Skip to content

Chore: [AEA-6424] - use new common workflows #2951

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
anthony-nhs merged 6 commits into from
Apr 8, 2026
Merged

Chore: [AEA-6424] - use new common workflows #2951

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
b878d0c
fix permissions
anthony-nhs Apr 8, 2026
88ba8f0
fix
anthony-nhs Apr 8, 2026
0af1a53
fix
anthony-nhs Apr 8, 2026
9aca31b
fix
anthony-nhs Apr 8, 2026
057447e
fix
anthony-nhs Apr 8, 2026
6880007
ignore-script
anthony-nhs Apr 8, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .devcontainer/devcontainer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"args": {
"DOCKER_GID": "${env:DOCKER_GID:}",
"IMAGE_NAME": "node_24_python_3_12",
"IMAGE_VERSION": "v1.2.0",
"IMAGE_VERSION": "v1.4.4",
"USER_UID": "${localEnv:USER_ID:}",
"USER_GID": "${localEnv:GROUP_ID:}"
},
Expand Down
2 changes: 2 additions & 0 deletions .github/CODEOWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# restrict access to approving workflow changes
.github/workflows/ @NHSDigital/eps-admins
Comment thread
MatthewPopat-NHS marked this conversation as resolved.
26 changes: 0 additions & 26 deletions .github/actions/mark_jira_released/action.yml
View file
Open in desktop

This file was deleted.

89 changes: 0 additions & 89 deletions .github/actions/update_confluence_jira/action.yml
View file
Open in desktop

This file was deleted.

32 changes: 26 additions & 6 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,25 @@ on:
push:
branches: [main]

env:
BRANCH_NAME: ${{ github.event.ref.BRANCH_NAME }}
permissions: {}

jobs:
get_config_values:
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@5ac2707dd9cd60ad127275179495b9c890d74711
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@c8f899f30a6a726859b0277faa73cd9ff7f4de20
permissions:
attestations: read
contents: read
packages: read
with:
verify_published_from_main_image: true

quality_checks:
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@5ac2707dd9cd60ad127275179495b9c890d74711
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@c8f899f30a6a726859b0277faa73cd9ff7f4de20
needs: [get_config_values]
permissions:
contents: read
id-token: write
packages: read
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
secrets:
Expand All @@ -33,26 +40,33 @@ jobs:

tag_release:
needs: [quality_checks, get_commit_id, get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@5ac2707dd9cd60ad127275179495b9c890d74711
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@c8f899f30a6a726859b0277faa73cd9ff7f4de20
permissions:
id-token: write
contents: write
packages: write
with:
dry_run: true
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
branch_name: main
tag_format: ${{ needs.get_config_values.outputs.tag_format }}
secrets: inherit

package_code:
needs: [tag_release, get_config_values]
uses: ./.github/workflows/run_package_code_and_api.yml
permissions:
contents: read
packages: read
id-token: write
Comment thread
anthony-nhs marked this conversation as resolved.
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}

release_dev:
needs: [tag_release, package_code, get_commit_id, get_config_values]
uses: ./.github/workflows/run_release_code_and_api.yml
permissions:
contents: write
id-token: write
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
Expand Down Expand Up @@ -99,6 +113,9 @@ jobs:
release_sandbox_dev:
needs: [tag_release, package_code, get_commit_id, get_config_values]
uses: ./.github/workflows/run_release_code_and_api.yml
permissions:
contents: write
id-token: write
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}-sandbox
Expand Down Expand Up @@ -140,6 +157,9 @@ jobs:
needs:
[tag_release, release_dev, package_code, get_commit_id, get_config_values]
uses: ./.github/workflows/run_release_code_and_api.yml
permissions:
contents: write
id-token: write
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
Expand Down
5 changes: 3 additions & 2 deletions .github/workflows/delete_old_cloudformation_stacks.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ on:
- cron: "0 1,13 * * *"
push:
branches: [main]
permissions: {}

jobs:
delete-old-cloudformation-stacks:
Expand All @@ -19,8 +20,8 @@ jobs:
- name: Checkout local code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
with:
ref: ${{ env.BRANCH_NAME }}
fetch-depth: 0
persist-credentials: false

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7
Expand All @@ -46,8 +47,8 @@ jobs:
- name: Checkout local code
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
with:
ref: ${{ env.BRANCH_NAME }}
fetch-depth: 0
persist-credentials: false

- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@8df5847569e6427dd6c4fb1cf565c83acfa8afa7
Expand Down
38 changes: 30 additions & 8 deletions .github/workflows/pull_request.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,32 +4,44 @@ on:
pull_request:
branches: [main]

env:
BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
permissions: {}

jobs:
dependabot-auto-approve-and-merge:
needs: quality_checks
uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@5ac2707dd9cd60ad127275179495b9c890d74711
uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@c8f899f30a6a726859b0277faa73cd9ff7f4de20
permissions:
contents: write
pull-requests: write
secrets:
AUTOMERGE_APP_ID: ${{ secrets.AUTOMERGE_APP_ID }}
AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}

get_config_values:
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@5ac2707dd9cd60ad127275179495b9c890d74711
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@c8f899f30a6a726859b0277faa73cd9ff7f4de20
permissions:
attestations: read
contents: read
packages: read
with:
verify_published_from_main_image: false

quality_checks:
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@5ac2707dd9cd60ad127275179495b9c890d74711
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@c8f899f30a6a726859b0277faa73cd9ff7f4de20
needs: [get_config_values]
permissions:
contents: read
id-token: write
packages: read
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

pr_title_format_check:
uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@5ac2707dd9cd60ad127275179495b9c890d74711
uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@c8f899f30a6a726859b0277faa73cd9ff7f4de20
permissions:
pull-requests: write

get_issue_number:
runs-on: ubuntu-22.04
Expand Down Expand Up @@ -60,16 +72,16 @@ jobs:

tag_release:
needs: [get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@5ac2707dd9cd60ad127275179495b9c890d74711
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@c8f899f30a6a726859b0277faa73cd9ff7f4de20
permissions:
id-token: write
contents: write
packages: write
with:
dry_run: true
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
branch_name: ${{ github.event.pull_request.head.ref }}
tag_format: ${{ needs.get_config_values.outputs.tag_format }}
secrets: inherit

get_commit_id:
runs-on: ubuntu-22.04
Expand All @@ -84,12 +96,19 @@ jobs:
package_code:
needs: [get_issue_number, get_config_values]
uses: ./.github/workflows/run_package_code_and_api.yml
permissions:
contents: read
packages: read
id-token: write
Comment thread
anthony-nhs marked this conversation as resolved.
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}

release_code:
needs: [get_issue_number, package_code, get_commit_id, get_config_values]
uses: ./.github/workflows/run_release_code_and_api.yml
permissions:
contents: write
id-token: write
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
STACK_NAME: psu-pr-${{needs.get_issue_number.outputs.issue_number}}
Expand Down Expand Up @@ -136,6 +155,9 @@ jobs:
release_sandbox_code:
needs: [get_issue_number, package_code, get_commit_id, get_config_values]
uses: ./.github/workflows/run_release_code_and_api.yml
permissions:
contents: write
id-token: write
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
STACK_NAME: psu-pr-${{needs.get_issue_number.outputs.issue_number}}-sandbox
Expand Down
Loading
Loading