From 079375d93f160b26209aa40c803385d128d2241c Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Wed, 20 Nov 2024 11:59:31 +0000 Subject: [PATCH 01/15] [PRMP-1185] start mns sub pipeline --- .github/workflows/subscribe-to-mns.yml | 64 ++++++++++++++++++++++++ lambdas/scripts/mns_subscription.py | 69 ++++++++++++++++++++++++++ 2 files changed, 133 insertions(+) create mode 100644 .github/workflows/subscribe-to-mns.yml create mode 100644 lambdas/scripts/mns_subscription.py diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml new file mode 100644 index 000000000..2e6719dac --- /dev/null +++ b/.github/workflows/subscribe-to-mns.yml @@ -0,0 +1,64 @@ +name: Subscribe to MNS + +on: + workflow_dispatch: + inputs: + sandbox: + description: Which sandbox would you like to run against? + required: true + type: string + default: ndr + environments: + description: Which environment settings to use? + required: true + type: string + default: development + secrets: + AWS_ASSUME_ROLE: + required: true + +permissions: + pull-requests: write + id-token: write # This is required for requesting the JWT + contents: read # This is required for actions/checkout + +jobs: + Subscribe to MNS: + runs-on: ubuntu-latest + + steps: + - name: Configure AWS Credentials + uses: aws-actions/configure-aws-credentials@v4 + with: + role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }} + role-skip-session-tagging: true + aws-region: ${{ vars.AWS_REGION }} + mask-aws-account-id: true + + - name: Copy files + uses: actions/checkout@v4 + + - name: Set up Python + uses: actions/setup-python@v4 + with: + python_version: 3.11 + + - name: Make virtual environment + run: | + make env + + - name: Start virtual environment + run: | + source ./lambdas/venv/bin/activate + echo PATH=$PATH >> $GITHUB_ENV + + - name: Get MNS subscription IDs and store + run: | + ./lambdas/venv/bin/python3 lambdas/scripts/mns_subscription.py + env: + ENV: ${{ vars.BUILD_ENV }} + AWS_REGION: ${{ vars.AWS_REGION }} + +# rather than copy everything over, the script could use boto3, +# this github action could set up amazon connection +# will still need a virtual env to make this work. \ No newline at end of file diff --git a/lambdas/scripts/mns_subscription.py b/lambdas/scripts/mns_subscription.py new file mode 100644 index 000000000..13956c0de --- /dev/null +++ b/lambdas/scripts/mns_subscription.py @@ -0,0 +1,69 @@ +# get subscription endpoints, ping them, visit the response URL +# create an ssm_parameter for each subscription id from each response +# ndr/{env}/mns/subscription_id/pds-change-of-gp-1 +# ndr/{env}/mns/subscription_id/pds-death-notification-1 +import os + +# # how do i get the env? +# import uuid +# +# # what do I need to be able to do this, +# # ssm_service, put... and get... +# # need to know env, how does that work? how do I get it, os.getenv? +# # need an auth service to get the bearer token. +# +# import boto3 +# import requests +# from enums.pds_ssm_parameters import SSMParameter +# from services.base.nhs_oauth_service import NhsOauthService +# from services.base.ssm_service import SSMService +# +# +# ENV = 'ndrb' +# QUEUE = f"arn:aws:sqs:eu-west-2:account number:{ENV}-mns-subscription-queue" +# ssm_service = SSMService() +# oauth_service = NhsOauthService(ssm_service) +# +# headers = { +# "content-Type": "application/fhir+json", +# "accept": "application/json", +# "authorization": f"Bearer {oauth_service.get_active_access_token()}", +# "x-correlation-id": str(uuid.uuid4()) +# } +# +# events = { +# "pds-change-of-gp-1": f"/ndr/{ENV}/mns/subscription-id/pds-change-of-gp-1", +# "pds-death-notification-1": f"/ndr/{ENV}/mns/subscription-id/pds-death-notification-1" +# } +# +# url = "https://sandbox.api.service.nhs.uk/multicast-notification-service/subscriptions" +# +# def get_subscription_id(event_type,): +# request_body = { +# "resourceType": "Subscription", +# "status": "requested", +# "end": "2022-04-05T17:31:00.000Z", +# "reason": "A description of why this subscription should be created.", +# "criteria": f"eventType={event_type}", +# "channel": { +# "type": "message", +# "endpoint": QUEUE, +# "payload": "application/json" +# } +# } +# try: +# response = requests.post(url, headers=headers, data=request_body) +# id = response.json().get('id') +# return id +# +# except requests.exceptions.RequestException as e: +# print(e) +# +# for event, parameter in events.items(): +# ssm_service.update_ssm_parameter(parameter, get_subscription_id(event)) + +# needs third value, securestring? + +if __name__ == "__main__": + env = os.getenv("ENV") + print(env) From 6e5470181e838fb648bfd510f1d1510f24102ba5 Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Tue, 26 Nov 2024 09:28:58 +0000 Subject: [PATCH 02/15] [PRMP-1185] adjust script to use variables passed down from the runner and boto3 --- .github/workflows/subscribe-to-mns.yml | 16 +++- lambdas/scripts/mns_subscription.py | 118 +++++++++++-------------- 2 files changed, 66 insertions(+), 68 deletions(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 2e6719dac..c0af2e3bd 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -22,6 +22,11 @@ permissions: id-token: write # This is required for requesting the JWT contents: read # This is required for actions/checkout +env: + SANDBOX: ${{ inputs.sandbox }} + AWS_REGION: ${{ vars.AWS_REGION }} + TOKEN: ${{ secrets.GITHUB_TOKEN }} + jobs: Subscribe to MNS: runs-on: ubuntu-latest @@ -45,19 +50,22 @@ jobs: - name: Make virtual environment run: | - make env + python3 -m venv venv - name: Start virtual environment run: | source ./lambdas/venv/bin/activate echo PATH=$PATH >> $GITHUB_ENV + - name: Install pipeline dependencies + run: | + pip install -r ./lambdas/requirements/layers/requirements_github_runner.txt + echo "Installed requirements" + - name: Get MNS subscription IDs and store run: | + echo "Staring subscription script" ./lambdas/venv/bin/python3 lambdas/scripts/mns_subscription.py - env: - ENV: ${{ vars.BUILD_ENV }} - AWS_REGION: ${{ vars.AWS_REGION }} # rather than copy everything over, the script could use boto3, # this github action could set up amazon connection diff --git a/lambdas/scripts/mns_subscription.py b/lambdas/scripts/mns_subscription.py index 13956c0de..f2a8e0bca 100644 --- a/lambdas/scripts/mns_subscription.py +++ b/lambdas/scripts/mns_subscription.py @@ -1,69 +1,59 @@ -# get subscription endpoints, ping them, visit the response URL -# create an ssm_parameter for each subscription id from each response -# ndr/{env}/mns/subscription_id/pds-change-of-gp-1 -# ndr/{env}/mns/subscription_id/pds-death-notification-1 import os +import uuid -# # how do i get the env? -# import uuid -# -# # what do I need to be able to do this, -# # ssm_service, put... and get... -# # need to know env, how does that work? how do I get it, os.getenv? -# # need an auth service to get the bearer token. -# -# import boto3 -# import requests -# from enums.pds_ssm_parameters import SSMParameter -# from services.base.nhs_oauth_service import NhsOauthService -# from services.base.ssm_service import SSMService -# -# -# ENV = 'ndrb' -# QUEUE = f"arn:aws:sqs:eu-west-2:account number:{ENV}-mns-subscription-queue" -# ssm_service = SSMService() -# oauth_service = NhsOauthService(ssm_service) -# -# headers = { -# "content-Type": "application/fhir+json", -# "accept": "application/json", -# "authorization": f"Bearer {oauth_service.get_active_access_token()}", -# "x-correlation-id": str(uuid.uuid4()) -# } -# -# events = { -# "pds-change-of-gp-1": f"/ndr/{ENV}/mns/subscription-id/pds-change-of-gp-1", -# "pds-death-notification-1": f"/ndr/{ENV}/mns/subscription-id/pds-death-notification-1" -# } -# -# url = "https://sandbox.api.service.nhs.uk/multicast-notification-service/subscriptions" -# -# def get_subscription_id(event_type,): -# request_body = { -# "resourceType": "Subscription", -# "status": "requested", -# "end": "2022-04-05T17:31:00.000Z", -# "reason": "A description of why this subscription should be created.", -# "criteria": f"eventType={event_type}", -# "channel": { -# "type": "message", -# "endpoint": QUEUE, -# "payload": "application/json" -# } -# } -# try: -# response = requests.post(url, headers=headers, data=request_body) -# id = response.json().get('id') -# return id -# -# except requests.exceptions.RequestException as e: -# print(e) -# -# for event, parameter in events.items(): -# ssm_service.update_ssm_parameter(parameter, get_subscription_id(event)) +import boto3 +import requests + +env_prefix = os.getenv("SANDBOX") +token = os.getenv("TOKEN") + +headers = { + "content-Type": "application/fhir+json", + "accept": "application/json", + "authorization": f"Bearer {token}", + "x-correlation-id": str(uuid.uuid4()), +} + +events = { + "pds-change-of-gp-1": f"/ndr/{env_prefix}/mns/subscription-id/pds-change-of-gp-1", + "pds-death-notification-1": f"/ndr/{env_prefix}/mns/subscription-id/pds-death-notification-1", +} + +url = "https://sandbox.api.service.nhs.uk/multicast-notification-service/subscriptions" + +sqs = boto3.client("sqs") +sqs_url = sqs.get_queue_url(QueueName=f"{env_prefix}-mns-notification-queue")[ + "QueueUrl" +] +sqs_arn = sqs.get_queue_attributes(QueueUrl=sqs_url, AttributeNames=["QueueArn"])[ + "Attributes" +]["QueueArn"] + +ssm = boto3.client("ssm") + + +def get_subscription_id(event_type): + request_body = { + "resourceType": "Subscription", + "status": "requested", + "end": "2022-04-05T17:31:00.000Z", + "reason": "Integration with the National Document Repository.", + "criteria": f"eventType={event_type}", + "channel": { + "type": "message", + "endpoint": sqs_arn, + "payload": "application/json", + }, + } + try: + response = requests.post(url, headers=headers, data=request_body) + id = response.json().get("id") + return id + except requests.exceptions.RequestException as e: + print(e) -# needs third value, securestring? if __name__ == "__main__": - env = os.getenv("ENV") - print(env) + + for event, parameter in events.items(): + ssm.put_parameter(parameter, get_subscription_id(event)) From 3d374326a6304b2a18f6a27d6166bbf04949b4c4 Mon Sep 17 00:00:00 2001 From: Ollie Beumkes Date: Tue, 26 Nov 2024 16:01:42 +0000 Subject: [PATCH 03/15] [PRMP-1185] Removed make and start venv and updated python to v5 --- .github/workflows/subscribe-to-mns.yml | 30 ++++++-------------------- 1 file changed, 6 insertions(+), 24 deletions(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index c0af2e3bd..2e9b1a33f 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -28,7 +28,7 @@ env: TOKEN: ${{ secrets.GITHUB_TOKEN }} jobs: - Subscribe to MNS: + Subscribe_to_MNS: runs-on: ubuntu-latest steps: @@ -44,29 +44,11 @@ jobs: uses: actions/checkout@v4 - name: Set up Python - uses: actions/setup-python@v4 + uses: actions/setup-python@v5 with: - python_version: 3.11 - - - name: Make virtual environment - run: | - python3 -m venv venv - - - name: