENV=$APIM_ENV" >> $GITHUB_ENV
 
-      - name: "Build OAS spec"
+      - name: Build OAS spec
         uses: ./.github/actions/build-oas-spec
         with:
+          version: "pr${{ steps.pr_exists.outputs.pr_number }}"
           apimEnv: "${{ env.APIM_ENV }}"
           buildSandbox: ${{ inputs.build_sandbox }}
+          nodejs_version: ${{ steps.toolversions.outputs.nodejs_version }}
           NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
-      - name: "Build proxies"
+      - name: Deploy proxy
         env:
           PROXYGEN_API_NAME: nhs-notify-supplier
           PR_NUMBER: ${{ steps.pr_exists.outputs.pr_number }}
           APP_CLIENT_ID: ${{ secrets.APP_CLIENT_ID }}
           APP_PEM_FILE: ${{ secrets.APP_PEM_FILE }}
         uses: ./.github/actions/build-proxies
         with:
+          targetComponent: api
           environment: "${{ env.ENVIRONMENT }}"
           apimEnv: "${{ env.APIM_ENV }}"
           runId: "${{ github.run_id }}"
           buildSandbox: ${{ inputs.build_sandbox }}
           releaseVersion: ${{ github.ref_name }}
+          version: "pr${{ steps.pr_exists.outputs.pr_number }}"

.github/workflows/deploy-supplier-api.yaml

@@ -231,7 +231,6 @@ jobs:
           APP_PEM_FILE: ${{ secrets.APP_PEM_FILE }}
         uses: ./.github/actions/build-proxies
         with:
-          targetComponent: api
           environment: ${{ needs.validate.outputs.target_environment }}
           apimEnv: ${{ needs.validate.outputs.apim_environment }}
           runId: "${{ github.run_id }}"

.github/workflows/pr_closed.yaml

@@ -3,7 +3,7 @@ name: PR Closed
 on:
   workflow_dispatch:
   pull_request:
-    types: [closed]
+    types: [ closed ]
     branches:
       - main
 
@@ -34,33 +34,15 @@ jobs:
   deploy-main:
     needs: check-merge-or-workflow-dispatch
     name: Deploy changes to main in dev AWS account
-    runs-on: ubuntu-latest
     if: needs.check-merge-or-workflow-dispatch.outputs.deploy == 'true'
-
-    permissions:
-      id-token: write
-      contents: read
-
-    strategy:
-      max-parallel: 1
-      matrix:
-        component: [api]
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
-      - name: Updating Main Environment
-        env:
-          APP_CLIENT_ID: ${{ secrets.APP_CLIENT_ID }}
-          APP_PEM_FILE: ${{ secrets.APP_PEM_FILE }}
-        run: |
-          bash .github/scripts/dispatch_internal_repo_workflow.sh \
-            --releaseVersion "main" \
-            --targetWorkflow "dispatch-deploy-static-notify-supplier-api-env.yaml" \
-            --targetEnvironment "main" \
-            --targetAccountGroup "nhs-notify-supplier-api-dev" \
-            --targetComponent "${{ matrix.component }}" \
-            --terraformAction "apply"
+    uses: ./.github/workflows/deploy-supplier-api.yaml
+    secrets: inherit
+    with:
+      source_type: branch
+      source_value: main
+      deploy_backend: true
+      backend_account_group: dev
+      deploy_proxy: false
 
   check-event-schemas-version-change:
     name: Check for event schemas package version change
@@ -78,8 +60,8 @@ jobs:
       - name: Setup NodeJS
         uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
         with:
-          node-version-file: '.tool-versions'
-          registry-url: 'https://npm.pkg.github.com'
+          node-version-file: ".tool-versions"
+          registry-url: "https://npm.pkg.github.com"
 
       - name: check if local version differs from latest published version
         id: check-version
@@ -137,8 +119,8 @@ jobs:
       - name: Setup NodeJS
         uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
         with:
-          node-version-file: '.tool-versions'
-          registry-url: 'https://npm.pkg.github.com'
+          node-version-file: ".tool-versions"
+          registry-url: "https://npm.pkg.github.com"
 
       - name: Install dependencies
         env:

.github/workflows/release_created.yaml

@@ -2,67 +2,25 @@ name: Github Release Created
 
 on:
   release:
-    types: ["released"] # Inherits all input defaults
-  workflow_dispatch:
-    inputs:
-      releaseVersion:
-        description: Release, tag, branch, or commit ID to be used for deployment
-        required: false
-        default: "main"
-        type: string
+    types: [ "released" ]
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: false
 
-jobs:
-  deploy-main:
-    name: Deploy changes to main in nonprod AWS Account
-    runs-on: ubuntu-latest
-
-    permissions:
-      id-token: write
-      contents: read
-
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
-      - name: Deploy Nonprod Environment
-        env:
-          APP_CLIENT_ID: ${{ secrets.APP_CLIENT_ID }}
-          APP_PEM_FILE: ${{ secrets.APP_PEM_FILE }}
-        run: |
-          bash .github/scripts/dispatch_internal_repo_workflow.sh \
-            --releaseVersion "${{ github.event.release.tag_name || inputs.releaseVersion }}" \
-            --targetWorkflow "dispatch-deploy-static-notify-supplier-api-env.yaml" \
-            --targetEnvironment "main" \
-            --targetAccountGroup "nhs-notify-supplier-api-nonprod" \
-            --targetComponent "api" \
-            --terraformAction "apply"
-  deploy-proxy:
-    needs: deploy-main #wait for backend deploy to complete
-    name: "Deploy proxy"
-    runs-on: ubuntu-latest
-    timeout-minutes: 10
+permissions:
+  id-token: write
+  contents: read
+  packages: read
 
-    permissions:
-      id-token: write
-      contents: read
-      actions: read
-
-    env:
-      PROXYGEN_API_NAME: nhs-notify-supplier
-      APP_CLIENT_ID: ${{ secrets.APP_CLIENT_ID }}
-      APP_PEM_FILE: ${{ secrets.APP_PEM_FILE }}
-
-    steps:
-      - name: "Checkout code"
-        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5
-      - name: "Build proxies"
-        uses: ./.github/actions/build-proxies
-        with:
-          environment: "main"
-          apimEnv: "int"
-          runId: "${{ github.run_id }}"
-          releaseVersion: "${{ github.event.release.tag_name || inputs.releaseVersion }}"
-          isRelease: true
+jobs:
+  deploy:
+    uses: ./.github/workflows/deploy-supplier-api.yaml
+    secrets: inherit
+    with:
+      source_type: release
+      source_value: ${{ github.event.release.tag_name }}
+      deploy_backend: true
+      backend_account_group: nonprod
+      deploy_proxy: true
+      apim_environment: int