CCM-10922 supplier api bc (#48)

* CCM-10922 adding initial resources

* CCM-10922 Adding Suppliers API starting point

* CCM-10922 Adding Suppliers API starting point

* CCM-10922 Adding Suppliers API starting point

* CCM-10922 Adding Suppliers API starting point

* CCM-10922 fixing npm lock

Author: aidenvaines-cgi

.github/workflows/pr_closed.yaml

@@ -0,0 +1,56 @@
+name: PR Closed
+
+on:
+  workflow_dispatch:
+  pull_request:
+    types: [closed]
+    branches:
+      - main
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
+jobs:
+  check-merge-or-workflow-dispatch:
+    runs-on: ubuntu-latest
+    outputs:
+      deploy: ${{ steps.check.outputs.deploy }}
+    steps:
+      - name: Check if PR was merged or workflow is triggered by workflow_dispatch
+        id: check
+        run: |
+          if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
+            echo "deploy=true" >> $GITHUB_OUTPUT
+            echo "Job triggered by workflow_dispatch - running 'deploy-main'"
+          elif [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.merged }}" == "true" ]]; then
+            echo "deploy=true" >> $GITHUB_OUTPUT
+            echo "Job triggered by Merged PR - running 'deploy-main'"
+          else
+            echo "deploy=false" >> $GITHUB_OUTPUT
+            echo "Job not triggered by workflow_dispatch or Merged PR - Skipping 'deploy-main'"
+          fi
+
+  deploy-main:
+    needs: check-merge-or-workflow-dispatch
+    name: Deploy changes to main in dev AWS account
+    if: needs.check-merge-or-workflow-dispatch.outputs.deploy == 'true'
+
+    permissions:
+      id-token: write
+      contents: read
+
+    strategy:
+      max-parallel: 1
+      matrix:
+        component: [api]
+
+    uses: ./.github/workflows/reusable_internal_repo_build.yaml
+    secrets: inherit
+    with:
+      releaseVersion: main
+      targetWorkflow: "dispatch-deploy-static-notify-web-supplier-api-env.yaml"
+      targetEnvironment: "main"
+      targetAccountGroup: "nhs-notify-supplier-api-dev"
+      targetComponent: ${{ matrix.component }}
+      terraformAction: "apply"

.github/workflows/pr_create_dynamic_env.yaml

@@ -0,0 +1,49 @@
+name: PR Create Environment
+
+on:
+  pull_request:
+    types: [labeled, opened, synchronize, reopened, unlabeled, edited]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
+jobs:
+  create-dynamic-environment:
+    name: Create Dynamic Environment
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Trigger nhs-notify-internal dynamic environment workflow
+        shell: bash
+        run: |
+          set -x
+          this_repo_name=$(echo ${{ github.repository }} | cut -d'/' -f2)
+
+          DISPATCH_EVENT=$(jq -ncM \
+            --arg infraRepoName "${this_repo_name}" \
+            --arg releaseVersion "${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" \
+            --arg targetEnvironment "pr${{ github.event.number }}" \
+            --arg targetAccountGroup "nhs-notify-supplier-api-dev" \
+            --arg targetComponent "branch" \
+            --arg terraformAction "apply" \
+            --arg overrides "branch_name=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" \
+            '{ "ref": "main",
+              "inputs": {
+                "infraRepoName": $infraRepoName,
+                "releaseVersion", $releaseVersion,
+                "targetEnvironment", $targetEnvironment,
+                "targetAccountGroup", $targetAccountGroup,
+                "targetComponent", $targetComponent,
+                "terraformAction", $terraformAction,
+                "overrides", $overrides,
+              }
+            }')
+
+          curl --fail -L \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.PR_TRIGGER_PAT }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/repos/NHSDigital/nhs-notify-internal/actions/workflows/dispatch-deploy-dynamic-env.yaml/dispatches \
+            -d "${DISPATCH_EVENT}"

.github/workflows/pr_destroy_dynamic_env.yaml

@@ -0,0 +1,47 @@
+name: PR Destroy Environment
+
+on:
+  pull_request:
+    types: [closed]
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
+jobs:
+  create-dynamic-environment:
+    name: Destroy Dynamic Environment
+    runs-on: ubuntu-latest
+
+    steps:
+      - name: Trigger nhs-notify-internal dynamic environment destruction
+        shell: bash
+        run: |
+          set -x
+          this_repo_name=$(echo ${{ github.repository }} | cut -d'/' -f2)
+
+          DISPATCH_EVENT=$(jq -ncM \
+            --arg infraRepoName "${this_repo_name}" \
+            --arg releaseVersion "main" \
+            --arg targetEnvironment "pr${{ github.event.number }}" \
+            --arg targetAccountGroup "nhs-notify-supplier-api-dev" \
+            --arg targetComponent "branch" \
+            --arg terraformAction "destroy" \
+            '{ "ref": "main",
+              "inputs": {
+                "infraRepoName": $infraRepoName,
+                "releaseVersion", $releaseVersion,
+                "targetEnvironment", $targetEnvironment,
+                "targetAccountGroup", $targetAccountGroup,
+                "targetComponent", $targetComponent,
+                "terraformAction", $terraformAction,
+              }
+            }')
+
+          curl --fail -L \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.PR_TRIGGER_PAT }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            https://api.github.com/repos/NHSDigital/nhs-notify-internal/actions/workflows/dispatch-deploy-dynamic-env.yaml/dispatches \
+            -d "${DISPATCH_EVENT}"

