From b936f5153c4f06a8d67cf5556134c1f9c600a730 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 7 Aug 2024 13:10:39 +0100 Subject: [PATCH 001/100] Fresh PR made with changes --- .github/workflows/terraform.yaml | 105 ++++++ .github/workflows/update-repos.yaml | 18 +- ReadMe.md | 49 +-- components/data.tf | 10 +- components/locals.tf | 39 +-- components/main.tf | 1 - components/outputs.tf | 22 +- components/provider.tf | 15 +- components/readme.md | 52 +++ components/variables.tf | 2 +- .../set_org_custom_properties.py | 167 +++++++++ production-repos.json | 320 +----------------- scripts/update-readme.py | 88 +++++ scripts/update-repo-list.py | 2 +- 14 files changed, 459 insertions(+), 431 deletions(-) create mode 100644 .github/workflows/terraform.yaml create mode 100644 components/readme.md create mode 100644 custom-properties/set_org_custom_properties.py create mode 100644 scripts/update-readme.py diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml new file mode 100644 index 000000000..dae8a5897 --- /dev/null +++ b/.github/workflows/terraform.yaml @@ -0,0 +1,105 @@ +name: Terraform CI/CD +on: + pull_request: + branches: + - master + push: + branches: + - master + workflow_dispatch: + +env: + TF_LOG: INFO + +permissions: + id-token: write + issues: write + pull-requests: write + contents: read + +jobs: + terraform: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v3 + + - name: Setup Terraform + uses: hashicorp/setup-terraform@v2 + + - name: 'Az CLI login' + uses: azure/login@v1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + + - name: Install jq + run: sudo apt-get install jq -y + + - name: List Repositories and Branches + run: | + echo "Checking Repositories and Branches" + cat ./production-repos.json + for repo in $(jq -r '.[]' ./production-repos.json); do + echo "Checking repository: $repo" + curl -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ + -H "Accept: application/vnd.github.v3+json" \ + https://api.github.com/repos/hmcts/$repo + + for branch in main master; do + echo "Checking branch: $branch in repository: $repo" + curl -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ + -H "Accept: application/vnd.github.v3+json" \ + https://api.github.com/repos/hmcts/$repo/branches/$branch + done + done + + - name: Terraform Init + working-directory: components + env: + STORAGE_ACCOUNT: ${{ secrets.STORAGE_ACCOUNT }} + CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }} + RESOURCE_GROUP_NAME: ${{ secrets.RESOURCE_GROUP_NAME }} + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + run: terraform init -backend-config="storage_account_name=$STORAGE_ACCOUNT" -backend-config="container_name=$CONTAINER_NAME" -backend-config="resource_group_name=$RESOURCE_GROUP_NAME" -reconfigure + + - name: Terraform format + working-directory: components + id: fmt + run: terraform fmt -check + + - name: Terraform validate + working-directory: components + id: validate + env: + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + run: terraform validate + + - name: Terraform plan + working-directory: components + id: plan + env: + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} + run: terraform plan -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" + + - name: Terraform Apply + if: github.event_name == 'push' && github.ref == 'refs/heads/master' + working-directory: components + env: + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file diff --git a/.github/workflows/update-repos.yaml b/.github/workflows/update-repos.yaml index d625ffa71..313ef4237 100644 --- a/.github/workflows/update-repos.yaml +++ b/.github/workflows/update-repos.yaml @@ -6,7 +6,7 @@ on: workflow_dispatch: jobs: - update-file: + update-files: runs-on: ubuntu-latest steps: @@ -23,15 +23,23 @@ jobs: python -m pip install --upgrade pip pip install pyyaml requests - - name: Run update script + - name: Run set_org_custom_properties script + env: + OAUTH_TOKEN: ${{ secrets.OAUTH_TOKEN }} + run: python custom-properties/set_org_custom_properties.py + + - name: Run update-repo-list script run: python scripts/update-repo-list.py + - name: Run update-readme script + run: python scripts/update-readme.py + - name: Commit and push changes run: | git config --global user.name 'hmcts-platform-operations' git config --global user.email 'github-platform-operations@HMCTS.NET' - git add production-repos.json - git commit -m 'Update repository list' + git add production-repos.json readme.md + git commit -m 'Update repository list and readme' git push env: - GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} + GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} \ No newline at end of file diff --git a/ReadMe.md b/ReadMe.md index 16f296261..46d27b7ad 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -2,63 +2,48 @@ This repository contains code to manage GitHub repository branch protection rules for HMCTS. -## Overview +# Overview -This Terraform configuration automates the process of setting up branch protection rules across multiple GitHub repositories. It implements a batching system to handle a large number of repositories efficiently while respecting GitHub API rate limits. +This Terraform configuration automates the process of setting up rule sets across multiple GitHub repositories. It implements a batching system to handle a large number of repositories efficiently while respecting GitHub API rate limits. - [Rate Limits Page](https://docs.github.com/en/rest/using-the-rest-api/rate-limits-for-the-rest-api?apiVersion=2022-11-28) + + +| **Repository Type** | **Count** | +|---------------------------|-----------| +| Production Repositories | [11](https://github.com/hmcts/github-repository-rules/blob/DTSPO-18104-typo-file-V2/production-repos.json) | +| Development Repositories | 0 | + + ## Getting Started ### Prerequisites - [Terraform](https://www.terraform.io/downloads.html) (version 1.5.7 or later) -- GitHub Personal Access Token with appropriate permissions. - -### Configuration +- Oauth or PAT Token with appropriate permissions. -1. Clone this repository: -git clone https://github.com/hmcts/github-repository-rules.git -2. Create a `terraform.tfvars` file with your GitHub token: -3. The python file runs as a cron job via GitHub Actions pipeline at midnight and updates the JSON file with new repositories. ## What This Does -- Reads a list of repositories from `prod-repos.json` -- Checks for the existence of 'main' and 'master' branches in each repository. -- Applies branch protection rules to existing branches. +- Reads a list of repositories from `production-repos.json` +- Creates rule sets on the repositories read from the JSON file, applying standardisation across all repositories. +- Creates custom properties to tag and categorize repositories, such as marking repositories as "in production." - Processes repositories in batches to manage API rate limits. + ## Maintenance To add or remove repositories follow the below: 1. Open a fresh PR from the master branch ensuring you have pulled down recent changes to the master branch. -2. Update the `prod-repos.json` file with any repository you want. Ensure that its in the format of just the repo name eg: "github-repository-rules" +2. Applies standardized rule sets to repositories listed in the `production-repos.json` file, ensuring consistent management and configuration across all repositories. 3. Create a PR and allow the GH Actions pipeline to run a Terraform Plan to confirm changes are accepted. 4. Once this first pipeline checks out, the second pipeline will apply your changes and update the branch protection rules. 5. Once applied delete your branch. -## Recent Changes - -We recently addressed issues with scaling to a larger number of repositories. Here's a summary of the changes: - -1. Implemented a batching system that splits repositories into smaller groups of 20. -2. Processes each batch sequentially with built-in delays between batches. -3. Only applies branch protection rules after all batches have been processed. - -These changes allow us to handle a significantly larger number of repositories without overwhelming the GitHub API or causing Terraform to crash. The system is now more scalable for future growth. - -## Project Structure - -- `main.tf`: Contains the main Terraform configuration for branch protection rules. -- `data.tf`: Defines data sources for GitHub repositories and branches. -- `locals.tf`: Contains local variables for processing repository data. -- `outputs.tf`: Defines outputs for branch summaries and counts. -- `prod-repos.json`: List of repositories to manage. - ## Troubleshooting - Check your Terraform version and ensure there are no underlying bugs with the provider versions. -- Ensure you have formatted your repository name correctly as it may not pick it up properly. +- Ensure you have formatted your repository name correctly as it may not pick it up properly. \ No newline at end of file diff --git a/components/data.tf b/components/data.tf index 68ce78b82..7973e6897 100644 --- a/components/data.tf +++ b/components/data.tf @@ -4,12 +4,4 @@ data "github_team" "admin" { data "local_file" "repos_json" { filename = "${path.module}./production-repos.json" -} - -data "github_branch" "existing_branches" { - for_each = { - for combo in local.repo_branch_combinations : "${combo.repo}:${combo.branch}" => combo - } - repository = each.value.repo - branch = each.value.branch -} +} \ No newline at end of file diff --git a/components/locals.tf b/components/locals.tf index 6a19ab37a..9128cf66d 100644 --- a/components/locals.tf +++ b/components/locals.tf @@ -12,41 +12,8 @@ locals { for repo in local.all_repositories : repo if !contains(local.excluded_repositories, repo) ] - - branches_to_check = ["main", "master"] - batch_size = 10 - - # Split repositories into batches of 10 to help handle the API Rate limits - repo_batches = chunklist(local.included_repositories, local.batch_size) - - repo_branch_combinations = flatten([ - for batch in local.repo_batches : [ - for repo in batch : [ - for branch in local.branches_to_check : { - repo = repo - branch = branch - } - ] - ] - ]) - - # Create a map of existing branches - existing_branches = { - for key, branch in data.github_branch.existing_branches : - key => branch - } - - # Checks if a main/master branch exists on the repositories - branch_summary = { - for repo in local.included_repositories : - repo => { - main = contains(keys(local.existing_branches), "${repo}:main") - master = contains(keys(local.existing_branches), "${repo}:master") - } - } } - locals { env_display_names = { sbox = "Sandbox" @@ -64,8 +31,4 @@ locals { "costCentre" = "" } enforced_tags = module.tags.common_tags -} - - - - +} \ No newline at end of file diff --git a/components/main.tf b/components/main.tf index bf0adbe7b..8bc0249ae 100644 --- a/components/main.tf +++ b/components/main.tf @@ -73,4 +73,3 @@ resource "github_organization_ruleset" "default_ruleset" { bypass_mode = "always" } } - diff --git a/components/outputs.tf b/components/outputs.tf index 5e34a937a..62c76cb79 100644 --- a/components/outputs.tf +++ b/components/outputs.tf @@ -4,24 +4,4 @@ output "common_tags" { Product = var.product BuiltFrom = var.builtFrom } -} - - -# This outout below will summarise how many repos have a master, main or both branches on the repos -output "branch_count" { - value = { - total_repos = length(local.included_repositories) - repos_with_main = sum([for repo, branches in local.branch_summary : branches.main ? 1 : 0]) - repos_with_master = sum([for repo, branches in local.branch_summary : branches.master ? 1 : 0]) - repos_with_both = sum([for repo, branches in local.branch_summary : (branches.main && branches.master) ? 1 : 0]) - } - description = "Summary of branch counts" -} - -# output "existing_branches" { -# value = keys(local.existing_branches) -# } - -# output "branch_summary" { -# value = local.branch_summary -# } +} \ No newline at end of file diff --git a/components/provider.tf b/components/provider.tf index 31bdaae7a..3e40917dc 100644 --- a/components/provider.tf +++ b/components/provider.tf @@ -24,20 +24,7 @@ terraform { required_providers { github = { source = "integrations/github" - version = "~> 5.0" + version = "~> 6.0" } } } - -# required_providers { -# github = { -# source = "integrations/github" -# version = "6.2.1" -# } -# azurerm = { -# source = "hashicorp/azurerm" -# version = "3.109.0" -# } -# } -# } - diff --git a/components/readme.md b/components/readme.md new file mode 100644 index 000000000..3de42dec0 --- /dev/null +++ b/components/readme.md @@ -0,0 +1,52 @@ +## Terraform documentation + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.5.7 | +| [github](#requirement\_github) | ~> 6.0 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | n/a | +| [github](#provider\_github) | ~> 6.0 | +| [local](#provider\_local) | n/a | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [tags](#module\_tags) | git::https://github.com/hmcts/terraform-module-common-tags.git | master | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [azurerm_storage_account.sa](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) | resource | +| [azurerm_storage_container.tfstate](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource | +| [github_organization_ruleset.default_ruleset](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/organization_ruleset) | resource | +| [github_team.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/team) | data source | +| [local_file.repos_json](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [builtFrom](#input\_builtFrom) | Information about the build source or version | `string` | `"https://github.com/hmcts/github-repository-rules"` | no | +| [env](#input\_env) | The environment for the deployment (e.g., dev, staging, prod) | `string` | `"dev"` | no | +| [location](#input\_location) | The location for the resources | `string` | `"UK South"` | no | +| [oauth\_token](#input\_oauth\_token) | OAUTH token to use for authentication. | `string` | n/a | yes | +| [override\_action](#input\_override\_action) | The action to override | `string` | `"plan"` | no | +| [product](#input\_product) | The product name or identifier | `string` | `"sds-platform"` | no | +| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group | `string` | `"rule-set-rg"` | no | +| [storage\_account\_name](#input\_storage\_account\_name) | The name of the storage account | `string` | `"rulesetsa"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [common\_tags](#output\_common\_tags) | n/a | \ No newline at end of file diff --git a/components/variables.tf b/components/variables.tf index 6d4a4f24a..be25fcd05 100644 --- a/components/variables.tf +++ b/components/variables.tf @@ -44,4 +44,4 @@ variable "builtFrom" { description = "Information about the build source or version" type = string default = "https://github.com/hmcts/github-repository-rules" -} +} \ No newline at end of file diff --git a/custom-properties/set_org_custom_properties.py b/custom-properties/set_org_custom_properties.py new file mode 100644 index 000000000..a86cc2299 --- /dev/null +++ b/custom-properties/set_org_custom_properties.py @@ -0,0 +1,167 @@ +import os +import requests +import json +import logging + +# Setup logging +logging.basicConfig(level=logging.INFO) + +# GitHub API base URL +API_BASE = "https://api.github.com" + +# Get OAuth token from environment variable +TOKEN = os.environ.get('OAUTH_TOKEN') +if not TOKEN: + raise ValueError("OAUTH_TOKEN environment variable is not set") + +# Your organization name +ORG_NAME = "hmcts-test" + +# Headers for API requests +headers = { + "Authorization": f"Bearer {TOKEN}", + "Accept": "application/vnd.github+json" +} + +def define_custom_property(org_name): + """ + Define a custom property for the organization. + + Args: + org_name (str): The name of the GitHub organization. + + Returns: + int: The status code of the API response. + + Raises: + requests.RequestException: If the API request fails. + """ + url = f"{API_BASE}/orgs/{org_name}/properties/schema/is_production" + data = { + "value_type": "true_false", + "required": False, + "default_value": "", + "description": "Indicates if the repository is in production", + "allowed_values": None, # Set to None as required by API + "values_editable_by": "org_and_repo_actors" + } + response = requests.put(url, headers=headers, json=data) + if response.status_code != 200: + logging.error(f"Failed to define custom property for {org_name}: {response.json().get('message', 'Unknown error')}") + response.raise_for_status() + return response.status_code + +def set_custom_properties(repo_full_name, properties): + """ + Set custom properties for a repository. + + Args: + repo_full_name (str): The full name of the repository (org/repo). + properties (dict): The custom properties to set. + + Returns: + int: The status code of the API response. + + Raises: + requests.RequestException: If the API request fails. + """ + owner, repo = repo_full_name.split('/') + url = f"{API_BASE}/repos/{owner}/{repo}/properties/values" + data = { + "properties": [ + {"property_name": key, "value": value} + for key, value in properties.items() + ] + } + response = requests.patch(url, headers=headers, json=data) + if response.status_code != 204: + logging.error(f"Failed to set properties for {repo_full_name}: {response.json().get('message', 'Unknown error')}") + response.raise_for_status() + return response.status_code + +def get_custom_properties(repo_full_name): + """ + Get custom properties for a repository. + + Args: + repo_full_name (str): The full name of the repository (org/repo). + + Returns: + dict: The custom properties of the repository. + + Raises: + requests.RequestException: If the API request fails. + """ + owner, repo = repo_full_name.split('/') + url = f"{API_BASE}/repos/{owner}/{repo}/properties/values" + response = requests.get(url, headers=headers) + response.raise_for_status() + return response.json() + +def load_production_repos(): + """ + Load production repositories from production-repos.json file. + + Returns: + list: A list of production repositories. + + Raises: + FileNotFoundError: If the JSON file is not found. + json.JSONDecodeError: If the JSON file cannot be decoded. + Exception: If there is an unexpected error reading the file. + """ + script_dir = os.path.dirname(__file__) + json_file_path = os.path.join(script_dir, '../production-repos.json') + + try: + with open(json_file_path, 'r') as f: + repos = json.load(f) + if not isinstance(repos, list): + raise ValueError("JSON content is not a list") + return repos + except FileNotFoundError: + logging.error(f"Error: 'production-repos.json' not found at {os.path.abspath(json_file_path)}") + logging.error("Current working directory: %s", os.getcwd()) + logging.error("Contents of the current directory: %s", os.listdir('.')) + raise + except json.JSONDecodeError as e: + logging.error(f"Error decoding JSON from {json_file_path}: {e}") + raise + except Exception as e: + logging.error(f"Unexpected error reading {json_file_path}: {e}") + raise + +# Define the custom property at the organization level +try: + status = define_custom_property(ORG_NAME) + logging.info(f"Defined custom property for {ORG_NAME}: Status {status}") +except requests.RequestException as e: + logging.error(f"Failed to define custom property for {ORG_NAME}: {str(e)}") + +# Load production repositories +production_repos = load_production_repos() + +logging.info(f"Repositories found in production-repos.json:") +for repo in production_repos: + logging.info(f"- {repo}") + +# Apply custom properties to each repository and verify +for repo_name in production_repos: + repo_full_name = f"{ORG_NAME}/{repo_name}" + custom_properties = { + "is_production": "true" + } + + logging.info(f"\nSetting custom property for: {repo_name}") + try: + status = set_custom_properties(repo_full_name, custom_properties) + logging.info(f"Set properties for {repo_full_name}: Status {status}") + + # Verify the properties were set correctly + retrieved_properties = get_custom_properties(repo_full_name) + logging.info(f"Custom properties for {repo_full_name}: {retrieved_properties}") + + except requests.RequestException as e: + logging.error(f"Failed to set properties for {repo_full_name}: {str(e)}") + +logging.info("\nScript execution completed.") \ No newline at end of file diff --git a/production-repos.json b/production-repos.json index bd90a8639..3dd4446e9 100644 --- a/production-repos.json +++ b/production-repos.json @@ -1,311 +1,13 @@ [ - "cnp-module-shutterpage", - "et-sya-api", - "ia-hearings-api", - "rpe-pdf-service", - "cnp-module-key-vault", - "juror-public", - "hmc-hmi-inbound-adapter", - "juror-bureau", - "blob-router-service", - "ccd-case-document-am-api", - "pip-account-management", - "rpx-xui-manage-organisations", - "tax-tribunals-datacapture", - "hmi-apim-infrastructures", - "pre-vault", - "finrem-case-orchestration-service", - "cnp-module-vnet", - "ccpayfr-shared-infrastructure", - "am-shared-infrastructure", - "cnp-module-metric-alert", - "terraform-module-dynatrace-oneagent", - "ctsc-work-allocation", - "idam-api", - "probate-persistence-service", - "pip-shared-infrastructure-bootstap", - "probate-submit-service", - "service-auth-provider-app", - "hmc-cft-hearing-service", - "cnp-module-api-mgmt-subscription", - "probate-frontend", - "div-evidence-management-client-api", - "ia-bail-case-api", - "ccpay-paymentoutcome-web", - "terraform-module-application-insights", - "prl-citizen-frontend", - "idam-user-dashboard", - "wa-workflow-api", - "prl-wa-task-configuration", - "prl-shared-infrastructure", - "ccd-case-management-web", - "ecm-consumer", - "pre-functions", - "draft-store", - "cui-ra", - "sptribs-frontend", - "help-with-fees-shared-infrastructure", - "cmc-claim-store", - "sptribs-shared-infrastructure", - "ethos-repl-docmosis-service", - "civil-sdt-gateway", - "pre-shared-infrastructure", - "ctsc-shared-infrastructure", - "civil-camunda-bpmn-definition", - "bar-api", - "darts-automation", - "am-role-assignment-batch-service", - "nfdiv-shared-infrastructure", - "ccpay-bubble", - "probate-shared-infrastructure", - "cmc-legal-rep-frontend", - "ccd-definition-store-api", - "ia-home-office-integration-api", - "ccd-admin-web-api", - "pre-network", - "cnp-module-storage", - "terraform-module-sdp-db-user", - "terraform-module-servicebus-namespace", - "fis-hmc-api", - "cnp-module-waf", - "cmc-ccd-domain", - "ccd-admin-web", - "rd-shared-infrastructure", - "ccpay-bulkscanning-app", - "sscs-case-loader", - "cnp-module-action-group", - "div-respondent-frontend", - "ccd-case-activity-api", - "tax-tribunals-shared-infrastructure", - "am-judicial-booking-service", - "pip-shared-infrastructures", - "bar-shared-infrastructure", - "cnp-owaspdependencycheck-database", - "sds-toffee-shared-infrastructure", - "bulk-scan-orchestrator", - "pip-data-management", - "darts-gateway", - "ccd-logstash", - "lau-shared-infrastructure", - "em-shared-infrastructure", - "ccd-user-profile-api", - "cnp-module-webapp", - "sscs-submit-your-appeal", - "bulk-scan-payment-processor", - "ia-case-notifications-api", - "rd-location-ref-api", - "cmc-citizen-frontend", - "c100-application", - "ccpay-functions-node", - "sptribs-case-api", - "sscs-track-your-appeal-notifications", - "send-letter-service", - "div-shared-infrastructure", - "camunda-shared-infrastructure", - "pcq-consolidation-service", - "ccd-elastic-search", - "adoption-shared-infrastructure", - "wa-task-configuration-api", - "em-native-pdf-annotator-app", - "fpl-ccd-data-migration-tool", - "juror-scheduler-api", - "rd-judicial-api", - "snl-shared-infrastructure", - "fact-admin", - "em-annotation-api", - "cnp-module-trafficmanager", - "civil-citizen-ui", - "cnp-idam-master", - "sscs-cor-frontend", - "cnp-module-redis", - "disposer-idam-user", - "fact-shared-infrastructure", - "fact-frontend", - "libragob-shared-infrastructure", - "cnp-rhubarb-frontend", - "pip-subscription-management", - "juror-pnc", - "rpa-coh-continuous-online-resolution", - "rpx-shared-infrastructure", - "disposer-shared-infrastructure", - "civil-orchestrator-service", - "sscs-ccd-callback-orchestrator", - "darts-proxy", - "ia-case-access-api", - "ccpay-notifications-service", - "div-case-orchestration-service", - "cnp-core-compute", - "c100-shared-infrastructure", - "sscs-cor-backend", - "fpl-ccd-configuration", - "ccd-case-print-service", - "div-petitioner-frontend", - "cnp-module-trafficmanager-endpoint", - "pre-api", - "et-message-handler", - "aac-manage-case-assignment", - "am-role-assignment-service", - "pcq-shared-infrastructure", - "div-decree-nisi-frontend", - "div-validation-service", - "cnp-module-api-mgmt", - "terraform-module-log-analytics-workspace-id", - "rd-caseworker-ref-api", - "cnp-module-api-mgmt-api-operation", - "fis-shared-infrastructure", - "et-ccd-callbacks", - "ts-translation-service", - "em-hrs-api", - "lau-case-backend", - "sscs-track-your-appeal-frontend", - "darts-shared-infrastructure", - "div-fees-and-payments-service", - "rd-judicial-data-load", - "civil-ccd-definition", - "probate-orchestrator-service", - "et-sya-frontend", - "cnp-module-application-insights", - "dg-docassembly-api", - "fact-api", - "civil-sdt", - "rpa-em-ccd-orchestrator", - "docmosis-infrastructure", - "sscs-shared-infrastructure", - "ia-case-api", - "ccpay-service-request-cpo-update-service", - "juror-shared-infrastructure", - "div-document-generator-client", - "cnp-module-automation-runbook-start-stop-vm", - "am-org-role-mapping-service", - "div-health-monitor", - "sscs-task-configuration", - "cmc-claim-submit-api", - "rpa-professional-api", - "juror-scheduler-execution", - "makeaplea-shared-infrastructure", - "adoption-web", - "pdm-shared-infrastructure", - "rd-commondata-api", - "wa-case-event-handler", - "terraform-module-servicebus-topic", - "ccd-definition-designer-api", - "cnp-rhubarb-recipes-service", - "sds-toffee-frontend", - "ccpay-payment-api-gateway", - "cnp-keda-shared-infrastucture", - "hmc-shared-infrastructure", - "sscs-evidence-share", - "ia-task-configuration", - "prl-cos-api", - "ccpay-payment-app", - "sptribs-dss-update-case-web", - "ia-case-payments-api", - "wa-task-management-api", - "feature-toggle-api", - "pip-publication-services", - "darts-portal", - "reform-scan-notification-service", - "prd-pui-registration", - "probatemandb", - "cnp-pipelinemetrics-database", - "pdda-shared-infrastructure", - "bulk-scan-processor", - "cpo-case-payment-orders-api", - "em-stitching-api", - "terraform-module-servicebus-subscription", - "rpx-xui-approve-org", - "bar-web", - "cnp-module-api-mgmt-api", - "juror-api", - "ccd-api-gateway", - "prl-dgs-api", - "wa-shared-infrastructure", - "cnp-module-api-mgmt-product", - "ia-aip-frontend", - "pcq-frontend", - "civil-service", - "pcq-loader", - "probate-caveats-frontend", - "rpe-shared-infrastructure", - "em-icp-api", - "cet-shared-infrastructure", - "div-case-maintenance-service", - "ia-shared-infrastructure", - "idam-shared-infrastructure", - "nfdiv-frontend", - "cnp-module-api-mgmt-api-policy", - "sscs-bulk-scan", - "dm-shared-infrastructure", - "wa-task-monitor", - "adoption-cos-api", - "probate-business-service", - "nfdiv-case-api", - "sscs-hearings-api", - "sds-toffee-recipes-service", - "prl-ccd-definitions", - "ecm-shared-infrastructure", - "rd-professional-api", - "rpa-jui-webapp", - "terraform-module-postgresql-flexible", - "lau-frontend", - "div-case-data-formatter", - "ia-case-documents-api", - "rd-user-profile-api", - "finrem-shared-infrastructure", - "darts-api", - "cnp-module-storage-account", - "ccpay-refunds-app", - "div-decree-absolute-frontend", - "em-hrs-ingestor", - "ccfr-fees-register-app", - "cnp-plum-shared-infrastructure", - "rd-commondata-dataload", - "cnp-module-palo-alto", - "family-api-gateway", - "terraform-module-common-tags", - "am-role-assignment-refresh-batch", - "cnp-rhubarb-shared-infrastructure", - "probate-health-monitor", - "sscs-tribunals-case-api", - "cmc-shared-infrastructure", - "pcq-backend", - "hmi-rota-dtu", - "sds-keda-infrastructure", - "dtsse-shared-infrastructure", - "rpx-xui-webapp", - "ccd-shared-infrastructure", - "document-management-store-app", - "cnp-idam-vault", - "cnp-module-app-service-plan", - "pre-portal", - "et-pet-shared-infrastructure", - "reform-scan-shared-infra", - "hmi-shared-infrastructures", - "fpl-wa-task-configuration", - "wa-standalone-task-bpmn", - "rpx-xui-terms-and-conditions", - "camunda-bpm", - "ia-timed-event-service", - "lau-idam-backend", - "probate-ccd-data-migration-tool", - "rd-profile-sync", - "hmi-shared-infrastructures-bootstrap", - "rd-location-ref-data-load", - "civil-general-applications", - "et-shared-infrastructure", - "cnp-plum-recipes-service", - "cnp-module-postgres", - "cnp-idam-storage", - "terraform-module-servicebus-queue", - "ccd-data-store-api", - "cnp-core-infrastructure", - "cnp-idam-compute", - "em-ccd-orchestrator", - "ccfr-fees-register-admin-web", - "civil-general-apps-ccd-definition", - "bulk-scan-shared-infrastructure", - "ccd-case-disposer", - "employment-tribunals-shared-infrastructure", - "idam-web-public", - "probate-back-office" + "test-repo-1", + "test-repo-1ew34nh9", + "test-repo-uteppyig", + "test-repo-zp4blhyb", + "test-repo-cqky6jdb", + "test-repo-1tqvfwp9", + "test-repo-c2urwskw", + "test-repo-kjgn0hak", + "test-repo-0oobilw3", + "test-repo-q477vy5y", + "test-repo-5gg40sia" ] \ No newline at end of file diff --git a/scripts/update-readme.py b/scripts/update-readme.py new file mode 100644 index 000000000..f7f4d4af2 --- /dev/null +++ b/scripts/update-readme.py @@ -0,0 +1,88 @@ +import os +import json +import logging + +# Setup logging +logging.basicConfig(level=logging.INFO) + +# File path for the JSON file +JSON_FILE_PATH = os.path.join(os.path.dirname(__file__), '../production-repos.json') +README_FILE_PATH = os.path.join(os.path.dirname(__file__), '../readme.md') # Ensure correct case + +def load_repos(file_path): + """ + Load repositories from the given JSON file. + """ + try: + with open(file_path, 'r') as f: + repos = json.load(f) + if not isinstance(repos, list): + raise ValueError("JSON content is not a list") + return repos + except FileNotFoundError: + logging.error(f"Error: '{file_path}' not found.") + raise + except json.JSONDecodeError as e: + logging.error(f"Error decoding JSON from {file_path}: {e}") + raise + except Exception as e: + logging.error(f"Unexpected error reading {file_path}: {e}") + raise + +def update_readme(prod_count, dev_count, prod_link): + """ + Update the README file with the counts of various types of repositories. + """ + try: + with open(README_FILE_PATH, 'r') as file: + readme_content = file.readlines() + + table_content = f""" +| **Repository Type** | **Count** | +|---------------------------|-----------| +| Production Repositories | [{prod_count}]({prod_link}) | +| Development Repositories | {dev_count} | +""" + + start_marker = "" + end_marker = "" + + start_index = None + end_index = None + + for i, line in enumerate(readme_content): + if start_marker in line: + start_index = i + if end_marker in line: + end_index = i + + if start_index is not None and end_index is not None: + readme_content = ( + readme_content[:start_index + 1] + + [table_content] + + readme_content[end_index:] + ) + else: + readme_content.append(f"\n{start_marker}\n{table_content}\n{end_marker}\n") + + with open(README_FILE_PATH, 'w') as file: + file.writelines(readme_content) + except Exception as e: + logging.error(f"Failed to update README file: {str(e)}") + raise + +# Load production repositories +try: + production_repos = load_repos(JSON_FILE_PATH) + production_count = len(production_repos) + logging.info(f"Number of production repositories: {production_count}") + + # Placeholder value for dev repo count, can be updated similarly + development_count = 0 # Update this to load actual data if available + + # Link to the production-repos.json file in the repository + prod_link = "https://github.com/hmcts/github-repository-rules/blob/DTSPO-18104-typo-file-V2/production-repos.json" + + update_readme(production_count, development_count, prod_link) +except Exception as e: + logging.error(f"Failed to load or update repositories: {str(e)}") \ No newline at end of file diff --git a/scripts/update-repo-list.py b/scripts/update-repo-list.py index 00bbb4fb1..cc1802daf 100644 --- a/scripts/update-repo-list.py +++ b/scripts/update-repo-list.py @@ -62,4 +62,4 @@ def clean_repo_name(repo_url): # Update the local file with open(repo_file, 'w') as f: - json.dump(all_repos, f, indent=2) + json.dump(all_repos, f, indent=2) \ No newline at end of file From 2b0b659aa68488c12d966bea1f1f9fa815898a08 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 7 Aug 2024 13:15:32 +0100 Subject: [PATCH 002/100] Fresh PR made with changes --- .github/workflows/update-repos.