Skip to content

Upgrade: [dependabot] - bump esbuild from 0.23.0 to 0.23.1 (#1195) #960

Upgrade: [dependabot] - bump esbuild from 0.23.0 to 0.23.1 (#1195)

Upgrade: [dependabot] - bump esbuild from 0.23.0 to 0.23.1 (#1195) #960

Workflow file for this run

name: release workflow
on:
push:
branches: [main]
tags: [v**]
env:
BRANCH_NAME: ${{ github.event.ref.BRANCH_NAME }}
jobs:
quality_checks:
uses: ./.github/workflows/quality_checks.yml
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
get_commit_id:
runs-on: ubuntu-latest
outputs:
commit_id: ${{ steps.commit_id.outputs.commit_id }}
steps:
- name: Get Commit ID
id: commit_id
run: |
echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT"
tag_release:
needs: quality_checks
runs-on: ubuntu-latest
outputs:
spec_version: ${{steps.output_spec_version.outputs.SPEC_VERSION}}
steps:
- name: Checkout code
uses: actions/checkout@v4
with:
ref: ${{ env.BRANCH_NAME }}
fetch-depth: 0
# using git commit sha for version of action to ensure we have stable version
- name: Install asdf
uses: asdf-vm/actions/setup@05e0d2ed97b598bfce82fd30daf324ae0c4570e6
with:
asdf_branch: v0.11.3
- name: Cache asdf
uses: actions/cache@v4
with:
path: |
~/.asdf
key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }}
restore-keys: |
${{ runner.os }}-asdf-
- name: Install asdf dependencies in .tool-versions
uses: asdf-vm/actions/install@05e0d2ed97b598bfce82fd30daf324ae0c4570e6
with:
asdf_branch: v0.11.3
env:
PYTHON_CONFIGURE_OPTS: --enable-shared
- name: Install python packages
run: |
make install-python
- name: Set SPEC_VERSION env var for merges to main
run: echo "SPEC_VERSION=$(poetry run python scripts/calculate_version.py)" >> "$GITHUB_ENV"
if: github.ref == 'refs/heads/main'
- name: Set SPEC_VERSION env var for tags
run: echo "SPEC_VERSION=${{ github.ref_name }}" >> "$GITHUB_ENV"
if: github.ref != 'refs/heads/main'
- name: Create release (tags and main)
id: create-release
# using commit hash for version v1.13.0
uses: ncipollo/release-action@2c591bcc8ecdcd2db72b97d6147f871fcd833ba5
continue-on-error: true
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
tag: ${{ env.SPEC_VERSION }}
commit: ${{ github.sha }}
body: |
## Commit message
${{ github.event.head_commit.message }}
## Info
[See code diff](${{ github.event.compare }})
[Release workflow run](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }})
It was initialized by [${{ github.event.sender.login }}](${{ github.event.sender.html_url }})
- name: output SPEC_VERSION
id: output_spec_version
run: |
echo "## RELEASE TAG :** ${{ env.SPEC_VERSION }}" >> "$GITHUB_STEP_SUMMARY"
echo "SPEC_VERSION=${{ env.SPEC_VERSION }}" >> "$GITHUB_OUTPUT"
package_code:
needs: tag_release
uses: ./.github/workflows/sam_package_code.yml
release_dev:
needs: [tag_release, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: pfp
TARGET_ENVIRONMENT: dev
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code
TRUSTSTORE_FILE: pfp-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
CREATE_INT_RELEASE_NOTES: true
CREATE_PROD_RELEASE_NOTES: true
TOGGLE_GET_STATUS_UPDATES: true
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.DEV_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.DEV_TARGET_SERVICE_SEARCH_SERVER }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
release_dev_old:
needs: [tag_release, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: dev-ci
TARGET_ENVIRONMENT: dev
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code_old
TRUSTSTORE_FILE: truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
CREATE_INT_RELEASE_NOTES: true
CREATE_PROD_RELEASE_NOTES: true
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.DEV_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.DEV_TARGET_SERVICE_SEARCH_SERVER }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
release_dev_sandbox:
needs: [tag_release, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: pfp-sandbox
TARGET_ENVIRONMENT: dev
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_sandbox_code
TRUSTSTORE_FILE: pfp-sandbox-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
DOMAIN_NAME_EXPORT: eps-route53-resources:EPS-domain
ZONE_ID_EXPORT: eps-route53-resources:EPS-ZoneID
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: sandbox
TARGET_SERVICE_SEARCH_SERVER: sandbox
release_dev_sandbox_old:
needs: [tag_release, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: dev-sandbox
TARGET_ENVIRONMENT: dev
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_sandbox_code_old
TRUSTSTORE_FILE: sandbox-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
DOMAIN_NAME_EXPORT: route53-resources:domain
ZONE_ID_EXPORT: route53-resources:ZoneID
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: sandbox
TARGET_SERVICE_SEARCH_SERVER: sandbox
release_ref:
needs: [tag_release, release_dev, release_dev_sandbox, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: pfp
TARGET_ENVIRONMENT: ref
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code
TRUSTSTORE_FILE: pfp-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
TOGGLE_GET_STATUS_UPDATES: true
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.REF_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.REF_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.REF_TARGET_SERVICE_SEARCH_SERVER }}