.github/workflows/release_created.yaml

@@ -0,0 +1,32 @@
+name: Github Release Created
+
+on:
+  release:
+    types: ["published"] # Inherits all input defaults
+
+concurrency:
+  group: ${{ github.workflow }}-${{ github.ref }}
+  cancel-in-progress: false
+
+jobs:
+  deploy-main:
+    name: Deploy changes to main in nonprod AWS Account
+
+    permissions:
+      id-token: write
+      contents: read
+
+    strategy:
+      max-parallel: 1
+      matrix:
+        component: [api]
+
+    uses: ./.github/workflows/reusable_internal_repo_build.yaml
+    secrets: inherit
+    with:
+      releaseVersion: ${{ github.event.release.tag_name }}
+      targetWorkflow: "dispatch-deploy-static-notify-supliers-api-env.yaml"
+      targetEnvironment: "main"
+      targetAccountGroup: "nhs-notify-supliers-api-nonprod"
+      targetComponent: ${{ matrix.component }}
+      terraformAction: "apply"

.github/workflows/reusable_internal_repo_build.yaml

@@ -0,0 +1,142 @@
+name: Call Notify Internal Infrastructure Deployment
+## Sub workflow which plans and deploys Notify components as part of the workflow.
+## Review Gates may be required to proceed on triggered builds.
+
+on:
+  workflow_call:
+    inputs:
+      releaseVersion:
+        type: string
+        description: The Github release version, commit, or tag.
+        default: main
+      targetWorkflow:
+        type: string
+        description: The name of the github workflow to call.
+        default: main
+      targetEnvironment:
+        type: string
+        description: The Terraform environment to deploy
+        default: main
+      targetComponent:
+        type: string
+        description: The Terraform component to deploy
+        required: true
+      targetAccountGroup:
+        type: string
+        description: The Terraform group to deploy
+        required: true
+      terraformAction:
+        type: string
+        description: The Terraform component to deploy
+        default: plan
+
+concurrency:
+  group: ${{ inputs.targetEnvironment }}-${{ inputs.targetAccountGroup }}-${{ inputs.targetComponent }}-${{ inputs.terraformAction }}
+
+jobs:
+  trigger:
+    runs-on: ubuntu-latest
+
+    permissions:
+      id-token: write
+      contents: read
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Trigger nhs-notify-internal static environment workflow deployment
+        shell: bash
+        run: |
+          set -x
+
+          DISPATCH_EVENT=$(jq -ncM \
+            --arg releaseVersion ${{ inputs.releaseVersion }} \
+            --arg targetEnvironment ${{ inputs.targetEnvironment }} \
+            --arg targetAccountGroup ${{ inputs.targetAccountGroup }} \
+            --arg targetComponent ${{ inputs.targetComponent }} \
+            --arg terraformAction ${{ inputs.terraformAction }} \
+            '{ "ref": "main",
+              "inputs": {
+                "releaseVersion", $releaseVersion,
+                "targetEnvironment", $targetEnvironment,
+                "targetAccountGroup", $targetAccountGroup,
+                "targetComponent", $targetComponent,
+                "terraformAction", $terraformAction
+              }
+            }')
+
+          # Trigger The workflow
+          curl -L \
+            --fail \
+            --silent \
+            -X POST \
+            -H "Accept: application/vnd.github+json" \
+            -H "Authorization: Bearer ${{ secrets.PR_TRIGGER_PAT }}" \
+            -H "X-GitHub-Api-Version: 2022-11-28" \
+            "https://api.github.com/repos/NHSDigital/nhs-notify-internal/actions/workflows/${{ inputs.targetWorkflow }}/dispatches" \
+            -d "${DISPATCH_EVENT}"
+
+          echo "Workflow triggered successfully. HTTP response. Waiting for the workflow to complete.."
+
+          # Poll GitHub API to check the workflow status
+          run_id=""
+          for i in {1..12}; do
+            in_progress=$(curl -s \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ secrets.PR_TRIGGER_PAT }}" \
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              "https://api.github.com/repos/NHSDigital/nhs-notify-internal/actions/runs?event=workflow_dispatch&status=in_progress")
+
+            run_id=$(echo "$in_progress" | jq -r \
+              --arg env "${{ inputs.targetEnvironment }}" \
+              --arg component "${{ inputs.targetComponent }}" \
+              --arg group "${{ inputs.targetAccountGroup }}" \
+              --arg releaseVersion "${{ inputs.releaseVersion }}" \
+              '.workflow_runs[]
+                | select(.name | contains($env) and contains($component) and contains($group) and contains($releaseVersion))
+                | .id' | head -n 1)
+
+            if [[ -n "$run_id" && "$run_id" != null ]]; then
+              echo "Found workflow run with ID: $run_id"
+              break
+            fi
+
+            echo "Waiting for workflow to start..."
+            sleep 10
+          done
+
+          if [[ -z "$run_id" || "$run_id" == null ]]; then
+            echo "Failed to get the workflow run ID. Exiting."
+            exit 1
+          fi
+
+          # Wait for workflow completion
+          while true; do
+            sleep 10
+            status=$(curl -s \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ secrets.PR_TRIGGER_PAT }}" \
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              "https://api.github.com/repos/NHSDigital/nhs-notify-internal/actions/runs/$run_id" \
+              | jq -r '.status')
+
+            conclusion=$(curl -s \
+              -H "Accept: application/vnd.github+json" \
+              -H "Authorization: Bearer ${{ secrets.PR_TRIGGER_PAT }}" \
+              -H "X-GitHub-Api-Version: 2022-11-28" \
+              "https://api.github.com/repos/NHSDigital/nhs-notify-internal/actions/runs/$run_id" \
+              | jq -r '.conclusion')
+
+            if [ "$status" == "completed" ]; then
+              if [ "$conclusion" == "success" ]; then
+                echo "Workflow completed successfully."
+                exit 0
+              else
+                echo "Workflow failed with conclusion: $conclusion"
+                exit 1
+              fi
+            fi
+
+            echo "Workflow still running..."
+            sleep 20
+          done