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/update-repos.yaml b/.github/workflows/update-repos.yaml index 313ef4237..ee2332eb9 100644 --- a/.github/workflows/update-repos.yaml +++ b/.github/workflows/update-repos.yaml @@ -8,13 +8,15 @@ on: jobs: update-files: runs-on: ubuntu-latest + permissions: + contents: write steps: - name: Checkout repository - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Set up Python - uses: actions/setup-python@v2 + uses: actions/setup-python@v4 with: python-version: '3.x' @@ -36,10 +38,10 @@ jobs: - name: Commit and push changes run: | - git config --global user.name 'hmcts-platform-operations' - git config --global user.email 'github-platform-operations@HMCTS.NET' + git config --global user.name 'github-actions[bot]' + git config --global user.email 'github-actions[bot]@users.noreply.github.com' git add production-repos.json readme.md git commit -m 'Update repository list and readme' git push env: - GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} \ No newline at end of file + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file From 57909889a30a2e795308393d8a8ba448c851ce6b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 7 Aug 2024 13:23:14 +0100 Subject: [PATCH 003/100] Fresh PR made with changes --- .github/workflows/update-repos.yaml | 47 ----------------------------- 1 file changed, 47 deletions(-) delete mode 100644 .github/workflows/update-repos.yaml diff --git a/.github/workflows/update-repos.yaml b/.github/workflows/update-repos.yaml deleted file mode 100644 index ee2332eb9..000000000 --- a/.github/workflows/update-repos.yaml +++ /dev/null @@ -1,47 +0,0 @@ -name: Update Repositories List - -on: - schedule: - - cron: '0 0 * * *' - workflow_dispatch: - -jobs: - update-files: - runs-on: ubuntu-latest - permissions: - contents: write - - steps: - - name: Checkout repository - uses: actions/checkout@v3 - - - name: Set up Python - uses: actions/setup-python@v4 - with: - python-version: '3.x' - - - name: Install dependencies - run: | - python -m pip install --upgrade pip - pip install pyyaml requests - - - name: Run set_org_custom_properties script - env: - OAUTH_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: python custom-properties/set_org_custom_properties.py - - - name: Run update-repo-list script - run: python scripts/update-repo-list.py - - - name: Run update-readme script - run: python scripts/update-readme.py - - - name: Commit and push changes - run: | - git config --global user.name 'github-actions[bot]' - git config --global user.email 'github-actions[bot]@users.noreply.github.com' - git add production-repos.json readme.md - git commit -m 'Update repository list and readme' - git push - env: - GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} \ No newline at end of file From 17dd7c837407588a23c549d3ee5f52e2b99604ba Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 7 Aug 2024 13:28:13 +0100 Subject: [PATCH 004/100] adding the update repos workflow --- .github/workflows/update-repos.yaml | 45 +++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) create mode 100644 .github/workflows/update-repos.yaml diff --git a/.github/workflows/update-repos.yaml b/.github/workflows/update-repos.yaml new file mode 100644 index 000000000..313ef4237 --- /dev/null +++ b/.github/workflows/update-repos.yaml @@ -0,0 +1,45 @@ +name: Update Repositories List + +on: + schedule: + - cron: '0 0 * * *' + workflow_dispatch: + +jobs: + update-files: + runs-on: ubuntu-latest + + steps: + - name: Checkout repository + uses: actions/checkout@v2 + + - name: Set up Python + uses: actions/setup-python@v2 + with: + python-version: '3.x' + + - name: Install dependencies + run: | + python -m pip install --upgrade pip + pip install pyyaml requests + + - name: Run set_org_custom_properties script + env: + OAUTH_TOKEN: ${{ secrets.OAUTH_TOKEN }} + run: python custom-properties/set_org_custom_properties.py + + - name: Run update-repo-list script + run: python scripts/update-repo-list.py + + - name: Run update-readme script + run: python scripts/update-readme.py + + - name: Commit and push changes + run: | + git config --global user.name 'hmcts-platform-operations' + git config --global user.email 'github-platform-operations@HMCTS.NET' + git add production-repos.json readme.md + git commit -m 'Update repository list and readme' + git push + env: + GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} \ No newline at end of file From 58a7f792fe52cfa964c0cf2ec122c6f36e13fc2b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 7 Aug 2024 13:33:33 +0100 Subject: [PATCH 005/100] adding the prod repos back --- production-repos.json | 320 ++++++++++++++++++++++++++++++++++++++++-- 1 file changed, 309 insertions(+), 11 deletions(-) diff --git a/production-repos.json b/production-repos.json index 3dd4446e9..bd90a8639 100644 --- a/production-repos.json +++ b/production-repos.json @@ -1,13 +1,311 @@ [ - "test-repo-1", - "test-repo-1ew34nh9", - "test-repo-uteppyig", - "test-repo-zp4blhyb", - "test-repo-cqky6jdb", - "test-repo-1tqvfwp9", - "test-repo-c2urwskw", - "test-repo-kjgn0hak", - "test-repo-0oobilw3", - "test-repo-q477vy5y", - "test-repo-5gg40sia" + "cnp-module-shutterpage", + "et-sya-api", + "ia-hearings-api", + "rpe-pdf-service", + "cnp-module-key-vault", + "juror-public", + "hmc-hmi-inbound-adapter", + "juror-bureau", + "blob-router-service", + "ccd-case-document-am-api", + "pip-account-management", + "rpx-xui-manage-organisations", + "tax-tribunals-datacapture", + "hmi-apim-infrastructures", + "pre-vault", + "finrem-case-orchestration-service", + "cnp-module-vnet", + "ccpayfr-shared-infrastructure", + "am-shared-infrastructure", + "cnp-module-metric-alert", + "terraform-module-dynatrace-oneagent", + "ctsc-work-allocation", + "idam-api", + "probate-persistence-service", + "pip-shared-infrastructure-bootstap", + "probate-submit-service", + "service-auth-provider-app", + "hmc-cft-hearing-service", + "cnp-module-api-mgmt-subscription", + "probate-frontend", + "div-evidence-management-client-api", + "ia-bail-case-api", + "ccpay-paymentoutcome-web", + "terraform-module-application-insights", + "prl-citizen-frontend", + "idam-user-dashboard", + "wa-workflow-api", + "prl-wa-task-configuration", + "prl-shared-infrastructure", + "ccd-case-management-web", + "ecm-consumer", + "pre-functions", + "draft-store", + "cui-ra", + "sptribs-frontend", + "help-with-fees-shared-infrastructure", + "cmc-claim-store", + "sptribs-shared-infrastructure", + "ethos-repl-docmosis-service", + "civil-sdt-gateway", + "pre-shared-infrastructure", + "ctsc-shared-infrastructure", + "civil-camunda-bpmn-definition", + "bar-api", + "darts-automation", + "am-role-assignment-batch-service", + "nfdiv-shared-infrastructure", + "ccpay-bubble", + "probate-shared-infrastructure", + "cmc-legal-rep-frontend", + "ccd-definition-store-api", + "ia-home-office-integration-api", + "ccd-admin-web-api", + "pre-network", + "cnp-module-storage", + "terraform-module-sdp-db-user", + "terraform-module-servicebus-namespace", + "fis-hmc-api", + "cnp-module-waf", + "cmc-ccd-domain", + "ccd-admin-web", + "rd-shared-infrastructure", + "ccpay-bulkscanning-app", + "sscs-case-loader", + "cnp-module-action-group", + "div-respondent-frontend", + "ccd-case-activity-api", + "tax-tribunals-shared-infrastructure", + "am-judicial-booking-service", + "pip-shared-infrastructures", + "bar-shared-infrastructure", + "cnp-owaspdependencycheck-database", + "sds-toffee-shared-infrastructure", + "bulk-scan-orchestrator", + "pip-data-management", + "darts-gateway", + "ccd-logstash", + "lau-shared-infrastructure", + "em-shared-infrastructure", + "ccd-user-profile-api", + "cnp-module-webapp", + "sscs-submit-your-appeal", + "bulk-scan-payment-processor", + "ia-case-notifications-api", + "rd-location-ref-api", + "cmc-citizen-frontend", + "c100-application", + "ccpay-functions-node", + "sptribs-case-api", + "sscs-track-your-appeal-notifications", + "send-letter-service", + "div-shared-infrastructure", + "camunda-shared-infrastructure", + "pcq-consolidation-service", + "ccd-elastic-search", + "adoption-shared-infrastructure", + "wa-task-configuration-api", + "em-native-pdf-annotator-app", + "fpl-ccd-data-migration-tool", + "juror-scheduler-api", + "rd-judicial-api", + "snl-shared-infrastructure", + "fact-admin", + "em-annotation-api", + "cnp-module-trafficmanager", + "civil-citizen-ui", + "cnp-idam-master", + "sscs-cor-frontend", + "cnp-module-redis", + "disposer-idam-user", + "fact-shared-infrastructure", + "fact-frontend", + "libragob-shared-infrastructure", + "cnp-rhubarb-frontend", + "pip-subscription-management", + "juror-pnc", + "rpa-coh-continuous-online-resolution", + "rpx-shared-infrastructure", + "disposer-shared-infrastructure", + "civil-orchestrator-service", + "sscs-ccd-callback-orchestrator", + "darts-proxy", + "ia-case-access-api", + "ccpay-notifications-service", + "div-case-orchestration-service", + "cnp-core-compute", + "c100-shared-infrastructure", + "sscs-cor-backend", + "fpl-ccd-configuration", + "ccd-case-print-service", + "div-petitioner-frontend", + "cnp-module-trafficmanager-endpoint", + "pre-api", + "et-message-handler", + "aac-manage-case-assignment", + "am-role-assignment-service", + "pcq-shared-infrastructure", + "div-decree-nisi-frontend", + "div-validation-service", + "cnp-module-api-mgmt", + "terraform-module-log-analytics-workspace-id", + "rd-caseworker-ref-api", + "cnp-module-api-mgmt-api-operation", + "fis-shared-infrastructure", + "et-ccd-callbacks", + "ts-translation-service", + "em-hrs-api", + "lau-case-backend", + "sscs-track-your-appeal-frontend", + "darts-shared-infrastructure", + "div-fees-and-payments-service", + "rd-judicial-data-load", + "civil-ccd-definition", + "probate-orchestrator-service", + "et-sya-frontend", + "cnp-module-application-insights", + "dg-docassembly-api", + "fact-api", + "civil-sdt", + "rpa-em-ccd-orchestrator", + "docmosis-infrastructure", + "sscs-shared-infrastructure", + "ia-case-api", + "ccpay-service-request-cpo-update-service", + "juror-shared-infrastructure", + "div-document-generator-client", + "cnp-module-automation-runbook-start-stop-vm", + "am-org-role-mapping-service", + "div-health-monitor", + "sscs-task-configuration", + "cmc-claim-submit-api", + "rpa-professional-api", + "juror-scheduler-execution", + "makeaplea-shared-infrastructure", + "adoption-web", + "pdm-shared-infrastructure", + "rd-commondata-api", + "wa-case-event-handler", + "terraform-module-servicebus-topic", + "ccd-definition-designer-api", + "cnp-rhubarb-recipes-service", + "sds-toffee-frontend", + "ccpay-payment-api-gateway", + "cnp-keda-shared-infrastucture", + "hmc-shared-infrastructure", + "sscs-evidence-share", + "ia-task-configuration", + "prl-cos-api", + "ccpay-payment-app", + "sptribs-dss-update-case-web", + "ia-case-payments-api", + "wa-task-management-api", + "feature-toggle-api", + "pip-publication-services", + "darts-portal", + "reform-scan-notification-service", + "prd-pui-registration", + "probatemandb", + "cnp-pipelinemetrics-database", + "pdda-shared-infrastructure", + "bulk-scan-processor", + "cpo-case-payment-orders-api", + "em-stitching-api", + "terraform-module-servicebus-subscription", + "rpx-xui-approve-org", + "bar-web", + "cnp-module-api-mgmt-api", + "juror-api", + "ccd-api-gateway", + "prl-dgs-api", + "wa-shared-infrastructure", + "cnp-module-api-mgmt-product", + "ia-aip-frontend", + "pcq-frontend", + "civil-service", + "pcq-loader", + "probate-caveats-frontend", + "rpe-shared-infrastructure", + "em-icp-api", + "cet-shared-infrastructure", + "div-case-maintenance-service", + "ia-shared-infrastructure", + "idam-shared-infrastructure", + "nfdiv-frontend", + "cnp-module-api-mgmt-api-policy", + "sscs-bulk-scan", + "dm-shared-infrastructure", + "wa-task-monitor", + "adoption-cos-api", + "probate-business-service", + "nfdiv-case-api", + "sscs-hearings-api", + "sds-toffee-recipes-service", + "prl-ccd-definitions", + "ecm-shared-infrastructure", + "rd-professional-api", + "rpa-jui-webapp", + "terraform-module-postgresql-flexible", + "lau-frontend", + "div-case-data-formatter", + "ia-case-documents-api", + "rd-user-profile-api", + "finrem-shared-infrastructure", + "darts-api", + "cnp-module-storage-account", + "ccpay-refunds-app", + "div-decree-absolute-frontend", + "em-hrs-ingestor", + "ccfr-fees-register-app", + "cnp-plum-shared-infrastructure", + "rd-commondata-dataload", + "cnp-module-palo-alto", + "family-api-gateway", + "terraform-module-common-tags", + "am-role-assignment-refresh-batch", + "cnp-rhubarb-shared-infrastructure", + "probate-health-monitor", + "sscs-tribunals-case-api", + "cmc-shared-infrastructure", + "pcq-backend", + "hmi-rota-dtu", + "sds-keda-infrastructure", + "dtsse-shared-infrastructure", + "rpx-xui-webapp", + "ccd-shared-infrastructure", + "document-management-store-app", + "cnp-idam-vault", + "cnp-module-app-service-plan", + "pre-portal", + "et-pet-shared-infrastructure", + "reform-scan-shared-infra", + "hmi-shared-infrastructures", + "fpl-wa-task-configuration", + "wa-standalone-task-bpmn", + "rpx-xui-terms-and-conditions", + "camunda-bpm", + "ia-timed-event-service", + "lau-idam-backend", + "probate-ccd-data-migration-tool", + "rd-profile-sync", + "hmi-shared-infrastructures-bootstrap", + "rd-location-ref-data-load", + "civil-general-applications", + "et-shared-infrastructure", + "cnp-plum-recipes-service", + "cnp-module-postgres", + "cnp-idam-storage", + "terraform-module-servicebus-queue", + "ccd-data-store-api", + "cnp-core-infrastructure", + "cnp-idam-compute", + "em-ccd-orchestrator", + "ccfr-fees-register-admin-web", + "civil-general-apps-ccd-definition", + "bulk-scan-shared-infrastructure", + "ccd-case-disposer", + "employment-tribunals-shared-infrastructure", + "idam-web-public", + "probate-back-office" ] \ No newline at end of file From 649966fbc6a69845cbe47e46bb72842d7bdfdccc Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 7 Aug 2024 13:54:05 +0100 Subject: [PATCH 006/100] adding github-repository-rules to have rulesets applied --- production-repos.json | 1 + 1 file changed, 1 insertion(+) diff --git a/production-repos.json b/production-repos.json index bd90a8639..3d9c06afb 100644 --- a/production-repos.json +++ b/production-repos.json @@ -1,4 +1,5 @@ [ + "github-repository-rules", "cnp-module-shutterpage", "et-sya-api", "ia-hearings-api", From 657168af6708b96f397ecf78351fe4bcdcdedea6 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 8 Aug 2024 12:14:14 +0100 Subject: [PATCH 007/100] fixing the pr comments including main>master, prod repos, hmcts-test > test --- .github/workflows/terraform.yaml | 14 +- components/main.tf | 2 +- components/provider.tf | 2 +- .../set_org_custom_properties.py | 19 +- production-repos.json | 559 +++++++++--------- scripts/update-readme.py | 4 +- 6 files changed, 293 insertions(+), 307 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index dae8a5897..6b1d3d124 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -2,10 +2,10 @@ name: Terraform CI/CD on: pull_request: branches: - - master + - main push: branches: - - master + - main workflow_dispatch: env: @@ -46,14 +46,6 @@ jobs: curl -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ -H "Accept: application/vnd.github.v3+json" \ https://api.github.com/repos/hmcts/$repo - - for branch in main master; do - echo "Checking branch: $branch in repository: $repo" - curl -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ - -H "Accept: application/vnd.github.v3+json" \ - https://api.github.com/repos/hmcts/$repo/branches/$branch - done - done - name: Terraform Init working-directory: components @@ -94,7 +86,7 @@ jobs: run: terraform plan -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" - name: Terraform Apply - if: github.event_name == 'push' && github.ref == 'refs/heads/master' + if: github.event_name == 'push' && github.ref == 'refs/heads/main' working-directory: components env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} diff --git a/components/main.tf b/components/main.tf index 8bc0249ae..e27ba7a65 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,7 +27,7 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" + name = "Default Rule Set" target = "branch" enforcement = "active" diff --git a/components/provider.tf b/components/provider.tf index 3e40917dc..a0e4c48be 100644 --- a/components/provider.tf +++ b/components/provider.tf @@ -3,7 +3,7 @@ provider "azurerm" { } provider "github" { - owner = "hmcts-test" + owner = "hmcts" token = var.oauth_token } diff --git a/custom-properties/set_org_custom_properties.py b/custom-properties/set_org_custom_properties.py index a86cc2299..5610f659a 100644 --- a/custom-properties/set_org_custom_properties.py +++ b/custom-properties/set_org_custom_properties.py @@ -3,7 +3,7 @@ import json import logging -# Setup logging +# Set up logging logging.basicConfig(level=logging.INFO) # GitHub API base URL @@ -14,8 +14,8 @@ if not TOKEN: raise ValueError("OAUTH_TOKEN environment variable is not set") -# Your organization name -ORG_NAME = "hmcts-test" +# Your organisation name +ORG_NAME = "hmcts" # Headers for API requests headers = { @@ -25,10 +25,10 @@ def define_custom_property(org_name): """ - Define a custom property for the organization. + Define a custom property for the organisation. Args: - org_name (str): The name of the GitHub organization. + org_name (str): The name of the GitHub organisation. Returns: int: The status code of the API response. @@ -104,11 +104,6 @@ def load_production_repos(): Returns: list: A list of production repositories. - - Raises: - FileNotFoundError: If the JSON file is not found. - json.JSONDecodeError: If the JSON file cannot be decoded. - Exception: If there is an unexpected error reading the file. """ script_dir = os.path.dirname(__file__) json_file_path = os.path.join(script_dir, '../production-repos.json') @@ -131,7 +126,7 @@ def load_production_repos(): logging.error(f"Unexpected error reading {json_file_path}: {e}") raise -# Define the custom property at the organization level +# Define the custom property at the organisation level try: status = define_custom_property(ORG_NAME) logging.info(f"Defined custom property for {ORG_NAME}: Status {status}") @@ -164,4 +159,4 @@ def load_production_repos(): except requests.RequestException as e: logging.error(f"Failed to set properties for {repo_full_name}: {str(e)}") -logging.info("\nScript execution completed.") \ No newline at end of file +logging.info("\nScript execution completed.") diff --git a/production-repos.json b/production-repos.json index 3d9c06afb..ae927270e 100644 --- a/production-repos.json +++ b/production-repos.json @@ -1,312 +1,311 @@ [ - "github-repository-rules", - "cnp-module-shutterpage", - "et-sya-api", - "ia-hearings-api", - "rpe-pdf-service", - "cnp-module-key-vault", - "juror-public", - "hmc-hmi-inbound-adapter", - "juror-bureau", - "blob-router-service", - "ccd-case-document-am-api", - "pip-account-management", - "rpx-xui-manage-organisations", - "tax-tribunals-datacapture", - "hmi-apim-infrastructures", - "pre-vault", - "finrem-case-orchestration-service", - "cnp-module-vnet", - "ccpayfr-shared-infrastructure", - "am-shared-infrastructure", - "cnp-module-metric-alert", - "terraform-module-dynatrace-oneagent", - "ctsc-work-allocation", - "idam-api", - "probate-persistence-service", - "pip-shared-infrastructure-bootstap", - "probate-submit-service", - "service-auth-provider-app", - "hmc-cft-hearing-service", - "cnp-module-api-mgmt-subscription", - "probate-frontend", - "div-evidence-management-client-api", - "ia-bail-case-api", - "ccpay-paymentoutcome-web", - "terraform-module-application-insights", "prl-citizen-frontend", - "idam-user-dashboard", - "wa-workflow-api", + "div-decree-nisi-frontend", + "ccd-admin-web-api", + "div-case-orchestration-service", + "rpa-professional-api", "prl-wa-task-configuration", - "prl-shared-infrastructure", - "ccd-case-management-web", - "ecm-consumer", - "pre-functions", - "draft-store", - "cui-ra", - "sptribs-frontend", - "help-with-fees-shared-infrastructure", - "cmc-claim-store", - "sptribs-shared-infrastructure", - "ethos-repl-docmosis-service", - "civil-sdt-gateway", - "pre-shared-infrastructure", + "rpe-pdf-service", + "adoption-web", "ctsc-shared-infrastructure", - "civil-camunda-bpmn-definition", - "bar-api", + "cnp-rhubarb-frontend", "darts-automation", - "am-role-assignment-batch-service", - "nfdiv-shared-infrastructure", - "ccpay-bubble", - "probate-shared-infrastructure", - "cmc-legal-rep-frontend", - "ccd-definition-store-api", - "ia-home-office-integration-api", - "ccd-admin-web-api", - "pre-network", - "cnp-module-storage", - "terraform-module-sdp-db-user", - "terraform-module-servicebus-namespace", - "fis-hmc-api", + "pip-publication-services", + "aac-manage-case-assignment", + "probate-submit-service", "cnp-module-waf", - "cmc-ccd-domain", - "ccd-admin-web", - "rd-shared-infrastructure", - "ccpay-bulkscanning-app", - "sscs-case-loader", - "cnp-module-action-group", - "div-respondent-frontend", - "ccd-case-activity-api", - "tax-tribunals-shared-infrastructure", - "am-judicial-booking-service", - "pip-shared-infrastructures", - "bar-shared-infrastructure", - "cnp-owaspdependencycheck-database", - "sds-toffee-shared-infrastructure", - "bulk-scan-orchestrator", + "probate-health-monitor", + "pre-network", + "cnp-idam-storage", + "bar-web", + "div-decree-absolute-frontend", + "probate-persistence-service", + "div-fees-and-payments-service", + "cnp-keda-shared-infrastucture", + "ccd-data-store-api", + "cnp-module-api-mgmt-subscription", + "blob-router-service", + "fact-admin", + "rd-caseworker-ref-api", + "terraform-module-common-tags", + "tax-tribunals-datacapture", + "am-role-assignment-batch-service", + "pre-shared-infrastructure", + "cnp-idam-vault", + "civil-service", "pip-data-management", - "darts-gateway", - "ccd-logstash", - "lau-shared-infrastructure", - "em-shared-infrastructure", - "ccd-user-profile-api", - "cnp-module-webapp", + "sscs-shared-infrastructure", + "prl-dgs-api", + "et-sya-frontend", + "cnp-module-action-group", + "ccpay-payment-api-gateway", + "em-icp-api", + "nfdiv-case-api", + "am-shared-infrastructure", + "cnp-module-api-mgmt-product", + "rpx-xui-approve-org", + "pdda-shared-infrastructure", + "ccpay-functions-node", + "sscs-cor-frontend", + "ccpayfr-shared-infrastructure", + "c100-application", + "div-validation-service", + "et-ccd-callbacks", + "ccd-admin-web", + "hmc-cft-hearing-service", + "rd-user-profile-api", + "em-annotation-api", "sscs-submit-your-appeal", - "bulk-scan-payment-processor", - "ia-case-notifications-api", - "rd-location-ref-api", + "ccd-shared-infrastructure", + "ia-home-office-integration-api", + "probate-back-office", + "em-shared-infrastructure", + "sscs-task-configuration", + "ia-hearings-api", + "em-ccd-orchestrator", + "reform-scan-shared-infra", + "ethos-repl-docmosis-service", + "ccd-definition-designer-api", + "ccd-elastic-search", + "civil-ccd-definition", + "sscs-hearings-api", + "pip-shared-infrastructure-bootstap", + "sscs-evidence-share", + "ccd-case-print-service", + "et-pet-shared-infrastructure", + "sds-toffee-frontend", + "prl-cos-api", + "wa-standalone-task-bpmn", + "cnp-module-api-mgmt", + "rpx-xui-manage-organisations", + "cnp-module-api-mgmt-api-policy", + "terraform-module-postgresql-flexible", + "cnp-module-api-mgmt-api-operation", + "bar-shared-infrastructure", + "ccfr-fees-register-admin-web", "cmc-citizen-frontend", - "c100-application", - "ccpay-functions-node", - "sptribs-case-api", - "sscs-track-your-appeal-notifications", "send-letter-service", - "div-shared-infrastructure", - "camunda-shared-infrastructure", - "pcq-consolidation-service", - "ccd-elastic-search", - "adoption-shared-infrastructure", + "tax-tribunals-shared-infrastructure", + "c100-shared-infrastructure", + "ccd-case-document-am-api", + "et-sya-api", + "ia-case-payments-api", + "camunda-bpm", + "prl-shared-infrastructure", + "cet-shared-infrastructure", + "sptribs-frontend", "wa-task-configuration-api", - "em-native-pdf-annotator-app", - "fpl-ccd-data-migration-tool", - "juror-scheduler-api", - "rd-judicial-api", - "snl-shared-infrastructure", - "fact-admin", - "em-annotation-api", + "cnp-module-postgres", + "cnp-core-infrastructure", + "div-health-monitor", + "cnp-module-metric-alert", + "sscs-track-your-appeal-notifications", "cnp-module-trafficmanager", - "civil-citizen-ui", - "cnp-idam-master", - "sscs-cor-frontend", - "cnp-module-redis", - "disposer-idam-user", + "cmc-claim-submit-api", + "rd-judicial-api", + "ia-case-notifications-api", + "rpx-xui-terms-and-conditions", + "probatemandb", + "idam-user-dashboard", "fact-shared-infrastructure", - "fact-frontend", - "libragob-shared-infrastructure", - "cnp-rhubarb-frontend", - "pip-subscription-management", - "juror-pnc", - "rpa-coh-continuous-online-resolution", + "cnp-idam-compute", + "fact-api", + "ia-task-configuration", + "probate-business-service", + "et-shared-infrastructure", + "juror-scheduler-execution", + "cnp-module-palo-alto", + "cnp-module-storage-account", + "juror-bureau", + "dtsse-shared-infrastructure", + "civil-citizen-ui", + "cnp-module-storage