release_ref_old:
needs: [tag_release, release_dev_old, release_dev_sandbox, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: ref-ci
TARGET_ENVIRONMENT: ref
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code_old
TRUSTSTORE_FILE: truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.REF_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.REF_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.REF_TARGET_SERVICE_SEARCH_SERVER }}
release_qa:
needs: [tag_release, release_dev, release_dev_sandbox, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: pfp
TARGET_ENVIRONMENT: qa
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code
TRUSTSTORE_FILE: pfp-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
TOGGLE_GET_STATUS_UPDATES: true
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.QA_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.QA_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.QA_TARGET_SERVICE_SEARCH_SERVER }}
release_qa_old:
needs: [tag_release, release_dev_old, release_dev_sandbox, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: qa-ci
TARGET_ENVIRONMENT: qa
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code_old
TRUSTSTORE_FILE: truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.QA_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.QA_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.QA_TARGET_SERVICE_SEARCH_SERVER }}
release_int:
needs: [tag_release, release_qa, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: pfp
TARGET_ENVIRONMENT: int
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code
TRUSTSTORE_FILE: pfp-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
CREATE_INT_RELEASE_NOTES: true
CREATE_INT_RC_RELEASE_NOTES: false
TOGGLE_GET_STATUS_UPDATES: true
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.INT_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.INT_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.INT_TARGET_SERVICE_SEARCH_SERVER }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
release_int_old:
needs: [tag_release, release_qa_old, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: int-ci
TARGET_ENVIRONMENT: int
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code_old
TRUSTSTORE_FILE: truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
CREATE_INT_RELEASE_NOTES: true
CREATE_INT_RC_RELEASE_NOTES: true
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.INT_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.INT_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.INT_TARGET_SERVICE_SEARCH_SERVER }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
release_sandbox:
needs: [tag_release, release_qa, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: pfp-sandbox
TARGET_ENVIRONMENT: int
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_sandbox_code
TRUSTSTORE_FILE: pfp-sandbox-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
DOMAIN_NAME_EXPORT: eps-route53-resources:EPS-domain
ZONE_ID_EXPORT: eps-route53-resources:EPS-ZoneID
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.INT_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: sandbox
TARGET_SERVICE_SEARCH_SERVER: sandbox
release_sandbox_old:
needs: [tag_release, release_qa, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: int-sandbox
TARGET_ENVIRONMENT: int
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_sandbox_code
TRUSTSTORE_FILE: sandbox-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: DEBUG
LOG_RETENTION_DAYS: 30
DOMAIN_NAME_EXPORT: route53-resources:domain
ZONE_ID_EXPORT: route53-resources:ZoneID
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.INT_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: sandbox
TARGET_SERVICE_SEARCH_SERVER: sandbox
release_prod:
needs: [tag_release, release_int, release_sandbox, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: pfp
TARGET_ENVIRONMENT: prod
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code
TRUSTSTORE_FILE: pfp-truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: INFO
LOG_RETENTION_DAYS: 731
MARK_JIRA_RELEASED: true
CREATE_PROD_RELEASE_NOTES: true
TOGGLE_GET_STATUS_UPDATES: false
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.PROD_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.PROD_TARGET_SERVICE_SEARCH_SERVER }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
release_prod_old:
needs: [tag_release, release_int_old, release_sandbox, package_code, get_commit_id]
uses: ./.github/workflows/sam_release_code.yml
with:
ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.spec_version}}
STACK_NAME: prod-ci
TARGET_ENVIRONMENT: prod
ENABLE_MUTUAL_TLS: true
BUILD_ARTIFACT: packaged_code_old
TRUSTSTORE_FILE: truststore.pem
VERSION_NUMBER: ${{needs.tag_release.outputs.spec_version}}
COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
LOG_LEVEL: INFO
LOG_RETENTION_DAYS: 731
MARK_JIRA_RELEASED: true
CREATE_PROD_RELEASE_NOTES: true
secrets:
CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_DEPLOY_ROLE }}
TARGET_SPINE_SERVER: ${{ secrets.PROD_TARGET_SPINE_SERVER }}
TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.PROD_TARGET_SERVICE_SEARCH_SERVER }}
DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}