.tool-versions

@@ -1,8 +1,6 @@
 act 0.2.64
-editorconfig-checker 3.3.0
 gitleaks 8.24.0
 jq 1.6
-markdownlint-cli2 0.18.1
 nodejs 22.11.0
 pnpm 10.4.1
 pre-commit 3.6.0

infrastructure/terraform/bin/terraform.sh

@@ -403,7 +403,7 @@ readonly component_name=$(basename ${component_path});
 # verify terraform version matches .tool-versions
 echo ${PWD}
 tool_version=$(grep "terraform " .tool-versions | cut -d ' ' -f 2)
-asdf plugin-add terraform && asdf install terraform "${tool_version}"
+asdf plugin add terraform && asdf install terraform "${tool_version}"
 current_version=$(terraform --version | head -n 1 | cut -d 'v' -f 2)
 
 if [ -z "${current_version}" ] || [ "${current_version}" != "${tool_version}" ]; then

…mponents/examplecomponent/.tool-versions …/terraform/components/api/.tool-versionsinfrastructure/terraform/components/examplecomponent/.tool-versions renamed to infrastructure/terraform/components/api/.tool-versions infrastructure/terraform/components/examplecomponent/.tool-versions renamed to infrastructure/terraform/components/api/.tool-versions

@@ -10,7 +10,7 @@ No requirements.
 | Name | Description | Type | Default | Required |
 |------|-------------|------|---------|:--------:|
 | <a name="input_aws_account_id"></a> [aws\_account\_id](#input\_aws\_account\_id) | The AWS Account ID (numeric) | `string` | n/a | yes |
-| <a name="input_component"></a> [component](#input\_component) | The variable encapsulating the name of this component | `string` | `"examplecomponent"` | no |
+| <a name="input_component"></a> [component](#input\_component) | The variable encapsulating the name of this component | `string` | `"supapi"` | no |
 | <a name="input_default_tags"></a> [default\_tags](#input\_default\_tags) | A map of default tags to apply to all taggable resources within the component | `map(string)` | `{}` | no |
 | <a name="input_environment"></a> [environment](#input\_environment) | The name of the tfscaffold environment | `string` | n/a | yes |
 | <a name="input_force_lambda_code_deploy"></a> [force\_lambda\_code\_deploy](#input\_force\_lambda\_code\_deploy) | If the lambda package in s3 has the same commit id tag as the terraform build branch, the lambda will not update automatically. Set to True if making changes to Lambda code from on the same commit for example during development | `bool` | `false` | no |

…rm/components/examplecomponent/README.md …cture/terraform/components/api/README.mdinfrastructure/terraform/components/examplecomponent/README.md renamed to infrastructure/terraform/components/api/README.md infrastructure/terraform/components/examplecomponent/README.md renamed to infrastructure/terraform/components/api/README.md

@@ -1,6 +1,5 @@
 locals {
   bootstrap = data.terraform_remote_state.bootstrap.outputs
-  acct      = data.terraform_remote_state.acct.outputs
 }
 
 data "terraform_remote_state" "bootstrap" {
@@ -21,20 +20,3 @@ data "terraform_remote_state" "bootstrap" {
   }
 }
 
-data "terraform_remote_state" "acct" {
-  backend = "s3"
-
-  config = {
-    bucket = local.terraform_state_bucket
-
-    key = format(
-      "%s/%s/%s/%s/acct.tfstate",
-      var.project,
-      var.aws_account_id,
-      "eu-west-2",
-      var.parent_acct_environment
-    )
-
-    region = "eu-west-2"
-  }
-}