", + "ccd-definition-store-api", + "idam-shared-infrastructure", + "ccd-api-gateway", + "ccpay-service-request-cpo-update-service", + "am-judicial-booking-service", + "civil-general-apps-ccd-definition", + "bulk-scan-shared-infrastructure", + "cui-ra", + "pip-shared-infrastructures", + "ia-timed-event-service", + "sptribs-dss-update-case-web", + "bulk-scan-orchestrator", + "fis-hmc-api", + "nfdiv-shared-infrastructure", + "rd-commondata-dataload", + "cmc-claim-store", + "cnp-module-webapp", + "rpa-em-ccd-orchestrator", + "docmosis-infrastructure", + "terraform-module-log-analytics-workspace-id", + "darts-proxy", + "hmi-apim-infrastructures", + "cnp-plum-shared-infrastructure", + "cnp-module-automation-runbook-start-stop-vm", + "fis-shared-infrastructure", + "darts-gateway", + "service-auth-provider-app", + "ia-aip-frontend", + "div-case-data-formatter", + "sds-keda-infrastructure", + "ccpay-refunds-app", + "sds-toffee-recipes-service", + "idam-api", "rpx-shared-infrastructure", - "disposer-shared-infrastructure", + "civil-general-applications", + "pre-portal", + "darts-shared-infrastructure", + "fpl-wa-task-configuration", + "rd-profile-sync", + "sscs-tribunals-case-api", "civil-orchestrator-service", - "sscs-ccd-callback-orchestrator", - "darts-proxy", + "ts-translation-service", + "ccd-case-management-web", + "reform-scan-notification-service", + "document-management-store-app", "ia-case-access-api", - "ccpay-notifications-service", - "div-case-orchestration-service", - "cnp-core-compute", - "c100-shared-infrastructure", "sscs-cor-backend", - "fpl-ccd-configuration", - "ccd-case-print-service", - "div-petitioner-frontend", - "cnp-module-trafficmanager-endpoint", - "pre-api", - "et-message-handler", - "aac-manage-case-assignment", - "am-role-assignment-service", + "lau-shared-infrastructure", + "pcq-loader", + "cnp-owaspdependencycheck-database", + "em-native-pdf-annotator-app", + "hmi-shared-infrastructures", + "cnp-rhubarb-shared-infrastructure", + "juror-shared-infrastructure", + "terraform-module-servicebus-topic", + "div-case-maintenance-service", + "ia-case-documents-api", + "wa-shared-infrastructure", + "rd-location-ref-data-load", + "hmi-rota-dtu", + "finrem-case-orchestration-service", + "pcq-frontend", + "cpo-case-payment-orders-api", + "disposer-idam-user", + "pcq-backend", + "wa-workflow-api", + "help-with-fees-shared-infrastructure", + "cnp-rhubarb-recipes-service", "pcq-shared-infrastructure", - "div-decree-nisi-frontend", - "div-validation-service", - "cnp-module-api-mgmt", - "terraform-module-log-analytics-workspace-id", - "rd-caseworker-ref-api", - "cnp-module-api-mgmt-api-operation", - "fis-shared-infrastructure", - "et-ccd-callbacks", - "ts-translation-service", "em-hrs-api", - "lau-case-backend", - "sscs-track-your-appeal-frontend", - "darts-shared-infrastructure", - "div-fees-and-payments-service", - "rd-judicial-data-load", - "civil-ccd-definition", - "probate-orchestrator-service", - "et-sya-frontend", - "cnp-module-application-insights", - "dg-docassembly-api", - "fact-api", + "div-evidence-management-client-api", + "am-role-assignment-service", "civil-sdt", - "rpa-em-ccd-orchestrator", - "docmosis-infrastructure", - "sscs-shared-infrastructure", - "ia-case-api", - "ccpay-service-request-cpo-update-service", - "juror-shared-infrastructure", - "div-document-generator-client", - "cnp-module-automation-runbook-start-stop-vm", + "adoption-shared-infrastructure", + "rd-professional-api", + "em-hrs-ingestor", + "disposer-shared-infrastructure", + "pre-api", + "terraform-module-servicebus-queue", "am-org-role-mapping-service", - "div-health-monitor", - "sscs-task-configuration", - "cmc-claim-submit-api", - "rpa-professional-api", - "juror-scheduler-execution", - "makeaplea-shared-infrastructure", - "adoption-web", - "pdm-shared-infrastructure", - "rd-commondata-api", - "wa-case-event-handler", - "terraform-module-servicebus-topic", - "ccd-definition-designer-api", - "cnp-rhubarb-recipes-service", - "sds-toffee-frontend", - "ccpay-payment-api-gateway", - "cnp-keda-shared-infrastucture", - "hmc-shared-infrastructure", - "sscs-evidence-share", - "ia-task-configuration", - "prl-cos-api", "ccpay-payment-app", - "sptribs-dss-update-case-web", - "ia-case-payments-api", - "wa-task-management-api", - "feature-toggle-api", - "pip-publication-services", - "darts-portal", - "reform-scan-notification-service", - "prd-pui-registration", - "probatemandb", - "cnp-pipelinemetrics-database", - "pdda-shared-infrastructure", + "cnp-module-shutterpage", + "rpa-coh-continuous-online-resolution", + "fact-frontend", + "employment-tribunals-shared-infrastructure", + "terraform-module-sdp-db-user", + "rpe-shared-infrastructure", + "lau-idam-backend", + "cnp-module-trafficmanager-endpoint", + "civil-camunda-bpmn-definition", + "div-respondent-frontend", + "fpl-ccd-data-migration-tool", "bulk-scan-processor", - "cpo-case-payment-orders-api", - "em-stitching-api", + "ccd-logstash", + "cnp-module-key-vault", + "pip-account-management", + "cnp-module-vnet", + "rpa-jui-webapp", + "dg-docassembly-api", + "cnp-module-application-insights", + "div-document-generator-client", + "cmc-shared-infrastructure", + "camunda-shared-infrastructure", + "cnp-idam-master", + "finrem-shared-infrastructure", + "ccpay-bulkscanning-app", + "bar-api", + "pre-functions", "terraform-module-servicebus-subscription", - "rpx-xui-approve-org", - "bar-web", - "cnp-module-api-mgmt-api", - "juror-api", - "ccd-api-gateway", - "prl-dgs-api", - "wa-shared-infrastructure", - "cnp-module-api-mgmt-product", - "ia-aip-frontend", - "pcq-frontend", - "civil-service", - "pcq-loader", - "probate-caveats-frontend", - "rpe-shared-infrastructure", - "em-icp-api", - "cet-shared-infrastructure", - "div-case-maintenance-service", + "ia-bail-case-api", + "cnp-module-redis", + "et-message-handler", "ia-shared-infrastructure", - "idam-shared-infrastructure", - "nfdiv-frontend", - "cnp-module-api-mgmt-api-policy", - "sscs-bulk-scan", + "ecm-consumer", + "ccpay-notifications-service", + "hmc-hmi-inbound-adapter", + "ctsc-work-allocation", "dm-shared-infrastructure", - "wa-task-monitor", + "cnp-pipelinemetrics-database", + "sscs-case-loader", + "terraform-module-application-insights", + "probate-caveats-frontend", + "ccd-case-disposer", + "darts-portal", + "snl-shared-infrastructure", + "probate-frontend", "adoption-cos-api", - "probate-business-service", - "nfdiv-case-api", - "sscs-hearings-api", - "sds-toffee-recipes-service", - "prl-ccd-definitions", - "ecm-shared-infrastructure", - "rd-professional-api", - "rpa-jui-webapp", - "terraform-module-postgresql-flexible", - "lau-frontend", - "div-case-data-formatter", - "ia-case-documents-api", - "rd-user-profile-api", - "finrem-shared-infrastructure", - "darts-api", - "cnp-module-storage-account", - "ccpay-refunds-app", - "div-decree-absolute-frontend", - "em-hrs-ingestor", - "ccfr-fees-register-app", - "cnp-plum-shared-infrastructure", - "rd-commondata-dataload", - "cnp-module-palo-alto", - "family-api-gateway", - "terraform-module-common-tags", - "am-role-assignment-refresh-batch", - "cnp-rhubarb-shared-infrastructure", - "probate-health-monitor", - "sscs-tribunals-case-api", - "cmc-shared-infrastructure", - "pcq-backend", - "hmi-rota-dtu", - "sds-keda-infrastructure", - "dtsse-shared-infrastructure", - "rpx-xui-webapp", - "ccd-shared-infrastructure", - "document-management-store-app", - "cnp-idam-vault", + "nfdiv-frontend", + "probate-shared-infrastructure", "cnp-module-app-service-plan", - "pre-portal", - "et-pet-shared-infrastructure", - "reform-scan-shared-infra", - "hmi-shared-infrastructures", - "fpl-wa-task-configuration", - "wa-standalone-task-bpmn", - "rpx-xui-terms-and-conditions", - "camunda-bpm", - "ia-timed-event-service", - "lau-idam-backend", - "probate-ccd-data-migration-tool", - "rd-profile-sync", + "ccpay-bubble", + "em-stitching-api", + "probate-orchestrator-service", + "am-role-assignment-refresh-batch", + "juror-scheduler-api", + "pre-vault", + "makeaplea-shared-infrastructure", + "terraform-module-servicebus-namespace", + "cnp-module-api-mgmt-api", + "rd-commondata-api", + "ccd-case-activity-api", + "libragob-shared-infrastructure", "hmi-shared-infrastructures-bootstrap", - "rd-location-ref-data-load", - "civil-general-applications", - "et-shared-infrastructure", + "ecm-shared-infrastructure", "cnp-plum-recipes-service", - "cnp-module-postgres", - "cnp-idam-storage", - "terraform-module-servicebus-queue", - "ccd-data-store-api", - "cnp-core-infrastructure", - "cnp-idam-compute", - "em-ccd-orchestrator", - "ccfr-fees-register-admin-web", - "civil-general-apps-ccd-definition", - "bulk-scan-shared-infrastructure", - "ccd-case-disposer", - "employment-tribunals-shared-infrastructure", + "ccpay-paymentoutcome-web", + "bulk-scan-payment-processor", + "fpl-ccd-configuration", + "probate-ccd-data-migration-tool", + "sptribs-shared-infrastructure", + "ia-case-api", + "lau-case-backend", + "sscs-bulk-scan", + "ccfr-fees-register-app", + "cmc-legal-rep-frontend", + "pcq-consolidation-service", + "div-shared-infrastructure", + "terraform-module-dynatrace-oneagent", + "darts-api", + "rpx-xui-webapp", + "pip-subscription-management", + "rd-location-ref-api", + "rd-shared-infrastructure", + "prd-pui-registration", + "hmc-shared-infrastructure", + "juror-public", + "cnp-core-compute", + "civil-sdt-gateway", + "family-api-gateway", + "feature-toggle-api", + "cmc-ccd-domain", "idam-web-public", - "probate-back-office" + "rd-judicial-data-load", + "pdm-shared-infrastructure", + "sptribs-case-api", + "sscs-ccd-callback-orchestrator", + "sds-toffee-shared-infrastructure", + "juror-pnc", + "wa-task-monitor", + "lau-frontend", + "wa-task-management-api", + "prl-ccd-definitions", + "juror-api", + "draft-store", + "sscs-track-your-appeal-frontend", + "wa-case-event-handler", + "div-petitioner-frontend", + "ccd-user-profile-api" ] \ No newline at end of file diff --git a/scripts/update-readme.py b/scripts/update-readme.py index f7f4d4af2..cbbf4ddc8 100644 --- a/scripts/update-readme.py +++ b/scripts/update-readme.py @@ -7,7 +7,7 @@ # File path for the JSON file JSON_FILE_PATH = os.path.join(os.path.dirname(__file__), '../production-repos.json') -README_FILE_PATH = os.path.join(os.path.dirname(__file__), '../readme.md') # Ensure correct case +README_FILE_PATH = os.path.join(os.path.dirname(__file__), '../readme.md') def load_repos(file_path): """ @@ -78,7 +78,7 @@ def update_readme(prod_count, dev_count, prod_link): logging.info(f"Number of production repositories: {production_count}") # Placeholder value for dev repo count, can be updated similarly - development_count = 0 # Update this to load actual data if available + development_count = 0 # Link to the production-repos.json file in the repository prod_link = "https://github.com/hmcts/github-repository-rules/blob/DTSPO-18104-typo-file-V2/production-repos.json" From 9d7489bce17f0411cc45b13eb50d2a2db93922b3 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 8 Aug 2024 12:33:07 +0100 Subject: [PATCH 008/100] updated the jq part of the pipeline, included platops group tp exlcude rulesets --- .github/workflows/terraform.yaml | 7 ++++++- ReadMe.md | 9 ++++----- components/data.tf | 2 +- components/locals.tf | 4 +--- 4 files changed, 12 insertions(+), 10 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 6b1d3d124..275ad4089 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -1,4 +1,5 @@ name: Terraform CI/CD + on: pull_request: branches: @@ -20,6 +21,7 @@ permissions: jobs: terraform: runs-on: ubuntu-latest + steps: - name: Checkout uses: actions/checkout@v3 @@ -41,11 +43,14 @@ jobs: run: | echo "Checking Repositories and Branches" cat ./production-repos.json - for repo in $(jq -r '.[]' ./production-repos.json); do + for repo in $(jq -r '.[]' < ./production-repos.json); do echo "Checking repository: $repo" curl -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ -H "Accept: application/vnd.github.v3+json" \ https://api.github.com/repos/hmcts/$repo + done + shell: /bin/bash + - name: Terraform Init working-directory: components diff --git a/ReadMe.md b/ReadMe.md index 46d27b7ad..d266bc288 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -4,7 +4,7 @@ This repository contains code to manage GitHub repository branch protection rule # Overview -This Terraform configuration automates the process of setting up rule sets across multiple GitHub repositories. It implements a batching system to handle a large number of repositories efficiently while respecting GitHub API rate limits. +This Terraform configuration automates the process of setting up rule sets at the organisation level. - [Rate Limits Page](https://docs.github.com/en/rest/using-the-rest-api/rate-limits-for-the-rest-api?apiVersion=2022-11-28) @@ -27,9 +27,8 @@ This Terraform configuration automates the process of setting up rule sets acros ## What This Does - Reads a list of repositories from `production-repos.json` -- Creates rule sets on the repositories read from the JSON file, applying standardisation across all repositories. -- Creates custom properties to tag and categorize repositories, such as marking repositories as "in production." -- Processes repositories in batches to manage API rate limits. +- Creates a ruleset at the organisation level, this applies standardisation across all repositories. +- Creates custom properties for repositories, such as marking repositories as "is_production." ## Maintenance @@ -39,7 +38,7 @@ To add or remove repositories follow the below: 1. Open a fresh PR from the master branch ensuring you have pulled down recent changes to the master branch. 2. Applies standardized rule sets to repositories listed in the `production-repos.json` file, ensuring consistent management and configuration across all repositories. 3. Create a PR and allow the GH Actions pipeline to run a Terraform Plan to confirm changes are accepted. -4. Once this first pipeline checks out, the second pipeline will apply your changes and update the branch protection rules. +4. Once the plan is good, you can merge your PR into main branch and the pipeline will trigger an apply. 5. Once applied delete your branch. diff --git a/components/data.tf b/components/data.tf index 7973e6897..f523a5bc4 100644 --- a/components/data.tf +++ b/components/data.tf @@ -1,5 +1,5 @@ data "github_team" "admin" { - slug = "test" + slug = "Platform Operations" # Add more teams here if you want to exlcude them from the rulesets } data "local_file" "repos_json" { diff --git a/components/locals.tf b/components/locals.tf index 9128cf66d..757ba06c7 100644 --- a/components/locals.tf +++ b/components/locals.tf @@ -1,8 +1,6 @@ locals { # List of repositories to exclude from the production-repos.json file - excluded_repositories = [ - "test-repo-uteppyig", - ] + excluded_repositories = [] # Add any repositories here you would like to exclude # Read repositories from JSON file all_repositories = jsondecode(data.local_file.repos_json.content) From b7ad89fa319763948d1490e6d27ffb595985c178 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 8 Aug 2024 12:35:17 +0100 Subject: [PATCH 009/100] updated the shell to bash for jq --- .github/workflows/terraform.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 275ad4089..bd842f418 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -49,7 +49,7 @@ jobs: -H "Accept: application/vnd.github.v3+json" \ https://api.github.com/repos/hmcts/$repo done - shell: /bin/bash + shell: bash - name: Terraform Init From bb8f744ede40c68373f1bad0b7ece8b4b8844884 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 8 Aug 2024 12:40:05 +0100 Subject: [PATCH 010/100] updating the spelling mistake in platform-operation team --- components/data.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/data.tf b/components/data.tf index f523a5bc4..d5ac41c69 100644 --- a/components/data.tf +++ b/components/data.tf @@ -1,5 +1,5 @@ data "github_team" "admin" { - slug = "Platform Operations" # Add more teams here if you want to exlcude them from the rulesets + slug = "platform-operations" # Add more teams here if you want to exlcude them from the rulesets } data "local_file" "repos_json" { From 0f555ba79da60faff58ecbf6b3b9838f3d9c975c Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 8 Aug 2024 12:59:36 +0100 Subject: [PATCH 011/100] fixed spelling mistake on the readme file --- ReadMe.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ReadMe.md b/ReadMe.md index d266bc288..430787cb6 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -36,7 +36,7 @@ This Terraform configuration automates the process of setting up rule sets at th To add or remove repositories follow the below: 1. Open a fresh PR from the master branch ensuring you have pulled down recent changes to the master branch. -2. Applies standardized rule sets to repositories listed in the `production-repos.json` file, ensuring consistent management and configuration across all repositories. +2. Applies standardised rule sets to repositories listed in the `production-repos.json` file, ensuring consistent management and configuration across all repositories. 3. Create a PR and allow the GH Actions pipeline to run a Terraform Plan to confirm changes are accepted. 4. Once the plan is good, you can merge your PR into main branch and the pipeline will trigger an apply. 5. Once applied delete your branch. From 85d2a750a3ecfe002f05e87000da22d45d6e9690 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 10:19:16 +0100 Subject: [PATCH 012/100] testing the pipeline --- custom-properties/set_org_custom_properties.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/custom-properties/set_org_custom_properties.py b/custom-properties/set_org_custom_properties.py index 5610f659a..b5004ad10 100644 --- a/custom-properties/set_org_custom_properties.py +++ b/custom-properties/set_org_custom_properties.py @@ -159,4 +159,4 @@ def load_production_repos(): except requests.RequestException as e: logging.error(f"Failed to set properties for {repo_full_name}: {str(e)}") -logging.info("\nScript execution completed.") +logging.info("\nScript execution completed.") \ No newline at end of file From 85acfcb8e28e1d965d0d730ae9fc3f084d754b07 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 11:41:17 +0100 Subject: [PATCH 013/100] updating the pipeline structure to use cnp library and pre commit fmt --- .github/workflows/terraform.yaml | 154 ++++++++++++++-------------- .github/workflows/update-repos.yaml | 14 +++ 2 files changed, 93 insertions(+), 75 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index bd842f418..d85764b53 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -18,85 +18,89 @@ permissions: pull-requests: write contents: read -jobs: - terraform: +jobs: + pre-commit: runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v3 - - - name: Setup Terraform - uses: hashicorp/setup-terraform@v2 - - - name: 'Az CLI login' - uses: azure/login@v1 - with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} - - - name: Install jq - run: sudo apt-get install jq -y + - name: Checkout + uses: actions/checkout@v4 + + - name: Checkout cnp-azuredevops-libraries + uses: actions/checkout@v4 + with: + repository: hmcts/cnp-azuredevops-libraries + path: cnp-azuredevops-libraries + + - name: Setup Script + run: | + chmod +x cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh + + - name: Setup Terraform + run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh + working-directory: ./ + shell: bash + + - name: Run Pre-commit + uses: pre-commit/action@v3.0.0 + with: + extra_args: terraform_fmt --all-files + continue-on-error: true + + - name: Auto Commit Changes + uses: stefanzweifel/git-auto-commit-action@v5 + with: + file_pattern: environments/* components/* modules/* - - name: List Repositories and Branches - run: | - echo "Checking Repositories and Branches" - cat ./production-repos.json - for repo in $(jq -r '.[]' < ./production-repos.json); do - echo "Checking repository: $repo" - curl -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ - -H "Accept: application/vnd.github.v3+json" \ - https://api.github.com/repos/hmcts/$repo - done - shell: bash - - - - name: Terraform Init - working-directory: components - env: - STORAGE_ACCOUNT: ${{ secrets.STORAGE_ACCOUNT }} - CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }} - RESOURCE_GROUP_NAME: ${{ secrets.RESOURCE_GROUP_NAME }} - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - run: terraform init -backend-config="storage_account_name=$STORAGE_ACCOUNT" -backend-config="container_name=$CONTAINER_NAME" -backend-config="resource_group_name=$RESOURCE_GROUP_NAME" -reconfigure + terraform: + runs-on: ubuntu-latest + steps: + - name: Az CLI login + uses: azure/login@v1 + with: + client-id: ${{ secrets.AZURE_CLIENT_ID }} + tenant-id: ${{ secrets.AZURE_TENANT_ID }} + subscription-id: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} - - name: Terraform format - working-directory: components - id: fmt - run: terraform fmt -check + - name: Terraform Init + working-directory: components + env: + STORAGE_ACCOUNT: ${{ secrets.STORAGE_ACCOUNT }} + CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }} + RESOURCE_GROUP_NAME: ${{ secrets.RESOURCE_GROUP_NAME }} + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + run: terraform init -backend-config="storage_account_name=$STORAGE_ACCOUNT" -backend-config="container_name=$CONTAINER_NAME" -backend-config="resource_group_name=$RESOURCE_GROUP_NAME" -reconfigure - - name: Terraform validate - working-directory: components - id: validate - env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - run: terraform validate + - name: Terraform Validate + working-directory: components + id: validate + env: + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + run: terraform validate - - name: Terraform plan - working-directory: components - id: plan - env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform plan -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" + - name: Terraform Plan + working-directory: components + id: plan + env: + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} + run: terraform plan -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" - - name: Terraform Apply - if: github.event_name == 'push' && github.ref == 'refs/heads/main' - working-directory: components - env: - ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} - ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} - ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file + - name: Terraform Apply + if: github.event_name == 'push' && github.ref == 'refs/heads/main' + working-directory: components + env: + ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} + ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} + ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} + GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve diff --git a/.github/workflows/update-repos.yaml b/.github/workflows/update-repos.yaml index 313ef4237..118d34a58 100644 --- a/.github/workflows/update-repos.yaml +++ b/.github/workflows/update-repos.yaml @@ -34,6 +34,20 @@ jobs: - name: Run update-readme script run: python scripts/update-readme.py + - name: Install jq + run: sudo apt-get install jq -y + + - name: List Repositories and Branches + run: | + echo "Checking Repositories and Branches" + for repo in $(jq -r '.[]' < ./production-repos.json); do + echo "Checking repository: $repo" + curl -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ + -H "Accept: application/vnd.github.v3+json" \ + https://api.github.com/repos/hmcts/$repo + done + shell: bash + - name: Commit and push changes run: | git config --global user.name 'hmcts-platform-operations' From 493d74480ec5ff7a5a474847c7a3ddbfec26b0cb Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 11:42:51 +0100 Subject: [PATCH 014/100] updating the pipeline structure to use cnp library and pre commit fmt --- .github/workflows/terraform.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index d85764b53..d7c722049 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -7,6 +7,7 @@ on: push: branches: - main + - DTSPO-18475-Fix-Up workflow_dispatch: env: From fee3e6ecd5443cf8ca6d14b9373c4850fff92175 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 11:45:24 +0100 Subject: [PATCH 015/100] fixing small typo in pipeline --- .github/workflows/terraform.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index d7c722049..77997266f 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -104,4 +104,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file From a335c08f334ccab2985e70545cb8272fd97e4cce Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 11:53:57 +0100 Subject: [PATCH 016/100] fixing filepath issue for components directory --- .github/workflows/terraform.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 77997266f..258141932 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -63,7 +63,7 @@ jobs: subscription-id: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} - name: Terraform Init - working-directory: components + working-directory: ./components env: STORAGE_ACCOUNT: ${{ secrets.STORAGE_ACCOUNT }} CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }} @@ -75,7 +75,7 @@ jobs: run: terraform init -backend-config="storage_account_name=$STORAGE_ACCOUNT" -backend-config="container_name=$CONTAINER_NAME" -backend-config="resource_group_name=$RESOURCE_GROUP_NAME" -reconfigure - name: Terraform Validate - working-directory: components + working-directory: ./components id: validate env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} @@ -85,7 +85,7 @@ jobs: run: terraform validate - name: Terraform Plan - working-directory: components + working-directory: ./components id: plan env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} @@ -97,7 +97,7 @@ jobs: - name: Terraform Apply if: github.event_name == 'push' && github.ref == 'refs/heads/main' - working-directory: components + working-directory: ./components env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} From 513557b71bd03c0b04f3cc13e5e3a4db9a0e1a01 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:00:34 +0100 Subject: [PATCH 017/100] fixing filepath issue for components directory on set up tf stage --- .github/workflows/terraform.yaml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 258141932..243470876 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -38,7 +38,7 @@ jobs: - name: Setup Terraform run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh - working-directory: ./ + working-directory: components shell: bash - name: Run Pre-commit @@ -63,7 +63,7 @@ jobs: subscription-id: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} - name: Terraform Init - working-directory: ./components + working-directory: components env: STORAGE_ACCOUNT: ${{ secrets.STORAGE_ACCOUNT }} CONTAINER_NAME: ${{ secrets.CONTAINER_NAME }} @@ -75,7 +75,7 @@ jobs: run: terraform init -backend-config="storage_account_name=$STORAGE_ACCOUNT" -backend-config="container_name=$CONTAINER_NAME" -backend-config="resource_group_name=$RESOURCE_GROUP_NAME" -reconfigure - name: Terraform Validate - working-directory: ./components + working-directory: components id: validate env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} @@ -85,7 +85,7 @@ jobs: run: terraform validate - name: Terraform Plan - working-directory: ./components + working-directory: components id: plan env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} @@ -97,7 +97,7 @@ jobs: - name: Terraform Apply if: github.event_name == 'push' && github.ref == 'refs/heads/main' - working-directory: ./components + working-directory: components env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} From 40d9e929955d6c674ab22a3afbd3f62758745b60 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:03:00 +0100 Subject: [PATCH 018/100] fixing filepath issue for components directory on set up tf stage --- .github/workflows/terraform.yaml | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 243470876..8eb3d7c06 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -25,7 +25,9 @@ jobs: steps: - name: Checkout uses: actions/checkout@v4 - + with: + path: . + - name: Checkout cnp-azuredevops-libraries uses: actions/checkout@v4 with: @@ -38,7 +40,6 @@ jobs: - name: Setup Terraform run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh - working-directory: components shell: bash - name: Run Pre-commit @@ -50,11 +51,16 @@ jobs: - name: Auto Commit Changes uses: stefanzweifel/git-auto-commit-action@v5 with: - file_pattern: environments/* components/* modules/* + file_pattern: components/* terraform: runs-on: ubuntu-latest steps: + - name: Checkout + uses: actions/checkout@v4 + with: + path: . + - name: Az CLI login uses: azure/login@v1 with: @@ -104,4 +110,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve From 41597637b32902dc7b190eb7ecfedad0928d4d61 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:22:25 +0100 Subject: [PATCH 019/100] test functionality of pipeline --- .github/workflows/terraform.