Start virtual environment - run: | - source ./lambdas/venv/bin/activate - echo PATH=$PATH >> $GITHUB_ENV - - - name: Install pipeline dependencies - run: | + python-version: '3.11' + cache: 'pip' # caching pip dependencies + - run: | pip install -r ./lambdas/requirements/layers/requirements_github_runner.txt echo "Installed requirements" - - - name: Get MNS subscription IDs and store - run: | - echo "Staring subscription script" - ./lambdas/venv/bin/python3 lambdas/scripts/mns_subscription.py - -# rather than copy everything over, the script could use boto3, -# this github action could set up amazon connection -# will still need a virtual env to make this work. \ No newline at end of file + python ./lambdas/scripts/mns_subscription.py From eca2211b8508d78a4cf9b675a703545e58f4bdf3 Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Wed, 27 Nov 2024 10:39:49 +0000 Subject: [PATCH 04/15] [PRMP-1185] address PR comments --- .github/workflows/subscribe-to-mns.yml | 5 +++-- lambdas/scripts/mns_subscription.py | 26 +++++++++++++------------- 2 files changed, 16 insertions(+), 15 deletions(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 2e9b1a33f..3627e3d6b 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -7,8 +7,7 @@ on: description: Which sandbox would you like to run against? required: true type: string - default: ndr - environments: + environment: description: Which environment settings to use? required: true type: string @@ -26,6 +25,7 @@ env: SANDBOX: ${{ inputs.sandbox }} AWS_REGION: ${{ vars.AWS_REGION }} TOKEN: ${{ secrets.GITHUB_TOKEN }} + URL: ${{ var.MNS_SUBSCRIPTION_URL }} jobs: Subscribe_to_MNS: @@ -52,3 +52,4 @@ jobs: pip install -r ./lambdas/requirements/layers/requirements_github_runner.txt echo "Installed requirements" python ./lambdas/scripts/mns_subscription.py + echo "Subscription complete" diff --git a/lambdas/scripts/mns_subscription.py b/lambdas/scripts/mns_subscription.py index f2a8e0bca..4a4a791c2 100644 --- a/lambdas/scripts/mns_subscription.py +++ b/lambdas/scripts/mns_subscription.py @@ -1,11 +1,14 @@ import os import uuid +from urllib.error import HTTPError import boto3 import requests env_prefix = os.getenv("SANDBOX") token = os.getenv("TOKEN") +url = os.getenv("URL") + headers = { "content-Type": "application/fhir+json", @@ -19,24 +22,21 @@ "pds-death-notification-1": f"/ndr/{env_prefix}/mns/subscription-id/pds-death-notification-1", } -url = "https://sandbox.api.service.nhs.uk/multicast-notification-service/subscriptions" - -sqs = boto3.client("sqs") -sqs_url = sqs.get_queue_url(QueueName=f"{env_prefix}-mns-notification-queue")[ +sqs_client = boto3.client("sqs") +sqs_url = sqs_client.get_queue_url(QueueName=f"{env_prefix}-mns-notification-queue")[ "QueueUrl" ] -sqs_arn = sqs.get_queue_attributes(QueueUrl=sqs_url, AttributeNames=["QueueArn"])[ - "Attributes" -]["QueueArn"] +sqs_arn = sqs_client.get_queue_attributes( + QueueUrl=sqs_url, AttributeNames=["QueueArn"] +)["Attributes"]["QueueArn"] -ssm = boto3.client("ssm") +ssm_client = boto3.client("ssm") def get_subscription_id(event_type): request_body = { "resourceType": "Subscription", "status": "requested", - "end": "2022-04-05T17:31:00.000Z", "reason": "Integration with the National Document Repository.", "criteria": f"eventType={event_type}", "channel": { @@ -47,13 +47,13 @@ def get_subscription_id(event_type): } try: response = requests.post(url, headers=headers, data=request_body) + response.raise_for_status() id = response.json().get("id") return id - except requests.exceptions.RequestException as e: - print(e) + except HTTPError as err: + print(err) if __name__ == "__main__": - for