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 8eb3d7c06..6e6f892bd 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -7,7 +7,6 @@ on: push: branches: - main - - DTSPO-18475-Fix-Up workflow_dispatch: env: @@ -110,4 +109,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file From ea9b36716db2e75087f8ea7fd8e96821624ee23e Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:26:22 +0100 Subject: [PATCH 020/100] test functionality of pipeline --- .github/workflows/terraform.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 6e6f892bd..868db6f13 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -6,7 +6,7 @@ on: - main push: branches: - - main + - "**" workflow_dispatch: env: From 5ff155388e888c531f8548c3b8783acaa50bc4e6 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:32:20 +0100 Subject: [PATCH 021/100] test functionality of pipeline --- .github/workflows/terraform.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 868db6f13..eb52acfb2 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -109,4 +109,5 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + \ No newline at end of file From 267bfc1cbacb02a4b853796155a0c84893ad2ead Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:35:36 +0100 Subject: [PATCH 022/100] fixing federated credential --- .github/workflows/terraform.yaml | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index eb52acfb2..868db6f13 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -109,5 +109,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve - \ No newline at end of file + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file From fa1648c5854fc0c83d95231ca0b12f7ba0b7e51a Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:36:19 +0100 Subject: [PATCH 023/100] fixing federated credential --- .github/workflows/terraform.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 868db6f13..eb52acfb2 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -109,4 +109,5 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + \ No newline at end of file From 500e306f4e3b0e2df0b5a4becc6f98beb1c6d086 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:38:44 +0100 Subject: [PATCH 024/100] changing creds --- .github/workflows/terraform.yaml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index eb52acfb2..3373758b3 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -63,9 +63,7 @@ jobs: - name: Az CLI login uses: azure/login@v1 with: - client-id: ${{ secrets.AZURE_CLIENT_ID }} - tenant-id: ${{ secrets.AZURE_TENANT_ID }} - subscription-id: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} + creds: ${{ secrets.AZURE_CREDENTIALS }} - name: Terraform Init working-directory: components @@ -110,4 +108,3 @@ jobs: ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve - \ No newline at end of file From ad90751a04a6d82d12fb1b2ec8f362cc9d5e4ff6 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:45:59 +0100 Subject: [PATCH 025/100] updated production repo list --- production-repos.json | 550 +++++++++++++++++++++--------------------- 1 file changed, 275 insertions(+), 275 deletions(-) diff --git a/production-repos.json b/production-repos.json index ae927270e..708befdd4 100644 --- a/production-repos.json +++ b/production-repos.json @@ -1,311 +1,311 @@ [ + "c100-shared-infrastructure", + "bulk-scan-shared-infrastructure", + "ccpay-functions-node", + "fpl-ccd-configuration", + "pip-shared-infrastructure-bootstap", + "rpx-xui-manage-organisations", "prl-citizen-frontend", - "div-decree-nisi-frontend", - "ccd-admin-web-api", + "civil-orchestrator-service", + "sscs-task-configuration", + "probate-caveats-frontend", + "hmi-shared-infrastructures-bootstrap", + "wa-shared-infrastructure", + "camunda-bpm", + "finrem-shared-infrastructure", + "em-shared-infrastructure", + "ethos-repl-docmosis-service", "div-case-orchestration-service", - "rpa-professional-api", - "prl-wa-task-configuration", - "rpe-pdf-service", - "adoption-web", - "ctsc-shared-infrastructure", - "cnp-rhubarb-frontend", - "darts-automation", - "pip-publication-services", - "aac-manage-case-assignment", - "probate-submit-service", - "cnp-module-waf", - "probate-health-monitor", - "pre-network", - "cnp-idam-storage", + "hmc-hmi-inbound-adapter", + "pre-vault", + "prl-ccd-definitions", + "ccd-case-management-web", "bar-web", - "div-decree-absolute-frontend", - "probate-persistence-service", - "div-fees-and-payments-service", - "cnp-keda-shared-infrastucture", - "ccd-data-store-api", - "cnp-module-api-mgmt-subscription", - "blob-router-service", - "fact-admin", - "rd-caseworker-ref-api", - "terraform-module-common-tags", - "tax-tribunals-datacapture", + "cnp-module-waf", + "ia-case-api", + "disposer-shared-infrastructure", + "rpa-jui-webapp", + "sscs-bulk-scan", + "ccpay-payment-app", + "juror-api", + "fis-hmc-api", + "dtsse-shared-infrastructure", + "am-role-assignment-service", + "rd-shared-infrastructure", "am-role-assignment-batch-service", - "pre-shared-infrastructure", - "cnp-idam-vault", + "am-org-role-mapping-service", + "ccd-case-disposer", + "sds-keda-infrastructure", + "ccd-admin-web", + "cnp-idam-compute", + "ccpayfr-shared-infrastructure", + "sds-toffee-frontend", + "ccd-admin-web-api", + "adoption-shared-infrastructure", + "ccpay-refunds-app", + "cnp-pipelinemetrics-database", + "div-decree-nisi-frontend", + "ia-timed-event-service", + "prl-dgs-api", + "div-evidence-management-client-api", + "cnp-module-vnet", + "et-sya-api", + "em-hrs-ingestor", + "rpa-professional-api", + "cmc-citizen-frontend", + "bulk-scan-payment-processor", + "sscs-cor-backend", + "sscs-case-loader", + "rd-user-profile-api", + "lau-shared-infrastructure", + "employment-tribunals-shared-infrastructure", + "pcq-loader", + "cnp-module-api-mgmt", + "sscs-ccd-callback-orchestrator", + "sscs-hearings-api", + "rpx-xui-webapp", + "darts-api", + "send-letter-service", + "probate-business-service", + "docmosis-infrastructure", + "sds-toffee-shared-infrastructure", + "cmc-legal-rep-frontend", "civil-service", + "cnp-idam-vault", + "terraform-module-dynatrace-oneagent", + "rpx-xui-approve-org", + "sscs-submit-your-appeal", + "ia-home-office-integration-api", + "sptribs-case-api", "pip-data-management", - "sscs-shared-infrastructure", - "prl-dgs-api", - "et-sya-frontend", - "cnp-module-action-group", - "ccpay-payment-api-gateway", - "em-icp-api", + "div-decree-absolute-frontend", + "juror-scheduler-api", + "cmc-claim-submit-api", "nfdiv-case-api", - "am-shared-infrastructure", - "cnp-module-api-mgmt-product", - "rpx-xui-approve-org", - "pdda-shared-infrastructure", - "ccpay-functions-node", - "sscs-cor-frontend", - "ccpayfr-shared-infrastructure", - "c100-application", - "div-validation-service", - "et-ccd-callbacks", - "ccd-admin-web", - "hmc-cft-hearing-service", - "rd-user-profile-api", + "probate-shared-infrastructure", + "dm-shared-infrastructure", + "pre-portal", + "cnp-module-key-vault", + "terraform-module-log-analytics-workspace-id", + "ia-shared-infrastructure", + "idam-shared-infrastructure", + "pcq-shared-infrastructure", + "cnp-idam-storage", + "cnp-module-api-mgmt-api-operation", + "em-icp-api", "em-annotation-api", - "sscs-submit-your-appeal", + "civil-general-apps-ccd-definition", + "rd-commondata-api", + "sscs-tribunals-case-api", + "snl-shared-infrastructure", + "cet-shared-infrastructure", + "et-sya-frontend", + "pcq-frontend", + "terraform-module-common-tags", + "hmc-cft-hearing-service", + "cnp-module-storage", + "civil-camunda-bpmn-definition", + "ccfr-fees-register-app", + "civil-sdt", + "idam-api", + "juror-bureau", + "terraform-module-servicebus-namespace", + "am-shared-infrastructure", + "ccd-user-profile-api", + "cnp-idam-master", + "probate-submit-service", + "hmi-apim-infrastructures", + "ccd-elastic-search", + "juror-shared-infrastructure", + "cnp-rhubarb-shared-infrastructure", + "rd-commondata-dataload", + "ctsc-shared-infrastructure", + "rpa-coh-continuous-online-resolution", + "div-respondent-frontend", + "libragob-shared-infrastructure", + "pcq-backend", + "cnp-module-webapp", + "fact-admin", + "cnp-module-automation-runbook-start-stop-vm", + "lau-case-backend", + "probatemandb", + "prd-pui-registration", + "sscs-shared-infrastructure", + "pcq-consolidation-service", + "cnp-rhubarb-frontend", "ccd-shared-infrastructure", - "ia-home-office-integration-api", - "probate-back-office", - "em-shared-infrastructure", - "sscs-task-configuration", - "ia-hearings-api", - "em-ccd-orchestrator", + "bar-api", + "cnp-module-trafficmanager", + "rd-judicial-api", + "cmc-claim-store", + "disposer-idam-user", + "adoption-web", + "civil-citizen-ui", + "div-health-monitor", + "idam-user-dashboard", + "rpe-pdf-service", + "cpo-case-payment-orders-api", + "cnp-module-action-group", + "et-message-handler", + "document-management-store-app", + "dg-docassembly-api", + "adoption-cos-api", + "rd-judicial-data-load", + "reform-scan-notification-service", + "lau-frontend", + "fpl-ccd-data-migration-tool", + "ia-case-notifications-api", + "blob-router-service", + "pre-functions", + "cmc-shared-infrastructure", + "em-stitching-api", + "wa-standalone-task-bpmn", + "wa-workflow-api", + "am-judicial-booking-service", + "cnp-plum-recipes-service", + "idam-web-public", + "cnp-core-compute", + "ccd-api-gateway", + "c100-application", "reform-scan-shared-infra", - "ethos-repl-docmosis-service", - "ccd-definition-designer-api", - "ccd-elastic-search", - "civil-ccd-definition", - "sscs-hearings-api", - "pip-shared-infrastructure-bootstap", - "sscs-evidence-share", - "ccd-case-print-service", + "et-ccd-callbacks", + "nfdiv-shared-infrastructure", + "div-document-generator-client", "et-pet-shared-infrastructure", - "sds-toffee-frontend", - "prl-cos-api", - "wa-standalone-task-bpmn", - "cnp-module-api-mgmt", - "rpx-xui-manage-organisations", - "cnp-module-api-mgmt-api-policy", - "terraform-module-postgresql-flexible", - "cnp-module-api-mgmt-api-operation", - "bar-shared-infrastructure", + "sscs-cor-frontend", + "ts-translation-service", + "fis-shared-infrastructure", + "lau-idam-backend", + "div-case-data-formatter", + "pip-subscription-management", + "sptribs-frontend", "ccfr-fees-register-admin-web", - "cmc-citizen-frontend", - "send-letter-service", + "probate-health-monitor", + "bulk-scan-processor", + "cnp-owaspdependencycheck-database", + "draft-store", + "am-role-assignment-refresh-batch", + "darts-portal", + "cnp-core-infrastructure", + "darts-automation", + "cnp-module-api-mgmt-product", + "cnp-module-storage-account", + "rd-professional-api", + "cnp-module-shutterpage", + "ctsc-work-allocation", + "ia-case-payments-api", + "wa-task-monitor", + "fpl-wa-task-configuration", + "cnp-keda-shared-infrastucture", + "camunda-shared-infrastructure", + "rpx-shared-infrastructure", + "ia-aip-frontend", "tax-tribunals-shared-infrastructure", - "c100-shared-infrastructure", + "darts-shared-infrastructure", + "cnp-module-api-mgmt-api-policy", + "sscs-track-your-appeal-notifications", "ccd-case-document-am-api", - "et-sya-api", - "ia-case-payments-api", - "camunda-bpm", - "prl-shared-infrastructure", - "cet-shared-infrastructure", - "sptribs-frontend", + "pdda-shared-infrastructure", + "em-ccd-orchestrator", + "sscs-evidence-share", + "terraform-module-application-insights", + "et-shared-infrastructure", + "probate-persistence-service", + "ccd-definition-designer-api", + "div-validation-service", + "hmi-shared-infrastructures", + "pip-account-management", + "cnp-module-trafficmanager-endpoint", + "ccpay-paymentoutcome-web", + "ccpay-payment-api-gateway", + "ia-case-documents-api", + "rd-location-ref-api", "wa-task-configuration-api", - "cnp-module-postgres", - "cnp-core-infrastructure", - "div-health-monitor", + "terraform-module-postgresql-flexible", + "prl-cos-api", "cnp-module-metric-alert", - "sscs-track-your-appeal-notifications", - "cnp-module-trafficmanager", - "cmc-claim-submit-api", - "rd-judicial-api", - "ia-case-notifications-api", - "rpx-xui-terms-and-conditions", - "probatemandb", - "idam-user-dashboard", + "cnp-module-application-insights", "fact-shared-infrastructure", - "cnp-idam-compute", - "fact-api", + "rpe-shared-infrastructure", + "tax-tribunals-datacapture", "ia-task-configuration", - "probate-business-service", - "et-shared-infrastructure", - "juror-scheduler-execution", + "cnp-module-postgres", + "terraform-module-servicebus-subscription", + "terraform-module-servicebus-queue", + "pip-publication-services", + "prl-shared-infrastructure", + "cnp-module-redis", + "cmc-ccd-domain", + "ccd-logstash", + "fact-frontend", "cnp-module-palo-alto", - "cnp-module-storage-account", - "juror-bureau", - "dtsse-shared-infrastructure", - "civil-citizen-ui", - "cnp-module-storage", + "darts-gateway", + "div-petitioner-frontend", "ccd-definition-store-api", - "idam-shared-infrastructure", - "ccd-api-gateway", - "ccpay-service-request-cpo-update-service", - "am-judicial-booking-service", - "civil-general-apps-ccd-definition", - "bulk-scan-shared-infrastructure", + "pdm-shared-infrastructure", + "rpa-em-ccd-orchestrator", + "juror-pnc", + "wa-case-event-handler", "cui-ra", + "ia-case-access-api", + "em-native-pdf-annotator-app", + "fact-api", + "ccpay-bubble", + "prl-wa-task-configuration", + "sds-toffee-recipes-service", + "nfdiv-frontend", "pip-shared-infrastructures", - "ia-timed-event-service", "sptribs-dss-update-case-web", - "bulk-scan-orchestrator", - "fis-hmc-api", - "nfdiv-shared-infrastructure", - "rd-commondata-dataload", - "cmc-claim-store", - "cnp-module-webapp", - "rpa-em-ccd-orchestrator", - "docmosis-infrastructure", - "terraform-module-log-analytics-workspace-id", - "darts-proxy", - "hmi-apim-infrastructures", - "cnp-plum-shared-infrastructure", - "cnp-module-automation-runbook-start-stop-vm", - "fis-shared-infrastructure", - "darts-gateway", - "service-auth-provider-app", - "ia-aip-frontend", - "div-case-data-formatter", - "sds-keda-infrastructure", - "ccpay-refunds-app", - "sds-toffee-recipes-service", - "idam-api", - "rpx-shared-infrastructure", + "juror-public", "civil-general-applications", - "pre-portal", - "darts-shared-infrastructure", - "fpl-wa-task-configuration", + "ia-hearings-api", + "pre-shared-infrastructure", + "bulk-scan-orchestrator", + "rd-caseworker-ref-api", "rd-profile-sync", - "sscs-tribunals-case-api", - "civil-orchestrator-service", - "ts-translation-service", - "ccd-case-management-web", - "reform-scan-notification-service", - "document-management-store-app", - "ia-case-access-api", - "sscs-cor-backend", - "lau-shared-infrastructure", - "pcq-loader", - "cnp-owaspdependencycheck-database", - "em-native-pdf-annotator-app", - "hmi-shared-infrastructures", - "cnp-rhubarb-shared-infrastructure", - "juror-shared-infrastructure", - "terraform-module-servicebus-topic", - "div-case-maintenance-service", - "ia-case-documents-api", - "wa-shared-infrastructure", - "rd-location-ref-data-load", + "sscs-track-your-appeal-frontend", + "wa-task-management-api", + "rpx-xui-terms-and-conditions", + "cnp-module-api-mgmt-subscription", + "civil-sdt-gateway", + "probate-ccd-data-migration-tool", "hmi-rota-dtu", - "finrem-case-orchestration-service", - "pcq-frontend", - "cpo-case-payment-orders-api", - "disposer-idam-user", - "pcq-backend", - "wa-workflow-api", - "help-with-fees-shared-infrastructure", - "cnp-rhubarb-recipes-service", - "pcq-shared-infrastructure", - "em-hrs-api", - "div-evidence-management-client-api", - "am-role-assignment-service", - "civil-sdt", - "adoption-shared-infrastructure", - "rd-professional-api", - "em-hrs-ingestor", - "disposer-shared-infrastructure", - "pre-api", - "terraform-module-servicebus-queue", - "am-org-role-mapping-service", - "ccpay-payment-app", - "cnp-module-shutterpage", - "rpa-coh-continuous-online-resolution", - "fact-frontend", - "employment-tribunals-shared-infrastructure", - "terraform-module-sdp-db-user", - "rpe-shared-infrastructure", - "lau-idam-backend", - "cnp-module-trafficmanager-endpoint", - "civil-camunda-bpmn-definition", - "div-respondent-frontend", - "fpl-ccd-data-migration-tool", - "bulk-scan-processor", - "ccd-logstash", - "cnp-module-key-vault", - "pip-account-management", - "cnp-module-vnet", - "rpa-jui-webapp", - "dg-docassembly-api", - "cnp-module-application-insights", - "div-document-generator-client", - "cmc-shared-infrastructure", - "camunda-shared-infrastructure", - "cnp-idam-master", - "finrem-shared-infrastructure", - "ccpay-bulkscanning-app", - "bar-api", - "pre-functions", - "terraform-module-servicebus-subscription", - "ia-bail-case-api", - "cnp-module-redis", - "et-message-handler", - "ia-shared-infrastructure", - "ecm-consumer", + "pre-network", "ccpay-notifications-service", - "hmc-hmi-inbound-adapter", - "ctsc-work-allocation", - "dm-shared-infrastructure", - "cnp-pipelinemetrics-database", - "sscs-case-loader", - "terraform-module-application-insights", - "probate-caveats-frontend", - "ccd-case-disposer", - "darts-portal", - "snl-shared-infrastructure", - "probate-frontend", - "adoption-cos-api", - "nfdiv-frontend", - "probate-shared-infrastructure", + "div-shared-infrastructure", "cnp-module-app-service-plan", - "ccpay-bubble", - "em-stitching-api", - "probate-orchestrator-service", - "am-role-assignment-refresh-batch", - "juror-scheduler-api", - "pre-vault", + "aac-manage-case-assignment", + "bar-shared-infrastructure", + "cnp-rhubarb-recipes-service", "makeaplea-shared-infrastructure", - "terraform-module-servicebus-namespace", + "hmc-shared-infrastructure", + "civil-ccd-definition", + "div-case-maintenance-service", + "service-auth-provider-app", + "ecm-consumer", + "ia-bail-case-api", + "terraform-module-sdp-db-user", "cnp-module-api-mgmt-api", - "rd-commondata-api", "ccd-case-activity-api", - "libragob-shared-infrastructure", - "hmi-shared-infrastructures-bootstrap", + "feature-toggle-api", + "finrem-case-orchestration-service", + "probate-frontend", + "probate-orchestrator-service", + "em-hrs-api", "ecm-shared-infrastructure", - "cnp-plum-recipes-service", - "ccpay-paymentoutcome-web", - "bulk-scan-payment-processor", - "fpl-ccd-configuration", - "probate-ccd-data-migration-tool", + "terraform-module-servicebus-topic", "sptribs-shared-infrastructure", - "ia-case-api", - "lau-case-backend", - "sscs-bulk-scan", - "ccfr-fees-register-app", - "cmc-legal-rep-frontend", - "pcq-consolidation-service", - "div-shared-infrastructure", - "terraform-module-dynatrace-oneagent", - "darts-api", - "rpx-xui-webapp", - "pip-subscription-management", - "rd-location-ref-api", - "rd-shared-infrastructure", - "prd-pui-registration", - "hmc-shared-infrastructure", - "juror-public", - "cnp-core-compute", - "civil-sdt-gateway", + "ccpay-bulkscanning-app", + "probate-back-office", + "ccpay-service-request-cpo-update-service", + "darts-proxy", + "juror-scheduler-execution", + "pre-api", + "ccd-data-store-api", + "rd-location-ref-data-load", + "cnp-plum-shared-infrastructure", "family-api-gateway", - "feature-toggle-api", - "cmc-ccd-domain", - "idam-web-public", - "rd-judicial-data-load", - "pdm-shared-infrastructure", - "sptribs-case-api", - "sscs-ccd-callback-orchestrator", - "sds-toffee-shared-infrastructure", - "juror-pnc", - "wa-task-monitor", - "lau-frontend", - "wa-task-management-api", - "prl-ccd-definitions", - "juror-api", - "draft-store", - "sscs-track-your-appeal-frontend", - "wa-case-event-handler", - "div-petitioner-frontend", - "ccd-user-profile-api" + "help-with-fees-shared-infrastructure", + "ccd-case-print-service", + "div-fees-and-payments-service" ] \ No newline at end of file From 7a99f63e39b8e39e14eeb10f35093f00b02fb2ee Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 12:48:26 +0100 Subject: [PATCH 026/100] updated production repo list --- .github/workflows/terraform.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 3373758b3..8e92bc64b 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -6,7 +6,7 @@ on: - main push: branches: - - "**" + - main workflow_dispatch: env: From 246124490785ad2b74d1e7d50c6610a72775729c Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 15:13:28 +0100 Subject: [PATCH 027/100] testing the precheck yaml file from cnp library --- .github/workflows/terraform.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 8e92bc64b..c2223d733 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -40,7 +40,10 @@ jobs: - name: Setup Terraform run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh shell: bash - + + - name: Terraform Format + run: ./cnp-azuredevops-libraries/scripts/terraform-precheck.yaml + - name: Run Pre-commit uses: pre-commit/action@v3.0.0 with: From b7a80c81ecf4811e5b54d375b34a64e4c9f53704 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 15:21:13 +0100 Subject: [PATCH 028/100] testing formatting check --- .github/workflows/terraform.yaml | 3 --- components/main.tf | 9 +++++++-- 2 files changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index c2223d733..2a4d5b7ae 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -41,9 +41,6 @@ jobs: run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh shell: bash - - name: Terraform Format - run: ./cnp-azuredevops-libraries/scripts/terraform-precheck.yaml - - name: Run Pre-commit uses: pre-commit/action@v3.0.0 with: diff --git a/components/main.tf b/components/main.tf index e27ba7a65..97fcbee92 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,17 +27,21 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Rule Set" + + target = "branch" + enforcement = "active" conditions { ref_name { include = ["refs/heads/main", "refs/heads/master"] + exclude = [] } repository_name { include = local.included_repositories + exclude = [] } } @@ -46,6 +50,7 @@ resource "github_organization_ruleset" "default_ruleset" { creation = null update = null deletion = false + required_linear_history = true pull_request { From 50db9f77038305c34df305b939c0832463ac84eb Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 9 Aug 2024 16:26:28 +0100 Subject: [PATCH 029/100] testing formatting check --- .github/workflows/terraform.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 2a4d5b7ae..9892c30cf 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -46,6 +46,7 @@ jobs: with: extra_args: terraform_fmt --all-files continue-on-error: true + - name: Auto Commit Changes uses: stefanzweifel/git-auto-commit-action@v5 From ce24f3b92eb8e8e6f6e87fbd31db4791ad966f75 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Sat, 10 Aug 2024 14:27:27 +0100 Subject: [PATCH 030/100] adding components directory for tf fmt check --- .github/workflows/terraform.yaml | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 9892c30cf..870a3d764 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -41,17 +41,22 @@ jobs: run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh shell: bash + - name: Change to components directory + run: cd components + + - name: Run Terraform Format + run: terraform fmt -recursive -check + - name: Run Pre-commit uses: pre-commit/action@v3.0.0 with: - extra_args: terraform_fmt --all-files - continue-on-error: true - + extra_args: --files components/**/* - name: Auto Commit Changes uses: stefanzweifel/git-auto-commit-action@v5 with: - file_pattern: components/* + commit_message: "Apply Terraform formatting changes" + file_pattern: components/**/* terraform: runs-on: ubuntu-latest From 0cc83d9f8c362063b2ec548b8c0766becc4ec60e Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Sat, 10 Aug 2024 14:28:17 +0100 Subject: [PATCH 031/100] adding components directory for tf fmt check --- .github/workflows/terraform.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 870a3d764..fcfab4173 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -7,6 +7,7 @@ on: push: branches: - main + - DTSPO-18475-Fix-Up workflow_dispatch: env: From 3f055588c04d9f795b06b32e240c919d987f2058 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Sat, 10 Aug 2024 14:30:29 +0100 Subject: [PATCH 032/100] ensuring the pipeline will check if code is fmt and if not then it will fmt --- .github/workflows/terraform.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index fcfab4173..46b1f5adc 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -46,7 +46,9 @@ jobs: run: cd components - name: Run Terraform Format - run: terraform fmt -recursive -check + run: | + cd components + terraform fmt -recursive - name: Run Pre-commit uses: pre-commit/action@v3.0.0 From 29a547beea7e1d86bd6e6866558e30ab3dde1c6a Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Sat, 10 Aug 2024 14:34:04 +0100 Subject: [PATCH 033/100] adding hmcts user and ensure the pipeline pushes the changes to the source branch --- .github/workflows/terraform.yaml | 22 +++++++++++++++------- 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 46b1f5adc..1b2f9ab46 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -17,7 +17,7 @@ permissions: id-token: write issues: write pull-requests: write - contents: read + contents: write jobs: pre-commit: @@ -50,16 +50,24 @@ jobs: cd components terraform fmt -recursive + - name: Check for changes + id: git-check + run: | + git diff --exit-code || echo "changes=true" >> $GITHUB_OUTPUT + + - name: Commit and push if changes + if: steps.git-check.outputs.changes == 'true' + run: | + git config --global user.name 'hmcts-platform-operations' + git config --global user.email 'github-platform-operations@HMCTS.NET' + git add . + git commit -m "Apply Terraform formatting changes" + git push + - name: Run Pre-commit uses: pre-commit/action@v3.0.0 with: extra_args: --files components/**/* - - - name: Auto Commit Changes - uses: stefanzweifel/git-auto-commit-action@v5 - with: - commit_message: "Apply Terraform formatting changes" - file_pattern: components/**/* terraform: runs-on: ubuntu-latest From 256a6b1d998f1c1c400cbf1dce5f0a66cd1f8262 Mon Sep 17 00:00:00 2001 From: hmcts-platform-operations Date: Sat, 10 Aug 2024 13:35:08 +0000 Subject: [PATCH 034/100] Apply Terraform formatting changes --- cnp-azuredevops-libraries | 1 + components/main.tf | 10 +++++----- tfenv_install.log | 8 ++++++++ tfenv_use.sh | 1 + 4 files changed, 15 insertions(+), 5 deletions(-) create mode 160000 cnp-azuredevops-libraries create mode 100644 tfenv_install.log create mode 100755 tfenv_use.sh diff --git a/cnp-azuredevops-libraries b/cnp-azuredevops-libraries new file mode 160000 index 000000000..3cc496655 --- /dev/null +++ b/cnp-azuredevops-libraries @@ -0,0 +1 @@ +Subproject commit 3cc496655d3d3364fc87c84f93865316f4e1c9d3 diff --git a/components/main.tf b/components/main.tf index 97fcbee92..2ce9cc641 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,7 +27,7 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" + name = "Default Rule Set" target = "branch" @@ -47,10 +47,10 @@ resource "github_organization_ruleset" "default_ruleset" { } rules { - creation = null - update = null - deletion = false - + creation = null + update = null + deletion = false + required_linear_history = true pull_request { diff --git a/tfenv_install.log b/tfenv_install.log new file mode 100644 index 000000000..e9bb65780 --- /dev/null +++ b/tfenv_install.log @@ -0,0 +1,8 @@ +Installing Terraform v1.9.4 +Downloading release tarball from https://releases.hashicorp.com/terraform/1.9.4/terraform_1.9.4_linux_amd64.zip +Downloading SHA hash file from https://releases.hashicorp.com/terraform/1.9.4/terraform_1.9.4_SHA256SUMS +Not instructed to use Local PGP (/home/runner/.tfenv/use-{gpgv,gnupg}) & No keybase install found, skipping OpenPGP signature verification +Archive: /tmp/tfenv_download.EF2GPH/terraform_1.9.4_linux_amd64.zip + inflating: /home/runner/.tfenv/versions/1.9.4/LICENSE.txt  + inflating: /home/runner/.tfenv/versions/1.9.4/terraform  +Installation of terraform v1.9.4 successful. To make this your default version, run 'tfenv use 1.9.4' diff --git a/tfenv_use.sh b/tfenv_use.sh new file mode 100755 index 000000000..38f52b251 --- /dev/null +++ b/tfenv_use.sh @@ -0,0 +1 @@ +tfenv use 1.9.4 From b03cc90a6d22978dfa99f337395522f48406bf59 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Sat, 10 Aug 2024 14:39:59 +0100 Subject: [PATCH 035/100] adding continue on error flag --- .github/workflows/terraform.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 1b2f9ab46..feb628962 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -68,6 +68,8 @@ jobs: uses: pre-commit/action@v3.0.0 with: extra_args: --files components/**/* + continue-on-error: true + terraform: runs-on: ubuntu-latest @@ -124,4 +126,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file From 177257d93b2b4523ec59da9d844fe43db9a21f3e Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 10:23:50 +0100 Subject: [PATCH 036/100] adding pre commit and tf fmt stage --- .github/workflows/terraform.yaml | 23 ++++------------------- tfenv_install.log | 8 -------- tfenv_use.sh | 1 - 3 files changed, 4 insertions(+), 28 deletions(-) delete mode 100644 tfenv_install.log delete mode 100755 tfenv_use.sh diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index feb628962..d7cd42910 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -45,29 +45,14 @@ jobs: - name: Change to components directory run: cd components - - name: Run Terraform Format - run: | - cd components - terraform fmt -recursive - - - name: Check for changes - id: git-check - run: | - git diff --exit-code || echo "changes=true" >> $GITHUB_OUTPUT - - - name: Commit and push if changes - if: steps.git-check.outputs.changes == 'true' - run: | - git config --global user.name 'hmcts-platform-operations' - git config --global user.email 'github-platform-operations@HMCTS.NET' - git add . - git commit -m "Apply Terraform formatting changes" - git push + - name: Terraform Format + working-directory: components + run: terraform fmt -recursive - name: Run Pre-commit uses: pre-commit/action@v3.0.0 with: - extra_args: --files components/**/* + extra_args: --files components/**/*.tf continue-on-error: true diff --git a/tfenv_install.log b/tfenv_install.log deleted file mode 100644 index e9bb65780..000000000 --- a/tfenv_install.log +++ /dev/null @@ -1,8 +0,0 @@ -Installing Terraform v1.9.4 -Downloading release tarball from https://releases.hashicorp.com/terraform/1.9.4/terraform_1.9.4_linux_amd64.zip -Downloading SHA hash file from https://releases.hashicorp.com/terraform/1.9.4/terraform_1.9.4_SHA256SUMS -Not instructed to use Local PGP (/home/runner/.tfenv/use-{gpgv,gnupg}) & No keybase install found, skipping OpenPGP signature verification -Archive: /tmp/tfenv_download.EF2GPH/terraform_1.9.4_linux_amd64.zip - inflating: /home/runner/.tfenv/versions/1.9.4/LICENSE.txt  - inflating: /home/runner/.tfenv/versions/1.9.4/terraform  -Installation of terraform v1.9.4 successful. To make this your default version, run 'tfenv use 1.9.4' diff --git a/tfenv_use.sh b/tfenv_use.sh deleted file mode 100755 index 38f52b251..000000000 --- a/tfenv_use.sh +++ /dev/null @@ -1 +0,0 @@ -tfenv use 1.9.4 From 2548a002b5dd11978e975c5f101654f1cca46794 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 10:24:14 +0100 Subject: [PATCH 037/100] adding pre commit and tf fmt stage --- .github/workflows/terraform.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index d7cd42910..c9dfe251e 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -7,7 +7,6 @@ on: push: branches: - main - - DTSPO-18475-Fix-Up workflow_dispatch: env: From 6109168375b8a60a88cc5bcef99a699943eb0e13 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 10:24:45 +0100 Subject: [PATCH 038/100] adding pre commit and tf fmt stage --- .github/workflows/terraform.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index c9dfe251e..d7cd42910 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -7,6 +7,7 @@ on: push: branches: - main + - DTSPO-18475-Fix-Up workflow_dispatch: env: From 0f1f1f43d1ce4e137607ba7ba49a50de0d76bb69 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 10:32:24 +0100 Subject: [PATCH 039/100] adding extra fmt stage --- .github/workflows/terraform.yaml | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index d7cd42910..77187e7be 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -49,6 +49,10 @@ jobs: working-directory: components run: terraform fmt -recursive + - name: Check Terraform Formatting + working-directory: components + run: terraform fmt -check -diff -recursive + - name: Run Pre-commit uses: pre-commit/action@v3.0.0 with: From 76881b163708b444ee35ec2f460cfd1274986d3b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 10:44:04 +0100 Subject: [PATCH 040/100] adding extra fmt stage --- .github/workflows/terraform.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 77187e7be..43fbe5001 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -115,4 +115,5 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + \ No newline at end of file From 27f97d95499d42cfcf01ff9b025102415dabccc3 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 10:54:45 +0100 Subject: [PATCH 041/100] adding extra fmt stage --- components/main.tf | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/components/main.tf b/components/main.tf index 2ce9cc641..c0fa4b6b1 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,10 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - - target = "branch" - + name = "Default Rule Set" + target = "branch" enforcement = "active" conditions { From 53bdbc9e67146c71aeda64bb976b9dd9c532acd4 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 10:59:11 +0100 Subject: [PATCH 042/100] fixing fmt issue --- .github/workflows/terraform.yaml | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 43fbe5001..17d87ac76 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -42,16 +42,13 @@ jobs: run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh shell: bash - - name: Change to components directory - run: cd components - - name: Terraform Format - working-directory: components run: terraform fmt -recursive - - - name: Check Terraform Formatting working-directory: components + + - name: Check Terraform Formatting run: terraform fmt -check -diff -recursive + working-directory: components - name: Run Pre-commit uses: pre-commit/action@v3.0.0 @@ -116,4 +113,3 @@ jobs: ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve - \ No newline at end of file From a92701e1c627f6b32856a0dcb02c2e0ffd428bf6 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 11:02:51 +0100 Subject: [PATCH 043/100] fixing fmt issue --- .github/workflows/terraform.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 17d87ac76..a9da5e72c 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -112,4 +112,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file From 6ab53bcf22cc733bfb9adb101d03f0f98d1a1480 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 11:17:50 +0100 Subject: [PATCH 044/100] changes made to make the fmt changes push to the branch it was raised from --- .github/workflows/terraform.yaml | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index a9da5e72c..523e6e672 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -45,6 +45,15 @@ jobs: - name: Terraform Format run: terraform fmt -recursive working-directory: components + + - name: Commit and Push Changes + working-directory: components + run: | + git config --global user.email "hmcts-platform-operations" + git config --global user.name "github-platform-operations@HMCTS.NET'" + git add . + git commit -m "Auto format with terraform fmt" + git push origin ${{ github.ref }} - name: Check Terraform Formatting run: terraform fmt -check -diff -recursive From 6b328e9ea1362f5e914dafbdad965d6a884d57ec Mon Sep 17 00:00:00 2001 From: "github-platform-operations@HMCTS.NET" Date: Mon, 12 Aug 2024 10:18:16 +0000 Subject: [PATCH 045/100] Auto format with terraform fmt --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index c0fa4b6b1..17f40c59e 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Rule Set" + target = "branch" enforcement = "active" conditions { From 294515a6fb8923a8935e3babd0760eff52dd1631 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 11:22:37 +0100 Subject: [PATCH 046/100] testing functionality of the fmt --- .github/workflows/terraform.yaml | 4 ---- components/main.tf | 4 ++-- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 523e6e672..848c863c0 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -54,10 +54,6 @@ jobs: git add . git commit -m "Auto format with terraform fmt" git push origin ${{ github.ref }} - - - name: Check Terraform Formatting - run: terraform fmt -check -diff -recursive - working-directory: components - name: Run Pre-commit uses: pre-commit/action@v3.0.0 diff --git a/components/main.tf b/components/main.tf index 17f40c59e..761cfe934 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Rule Set" + target = "branch" enforcement = "active" conditions { From 0e30fe981ae45ed44445e9c6c0328bb5e69c7f2f Mon Sep 17 00:00:00 2001 From: "github-platform-operations@HMCTS.NET" Date: Mon, 12 Aug 2024 10:22:53 +0000 Subject: [PATCH 047/100] Auto format with terraform fmt --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index 761cfe934..17f40c59e 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Rule Set" + target = "branch" enforcement = "active" conditions { From 64c883370723365892f3b173e9e3ef943f5340f9 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 12:10:30 +0100 Subject: [PATCH 048/100] cleanup --- .github/workflows/terraform.yaml | 1 - cnp-azuredevops-libraries | 1 - 2 files changed, 2 deletions(-) delete mode 160000 cnp-azuredevops-libraries diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 848c863c0..18d24526d 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -7,7 +7,6 @@ on: push: branches: - main - - DTSPO-18475-Fix-Up workflow_dispatch: env: diff --git a/cnp-azuredevops-libraries b/cnp-azuredevops-libraries deleted file mode 160000 index 3cc496655..000000000 --- a/cnp-azuredevops-libraries +++ /dev/null @@ -1 +0,0 @@ -Subproject commit 3cc496655d3d3364fc87c84f93865316f4e1c9d3 From 8e5db015e63bb5e15a50795e15e05ab99c8b1544 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 14:28:47 +0100 Subject: [PATCH 049/100] split the workflows and added precheck.yaml --- .github/workflows/terraform-precheck.yaml | 40 ++++++++++++++++++ .github/workflows/terraform.yaml | 49 +++-------------------- 2 files changed, 46 insertions(+), 43 deletions(-) create mode 100644 .github/workflows/terraform-precheck.yaml diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml new file mode 100644 index 000000000..dc90b0617 --- /dev/null +++ b/.github/workflows/terraform-precheck.yaml @@ -0,0 +1,40 @@ +name: Terraform Pre-Check + +on: + pull_request: + branches: + - main + push: + branches: + - main + workflow_dispatch: + +jobs: + pre-check: + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Checkout cnp-azuredevops-libraries + uses: actions/checkout@v4 + with: + repository: hmcts/cnp-azuredevops-libraries + path: cnp-azuredevops-libraries + + - name: Setup Terraform + run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh + shell: bash + + - name: Terraform Format + run: terraform fmt -recursive + working-directory: components + + - name: Commit and Push Changes + working-directory: components + run: | + git config --global user.email "hmcts-platform-operations" + git config --global user.name "github-platform-operations@HMCTS.NET" + git add . + git commit -m "Auto format with terraform fmt" + git push origin ${{ github.ref }} diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 18d24526d..d41a60380 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -1,6 +1,11 @@ name: Terraform CI/CD on: + workflow_run: + workflows: ["Terraform Pre-Check"] + types: + - completed + pull_request: branches: - main @@ -9,58 +14,16 @@ on: - main workflow_dispatch: -env: - TF_LOG: INFO - -permissions: - id-token: write - issues: write - pull-requests: write - contents: write - jobs: pre-commit: runs-on: ubuntu-latest + steps: - name: Checkout uses: actions/checkout@v4 with: path: . - - name: Checkout cnp-azuredevops-libraries - uses: actions/checkout@v4 - with: - repository: hmcts/cnp-azuredevops-libraries - path: cnp-azuredevops-libraries - - - name: Setup Script - run: | - chmod +x cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh - - - name: Setup Terraform - run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh - shell: bash - - - name: Terraform Format - run: terraform fmt -recursive - working-directory: components - - - name: Commit and Push Changes - working-directory: components - run: | - git config --global user.email "hmcts-platform-operations" - git config --global user.name "github-platform-operations@HMCTS.NET'" - git add . - git commit -m "Auto format with terraform fmt" - git push origin ${{ github.ref }} - - - name: Run Pre-commit - uses: pre-commit/action@v3.0.0 - with: - extra_args: --files components/**/*.tf - continue-on-error: true - - terraform: runs-on: ubuntu-latest steps: From a4c373d844352e925a61b6dec34a311ce3ec1768 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 14:28:49 +0100 Subject: [PATCH 050/100] split the workflows and added precheck.yaml --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index 17f40c59e..761cfe934 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Rule Set" + target = "branch" enforcement = "active" conditions { From c495fbac638258b39f1527b029d68b1c20071127 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 14:29:23 +0100 Subject: [PATCH 051/100] split the workflows and added precheck.yaml --- .github/workflows/terraform-precheck.yaml | 1 + .github/workflows/terraform.yaml | 1 + 2 files changed, 2 insertions(+) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index dc90b0617..cb5e8ccd7 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -7,6 +7,7 @@ on: push: branches: - main + - DTSPO-18475-Fix-Up workflow_dispatch: jobs: diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index d41a60380..bc48c24d0 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -12,6 +12,7 @@ on: push: branches: - main + - DTSPO-18475-Fix-Up workflow_dispatch: jobs: From 190885e2b104fe7e579be2acf9e16ecb6b6fb053 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 14:33:02 +0100 Subject: [PATCH 052/100] fixing the dependencies --- .github/workflows/terraform-precheck.yaml | 7 +++++++ .github/workflows/terraform.yaml | 14 ++++++-------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index cb5e8ccd7..e7d341a15 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -10,6 +10,13 @@ on: - DTSPO-18475-Fix-Up workflow_dispatch: + +permissions: + id-token: write + issues: write + pull-requests: write + contents: write + jobs: pre-check: runs-on: ubuntu-latest diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index bc48c24d0..0fddb4b38 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -6,14 +6,12 @@ on: types: - completed - pull_request: - branches: - - main - push: - branches: - - main - - DTSPO-18475-Fix-Up - workflow_dispatch: + +permissions: + id-token: write + issues: write + pull-requests: write + contents: write jobs: pre-commit: From 599c9e2fe7308b4ac20fb81997ef8c0de781d04b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 14:35:11 +0100 Subject: [PATCH 053/100] adding chmod step to make script executable --- .github/workflows/terraform-precheck.yaml | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index e7d341a15..82718b91e 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -10,12 +10,11 @@ on: - DTSPO-18475-Fix-Up workflow_dispatch: - permissions: - id-token: write - issues: write - pull-requests: write - contents: write + id-token: write + issues: write + pull-requests: write + contents: write jobs: pre-check: @@ -30,6 +29,9 @@ jobs: repository: hmcts/cnp-azuredevops-libraries path: cnp-azuredevops-libraries + - name: Make Terraform Setup Script Executable + run: chmod +x cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh + - name: Setup Terraform run: ./cnp-azuredevops-libraries/scripts/tfenv-install-terraform.sh shell: bash From 45eb0dd4ba6663293ee06202ed5f2da0f312e232 Mon Sep 17 00:00:00 2001 From: "github-platform-operations@HMCTS.NET" Date: Mon, 12 Aug 2024 13:35:27 +0000 Subject: [PATCH 054/100] Auto format with terraform fmt --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index 761cfe934..17f40c59e 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Rule Set" + target = "branch" enforcement = "active" conditions { From 32a2cb54c1c485597b28c2e685d3422f69eccc61 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 14:39:43 +0100 Subject: [PATCH 055/100] adding permissons for gh actions under permissions --- .github/workflows/terraform.yaml | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 0fddb4b38..6e9049952 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -6,8 +6,8 @@ on: types: - completed - permissions: + actions: write id-token: write issues: write pull-requests: write @@ -16,20 +16,15 @@ permissions: jobs: pre-commit: runs-on: ubuntu-latest - steps: - name: Checkout uses: actions/checkout@v4 - with: - path: . terraform: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 - with: - path: . - name: Az CLI login uses: azure/login@v1 @@ -78,4 +73,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve From a20f2e2dbfaf180b17c7f45ab6f9eec2f1445ba3 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 14:41:50 +0100 Subject: [PATCH 056/100] adding permissons for gh actions under permissions --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index 17f40c59e..761cfe934 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Rule Set" + target = "branch" enforcement = "active" conditions { From 1d92cb24bbe97a460f5279fe514c613d1116728f Mon Sep 17 00:00:00 2001 From: "github-platform-operations@HMCTS.NET" Date: Mon, 12 Aug 2024 13:42:09 +0000 Subject: [PATCH 057/100] Auto format with terraform fmt --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index 761cfe934..17f40c59e 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Rule Set" + target = "branch" enforcement = "active" conditions { From 543934e79686eb8b0d6f0ce7c32507f269309aeb Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 15:00:47 +0100 Subject: [PATCH 058/100] testing the workflow can trigger once pre check is completed --- .github/workflows/terraform.yaml | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 6e9049952..b3f3b42f4 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -5,6 +5,9 @@ on: workflows: ["Terraform Pre-Check"] types: - completed + push: + branches: + - DTSPO-18475-Fix-Up permissions: actions: write @@ -14,14 +17,9 @@ permissions: contents: write jobs: - pre-commit: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - terraform: runs-on: ubuntu-latest + if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'push' }} steps: - name: Checkout uses: actions/checkout@v4 @@ -65,7 +63,7 @@ jobs: run: terraform plan -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" - name: Terraform Apply - if: github.event_name == 'push' && github.ref == 'refs/heads/main' + if: github.ref == 'refs/heads/main' working-directory: components env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} @@ -73,4 +71,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file From 5f30f08e745c1d18f27cabbf94daac8d3f08a62b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 16:19:26 +0100 Subject: [PATCH 059/100] changing workflow name --- .github/workflows/terraform-precheck.yaml | 2 +- .github/workflows/terraform.yaml | 16 +++++++++------- 2 files changed, 10 insertions(+), 8 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 82718b91e..5466a431f 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -1,4 +1,4 @@ -name: Terraform Pre-Check +name: Pre Check on: pull_request: diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index b3f3b42f4..e77949bf6 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -2,12 +2,9 @@ name: Terraform CI/CD on: workflow_run: - workflows: ["Terraform Pre-Check"] + workflows: ["Pre Check"] types: - completed - push: - branches: - - DTSPO-18475-Fix-Up permissions: actions: write @@ -17,9 +14,14 @@ permissions: contents: write jobs: + pre-commit: + runs-on: ubuntu-latest + steps: + - name: Checkout + uses: actions/checkout@v4 + terraform: runs-on: ubuntu-latest - if: ${{ github.event.workflow_run.conclusion == 'success' || github.event_name == 'push' }} steps: - name: Checkout uses: actions/checkout@v4 @@ -63,7 +65,7 @@ jobs: run: terraform plan -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" - name: Terraform Apply - if: github.ref == 'refs/heads/main' + if: github.event_name == 'push' && github.ref == 'refs/heads/main' working-directory: components env: ARM_CLIENT_ID: ${{ secrets.AZURE_CLIENT_ID }} @@ -71,4 +73,4 @@ jobs: ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} - run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve \ No newline at end of file + run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve From 395d0dc4fe55b61ffa3b4ee63aad3cbade7f7110 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 16:19:59 +0100 Subject: [PATCH 060/100] changing workflow name --- components/main.tf | 14 ++++++-------- 1 file changed, 6 insertions(+), 8 deletions(-) diff --git a/components/main.tf b/components/main.tf index 17f40c59e..28282a7ff 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,28 +27,25 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Rule Set" - target = "branch" + name = "Default Branch Protection" + target = "branch" enforcement = "active" conditions { ref_name { include = ["refs/heads/main", "refs/heads/master"] - exclude = [] } repository_name { include = local.included_repositories - exclude = [] } } rules { - creation = null - update = null - deletion = false - + creation = null + update = null + deletion = false required_linear_history = true pull_request { @@ -76,3 +73,4 @@ resource "github_organization_ruleset" "default_ruleset" { bypass_mode = "always" } } + From e1225a3a1886877e000752a16f1f63129634bc67 Mon Sep 17 00:00:00 2001 From: "github-platform-operations@HMCTS.NET" Date: Mon, 12 Aug 2024 15:20:13 +0000 Subject: [PATCH 061/100] Auto format with terraform fmt --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index 28282a7ff..bf0adbe7b 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" - target = "branch" + name = "Default Branch Protection" + target = "branch" enforcement = "active" conditions { From 5477933bda746fdf6f53634233192d6b468a95cc Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 16:32:40 +0100 Subject: [PATCH 062/100] fixinf config error in the terraform.yaml workflow --- .github/workflows/terraform.yaml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index e77949bf6..69ce82780 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -2,7 +2,8 @@ name: Terraform CI/CD on: workflow_run: - workflows: ["Pre Check"] + workflows: + - "Pre Check" types: - completed From 80d84df7b36d228fa73fd84c4f3f02fa62a8504d Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 16:32:56 +0100 Subject: [PATCH 063/100] fixinf config error in the terraform.yaml workflow --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index bf0adbe7b..28282a7ff 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" - target = "branch" + name = "Default Branch Protection" + target = "branch" enforcement = "active" conditions { From e5b29bea15342e879971d274f162f6e4de7a07fe Mon Sep 17 00:00:00 2001 From: "github-platform-operations@HMCTS.NET" Date: Mon, 12 Aug 2024 15:33:13 +0000 Subject: [PATCH 064/100] Auto format with terraform fmt --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index 28282a7ff..bf0adbe7b 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" - target = "branch" + name = "Default Branch Protection" + target = "branch" enforcement = "active" conditions { From da05f58a7dc189ad236ac4ebcc156c06bf34825e Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 23:50:06 +0100 Subject: [PATCH 065/100] updated the precheck workflow to use rest api to trigger the main workflow --- .github/workflows/terraform-precheck.yaml | 20 +++++++++++++++----- .github/workflows/terraform.yaml | 18 ++++++++---------- components/main.tf | 4 ++-- 3 files changed, 25 insertions(+), 17 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 5466a431f..488cf2ee8 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -1,4 +1,4 @@ -name: Pre Check +name: Terraform Pre-Check on: pull_request: @@ -7,7 +7,7 @@ on: push: branches: - main - - DTSPO-18475-Fix-Up + - DTSPO-18104-typo-file-V2 workflow_dispatch: permissions: @@ -43,8 +43,18 @@ jobs: - name: Commit and Push Changes working-directory: components run: | - git config --global user.email "hmcts-platform-operations" - git config --global user.name "github-platform-operations@HMCTS.NET" + git config --global user.email "hmcts-platform-operations@HMCTS.NET" + git config --global user.name "hmcts-platform-operations" git add . - git commit -m "Auto format with terraform fmt" + git commit -m "Auto format with terraform fmt" || echo "No changes to commit" git push origin ${{ github.ref }} + + - name: Trigger Terraform CI/CD Workflow + run: | + branch=$(echo "${{ github.ref }}" | sed 's/refs\/heads\///') + curl -X POST \ + -H "Accept: application/vnd.github.v3+json" \ + -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ + https://api.github.com/repos/hmcts/github-repository-rules/actions/workflows/terraform.yaml/dispatches \ + -d "{\"ref\":\"${branch}\"}" + diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 69ce82780..4f11c3bc9 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -2,10 +2,10 @@ name: Terraform CI/CD on: workflow_run: - workflows: - - "Pre Check" + workflows: ["Terraform Pre-Check"] types: - completed + workflow_dispatch: permissions: actions: write @@ -15,18 +15,15 @@ permissions: contents: write jobs: - pre-commit: - runs-on: ubuntu-latest - steps: - - name: Checkout - uses: actions/checkout@v4 - terraform: runs-on: ubuntu-latest steps: - name: Checkout uses: actions/checkout@v4 + - name: Authenticate with OAuth Token + run: echo "${{ secrets.OAUTH_TOKEN }}" | gh auth login --with-token + - name: Az CLI login uses: azure/login@v1 with: @@ -62,7 +59,7 @@ jobs: ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} - GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} + OAUTH_TOKEN: ${{ secrets.OAUTH_TOKEN }} run: terraform plan -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" - name: Terraform Apply @@ -73,5 +70,6 @@ jobs: ARM_SUBSCRIPTION_ID: ${{ secrets.DCD_CFT_SANDBOX_SUBSCRIPTION }} ARM_TENANT_ID: ${{ secrets.AZURE_TENANT_ID }} ARM_CLIENT_SECRET: ${{ secrets.AZURE_CLIENT_SECRET }} - GITHUB_TOKEN: ${{ secrets.OAUTH_TOKEN }} + OAUTH_TOKEN: ${{ secrets.OAUTH_TOKEN }} run: terraform apply -var="oauth_token=${{ secrets.OAUTH_TOKEN }}" -auto-approve + diff --git a/components/main.tf b/components/main.tf index bf0adbe7b..28282a7ff 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" - target = "branch" + name = "Default Branch Protection" + target = "branch" enforcement = "active" conditions { From 6d1e82038ac007d51c67280801bc688d2fed1d66 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 23:51:25 +0100 Subject: [PATCH 066/100] updated the precheck workflow to use rest api to trigger the main workflow --- .github/workflows/terraform-precheck.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 488cf2ee8..042afe63d 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -7,7 +7,7 @@ on: push: branches: - main - - DTSPO-18104-typo-file-V2 + - DTSPO-18475-Fix-Up workflow_dispatch: permissions: From 141df3a48f727889ded022f76917d16cdc623fd1 Mon Sep 17 00:00:00 2001 From: hmcts-platform-operations Date: Mon, 12 Aug 2024 22:51:41 +0000 Subject: [PATCH 067/100] Auto format with terraform fmt --- components/main.tf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/components/main.tf b/components/main.tf index 28282a7ff..bf0adbe7b 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,8 +27,8 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" - target = "branch" + name = "Default Branch Protection" + target = "branch" enforcement = "active" conditions { From 02f23f0958733d4a71ca5a9bbb739dc00c3e7d05 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Mon, 12 Aug 2024 23:52:53 +0100 Subject: [PATCH 068/100] testing pipeline runs with no fmt changes needed --- .github/workflows/terraform-precheck.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 042afe63d..c33cfd994 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -57,4 +57,5 @@ jobs: -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ https://api.github.com/repos/hmcts/github-repository-rules/actions/workflows/terraform.yaml/dispatches \ -d "{\"ref\":\"${branch}\"}" + From c4e85693fbf7f40a9f054485b4a30af760cb9928 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 10:10:55 +0100 Subject: [PATCH 069/100] updating the production repos list --- .github/workflows/terraform.yaml | 4 +- production-repos.json | 562 +++++++++++++++---------------- 2 files changed, 283 insertions(+), 283 deletions(-) diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 4f11c3bc9..03b2d80ba 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -21,8 +21,8 @@ jobs: - name: Checkout uses: actions/checkout@v4 - - name: Authenticate with OAuth Token - run: echo "${{ secrets.OAUTH_TOKEN }}" | gh auth login --with-token + # - name: Authenticate with OAuth Token + # run: echo "${{ secrets.OAUTH_TOKEN }}" | gh auth login --with-token - name: Az CLI login uses: azure/login@v1 diff --git a/production-repos.json b/production-repos.json index 708befdd4..0e1249809 100644 --- a/production-repos.json +++ b/production-repos.json @@ -1,311 +1,311 @@ [ - "c100-shared-infrastructure", - "bulk-scan-shared-infrastructure", - "ccpay-functions-node", - "fpl-ccd-configuration", - "pip-shared-infrastructure-bootstap", - "rpx-xui-manage-organisations", - "prl-citizen-frontend", - "civil-orchestrator-service", - "sscs-task-configuration", - "probate-caveats-frontend", - "hmi-shared-infrastructures-bootstrap", - "wa-shared-infrastructure", - "camunda-bpm", - "finrem-shared-infrastructure", + "civil-sdt", + "am-role-assignment-refresh-batch", + "probate-orchestrator-service", + "ccd-definition-designer-api", + "cnp-module-palo-alto", + "sptribs-frontend", + "cnp-module-postgres", + "cmc-claim-submit-api", + "cnp-module-api-mgmt-subscription", + "hmi-rota-dtu", + "div-decree-absolute-frontend", + "juror-api", + "cmc-legal-rep-frontend", + "pcq-shared-infrastructure", + "service-auth-provider-app", + "pip-subscription-management", + "libragob-shared-infrastructure", + "snl-shared-infrastructure", + "camunda-shared-infrastructure", + "dg-docassembly-api", + "div-decree-nisi-frontend", + "sscs-submit-your-appeal", + "ia-timed-event-service", + "makeaplea-shared-infrastructure", + "juror-scheduler-execution", + "div-document-generator-client", + "ctsc-shared-infrastructure", + "pip-data-management", + "rd-professional-api", + "cnp-module-api-mgmt-api-policy", + "rpx-shared-infrastructure", + "terraform-module-log-analytics-workspace-id", "em-shared-infrastructure", - "ethos-repl-docmosis-service", - "div-case-orchestration-service", + "juror-public", "hmc-hmi-inbound-adapter", - "pre-vault", - "prl-ccd-definitions", - "ccd-case-management-web", - "bar-web", - "cnp-module-waf", - "ia-case-api", - "disposer-shared-infrastructure", - "rpa-jui-webapp", - "sscs-bulk-scan", - "ccpay-payment-app", - "juror-api", - "fis-hmc-api", - "dtsse-shared-infrastructure", - "am-role-assignment-service", - "rd-shared-infrastructure", - "am-role-assignment-batch-service", - "am-org-role-mapping-service", - "ccd-case-disposer", - "sds-keda-infrastructure", - "ccd-admin-web", - "cnp-idam-compute", - "ccpayfr-shared-infrastructure", + "prl-citizen-frontend", + "probate-shared-infrastructure", + "sptribs-dss-update-case-web", + "camunda-bpm", + "cnp-module-vnet", + "ccfr-fees-register-admin-web", + "ccd-user-profile-api", + "fpl-ccd-data-migration-tool", + "hmc-cft-hearing-service", + "ccfr-fees-register-app", + "idam-shared-infrastructure", + "sscs-ccd-callback-orchestrator", + "family-api-gateway", + "et-pet-shared-infrastructure", + "hmi-apim-infrastructures", + "cnp-core-compute", + "probate-ccd-data-migration-tool", + "cnp-keda-shared-infrastucture", + "rpx-xui-approve-org", + "ccpay-bulkscanning-app", + "fpl-wa-task-configuration", + "darts-portal", + "cnp-module-application-insights", + "wa-task-configuration-api", + "em-hrs-ingestor", + "civil-citizen-ui", + "wa-standalone-task-bpmn", + "rpe-shared-infrastructure", + "darts-gateway", + "pip-publication-services", "sds-toffee-frontend", - "ccd-admin-web-api", + "ccd-data-store-api", + "cnp-idam-vault", + "sds-toffee-shared-infrastructure", + "cnp-module-waf", + "lau-case-backend", + "rpe-pdf-service", + "ia-case-payments-api", + "ccd-case-document-am-api", + "em-hrs-api", + "lau-idam-backend", + "pre-network", "adoption-shared-infrastructure", - "ccpay-refunds-app", + "cnp-plum-recipes-service", + "hmc-shared-infrastructure", "cnp-pipelinemetrics-database", - "div-decree-nisi-frontend", - "ia-timed-event-service", - "prl-dgs-api", - "div-evidence-management-client-api", - "cnp-module-vnet", + "div-health-monitor", + "cnp-plum-shared-infrastructure", + "bulk-scan-payment-processor", + "fact-shared-infrastructure", + "cui-ra", + "cpo-case-payment-orders-api", + "terraform-module-dynatrace-oneagent", + "finrem-shared-infrastructure", + "nfdiv-shared-infrastructure", + "fis-hmc-api", + "cnp-module-shutterpage", + "bar-api", + "ccpayfr-shared-infrastructure", + "terraform-module-sdp-db-user", + "cnp-rhubarb-frontend", + "ccd-case-disposer", + "em-ccd-orchestrator", + "cnp-module-storage", + "rd-caseworker-ref-api", + "cnp-module-redis", + "juror-pnc", + "civil-service", + "rd-judicial-api", + "div-petitioner-frontend", + "civil-sdt-gateway", "et-sya-api", - "em-hrs-ingestor", + "send-letter-service", + "employment-tribunals-shared-infrastructure", + "et-message-handler", + "div-case-maintenance-service", + "ia-aip-frontend", + "sscs-tribunals-case-api", + "ccpay-notifications-service", + "idam-web-public", + "cnp-module-storage-account", + "am-org-role-mapping-service", + "sscs-cor-frontend", + "cnp-module-webapp", + "lau-shared-infrastructure", + "div-shared-infrastructure", + "civil-ccd-definition", + "rpx-xui-webapp", + "rpa-em-ccd-orchestrator", + "civil-orchestrator-service", + "sscs-bulk-scan", + "ccd-api-gateway", + "ccpay-functions-node", + "adoption-web", + "cnp-module-trafficmanager-endpoint", + "probate-submit-service", + "cnp-idam-master", + "juror-shared-infrastructure", + "c100-application", + "am-shared-infrastructure", + "cnp-idam-storage", + "bulk-scan-shared-infrastructure", + "cnp-module-trafficmanager", + "sds-toffee-recipes-service", + "ia-task-configuration", + "ia-shared-infrastructure", "rpa-professional-api", - "cmc-citizen-frontend", - "bulk-scan-payment-processor", + "terraform-module-servicebus-queue", + "probatemandb", "sscs-cor-backend", + "ccpay-service-request-cpo-update-service", "sscs-case-loader", + "ccd-logstash", + "probate-frontend", + "sscs-evidence-share", + "cnp-module-automation-runbook-start-stop-vm", + "nfdiv-frontend", + "feature-toggle-api", + "cnp-module-app-service-plan", + "juror-scheduler-api", + "pcq-backend", + "prl-dgs-api", + "sds-keda-infrastructure", + "div-validation-service", + "sscs-task-configuration", + "disposer-shared-infrastructure", + "terraform-module-application-insights", + "rd-judicial-data-load", + "cmc-claim-store", + "pdda-shared-infrastructure", + "cmc-citizen-frontend", + "reform-scan-shared-infra", + "ia-home-office-integration-api", + "dm-shared-infrastructure", + "cmc-shared-infrastructure", "rd-user-profile-api", - "lau-shared-infrastructure", - "employment-tribunals-shared-infrastructure", - "pcq-loader", + "ia-case-notifications-api", + "prl-cos-api", "cnp-module-api-mgmt", - "sscs-ccd-callback-orchestrator", - "sscs-hearings-api", - "rpx-xui-webapp", - "darts-api", - "send-letter-service", - "probate-business-service", - "docmosis-infrastructure", - "sds-toffee-shared-infrastructure", - "cmc-legal-rep-frontend", - "civil-service", - "cnp-idam-vault", - "terraform-module-dynatrace-oneagent", - "rpx-xui-approve-org", - "sscs-submit-your-appeal", - "ia-home-office-integration-api", + "ecm-shared-infrastructure", + "ia-bail-case-api", + "ia-case-access-api", + "tax-tribunals-datacapture", + "prl-shared-infrastructure", + "rpx-xui-terms-and-conditions", + "ccd-shared-infrastructure", "sptribs-case-api", - "pip-data-management", - "div-decree-absolute-frontend", - "juror-scheduler-api", - "cmc-claim-submit-api", + "terraform-module-servicebus-topic", + "pip-shared-infrastructures", + "ccpay-bubble", "nfdiv-case-api", - "probate-shared-infrastructure", - "dm-shared-infrastructure", - "pre-portal", - "cnp-module-key-vault", - "terraform-module-log-analytics-workspace-id", - "ia-shared-infrastructure", - "idam-shared-infrastructure", - "pcq-shared-infrastructure", - "cnp-idam-storage", - "cnp-module-api-mgmt-api-operation", - "em-icp-api", - "em-annotation-api", - "civil-general-apps-ccd-definition", - "rd-commondata-api", - "sscs-tribunals-case-api", - "snl-shared-infrastructure", - "cet-shared-infrastructure", - "et-sya-frontend", - "pcq-frontend", - "terraform-module-common-tags", - "hmc-cft-hearing-service", - "cnp-module-storage", - "civil-camunda-bpmn-definition", - "ccfr-fees-register-app", - "civil-sdt", - "idam-api", - "juror-bureau", - "terraform-module-servicebus-namespace", - "am-shared-infrastructure", - "ccd-user-profile-api", - "cnp-idam-master", - "probate-submit-service", - "hmi-apim-infrastructures", - "ccd-elastic-search", - "juror-shared-infrastructure", - "cnp-rhubarb-shared-infrastructure", - "rd-commondata-dataload", - "ctsc-shared-infrastructure", - "rpa-coh-continuous-online-resolution", - "div-respondent-frontend", - "libragob-shared-infrastructure", - "pcq-backend", - "cnp-module-webapp", - "fact-admin", - "cnp-module-automation-runbook-start-stop-vm", - "lau-case-backend", - "probatemandb", - "prd-pui-registration", - "sscs-shared-infrastructure", - "pcq-consolidation-service", - "cnp-rhubarb-frontend", - "ccd-shared-infrastructure", - "bar-api", - "cnp-module-trafficmanager", - "rd-judicial-api", - "cmc-claim-store", + "ctsc-work-allocation", + "am-role-assignment-batch-service", + "bar-shared-infrastructure", + "wa-shared-infrastructure", + "terraform-module-postgresql-flexible", + "ia-case-documents-api", + "ccd-case-activity-api", + "pre-vault", "disposer-idam-user", - "adoption-web", - "civil-citizen-ui", - "div-health-monitor", + "div-fees-and-payments-service", + "cnp-module-key-vault", + "ccpay-refunds-app", + "pcq-frontend", + "wa-task-monitor", + "pip-account-management", + "darts-automation", + "probate-caveats-frontend", "idam-user-dashboard", - "rpe-pdf-service", - "cpo-case-payment-orders-api", - "cnp-module-action-group", - "et-message-handler", - "document-management-store-app", - "dg-docassembly-api", - "adoption-cos-api", - "rd-judicial-data-load", + "finrem-case-orchestration-service", + "bar-web", + "pip-shared-infrastructure-bootstap", + "pre-functions", "reform-scan-notification-service", - "lau-frontend", - "fpl-ccd-data-migration-tool", - "ia-case-notifications-api", + "tax-tribunals-shared-infrastructure", + "civil-general-applications", + "wa-case-event-handler", + "ccpay-paymentoutcome-web", + "div-case-orchestration-service", "blob-router-service", - "pre-functions", - "cmc-shared-infrastructure", - "em-stitching-api", - "wa-standalone-task-bpmn", - "wa-workflow-api", - "am-judicial-booking-service", - "cnp-plum-recipes-service", - "idam-web-public", - "cnp-core-compute", - "ccd-api-gateway", - "c100-application", - "reform-scan-shared-infra", - "et-ccd-callbacks", - "nfdiv-shared-infrastructure", - "div-document-generator-client", - "et-pet-shared-infrastructure", - "sscs-cor-frontend", - "ts-translation-service", - "fis-shared-infrastructure", - "lau-idam-backend", - "div-case-data-formatter", - "pip-subscription-management", - "sptribs-frontend", - "ccfr-fees-register-admin-web", - "probate-health-monitor", - "bulk-scan-processor", - "cnp-owaspdependencycheck-database", - "draft-store", - "am-role-assignment-refresh-batch", - "darts-portal", - "cnp-core-infrastructure", - "darts-automation", "cnp-module-api-mgmt-product", - "cnp-module-storage-account", - "rd-professional-api", - "cnp-module-shutterpage", - "ctsc-work-allocation", - "ia-case-payments-api", - "wa-task-monitor", - "fpl-wa-task-configuration", - "cnp-keda-shared-infrastucture", - "camunda-shared-infrastructure", - "rpx-shared-infrastructure", - "ia-aip-frontend", - "tax-tribunals-shared-infrastructure", - "darts-shared-infrastructure", - "cnp-module-api-mgmt-api-policy", - "sscs-track-your-appeal-notifications", - "ccd-case-document-am-api", - "pdda-shared-infrastructure", - "em-ccd-orchestrator", - "sscs-evidence-share", - "terraform-module-application-insights", + "ts-translation-service", + "sscs-hearings-api", "et-shared-infrastructure", - "probate-persistence-service", - "ccd-definition-designer-api", - "div-validation-service", + "ccd-case-management-web", + "draft-store", + "sptribs-shared-infrastructure", + "document-management-store-app", + "ccpay-payment-app", + "et-sya-frontend", + "fis-shared-infrastructure", + "ia-case-api", + "lau-frontend", + "sscs-shared-infrastructure", + "terraform-module-servicebus-subscription", + "prd-pui-registration", + "fpl-ccd-configuration", + "dtsse-shared-infrastructure", + "juror-bureau", "hmi-shared-infrastructures", - "pip-account-management", - "cnp-module-trafficmanager-endpoint", - "ccpay-paymentoutcome-web", - "ccpay-payment-api-gateway", - "ia-case-documents-api", + "cnp-module-api-mgmt-api-operation", + "pre-api", + "rd-shared-infrastructure", + "ecm-consumer", + "am-judicial-booking-service", + "cnp-rhubarb-recipes-service", + "ccd-case-print-service", + "pre-portal", + "cnp-rhubarb-shared-infrastructure", + "rd-commondata-api", + "rd-commondata-dataload", + "cnp-module-api-mgmt-api", "rd-location-ref-api", - "wa-task-configuration-api", - "terraform-module-postgresql-flexible", - "prl-cos-api", + "prl-ccd-definitions", + "cnp-idam-compute", + "cnp-module-action-group", + "prl-wa-task-configuration", + "darts-api", + "idam-api", + "rpa-coh-continuous-online-resolution", + "pcq-loader", + "rpx-xui-manage-organisations", + "sscs-track-your-appeal-notifications", + "div-evidence-management-client-api", + "probate-persistence-service", + "ccd-admin-web-api", + "wa-task-management-api", + "probate-business-service", "cnp-module-metric-alert", - "cnp-module-application-insights", - "fact-shared-infrastructure", - "rpe-shared-infrastructure", - "tax-tribunals-datacapture", - "ia-task-configuration", - "cnp-module-postgres", - "terraform-module-servicebus-subscription", - "terraform-module-servicebus-queue", - "pip-publication-services", - "prl-shared-infrastructure", - "cnp-module-redis", - "cmc-ccd-domain", - "ccd-logstash", - "fact-frontend", - "cnp-module-palo-alto", - "darts-gateway", - "div-petitioner-frontend", - "ccd-definition-store-api", - "pdm-shared-infrastructure", - "rpa-em-ccd-orchestrator", - "juror-pnc", - "wa-case-event-handler", - "cui-ra", - "ia-case-access-api", - "em-native-pdf-annotator-app", + "ethos-repl-docmosis-service", + "em-stitching-api", + "div-case-data-formatter", + "ccd-elastic-search", + "darts-proxy", + "pcq-consolidation-service", + "darts-shared-infrastructure", + "rd-location-ref-data-load", + "wa-workflow-api", + "em-annotation-api", + "terraform-module-servicebus-namespace", + "help-with-fees-shared-infrastructure", + "cet-shared-infrastructure", + "c100-shared-infrastructure", "fact-api", - "ccpay-bubble", - "prl-wa-task-configuration", - "sds-toffee-recipes-service", - "nfdiv-frontend", - "pip-shared-infrastructures", - "sptribs-dss-update-case-web", - "juror-public", - "civil-general-applications", - "ia-hearings-api", - "pre-shared-infrastructure", + "em-icp-api", "bulk-scan-orchestrator", - "rd-caseworker-ref-api", + "em-native-pdf-annotator-app", + "adoption-cos-api", + "fact-frontend", + "fact-admin", "rd-profile-sync", + "et-ccd-callbacks", + "civil-general-apps-ccd-definition", + "pre-shared-infrastructure", + "civil-camunda-bpmn-definition", + "cnp-owaspdependencycheck-database", + "cmc-ccd-domain", + "docmosis-infrastructure", + "am-role-assignment-service", + "probate-health-monitor", + "hmi-shared-infrastructures-bootstrap", + "pdm-shared-infrastructure", + "terraform-module-common-tags", + "ccd-admin-web", "sscs-track-your-appeal-frontend", - "wa-task-management-api", - "rpx-xui-terms-and-conditions", - "cnp-module-api-mgmt-subscription", - "civil-sdt-gateway", - "probate-ccd-data-migration-tool", - "hmi-rota-dtu", - "pre-network", - "ccpay-notifications-service", - "div-shared-infrastructure", - "cnp-module-app-service-plan", + "ccd-definition-store-api", + "bulk-scan-processor", + "div-respondent-frontend", + "ia-hearings-api", "aac-manage-case-assignment", - "bar-shared-infrastructure", - "cnp-rhubarb-recipes-service", - "makeaplea-shared-infrastructure", - "hmc-shared-infrastructure", - "civil-ccd-definition", - "div-case-maintenance-service", - "service-auth-provider-app", - "ecm-consumer", - "ia-bail-case-api", - "terraform-module-sdp-db-user", - "cnp-module-api-mgmt-api", - "ccd-case-activity-api", - "feature-toggle-api", - "finrem-case-orchestration-service", - "probate-frontend", - "probate-orchestrator-service", - "em-hrs-api", - "ecm-shared-infrastructure", - "terraform-module-servicebus-topic", - "sptribs-shared-infrastructure", - "ccpay-bulkscanning-app", + "cnp-core-infrastructure", "probate-back-office", - "ccpay-service-request-cpo-update-service", - "darts-proxy", - "juror-scheduler-execution", - "pre-api", - "ccd-data-store-api", - "rd-location-ref-data-load", - "cnp-plum-shared-infrastructure", - "family-api-gateway", - "help-with-fees-shared-infrastructure", - "ccd-case-print-service", - "div-fees-and-payments-service" + "ccpay-payment-api-gateway", + "rpa-jui-webapp" ] \ No newline at end of file From f26ea186a7fac3427c95885313cee7a3519f937b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 10:24:44 +0100 Subject: [PATCH 070/100] updating commit and push stage to ignore any files that are not added and tracked --- .github/workflows/terraform-precheck.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index c33cfd994..2de9e7a69 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -45,9 +45,9 @@ jobs: run: | git config --global user.email "hmcts-platform-operations@HMCTS.NET" git config --global user.name "hmcts-platform-operations" - git add . - git commit -m "Auto format with terraform fmt" || echo "No changes to commit" - git push origin ${{ github.ref }} + git add -u + git diff-index --quiet HEAD || git commit -m "Format with terraform fmt" + git push origin ${{ github.head_ref }} - name: Trigger Terraform CI/CD Workflow run: | @@ -57,5 +57,5 @@ jobs: -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ https://api.github.com/repos/hmcts/github-repository-rules/actions/workflows/terraform.yaml/dispatches \ -d "{\"ref\":\"${branch}\"}" - + From bf6aa0a123d9febbad4b749e7c9d78708a0d045f Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 10:26:33 +0100 Subject: [PATCH 071/100] testing pipeline works with nothing to format --- .github/workflows/terraform-precheck.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 2de9e7a69..73b88c259 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -57,5 +57,3 @@ jobs: -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ https://api.github.com/repos/hmcts/github-repository-rules/actions/workflows/terraform.yaml/dispatches \ -d "{\"ref\":\"${branch}\"}" - - From cfc84321f606f1c3c8ab99313c6109062bb5ae1e Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 10:30:37 +0100 Subject: [PATCH 072/100] testing pipeline works with nothing to format --- .github/workflows/terraform-precheck.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 73b88c259..a9dc08c19 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -22,6 +22,8 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 + with: + ref: ${{ github.head_ref }} - name: Checkout cnp-azuredevops-libraries uses: actions/checkout@v4 @@ -47,7 +49,7 @@ jobs: git config --global user.name "hmcts-platform-operations" git add -u git diff-index --quiet HEAD || git commit -m "Format with terraform fmt" - git push origin ${{ github.head_ref }} + git push origin HEAD:${{ github.head_ref }} - name: Trigger Terraform CI/CD Workflow run: | From 1555085f7141510116359ef4a938c53c37660af6 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 10:37:53 +0100 Subject: [PATCH 073/100] updating config to ensure only one workflow is being triggered on the branch --- .github/workflows/terraform-precheck.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index a9dc08c19..717cd6158 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -43,15 +43,17 @@ jobs: working-directory: components - name: Commit and Push Changes + if: ${{ github.event_name == 'push' }} working-directory: components run: | git config --global user.email "hmcts-platform-operations@HMCTS.NET" git config --global user.name "hmcts-platform-operations" git add -u git diff-index --quiet HEAD || git commit -m "Format with terraform fmt" - git push origin HEAD:${{ github.head_ref }} + git push origin HEAD:${{ github.head_ref }} || echo "No changes to push" - name: Trigger Terraform CI/CD Workflow + if: ${{ github.event_name == 'push' }} run: | branch=$(echo "${{ github.ref }}" | sed 's/refs\/heads\///') curl -X POST \ From e3c88e9b27b9c021c21a69109ec3d03eeaf76f1b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 10:38:45 +0100 Subject: [PATCH 074/100] removing branch ref from push --- .github/workflows/terraform-precheck.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 717cd6158..ef592a2eb 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -7,7 +7,6 @@ on: push: branches: - main - - DTSPO-18475-Fix-Up workflow_dispatch: permissions: From d0785805580f98d5018da021c551af4e9337b356 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 10:42:18 +0100 Subject: [PATCH 075/100] removing if statement from trigger workflow stage --- .github/workflows/terraform-precheck.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index ef592a2eb..dbef99917 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -52,7 +52,6 @@ jobs: git push origin HEAD:${{ github.head_ref }} || echo "No changes to push" - name: Trigger Terraform CI/CD Workflow - if: ${{ github.event_name == 'push' }} run: | branch=$(echo "${{ github.ref }}" | sed 's/refs\/heads\///') curl -X POST \ From a00305f9dd0feeaf097217428bfb332280c88f05 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 10:44:56 +0100 Subject: [PATCH 076/100] updating the github ref --- .github/workflows/terraform-precheck.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index dbef99917..363a528ca 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -53,7 +53,7 @@ jobs: - name: Trigger Terraform CI/CD Workflow run: | - branch=$(echo "${{ github.ref }}" | sed 's/refs\/heads\///') + branch=${{ github.head_ref || github.ref_name }} curl -X POST \ -H "Accept: application/vnd.github.v3+json" \ -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ From e04167a51f68e72305c8dc80534d4a9dc868371a Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 13:27:27 +0100 Subject: [PATCH 077/100] adding aep yaml file and removed some of the error handling on python script --- .github/workflows/pr-summary.yaml | 101 ++++++++++++++++++ .github/workflows/terraform-precheck.yaml | 3 - .github/workflows/terraform.yaml | 3 - .../set_org_custom_properties.py | 4 - 4 files changed, 101 insertions(+), 10 deletions(-) create mode 100644 .github/workflows/pr-summary.yaml diff --git a/.github/workflows/pr-summary.yaml b/.github/workflows/pr-summary.yaml new file mode 100644 index 000000000..3f268bdb7 --- /dev/null +++ b/.github/workflows/pr-summary.yaml @@ -0,0 +1,101 @@ +name: CI PR Summary Pipeline +on: + pull_request: + branches: + - master + workflow_dispatch: + +jobs: + review: + runs-on: ubuntu-latest + env: + X_API_KEY: ${{ secrets.SYSTEM_API_KEY }} + X_API_CONSUMER: ${{ secrets.SYSTEM_CONSUMER_UUID }} + API_HOST: "https://app-gippi-api-s-latest-uksouth.azurewebsites.net/" + WORKING_DIRECTORY: ${{ github.workspace }}/ + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Create a diff file + run: | + git diff origin/master...remotes/origin/${{ github.head_ref }} > ${{ env.working_directory }}diff.txt && cat ${{ env.working_directory }}diff.txt + + - name: Generate a response + run: | + API_HOST=$(printenv API_HOST) + WORKING_DIRECTORY=$(printenv WORKING_DIRECTORY) + X_API_CONSUMER=$(printenv X_API_CONSUMER) + X_API_KEY=$(printenv X_API_KEY) + DIFF_FILE="diff.txt" + RESPONSE_MD_FILE="response.md" + + if [ ! -f "${WORKING_DIRECTORY}${DIFF_FILE}" ]; then + echo "File ${WORKING_DIRECTORY}${DIFF_FILE} not found." + exit 1 + fi + + file_contents=$(cat "${WORKING_DIRECTORY}${DIFF_FILE}") + json_body=$(jq -n --arg pt "pullrequest-summary-perfile" --arg p "$file_contents" '{prompt_type: $pt, prompt: $p}') + + response=$(curl -s -i -X POST "${API_HOST}/predefined" \ + -H "Content-Type: application/json" \ + -H "X-API-CONSUMER: ${X_API_CONSUMER}" \ + -H "X-API-KEY: ${X_API_KEY}" \ + -d "$json_body") + + echo "Response: $response" + + response_code=$(echo "$response" | awk -F' ' '/HTTP\/1.1/{print $2}' | head -n 1) + + if [ "$response_code" -eq 200 ]; then + echo "File contents sent successfully." + # Remove headers + response_body=$(echo "$response" | tail -n +2) + # Remove more headers + response_body=$(echo "$response_body" | sed '/^date: /Id' | sed '/^server: /Id' | sed '/^content-length: /Id' | sed '/^content-type: /Id') + # remove trailing and leading quotes + response_body=$(echo "$response_body" | sed 's/^"\(.*\)"$/\1/') + # remove the initial markdown code block ident if it exists + response_body=$(echo "$response_body" | sed 's/```markdown//') + # remove the last code block ident + response_body=$(echo "$response_body" | sed 's/```//') + + # Write to file + echo -e "$response_body" > "${WORKING_DIRECTORY}${RESPONSE_MD_FILE}" + else + echo "Error sending file contents: $response_code" + echo -e "Request to AEP failed to process" > "${WORKING_DIRECTORY}${RESPONSE_MD_FILE}" + fi + + if [ $? -eq 0 ]; then + echo "Response saved as response.md" + else + echo "Error writing to file in ${WORKING_DIRECTORY}." + exit 1 + fi + + - name: Get the response as a variable + id: get_response + run: | + { + echo 'response<> "$GITHUB_ENV" + + - uses: actions/github-script@v6 + with: + script: | + const prBody = context.payload.pull_request.body || ''; + const updatedBody = prBody.includes('## 🤖AEP PR SUMMARY🤖') + ? prBody.replace(/## 🤖AEP PR SUMMARY🤖[\s\S]*/, '') + '\n\n## 🤖AEP PR SUMMARY🤖\n\n' + process.env.response + : prBody + '\n\n## 🤖AEP PR SUMMARY🤖\n\n' + process.env.response; + github.rest.pulls.update({ + pull_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: updatedBody + }) \ No newline at end of file diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 363a528ca..6302e8f8d 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -4,9 +4,6 @@ on: pull_request: branches: - main - push: - branches: - - main workflow_dispatch: permissions: diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 03b2d80ba..b4c3648b4 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -21,9 +21,6 @@ jobs: - name: Checkout uses: actions/checkout@v4 - # - name: Authenticate with OAuth Token - # run: echo "${{ secrets.OAUTH_TOKEN }}" | gh auth login --with-token - - name: Az CLI login uses: azure/login@v1 with: diff --git a/custom-properties/set_org_custom_properties.py b/custom-properties/set_org_custom_properties.py index b5004ad10..39fcdd944 100644 --- a/custom-properties/set_org_custom_properties.py +++ b/custom-properties/set_org_custom_properties.py @@ -116,15 +116,11 @@ def load_production_repos(): return repos except FileNotFoundError: logging.error(f"Error: 'production-repos.json' not found at {os.path.abspath(json_file_path)}") - logging.error("Current working directory: %s", os.getcwd()) logging.error("Contents of the current directory: %s", os.listdir('.')) raise except json.JSONDecodeError as e: logging.error(f"Error decoding JSON from {json_file_path}: {e}") raise - except Exception as e: - logging.error(f"Unexpected error reading {json_file_path}: {e}") - raise # Define the custom property at the organisation level try: From 43381d15d68aad2d44581cd102a73b25a56e7381 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 13:50:24 +0100 Subject: [PATCH 078/100] removing the update read me for custom properties as its not a rewuirement --- .github/workflows/update-repos.yaml | 3 - scripts/update-readme.py | 88 ----------------------------- 2 files changed, 91 deletions(-) delete mode 100644 scripts/update-readme.py diff --git a/.github/workflows/update-repos.yaml b/.github/workflows/update-repos.yaml index 118d34a58..d721f9e3c 100644 --- a/.github/workflows/update-repos.yaml +++ b/.github/workflows/update-repos.yaml @@ -31,9 +31,6 @@ jobs: - name: Run update-repo-list script run: python scripts/update-repo-list.py - - name: Run update-readme script - run: python scripts/update-readme.py - - name: Install jq run: sudo apt-get install jq -y diff --git a/scripts/update-readme.py b/scripts/update-readme.py deleted file mode 100644 index cbbf4ddc8..000000000 --- a/scripts/update-readme.py +++ /dev/null @@ -1,88 +0,0 @@ -import os -import json -import logging - -# Setup logging -logging.basicConfig(level=logging.INFO) - -# File path for the JSON file -JSON_FILE_PATH = os.path.join(os.path.dirname(__file__), '../production-repos.json') -README_FILE_PATH = os.path.join(os.path.dirname(__file__), '../readme.md') - -def load_repos(file_path): - """ - Load repositories from the given JSON file. - """ - try: - with open(file_path, 'r') as f: - repos = json.load(f) - if not isinstance(repos, list): - raise ValueError("JSON content is not a list") - return repos - except FileNotFoundError: - logging.error(f"Error: '{file_path}' not found.") - raise - except json.JSONDecodeError as e: - logging.error(f"Error decoding JSON from {file_path}: {e}") - raise - except Exception as e: - logging.error(f"Unexpected error reading {file_path}: {e}") - raise - -def update_readme(prod_count, dev_count, prod_link): - """ - Update the README file with the counts of various types of repositories. - """ - try: - with open(README_FILE_PATH, 'r') as file: - readme_content = file.readlines() - - table_content = f""" -| **Repository Type** | **Count** | -|---------------------------|-----------| -| Production Repositories | [{prod_count}]({prod_link}) | -| Development Repositories | {dev_count} | -""" - - start_marker = "" - end_marker = "" - - start_index = None - end_index = None - - for i, line in enumerate(readme_content): - if start_marker in line: - start_index = i - if end_marker in line: - end_index = i - - if start_index is not None and end_index is not None: - readme_content = ( - readme_content[:start_index + 1] - + [table_content] - + readme_content[end_index:] - ) - else: - readme_content.append(f"\n{start_marker}\n{table_content}\n{end_marker}\n") - - with open(README_FILE_PATH, 'w') as file: - file.writelines(readme_content) - except Exception as e: - logging.error(f"Failed to update README file: {str(e)}") - raise - -# Load production repositories -try: - production_repos = load_repos(JSON_FILE_PATH) - production_count = len(production_repos) - logging.info(f"Number of production repositories: {production_count}") - - # Placeholder value for dev repo count, can be updated similarly - development_count = 0 - - # Link to the production-repos.json file in the repository - prod_link = "https://github.com/hmcts/github-repository-rules/blob/DTSPO-18104-typo-file-V2/production-repos.json" - - update_readme(production_count, development_count, prod_link) -except Exception as e: - logging.error(f"Failed to load or update repositories: {str(e)}") \ No newline at end of file From 065f0225a9eca9376c18340220b1b5c588e1cf3b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 14:02:14 +0100 Subject: [PATCH 079/100] removing the trigger workflow config to allow both pipelines to run in parallel --- .github/workflows/terraform-precheck.yaml | 9 --------- .github/workflows/terraform.yaml | 7 +++---- 2 files changed, 3 insertions(+), 13 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 6302e8f8d..6ae17c989 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -47,12 +47,3 @@ jobs: git add -u git diff-index --quiet HEAD || git commit -m "Format with terraform fmt" git push origin HEAD:${{ github.head_ref }} || echo "No changes to push" - - - name: Trigger Terraform CI/CD Workflow - run: | - branch=${{ github.head_ref || github.ref_name }} - curl -X POST \ - -H "Accept: application/vnd.github.v3+json" \ - -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ - https://api.github.com/repos/hmcts/github-repository-rules/actions/workflows/terraform.yaml/dispatches \ - -d "{\"ref\":\"${branch}\"}" diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index b4c3648b4..283b0297f 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -1,10 +1,9 @@ name: Terraform CI/CD on: - workflow_run: - workflows: ["Terraform Pre-Check"] - types: - - completed + pull_request: + branches: + - main workflow_dispatch: permissions: From 72a64847e7ad530aea72ba53229ed6a4cdd39f68 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 14:09:24 +0100 Subject: [PATCH 080/100] testing rerun due to 504 error --- components/data.tf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/components/data.tf b/components/data.tf index d5ac41c69..3182b5712 100644 --- a/components/data.tf +++ b/components/data.tf @@ -4,4 +4,4 @@ data "github_team" "admin" { data "local_file" "repos_json" { filename = "${path.module}./production-repos.json" -} \ No newline at end of file +} From 34ca11b55eca92cc80f150440cdd2f360e2ba6d6 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 14:19:03 +0100 Subject: [PATCH 081/100] updating main ref on the aep pr summary --- .github/workflows/pr-summary.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pr-summary.yaml b/.github/workflows/pr-summary.yaml index 3f268bdb7..c6898b36e 100644 --- a/.github/workflows/pr-summary.yaml +++ b/.github/workflows/pr-summary.yaml @@ -2,7 +2,7 @@ name: CI PR Summary Pipeline on: pull_request: branches: - - master + - main workflow_dispatch: jobs: @@ -21,7 +21,7 @@ jobs: - name: Create a diff file run: | - git diff origin/master...remotes/origin/${{ github.head_ref }} > ${{ env.working_directory }}diff.txt && cat ${{ env.working_directory }}diff.txt + git diff origin/main...remotes/origin/${{ github.head_ref }} > ${{ env.working_directory }}diff.txt && cat ${{ env.working_directory }}diff.txt - name: Generate a response run: | From de70eae9d60e4f195cdc9acd099478be4c9696a3 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Tue, 13 Aug 2024 14:23:53 +0100 Subject: [PATCH 082/100] adding the reviewer.yaml file for aep --- .github/workflows/pr-reviewer.yaml | 97 ++++++++++++++++++++++++++++++ 1 file changed, 97 insertions(+) create mode 100644 .github/workflows/pr-reviewer.yaml diff --git a/.github/workflows/pr-reviewer.yaml b/.github/workflows/pr-reviewer.yaml new file mode 100644 index 000000000..81502d7e2 --- /dev/null +++ b/.github/workflows/pr-reviewer.yaml @@ -0,0 +1,97 @@ +name: CI PR Reviewer Pipeline +on: + pull_request: + branches: + - main + workflow_dispatch: + +jobs: + review: + runs-on: ubuntu-latest + env: + X_API_KEY: ${{ secrets.SYSTEM_API_KEY }} + X_API_CONSUMER: ${{ secrets.SYSTEM_CONSUMER_UUID }} + API_HOST: "https://app-gippi-api-s-latest-uksouth.azurewebsites.net/" + WORKING_DIRECTORY: ${{ github.workspace }}/ + steps: + - name: Checkout code + uses: actions/checkout@v2 + with: + fetch-depth: 0 + + - name: Create a diff file + run: | + git diff origin/main...remotes/origin/${{ github.head_ref }} > ${{ env.working_directory }}diff.txt && cat ${{ env.working_directory }}diff.txt + + - name: Generate a response + run: | + API_HOST=$(printenv API_HOST) + WORKING_DIRECTORY=$(printenv WORKING_DIRECTORY) + X_API_CONSUMER=$(printenv X_API_CONSUMER) + X_API_KEY=$(printenv X_API_KEY) + DIFF_FILE="diff.txt" + RESPONSE_MD_FILE="response.md" + + if [ ! -f "${WORKING_DIRECTORY}${DIFF_FILE}" ]; then + echo "File ${WORKING_DIRECTORY}${DIFF_FILE} not found." + exit 1 + fi + + file_contents=$(cat "${WORKING_DIRECTORY}${DIFF_FILE}") + json_body=$(jq -n --arg pt "pullrequest-review" --arg p "$file_contents" '{prompt_type: $pt, prompt: $p}') + + response=$(curl -s -i -X POST "${API_HOST}/predefined" \ + -H "Content-Type: application/json" \ + -H "X-API-CONSUMER: ${X_API_CONSUMER}" \ + -H "X-API-KEY: ${X_API_KEY}" \ + -d "$json_body") + + echo "Response: $response" + + response_code=$(echo "$response" | awk -F' ' '/HTTP\/1.1/{print $2}' | head -n 1) + + if [ "$response_code" -eq 200 ]; then + echo "File contents sent successfully." + # Remove headers + response_body=$(echo "$response" | tail -n +2) + # Remove more headers + response_body=$(echo "$response_body" | sed '/^date: /Id' | sed '/^server: /Id' | sed '/^content-length: /Id' | sed '/^content-type: /Id') + # remove trailing and leading quotes + response_body=$(echo "$response_body" | sed 's/^"\(.*\)"$/\1/') + # remove the initial markdown code block ident if it exists + response_body=$(echo "$response_body" | sed 's/```markdown//') + # remove the last code block ident + response_body=$(echo "$response_body" | sed 's/```//') + + # Write to file + echo -e "$response_body" > "${WORKING_DIRECTORY}${RESPONSE_MD_FILE}" + else + echo "Error sending file contents: $response_code" + echo -e "Request to AEP failed to process" > "${WORKING_DIRECTORY}${RESPONSE_MD_FILE}" + fi + + if [ $? -eq 0 ]; then + echo "Response saved as response.md" + else + echo "Error writing to file in ${WORKING_DIRECTORY}." + exit 1 + fi + + - name: Get the response as a variable + id: get_response + run: | + { + echo 'response<> "$GITHUB_ENV" + + - uses: actions/github-script@v6 + with: + script: | + github.rest.issues.createComment({ + issue_number: context.issue.number, + owner: context.repo.owner, + repo: context.repo.repo, + body: process.env.response + }) \ No newline at end of file From 76cdc0ddbc04fca7de85b9fddb10db34dece5ccc Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 14 Aug 2024 12:22:29 +0100 Subject: [PATCH 083/100] updated readme with tf docs and fixed the error handling with python script --- components/readme.md | 52 ------------------- .../set_org_custom_properties.py | 10 ++-- 2 files changed, 6 insertions(+), 56 deletions(-) delete mode 100644 components/readme.md diff --git a/components/readme.md b/components/readme.md deleted file mode 100644 index 3de42dec0..000000000 --- a/components/readme.md +++ /dev/null @@ -1,52 +0,0 @@ -## Terraform documentation - -## Requirements - -| Name | Version | -|------|---------| -| [terraform](#requirement\_terraform) | >= 1.5.7 | -| [github](#requirement\_github) | ~> 6.0 | - -## Providers - -| Name | Version | -|------|---------| -| [azurerm](#provider\_azurerm) | n/a | -| [github](#provider\_github) | ~> 6.0 | -| [local](#provider\_local) | n/a | - -## Modules - -| Name | Source | Version | -|------|--------|---------| -| [tags](#module\_tags) | git::https://github.com/hmcts/terraform-module-common-tags.git | master | - -## Resources - -| Name | Type | -|------|------| -| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | -| [azurerm_storage_account.sa](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) | resource | -| [azurerm_storage_container.tfstate](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource | -| [github_organization_ruleset.default_ruleset](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/organization_ruleset) | resource | -| [github_team.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/team) | data source | -| [local_file.repos_json](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | - -## Inputs - -| Name | Description | Type | Default | Required | -|------|-------------|------|---------|:--------:| -| [builtFrom](#input\_builtFrom) | Information about the build source or version | `string` | `"https://github.com/hmcts/github-repository-rules"` | no | -| [env](#input\_env) | The environment for the deployment (e.g., dev, staging, prod) | `string` | `"dev"` | no | -| [location](#input\_location) | The location for the resources | `string` | `"UK South"` | no | -| [oauth\_token](#input\_oauth\_token) | OAUTH token to use for authentication. | `string` | n/a | yes | -| [override\_action](#input\_override\_action) | The action to override | `string` | `"plan"` | no | -| [product](#input\_product) | The product name or identifier | `string` | `"sds-platform"` | no | -| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group | `string` | `"rule-set-rg"` | no | -| [storage\_account\_name](#input\_storage\_account\_name) | The name of the storage account | `string` | `"rulesetsa"` | no | - -## Outputs - -| Name | Description | -|------|-------------| -| [common\_tags](#output\_common\_tags) | n/a | \ No newline at end of file diff --git a/custom-properties/set_org_custom_properties.py b/custom-properties/set_org_custom_properties.py index 39fcdd944..5f60089ce 100644 --- a/custom-properties/set_org_custom_properties.py +++ b/custom-properties/set_org_custom_properties.py @@ -47,10 +47,12 @@ def define_custom_property(org_name): } response = requests.put(url, headers=headers, json=data) if response.status_code != 200: - logging.error(f"Failed to define custom property for {org_name}: {response.json().get('message', 'Unknown error')}") + error_message = response.json().get('message', f"HTTP {response.status_code} error") + logging.error(f"Failed to define custom property for {org_name}: {error_message}") response.raise_for_status() return response.status_code + def set_custom_properties(repo_full_name, properties): """ Set custom properties for a repository. @@ -75,7 +77,8 @@ def set_custom_properties(repo_full_name, properties): } response = requests.patch(url, headers=headers, json=data) if response.status_code != 204: - logging.error(f"Failed to set properties for {repo_full_name}: {response.json().get('message', 'Unknown error')}") + error_message = response.json().get('message', f"HTTP {response.status_code} error") + logging.error(f"Failed to set properties for {repo_full_name}: {error_message}") response.raise_for_status() return response.status_code @@ -111,8 +114,6 @@ def load_production_repos(): try: with open(json_file_path, 'r') as f: repos = json.load(f) - if not isinstance(repos, list): - raise ValueError("JSON content is not a list") return repos except FileNotFoundError: logging.error(f"Error: 'production-repos.json' not found at {os.path.abspath(json_file_path)}") @@ -122,6 +123,7 @@ def load_production_repos(): logging.error(f"Error decoding JSON from {json_file_path}: {e}") raise + # Define the custom property at the organisation level try: status = define_custom_property(ORG_NAME) From eaab3c7a4e844c9903538124f38314f4474ac97a Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 14 Aug 2024 12:22:56 +0100 Subject: [PATCH 084/100] updated readme with tf docs and fixed the error handling with python script --- ReadMe.md | 55 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 54 insertions(+), 1 deletion(-) diff --git a/ReadMe.md b/ReadMe.md index 430787cb6..77ec1b4a8 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -45,4 +45,57 @@ To add or remove repositories follow the below: ## Troubleshooting - Check your Terraform version and ensure there are no underlying bugs with the provider versions. -- Ensure you have formatted your repository name correctly as it may not pick it up properly. \ No newline at end of file +- Ensure you have formatted your repository name correctly as it may not pick it up properly. + +## Terraform documentation + +## Requirements + +| Name | Version | +|------|---------| +| [terraform](#requirement\_terraform) | >= 1.5.7 | +| [github](#requirement\_github) | ~> 6.0 | + +## Providers + +| Name | Version | +|------|---------| +| [azurerm](#provider\_azurerm) | n/a | +| [github](#provider\_github) | ~> 6.0 | +| [local](#provider\_local) | n/a | + +## Modules + +| Name | Source | Version | +|------|--------|---------| +| [tags](#module\_tags) | git::https://github.com/hmcts/terraform-module-common-tags.git | master | + +## Resources + +| Name | Type | +|------|------| +| [azurerm_resource_group.rg](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/resource_group) | resource | +| [azurerm_storage_account.sa](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_account) | resource | +| [azurerm_storage_container.tfstate](https://registry.terraform.io/providers/hashicorp/azurerm/latest/docs/resources/storage_container) | resource | +| [github_organization_ruleset.default_ruleset](https://registry.terraform.io/providers/integrations/github/latest/docs/resources/organization_ruleset) | resource | +| [github_team.admin](https://registry.terraform.io/providers/integrations/github/latest/docs/data-sources/team) | data source | +| [local_file.repos_json](https://registry.terraform.io/providers/hashicorp/local/latest/docs/data-sources/file) | data source | + +## Inputs + +| Name | Description | Type | Default | Required | +|------|-------------|------|---------|:--------:| +| [builtFrom](#input\_builtFrom) | Information about the build source or version | `string` | `"https://github.com/hmcts/github-repository-rules"` | no | +| [env](#input\_env) | The environment for the deployment (e.g., dev, staging, prod) | `string` | `"dev"` | no | +| [location](#input\_location) | The location for the resources | `string` | `"UK South"` | no | +| [oauth\_token](#input\_oauth\_token) | OAUTH token to use for authentication. | `string` | n/a | yes | +| [override\_action](#input\_override\_action) | The action to override | `string` | `"plan"` | no | +| [product](#input\_product) | The product name or identifier | `string` | `"sds-platform"` | no | +| [resource\_group\_name](#input\_resource\_group\_name) | The name of the resource group | `string` | `"rule-set-rg"` | no | +| [storage\_account\_name](#input\_storage\_account\_name) | The name of the storage account | `string` | `"rulesetsa"` | no | + +## Outputs + +| Name | Description | +|------|-------------| +| [common\_tags](#output\_common\_tags) | n/a | \ No newline at end of file From 838889e744359bb20cb460a52aaa83e1876098db Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 14 Aug 2024 13:52:24 +0100 Subject: [PATCH 085/100] fixing the prod link to ref the json file from directory instead of url --- scripts/update-readme.py | 81 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 81 insertions(+) create mode 100644 scripts/update-readme.py diff --git a/scripts/update-readme.py b/scripts/update-readme.py new file mode 100644 index 000000000..ed30888bd --- /dev/null +++ b/scripts/update-readme.py @@ -0,0 +1,81 @@ +import os +import json +import logging + +# Setup logging +logging.basicConfig(level=logging.INFO) + +# File paths +script_dir = os.path.dirname(__file__) +JSON_FILE_PATH = os.path.join(script_dir, '../production-repos.json') +README_FILE_PATH = os.path.join(script_dir, '../ReadMe.md') + +def load_repos(file_path): + """ + Load repositories from the given JSON file. + """ + try: + with open(file_path, 'r') as f: + repos = json.load(f) + if not isinstance(repos, list): + raise ValueError("JSON content is not a list") + return repos + except FileNotFoundError: + logging.error(f"Error: '{file_path}' not found.") + raise + +def update_readme(prod_count, dev_count, prod_link): + """ + Update the README file with the counts of various types of repositories. + """ + try: + with open(README_FILE_PATH, 'r') as file: + readme_content = file.readlines() + + table_content = f""" +| **Repository Type** | **Count** | +|---------------------------|-----------| +| Production Repositories | [{prod_count}]({prod_link}) | +| Development Repositories | {dev_count} | +""" + start_marker = "" + end_marker = "" + start_index = None + end_index = None + + for i, line in enumerate(readme_content): + if start_marker in line: + start_index = i + if end_marker in line: + end_index = i + + if start_index is not None and end_index is not None: + readme_content = ( + readme_content[:start_index + 1] + + [table_content] + + readme_content[end_index:] + ) + else: + readme_content.append(f"\n{start_marker}\n{table_content}\n{end_marker}\n") + + with open(README_FILE_PATH, 'w') as file: + file.writelines(readme_content) + except Exception as e: + logging.error(f"Failed to update README file: {str(e)}") + raise + +# Load production repositories +try: + production_repos = load_repos(JSON_FILE_PATH) + production_count = len(production_repos) + logging.info(f"Number of production repositories: {production_count}") + + # Placeholder value for dev repo count, can be updated similarly + development_count = 0 # Update this to load actual data if available + + # Local link to the production-repos.json file + prod_link = "../production-repos.json" + + update_readme(production_count, development_count, prod_link) +except Exception as e: + logging.error(f"Failed to load or update repositories: {str(e)}") \ No newline at end of file From 3e197dea83bdc3bb1aeadfbb9c8e0a947960c330 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 14 Aug 2024 13:52:50 +0100 Subject: [PATCH 086/100] fixing the prod link to ref the json file from directory instead of url --- .github/workflows/terraform-precheck.yaml | 3 +++ .github/workflows/terraform.yaml | 3 +++ 2 files changed, 6 insertions(+) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 6ae17c989..23f86a87e 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -4,6 +4,9 @@ on: pull_request: branches: - main + push: + branches: + - DTSPO-18475-Fix-Up workflow_dispatch: permissions: diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 283b0297f..09ad3f5b7 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -4,6 +4,9 @@ on: pull_request: branches: - main + push: + branches: + - DTSPO-18475-Fix-Up workflow_dispatch: permissions: From c9768618ef4384a5b9e72e595c16f83e40b0b587 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Wed, 14 Aug 2024 14:12:09 +0100 Subject: [PATCH 087/100] fixing the read me python script to update the number of repos we have assigned with a custom property --- .github/workflows/update-repos.yaml | 3 ++ ReadMe.md | 2 +- .../set_org_custom_properties.py | 28 +++++++++++++++---- 3 files changed, 27 insertions(+), 6 deletions(-) diff --git a/.github/workflows/update-repos.yaml b/.github/workflows/update-repos.yaml index d721f9e3c..118d34a58 100644 --- a/.github/workflows/update-repos.yaml +++ b/.github/workflows/update-repos.yaml @@ -31,6 +31,9 @@ jobs: - name: Run update-repo-list script run: python scripts/update-repo-list.py + - name: Run update-readme script + run: python scripts/update-readme.py + - name: Install jq run: sudo apt-get install jq -y diff --git a/ReadMe.md b/ReadMe.md index 77ec1b4a8..4644ebd76 100644 --- a/ReadMe.md +++ b/ReadMe.md @@ -12,7 +12,7 @@ This Terraform configuration automates the process of setting up rule sets at th | **Repository Type** | **Count** | |---------------------------|-----------| -| Production Repositories | [11](https://github.com/hmcts/github-repository-rules/blob/DTSPO-18104-typo-file-V2/production-repos.json) | +| Production Repositories | [309](../production-repos.json) | | Development Repositories | 0 | diff --git a/custom-properties/set_org_custom_properties.py b/custom-properties/set_org_custom_properties.py index 5f60089ce..5252c3edf 100644 --- a/custom-properties/set_org_custom_properties.py +++ b/custom-properties/set_org_custom_properties.py @@ -27,14 +27,20 @@ def define_custom_property(org_name): """ Define a custom property for the organisation. + 1. Creates a custom "is_production" property for the entire organization. + 2. Sends a PUT request to GitHub's API to create the property. + 3. Defines the property as a boolean (true/false) value. + + This is useful for categorizing repositories and can be used in workflows or for organizational purposes. + Args: org_name (str): The name of the GitHub organisation. Returns: - int: The status code of the API response. + int: The status code of the API response (200 if successful). Raises: - requests.RequestException: If the API request fails. + requests.RequestException: If the API request to GitHub fails. """ url = f"{API_BASE}/orgs/{org_name}/properties/schema/is_production" data = { @@ -55,6 +61,10 @@ def define_custom_property(org_name): def set_custom_properties(repo_full_name, properties): """ + 1. Sets custom properties for the repositories listed from the JSON file. + 2. Takes a repository's full name. + 3. Sends a PUT request to GitHub's API to update the repository's properties. + Set custom properties for a repository. Args: @@ -84,6 +94,10 @@ def set_custom_properties(repo_full_name, properties): def get_custom_properties(repo_full_name): """ + 1. Retrieves the current custom properties of the repositories. + 2. Sends a GET request to GitHub's API for the specific repository. + 3. Returns the custom properties as a JSON object. + Get custom properties for a repository. Args: @@ -103,10 +117,14 @@ def get_custom_properties(repo_full_name): def load_production_repos(): """ - Load production repositories from production-repos.json file. + 1. Loads a list of production repositories from a JSON file. - Returns: - list: A list of production repositories. + 2. Reads production-repos.json. + + 3. Parses the JSON content and returns it as a list. + + Load production repositories from production-repos.json file. + """ script_dir = os.path.dirname(__file__) json_file_path = os.path.join(script_dir, '../production-repos.json') From abcc748e4f68044acaf8e6c851db073974422f87 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 15 Aug 2024 13:55:01 +0100 Subject: [PATCH 088/100] fixing the readme python script to use file path not url, fixed doc strings with more info --- .../set_org_custom_properties.py | 41 ++++++++++++++----- 1 file changed, 30 insertions(+), 11 deletions(-) diff --git a/custom-properties/set_org_custom_properties.py b/custom-properties/set_org_custom_properties.py index 5252c3edf..fa7d75635 100644 --- a/custom-properties/set_org_custom_properties.py +++ b/custom-properties/set_org_custom_properties.py @@ -27,11 +27,16 @@ def define_custom_property(org_name): """ Define a custom property for the organisation. - 1. Creates a custom "is_production" property for the entire organization. + 1. Creates a custom "is_production" property at the organisation level, which is then passed down to the individual repository level. 2. Sends a PUT request to GitHub's API to create the property. 3. Defines the property as a boolean (true/false) value. + 4. The JSON file is where all the production repositories are stored, these will then be used to assign custom properties to. - This is useful for categorizing repositories and can be used in workflows or for organizational purposes. + Error Handling: + + 1. Checks if the API response status code is not 200. + 2. Logs an error message with the specific reason from the API, or a generic HTTP status code error if no specific message is provided. + 3. Raises an HTTP error if the request was unsuccessful. Args: org_name (str): The name of the GitHub organisation. @@ -41,7 +46,9 @@ def define_custom_property(org_name): Raises: requests.RequestException: If the API request to GitHub fails. + """ + url = f"{API_BASE}/orgs/{org_name}/properties/schema/is_production" data = { "value_type": "true_false", @@ -62,10 +69,16 @@ def define_custom_property(org_name): def set_custom_properties(repo_full_name, properties): """ 1. Sets custom properties for the repositories listed from the JSON file. - 2. Takes a repository's full name. - 3. Sends a PUT request to GitHub's API to update the repository's properties. + 2. Sends a PATCH request to GitHub's API to update the repository's properties. + + Sets the custom properties for a repository. + + Error Handling: + 1. Checks if the API response status code is not 204. + 2. Logs an error message with the specific reason from the API, or a generic HTTP status code error if no specific message can be provided. + 3. Raises an HTTP error if the request was unsuccessful. - Set custom properties for a repository. + Sets the custom properties for a repository. Args: repo_full_name (str): The full name of the repository (org/repo). @@ -76,7 +89,9 @@ def set_custom_properties(repo_full_name, properties): Raises: requests.RequestException: If the API request fails. + """ + owner, repo = repo_full_name.split('/') url = f"{API_BASE}/repos/{owner}/{repo}/properties/values" data = { @@ -94,12 +109,12 @@ def set_custom_properties(repo_full_name, properties): def get_custom_properties(repo_full_name): """ + Get custom properties for a repository. + 1. Retrieves the current custom properties of the repositories. 2. Sends a GET request to GitHub's API for the specific repository. 3. Returns the custom properties as a JSON object. - Get custom properties for a repository. - Args: repo_full_name (str): The full name of the repository (org/repo). @@ -108,7 +123,9 @@ def get_custom_properties(repo_full_name): Raises: requests.RequestException: If the API request fails. + """ + owner, repo = repo_full_name.split('/') url = f"{API_BASE}/repos/{owner}/{repo}/properties/values" response = requests.get(url, headers=headers) @@ -118,14 +135,16 @@ def get_custom_properties(repo_full_name): def load_production_repos(): """ 1. Loads a list of production repositories from a JSON file. - - 2. Reads production-repos.json. - + 2. Reads from the production-repos.json. 3. Parses the JSON content and returns it as a list. - Load production repositories from production-repos.json file. + + Error Handling: + 1. Handles FileNotFoundError by logging an error if the JSON file is not found, including the expected file path and current directory contents. + 2. Handles JSONDecodeError by logging an error if the JSON file cannot be parsed correctly, including the specific error encountered. """ + script_dir = os.path.dirname(__file__) json_file_path = os.path.join(script_dir, '../production-repos.json') From ff8b252c61a29e334dd5427e7e35d5be5d67d159 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 15 Aug 2024 14:04:17 +0100 Subject: [PATCH 089/100] fixing the readme python script to use file path not url, fixed doc strings with more info --- scripts/update-readme.py | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/scripts/update-readme.py b/scripts/update-readme.py index ed30888bd..3c4040002 100644 --- a/scripts/update-readme.py +++ b/scripts/update-readme.py @@ -13,6 +13,11 @@ def load_repos(file_path): """ Load repositories from the given JSON file. + + 1. Attempts to open and read the specified JSON file. + 2. Parses the JSON content and ensures it is a list. + 3. Returns the list of repositories. + """ try: with open(file_path, 'r') as f: @@ -27,6 +32,11 @@ def load_repos(file_path): def update_readme(prod_count, dev_count, prod_link): """ Update the README file with the counts of various types of repositories. + + 1. Reads the existing README file content. + 2. Updates the section between markers with new repository counts. + 3. Writes the updated content back to the README file. + """ try: with open(README_FILE_PATH, 'r') as file: From 66ffd5b714223af5afbeeb6d4bc58e0af02e781d Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 15 Aug 2024 15:06:38 +0100 Subject: [PATCH 090/100] removing old code --- .github/workflows/terraform-precheck.yaml | 3 --- .github/workflows/terraform.yaml | 3 --- 2 files changed, 6 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 23f86a87e..6ae17c989 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -4,9 +4,6 @@ on: pull_request: branches: - main - push: - branches: - - DTSPO-18475-Fix-Up workflow_dispatch: permissions: diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 09ad3f5b7..283b0297f 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -4,9 +4,6 @@ on: pull_request: branches: - main - push: - branches: - - DTSPO-18475-Fix-Up workflow_dispatch: permissions: From dfbe219803f84c210bb01167ae362523f926c793 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 15 Aug 2024 21:07:37 +0100 Subject: [PATCH 091/100] fixed the echo/name issue, added continue on fail error for wf, testing perms --- .github/workflows/terraform-precheck.yaml | 1 - .github/workflows/terraform.yaml | 6 +++--- .github/workflows/update-repos.yaml | 7 ++++--- custom-properties/set_org_custom_properties.py | 2 +- 4 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 6ae17c989..8ed6e40de 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -39,7 +39,6 @@ jobs: working-directory: components - name: Commit and Push Changes - if: ${{ github.event_name == 'push' }} working-directory: components run: | git config --global user.email "hmcts-platform-operations@HMCTS.NET" diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 283b0297f..668ee9f78 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -8,9 +8,9 @@ on: permissions: actions: write - id-token: write - issues: write - pull-requests: write + # id-token: write + # issues: write + # pull-requests: write contents: write jobs: diff --git a/.github/workflows/update-repos.yaml b/.github/workflows/update-repos.yaml index 118d34a58..12fc74b4d 100644 --- a/.github/workflows/update-repos.yaml +++ b/.github/workflows/update-repos.yaml @@ -37,16 +37,17 @@ jobs: - name: Install jq run: sudo apt-get install jq -y - - name: List Repositories and Branches + - name: List Repositories run: | - echo "Checking Repositories and Branches" + echo "Listing Repositories" for repo in $(jq -r '.[]' < ./production-repos.json); do - echo "Checking repository: $repo" + echo "Listing repository: $repo" curl -H "Authorization: token ${{ secrets.OAUTH_TOKEN }}" \ -H "Accept: application/vnd.github.v3+json" \ https://api.github.com/repos/hmcts/$repo done shell: bash + continue-on-error: true - name: Commit and push changes run: | diff --git a/custom-properties/set_org_custom_properties.py b/custom-properties/set_org_custom_properties.py index fa7d75635..4c1b9c028 100644 --- a/custom-properties/set_org_custom_properties.py +++ b/custom-properties/set_org_custom_properties.py @@ -27,7 +27,7 @@ def define_custom_property(org_name): """ Define a custom property for the organisation. - 1. Creates a custom "is_production" property at the organisation level, which is then passed down to the individual repository level. + 1. Creates a custom property called "is_production" at the organisation level, which is then passed down to the individual repository level. 2. Sends a PUT request to GitHub's API to create the property. 3. Defines the property as a boolean (true/false) value. 4. The JSON file is where all the production repositories are stored, these will then be used to assign custom properties to. From 3978b6b2cbd6074864b799a599eec38052778c35 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 15 Aug 2024 21:21:43 +0100 Subject: [PATCH 092/100] removing uneeded perms --- .github/workflows/terraform-precheck.yaml | 3 --- .github/workflows/terraform.yaml | 4 ---- 2 files changed, 7 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 8ed6e40de..aaa5efe45 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -7,9 +7,6 @@ on: workflow_dispatch: permissions: - id-token: write - issues: write - pull-requests: write contents: write jobs: diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 668ee9f78..d07533b34 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -7,10 +7,6 @@ on: workflow_dispatch: permissions: - actions: write - # id-token: write - # issues: write - # pull-requests: write contents: write jobs: From 931c634dbafd165f755b884c001da0aeb1748250 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 16 Aug 2024 10:27:41 +0100 Subject: [PATCH 093/100] updating the doc strings in the update read me script --- scripts/update-readme.py | 28 ++++++++++++++++++++++++++-- 1 file changed, 26 insertions(+), 2 deletions(-) diff --git a/scripts/update-readme.py b/scripts/update-readme.py index 3c4040002..1604280cb 100644 --- a/scripts/update-readme.py +++ b/scripts/update-readme.py @@ -14,10 +14,25 @@ def load_repos(file_path): """ Load repositories from the given JSON file. - 1. Attempts to open and read the specified JSON file. + 1. Opens and reads the JSON file from the path above. 2. Parses the JSON content and ensures it is a list. 3. Returns the list of repositories. + Error Handling: + + 1. Logs an error if the file is not found at the path specified above. + + Args: + file_path: The path to the JSON file containing the repositories. + + Returns: + list: A list of repositories parsed from the JSON file. + + Raises: + FileNotFoundError: If the JSON file path is not found. + ValueError: If the JSON content is not a list. + json.JSONDecodeError: If the JSON file contains invalid JSON. + """ try: with open(file_path, 'r') as f: @@ -31,11 +46,20 @@ def load_repos(file_path): def update_readme(prod_count, dev_count, prod_link): """ - Update the README file with the counts of various types of repositories. + Update the README file with a count displayed of the number of production repositories as custom properties can't be searched by in GitHub. 1. Reads the existing README file content. 2. Updates the section between markers with new repository counts. 3. Writes the updated content back to the README file. + + Error Handling: + + 1. Prints "Failed to update README file" if the README file cannot be found at the path we defined above. + + Args: + 1. prod_count: This integer is the number of production repositories. + 2. dev_count: The number of development repositories. + 3. prod_link: The file path to the production repositories JSON file. """ try: From 3dac5700bd5861857e09400bf885bc40e7a53000 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 16 Aug 2024 10:31:38 +0100 Subject: [PATCH 094/100] testing the fmt with precheck --- .github/workflows/terraform-precheck.yaml | 3 +++ .github/workflows/terraform.yaml | 4 +++- components/main.tf | 6 +++--- 3 files changed, 9 insertions(+), 4 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index aaa5efe45..ddbf9334d 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -5,6 +5,9 @@ on: branches: - main workflow_dispatch: + push: + branches: + - DTSPO-18475-Fix-Up permissions: contents: write diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index d07533b34..f6e5e6bd9 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -5,7 +5,9 @@ on: branches: - main workflow_dispatch: - + push: + branches: + - DTSPO-18475-Fix-Up permissions: contents: write diff --git a/components/main.tf b/components/main.tf index bf0adbe7b..8431af99f 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,9 +27,9 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" - target = "branch" - enforcement = "active" + name = "Default Branch Protection" + target = "branch" + enforcement = "active" conditions { ref_name { From 8460df64a8d648c0e9100b41e08be14f19bcc2af Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 16 Aug 2024 10:35:31 +0100 Subject: [PATCH 095/100] updating the commit and push stages --- .github/workflows/terraform-precheck.yaml | 1 + components/main.tf | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index ddbf9334d..906119181 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -39,6 +39,7 @@ jobs: working-directory: components - name: Commit and Push Changes + if: ${{ github.event_name == 'push' }} working-directory: components run: | git config --global user.email "hmcts-platform-operations@HMCTS.NET" diff --git a/components/main.tf b/components/main.tf index 8431af99f..6e6f9fc89 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,9 +27,9 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" - target = "branch" - enforcement = "active" + name = "Default Branch Protection" + target = "branch" + enforcement = "active" conditions { ref_name { From 3fcef6c1c010ac6dfcb46a6b986b238ac91c09dd Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 16 Aug 2024 10:41:29 +0100 Subject: [PATCH 096/100] updating the commit stage and fixing fmt issue --- .github/workflows/terraform-precheck.yaml | 4 ---- .github/workflows/terraform.yaml | 4 +--- components/main.tf | 6 +++--- 3 files changed, 4 insertions(+), 10 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 906119181..aaa5efe45 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -5,9 +5,6 @@ on: branches: - main workflow_dispatch: - push: - branches: - - DTSPO-18475-Fix-Up permissions: contents: write @@ -39,7 +36,6 @@ jobs: working-directory: components - name: Commit and Push Changes - if: ${{ github.event_name == 'push' }} working-directory: components run: | git config --global user.email "hmcts-platform-operations@HMCTS.NET" diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index f6e5e6bd9..d07533b34 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -5,9 +5,7 @@ on: branches: - main workflow_dispatch: - push: - branches: - - DTSPO-18475-Fix-Up + permissions: contents: write diff --git a/components/main.tf b/components/main.tf index 6e6f9fc89..bf0adbe7b 100644 --- a/components/main.tf +++ b/components/main.tf @@ -27,9 +27,9 @@ resource "azurerm_storage_container" "tfstate" { } resource "github_organization_ruleset" "default_ruleset" { - name = "Default Branch Protection" - target = "branch" - enforcement = "active" + name = "Default Branch Protection" + target = "branch" + enforcement = "active" conditions { ref_name { From b3af6f78ce34f932367534b002b04efb74d333da Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 16 Aug 2024 11:45:56 +0100 Subject: [PATCH 097/100] updating prod repo list --- production-repos.json | 552 +++++++++++++++++++++--------------------- 1 file changed, 276 insertions(+), 276 deletions(-) diff --git a/production-repos.json b/production-repos.json index 0e1249809..fde48c8a1 100644 --- a/production-repos.json +++ b/production-repos.json @@ -1,311 +1,311 @@ [ - "civil-sdt", - "am-role-assignment-refresh-batch", - "probate-orchestrator-service", - "ccd-definition-designer-api", - "cnp-module-palo-alto", - "sptribs-frontend", - "cnp-module-postgres", - "cmc-claim-submit-api", - "cnp-module-api-mgmt-subscription", - "hmi-rota-dtu", - "div-decree-absolute-frontend", - "juror-api", - "cmc-legal-rep-frontend", - "pcq-shared-infrastructure", - "service-auth-provider-app", - "pip-subscription-management", - "libragob-shared-infrastructure", - "snl-shared-infrastructure", - "camunda-shared-infrastructure", - "dg-docassembly-api", - "div-decree-nisi-frontend", - "sscs-submit-your-appeal", + "bulk-scan-processor", + "wa-standalone-task-bpmn", + "probate-caveats-frontend", + "cnp-idam-master", + "civil-citizen-ui", + "ia-bail-case-api", + "lau-case-backend", + "dm-shared-infrastructure", + "bulk-scan-payment-processor", + "ia-hearings-api", + "ccfr-fees-register-admin-web", + "rd-user-profile-api", + "nfdiv-case-api", + "pip-publication-services", + "cnp-pipelinemetrics-database", + "adoption-shared-infrastructure", "ia-timed-event-service", - "makeaplea-shared-infrastructure", - "juror-scheduler-execution", + "adoption-web", + "pcq-loader", + "probate-frontend", + "rpa-professional-api", + "civil-sdt-gateway", + "terraform-module-servicebus-queue", + "cnp-module-automation-runbook-start-stop-vm", + "cnp-module-webapp", + "probate-submit-service", + "cnp-module-api-mgmt-api-policy", + "hmc-cft-hearing-service", + "sscs-track-your-appeal-notifications", "div-document-generator-client", "ctsc-shared-infrastructure", - "pip-data-management", - "rd-professional-api", - "cnp-module-api-mgmt-api-policy", - "rpx-shared-infrastructure", - "terraform-module-log-analytics-workspace-id", - "em-shared-infrastructure", + "civil-orchestrator-service", + "probate-health-monitor", + "em-hrs-api", + "rd-commondata-dataload", + "am-role-assignment-refresh-batch", + "ccd-shared-infrastructure", + "ccd-case-activity-api", "juror-public", - "hmc-hmi-inbound-adapter", - "prl-citizen-frontend", - "probate-shared-infrastructure", - "sptribs-dss-update-case-web", - "camunda-bpm", - "cnp-module-vnet", - "ccfr-fees-register-admin-web", - "ccd-user-profile-api", - "fpl-ccd-data-migration-tool", - "hmc-cft-hearing-service", - "ccfr-fees-register-app", - "idam-shared-infrastructure", - "sscs-ccd-callback-orchestrator", + "finrem-shared-infrastructure", + "rd-judicial-data-load", + "help-with-fees-shared-infrastructure", + "cnp-idam-compute", + "am-role-assignment-batch-service", + "ccpay-paymentoutcome-web", + "sds-toffee-shared-infrastructure", + "ccpay-refunds-app", + "wa-shared-infrastructure", + "disposer-idam-user", + "service-auth-provider-app", + "ccd-logstash", + "cnp-module-storage-account", "family-api-gateway", - "et-pet-shared-infrastructure", - "hmi-apim-infrastructures", - "cnp-core-compute", + "send-letter-service", + "darts-shared-infrastructure", + "cnp-module-api-mgmt-subscription", + "am-org-role-mapping-service", + "rd-professional-api", + "libragob-shared-infrastructure", + "nfdiv-frontend", + "pdm-shared-infrastructure", + "cnp-idam-storage", + "pip-account-management", + "rd-judicial-api", + "civil-camunda-bpmn-definition", "probate-ccd-data-migration-tool", + "finrem-case-orchestration-service", + "ccpay-payment-app", + "et-ccd-callbacks", + "rd-location-ref-api", + "bar-shared-infrastructure", + "em-shared-infrastructure", + "fpl-ccd-configuration", + "hmi-shared-infrastructures", + "rd-commondata-api", + "terraform-module-postgresql-flexible", "cnp-keda-shared-infrastucture", - "rpx-xui-approve-org", - "ccpay-bulkscanning-app", + "juror-bureau", + "ia-case-payments-api", + "rd-caseworker-ref-api", + "ccpay-payment-api-gateway", + "ccfr-fees-register-app", + "ia-case-access-api", + "civil-sdt", + "div-case-orchestration-service", + "pre-functions", + "probate-persistence-service", "fpl-wa-task-configuration", - "darts-portal", - "cnp-module-application-insights", - "wa-task-configuration-api", - "em-hrs-ingestor", - "civil-citizen-ui", - "wa-standalone-task-bpmn", - "rpe-shared-infrastructure", - "darts-gateway", - "pip-publication-services", - "sds-toffee-frontend", - "ccd-data-store-api", - "cnp-idam-vault", - "sds-toffee-shared-infrastructure", - "cnp-module-waf", - "lau-case-backend", + "pip-subscription-management", + "ccd-admin-web", "rpe-pdf-service", - "ia-case-payments-api", - "ccd-case-document-am-api", - "em-hrs-api", - "lau-idam-backend", - "pre-network", - "adoption-shared-infrastructure", - "cnp-plum-recipes-service", - "hmc-shared-infrastructure", - "cnp-pipelinemetrics-database", - "div-health-monitor", - "cnp-plum-shared-infrastructure", - "bulk-scan-payment-processor", - "fact-shared-infrastructure", - "cui-ra", - "cpo-case-payment-orders-api", - "terraform-module-dynatrace-oneagent", - "finrem-shared-infrastructure", - "nfdiv-shared-infrastructure", - "fis-hmc-api", - "cnp-module-shutterpage", - "bar-api", + "ccpay-bulkscanning-app", + "cnp-owaspdependencycheck-database", + "rd-shared-infrastructure", "ccpayfr-shared-infrastructure", - "terraform-module-sdp-db-user", - "cnp-rhubarb-frontend", - "ccd-case-disposer", - "em-ccd-orchestrator", - "cnp-module-storage", - "rd-caseworker-ref-api", - "cnp-module-redis", - "juror-pnc", - "civil-service", - "rd-judicial-api", - "div-petitioner-frontend", - "civil-sdt-gateway", - "et-sya-api", - "send-letter-service", - "employment-tribunals-shared-infrastructure", - "et-message-handler", - "div-case-maintenance-service", - "ia-aip-frontend", - "sscs-tribunals-case-api", - "ccpay-notifications-service", - "idam-web-public", - "cnp-module-storage-account", - "am-org-role-mapping-service", - "sscs-cor-frontend", - "cnp-module-webapp", - "lau-shared-infrastructure", - "div-shared-infrastructure", - "civil-ccd-definition", - "rpx-xui-webapp", - "rpa-em-ccd-orchestrator", - "civil-orchestrator-service", - "sscs-bulk-scan", - "ccd-api-gateway", - "ccpay-functions-node", - "adoption-web", - "cnp-module-trafficmanager-endpoint", - "probate-submit-service", - "cnp-idam-master", - "juror-shared-infrastructure", - "c100-application", - "am-shared-infrastructure", - "cnp-idam-storage", - "bulk-scan-shared-infrastructure", - "cnp-module-trafficmanager", + "idam-shared-infrastructure", "sds-toffee-recipes-service", - "ia-task-configuration", - "ia-shared-infrastructure", - "rpa-professional-api", - "terraform-module-servicebus-queue", - "probatemandb", + "docmosis-infrastructure", + "rpx-xui-webapp", + "cnp-module-shutterpage", "sscs-cor-backend", - "ccpay-service-request-cpo-update-service", - "sscs-case-loader", - "ccd-logstash", - "probate-frontend", - "sscs-evidence-share", - "cnp-module-automation-runbook-start-stop-vm", - "nfdiv-frontend", - "feature-toggle-api", - "cnp-module-app-service-plan", + "pcq-frontend", + "ccd-user-profile-api", + "camunda-bpm", + "cui-ra", + "cnp-core-compute", + "pip-shared-infrastructures", "juror-scheduler-api", - "pcq-backend", - "prl-dgs-api", - "sds-keda-infrastructure", - "div-validation-service", + "bulk-scan-shared-infrastructure", "sscs-task-configuration", - "disposer-shared-infrastructure", - "terraform-module-application-insights", - "rd-judicial-data-load", - "cmc-claim-store", "pdda-shared-infrastructure", - "cmc-citizen-frontend", - "reform-scan-shared-infra", - "ia-home-office-integration-api", - "dm-shared-infrastructure", + "ccd-definition-designer-api", "cmc-shared-infrastructure", - "rd-user-profile-api", - "ia-case-notifications-api", - "prl-cos-api", "cnp-module-api-mgmt", - "ecm-shared-infrastructure", - "ia-bail-case-api", - "ia-case-access-api", - "tax-tribunals-datacapture", - "prl-shared-infrastructure", - "rpx-xui-terms-and-conditions", - "ccd-shared-infrastructure", - "sptribs-case-api", + "et-sya-api", + "ccpay-service-request-cpo-update-service", + "probate-shared-infrastructure", + "c100-application", "terraform-module-servicebus-topic", - "pip-shared-infrastructures", - "ccpay-bubble", - "nfdiv-case-api", - "ctsc-work-allocation", - "am-role-assignment-batch-service", - "bar-shared-infrastructure", - "wa-shared-infrastructure", - "terraform-module-postgresql-flexible", - "ia-case-documents-api", - "ccd-case-activity-api", - "pre-vault", - "disposer-idam-user", - "div-fees-and-payments-service", - "cnp-module-key-vault", - "ccpay-refunds-app", - "pcq-frontend", - "wa-task-monitor", - "pip-account-management", - "darts-automation", - "probate-caveats-frontend", - "idam-user-dashboard", - "finrem-case-orchestration-service", - "bar-web", "pip-shared-infrastructure-bootstap", - "pre-functions", - "reform-scan-notification-service", + "cnp-module-metric-alert", + "terraform-module-sdp-db-user", + "pre-shared-infrastructure", + "sscs-bulk-scan", + "dg-docassembly-api", + "cnp-module-api-mgmt-api-operation", + "cmc-claim-submit-api", + "div-shared-infrastructure", + "div-decree-nisi-frontend", + "ctsc-work-allocation", + "hmi-rota-dtu", + "lau-idam-backend", + "pcq-consolidation-service", + "cnp-plum-recipes-service", + "prl-citizen-frontend", + "sds-toffee-frontend", + "div-decree-absolute-frontend", + "ethos-repl-docmosis-service", "tax-tribunals-shared-infrastructure", - "civil-general-applications", - "wa-case-event-handler", - "ccpay-paymentoutcome-web", - "div-case-orchestration-service", - "blob-router-service", + "cnp-module-api-mgmt-api", + "probate-back-office", + "ia-aip-frontend", + "cnp-module-action-group", "cnp-module-api-mgmt-product", - "ts-translation-service", - "sscs-hearings-api", - "et-shared-infrastructure", - "ccd-case-management-web", - "draft-store", - "sptribs-shared-infrastructure", - "document-management-store-app", - "ccpay-payment-app", - "et-sya-frontend", - "fis-shared-infrastructure", - "ia-case-api", - "lau-frontend", - "sscs-shared-infrastructure", - "terraform-module-servicebus-subscription", - "prd-pui-registration", - "fpl-ccd-configuration", - "dtsse-shared-infrastructure", - "juror-bureau", - "hmi-shared-infrastructures", - "cnp-module-api-mgmt-api-operation", - "pre-api", - "rd-shared-infrastructure", + "ccd-case-print-service", + "hmc-shared-infrastructure", + "juror-scheduler-execution", + "div-evidence-management-client-api", + "reform-scan-shared-infra", + "cnp-rhubarb-frontend", + "tax-tribunals-datacapture", + "ccpay-bubble", "ecm-consumer", - "am-judicial-booking-service", + "ccd-definition-store-api", + "cnp-module-application-insights", + "ccd-elastic-search", + "ia-case-api", + "probate-business-service", + "cmc-ccd-domain", + "pip-data-management", + "snl-shared-infrastructure", + "bulk-scan-orchestrator", + "rd-profile-sync", + "sscs-evidence-share", + "cnp-module-trafficmanager", + "camunda-shared-infrastructure", + "ecm-shared-infrastructure", + "et-sya-frontend", + "terraform-module-common-tags", + "rd-location-ref-data-load", + "cmc-claim-store", + "cpo-case-payment-orders-api", + "pcq-shared-infrastructure", + "makeaplea-shared-infrastructure", + "cet-shared-infrastructure", + "div-health-monitor", + "cnp-module-vnet", "cnp-rhubarb-recipes-service", - "ccd-case-print-service", - "pre-portal", + "ccd-admin-web-api", + "fact-shared-infrastructure", + "ccd-case-disposer", + "bar-api", + "terraform-module-application-insights", + "fis-shared-infrastructure", + "hmi-apim-infrastructures", + "cnp-idam-vault", + "em-ccd-orchestrator", + "fis-hmc-api", + "wa-workflow-api", + "wa-task-monitor", + "am-role-assignment-service", + "ccd-case-management-web", "cnp-rhubarb-shared-infrastructure", - "rd-commondata-api", - "rd-commondata-dataload", - "cnp-module-api-mgmt-api", - "rd-location-ref-api", - "prl-ccd-definitions", - "cnp-idam-compute", - "cnp-module-action-group", - "prl-wa-task-configuration", + "civil-ccd-definition", "darts-api", - "idam-api", + "feature-toggle-api", + "ts-translation-service", + "am-judicial-booking-service", + "document-management-store-app", + "probate-orchestrator-service", + "terraform-module-servicebus-subscription", + "sptribs-case-api", + "sscs-case-loader", + "ia-shared-infrastructure", + "c100-shared-infrastructure", + "nfdiv-shared-infrastructure", + "pre-portal", + "juror-pnc", "rpa-coh-continuous-online-resolution", - "pcq-loader", + "wa-task-configuration-api", + "civil-general-applications", + "sptribs-frontend", + "sds-keda-infrastructure", + "div-case-maintenance-service", + "sscs-ccd-callback-orchestrator", + "prl-cos-api", + "idam-api", + "disposer-shared-infrastructure", + "cnp-module-postgres", "rpx-xui-manage-organisations", - "sscs-track-your-appeal-notifications", - "div-evidence-management-client-api", - "probate-persistence-service", - "ccd-admin-web-api", + "cnp-module-redis", + "reform-scan-notification-service", + "dtsse-shared-infrastructure", + "ccd-case-document-am-api", + "civil-general-apps-ccd-definition", + "idam-user-dashboard", + "rpe-shared-infrastructure", + "terraform-module-dynatrace-oneagent", + "fact-frontend", + "rpa-em-ccd-orchestrator", + "cnp-module-trafficmanager-endpoint", + "sscs-hearings-api", + "darts-automation", + "div-fees-and-payments-service", + "cmc-legal-rep-frontend", + "cnp-module-storage", + "pcq-backend", + "cnp-core-infrastructure", + "ccd-data-store-api", + "sscs-tribunals-case-api", + "rpa-jui-webapp", + "terraform-module-log-analytics-workspace-id", + "div-respondent-frontend", + "fpl-ccd-data-migration-tool", + "prd-pui-registration", + "div-petitioner-frontend", + "hmi-shared-infrastructures-bootstrap", + "et-pet-shared-infrastructure", + "prl-shared-infrastructure", + "pre-api", + "prl-wa-task-configuration", + "cnp-plum-shared-infrastructure", + "darts-portal", + "sptribs-dss-update-case-web", + "cnp-module-key-vault", + "sptribs-shared-infrastructure", + "ia-task-configuration", + "terraform-module-servicebus-namespace", + "ia-home-office-integration-api", + "rpx-xui-terms-and-conditions", + "em-native-pdf-annotator-app", + "prl-dgs-api", + "rpx-shared-infrastructure", + "juror-shared-infrastructure", + "ccpay-functions-node", + "hmc-hmi-inbound-adapter", + "prl-ccd-definitions", "wa-task-management-api", - "probate-business-service", - "cnp-module-metric-alert", - "ethos-repl-docmosis-service", + "juror-api", + "ccpay-notifications-service", + "probatemandb", + "adoption-cos-api", "em-stitching-api", + "cnp-module-waf", + "sscs-track-your-appeal-frontend", + "fact-admin", + "pre-network", + "em-hrs-ingestor", + "aac-manage-case-assignment", + "div-validation-service", + "rpx-xui-approve-org", + "draft-store", + "blob-router-service", + "cnp-module-app-service-plan", + "sscs-shared-infrastructure", "div-case-data-formatter", - "ccd-elastic-search", + "pre-vault", + "darts-gateway", + "ia-case-documents-api", + "fact-api", + "civil-service", + "sscs-submit-your-appeal", + "employment-tribunals-shared-infrastructure", + "et-message-handler", + "cmc-citizen-frontend", + "ccd-api-gateway", + "et-shared-infrastructure", + "wa-case-event-handler", + "cnp-module-palo-alto", + "lau-shared-infrastructure", + "sscs-cor-frontend", "darts-proxy", - "pcq-consolidation-service", - "darts-shared-infrastructure", - "rd-location-ref-data-load", - "wa-workflow-api", + "bar-web", + "ia-case-notifications-api", + "lau-frontend", "em-annotation-api", - "terraform-module-servicebus-namespace", - "help-with-fees-shared-infrastructure", - "cet-shared-infrastructure", - "c100-shared-infrastructure", - "fact-api", "em-icp-api", - "bulk-scan-orchestrator", - "em-native-pdf-annotator-app", - "adoption-cos-api", - "fact-frontend", - "fact-admin", - "rd-profile-sync", - "et-ccd-callbacks", - "civil-general-apps-ccd-definition", - "pre-shared-infrastructure", - "civil-camunda-bpmn-definition", - "cnp-owaspdependencycheck-database", - "cmc-ccd-domain", - "docmosis-infrastructure", - "am-role-assignment-service", - "probate-health-monitor", - "hmi-shared-infrastructures-bootstrap", - "pdm-shared-infrastructure", - "terraform-module-common-tags", - "ccd-admin-web", - "sscs-track-your-appeal-frontend", - "ccd-definition-store-api", - "bulk-scan-processor", - "div-respondent-frontend", - "ia-hearings-api", - "aac-manage-case-assignment", - "cnp-core-infrastructure", - "probate-back-office", - "ccpay-payment-api-gateway", - "rpa-jui-webapp" + "idam-web-public", + "am-shared-infrastructure" ] \ No newline at end of file From b390784d958633bdb3ea4f43f673cdb3fe87c5c7 Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Fri, 16 Aug 2024 14:19:29 +0100 Subject: [PATCH 098/100] updating terraform pipeline naming and removing github ref --- .github/workflows/terraform-precheck.yaml | 2 -- .github/workflows/terraform.yaml | 2 +- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index aaa5efe45..c9f92d7f3 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -15,8 +15,6 @@ jobs: steps: - name: Checkout code uses: actions/checkout@v4 - with: - ref: ${{ github.head_ref }} - name: Checkout cnp-azuredevops-libraries uses: actions/checkout@v4 diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index d07533b34..34b648cd4 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -1,4 +1,4 @@ -name: Terraform CI/CD +name: Terraform Deploy on: pull_request: From 3eb5b6b3f51df3c6fc37a72500a1ebe95f7d5b8b Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 22 Aug 2024 10:03:37 +0100 Subject: [PATCH 099/100] testing pipeline --- .github/workflows/terraform-precheck.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index c9f92d7f3..8aa8566cc 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -41,3 +41,4 @@ jobs: git add -u git diff-index --quiet HEAD || git commit -m "Format with terraform fmt" git push origin HEAD:${{ github.head_ref }} || echo "No changes to push" + From f6e53493077acebd91bd8e3aa2b47b3927ca71de Mon Sep 17 00:00:00 2001 From: Connor O'Kane Date: Thu, 22 Aug 2024 10:05:11 +0100 Subject: [PATCH 100/100] testing pipeline --- .github/workflows/terraform-precheck.yaml | 6 ++++-- .github/workflows/terraform.yaml | 3 +++ 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/.github/workflows/terraform-precheck.yaml b/.github/workflows/terraform-precheck.yaml index 8aa8566cc..d8870ba01 100644 --- a/.github/workflows/terraform-precheck.yaml +++ b/.github/workflows/terraform-precheck.yaml @@ -4,6 +4,9 @@ on: pull_request: branches: - main + push: + branches: + - DTSPO-18475-Fix-Up workflow_dispatch: permissions: @@ -40,5 +43,4 @@ jobs: git config --global user.name "hmcts-platform-operations" git add -u git diff-index --quiet HEAD || git commit -m "Format with terraform fmt" - git push origin HEAD:${{ github.head_ref }} || echo "No changes to push" - + git push origin HEAD:${{ github.head_ref }} || echo "No changes to push" \ No newline at end of file diff --git a/.github/workflows/terraform.yaml b/.github/workflows/terraform.yaml index 34b648cd4..22c2ae1ae 100644 --- a/.github/workflows/terraform.yaml +++ b/.github/workflows/terraform.yaml @@ -5,6 +5,9 @@ on: branches: - main workflow_dispatch: + push: + branches: + - DTSPO-18475-Fix-Up permissions: contents: write