event, parameter in events.items(): - ssm.put_parameter(parameter, get_subscription_id(event)) + ssm_client.put_parameter(parameter, get_subscription_id(event)) From f49a8a4a1dad6523940c6f697d801ba81266805f Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Wed, 27 Nov 2024 12:24:53 +0000 Subject: [PATCH 05/15] [PRMP-1185] ensure environment is used on job run --- .github/workflows/subscribe-to-mns.yml | 8 ++++---- lambdas/scripts/mns_subscription.py | 4 ++-- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 3627e3d6b..1e1dba535 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -30,7 +30,7 @@ env: jobs: Subscribe_to_MNS: runs-on: ubuntu-latest - + environment: ${{ inputs.environment }} steps: - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 @@ -40,16 +40,16 @@ jobs: aws-region: ${{ vars.AWS_REGION }} mask-aws-account-id: true - - name: Copy files + - name: Checkout uses: actions/checkout@v4 - name: Set up Python uses: actions/setup-python@v5 with: python-version: '3.11' - cache: 'pip' # caching pip dependencies + cache: 'pip' - run: | - pip install -r ./lambdas/requirements/layers/requirements_github_runner.txt + pip install boto3 requests echo "Installed requirements" python ./lambdas/scripts/mns_subscription.py echo "Subscription complete" diff --git a/lambdas/scripts/mns_subscription.py b/lambdas/scripts/mns_subscription.py index 4a4a791c2..57abad903 100644 --- a/lambdas/scripts/mns_subscription.py +++ b/lambdas/scripts/mns_subscription.py @@ -48,8 +48,8 @@ def get_subscription_id(event_type): try: response = requests.post(url, headers=headers, data=request_body) response.raise_for_status() - id = response.json().get("id") - return id + subscription_id = response.json().get("id") + return subscription_id except HTTPError as err: print(err) From dcd452129ec073c65c74e126d3f64579b1eb9285 Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Wed, 27 Nov 2024 15:02:52 +0000 Subject: [PATCH 06/15] [PRMP-1185] use nhs auth service to generate token --- .github/workflows/subscribe-to-mns.yml | 3 +-- lambdas/scripts/mns_subscription.py | 16 +++++++++++----- 2 files changed, 12 insertions(+), 7 deletions(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 1e1dba535..ba136ca2e 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -24,7 +24,6 @@ permissions: env: SANDBOX: ${{ inputs.sandbox }} AWS_REGION: ${{ vars.AWS_REGION }} - TOKEN: ${{ secrets.GITHUB_TOKEN }} URL: ${{ var.MNS_SUBSCRIPTION_URL }} jobs: @@ -49,7 +48,7 @@ jobs: python-version: '3.11' cache: 'pip' - run: | - pip install boto3 requests + pip install boto3 requests pyjwt echo "Installed requirements" python ./lambdas/scripts/mns_subscription.py echo "Subscription complete" diff --git a/lambdas/scripts/mns_subscription.py b/lambdas/scripts/mns_subscription.py index 57abad903..136a916af 100644 --- a/lambdas/scripts/mns_subscription.py +++ b/lambdas/scripts/mns_subscription.py @@ -4,16 +4,20 @@ import boto3 import requests +from services.base.nhs_oauth_service import NhsOauthService +from services.base.ssm_service import SSMService env_prefix = os.getenv("SANDBOX") -token = os.getenv("TOKEN") url = os.getenv("URL") +ssm_service = SSMService() +auth_service = NhsOauthService(ssm_service) + headers = { "content-Type": "application/fhir+json", "accept": "application/json", - "authorization": f"Bearer {token}", + "authorization": f"Bearer {auth_service.get_active_access_token()}", "x-correlation-id": str(uuid.uuid4()), } @@ -30,8 +34,6 @@ QueueUrl=sqs_url, AttributeNames=["QueueArn"] )["Attributes"]["QueueArn"] -ssm_client = boto3.client("ssm") - def get_subscription_id(event_type): request_body = { @@ -56,4 +58,8 @@ def get_subscription_id(event_type): if __name__ == "__main__": for event, parameter in events.items(): - ssm_client.put_parameter(parameter, get_subscription_id(event)) + ssm_service.update_ssm_parameter( + parameter_key=parameter, + parameter_value=get_subscription_id(event), + parameter_type="SecureString", + ) From 976150ad47186474fff9c4cc9eee064a320c2988 Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Wed, 27 Nov 2024 16:41:37 +0000 Subject: [PATCH 07/15] [PRMP-1185] correct typo var => vars --- .github/workflows/subscribe-to-mns.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index ba136ca2e..8db4b6f84 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -24,7 +24,7 @@ permissions: env: SANDBOX: ${{ inputs.sandbox }} AWS_REGION: ${{ vars.AWS_REGION }} - URL: ${{ var.MNS_SUBSCRIPTION_URL }} + URL: ${{ vars.MNS_SUBSCRIPTION_URL }} jobs: Subscribe_to_MNS: From 9e264061b307214d80c728ec9bae870b466b75bc Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Wed, 27 Nov 2024 16:50:33 +0000 Subject: [PATCH 08/15] [PRMP-1185] ammend run steps in action --- .github/workflows/subscribe-to-mns.yml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 8db4b6f84..deccfee96 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -47,8 +47,9 @@ jobs: with: python-version: '3.11' cache: 'pip' - - run: | + - name: Install dependencies and run script + run: | pip install boto3 requests pyjwt echo "Installed requirements" - python ./lambdas/scripts/mns_subscription.py + python3 -m .lambdas.scripts.mns_subscription echo "Subscription complete" From f84a507b5ade5c0400f4b3ec90605f181aae3da1 Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Wed, 27 Nov 2024 16:56:05 +0000 Subject: [PATCH 09/15] [PRMP-1185] add new step to pipeline --- .github/workflows/subscribe-to-mns.yml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index deccfee96..f25ad37ff 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -51,5 +51,8 @@ jobs: run: | pip install boto3 requests pyjwt echo "Installed requirements" - python3 -m .lambdas.scripts.mns_subscription + - name: Run script + working-directory: ./lambdas + run: | + python3 -m scripts.mns_subscription echo "Subscription complete" From c77497c20e72be87940d5da9c91070052eb558db Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Wed, 27 Nov 2024 17:15:55 +0000 Subject: [PATCH 10/15] [PRMP-1185] ammend bad request --- .github/workflows/subscribe-to-mns.yml | 2 +- lambdas/scripts/mns_subscription.py | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index f25ad37ff..b2a9b150e 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -49,7 +49,7 @@ jobs: cache: 'pip' - name: Install dependencies and run script run: | - pip install boto3 requests pyjwt + pip install boto3 requests pyjwt cryptography echo "Installed requirements" - name: Run script working-directory: ./lambdas diff --git a/lambdas/scripts/mns_subscription.py b/lambdas/scripts/mns_subscription.py index 136a916af..60558f965 100644 --- a/lambdas/scripts/mns_subscription.py +++ b/lambdas/scripts/mns_subscription.py @@ -15,8 +15,6 @@ headers = { - "content-Type": "application/fhir+json", - "accept": "application/json", "authorization": f"Bearer {auth_service.get_active_access_token()}", "x-correlation-id": str(uuid.uuid4()), } @@ -30,6 +28,7 @@ sqs_url = sqs_client.get_queue_url(QueueName=f"{env_prefix}-mns-notification-queue")[ "QueueUrl" ] + sqs_arn = sqs_client.get_queue_attributes( QueueUrl=sqs_url, AttributeNames=["QueueArn"] )["Attributes"]["QueueArn"] @@ -48,7 +47,7 @@ def get_subscription_id(event_type): }, } try: - response = requests.post(url, headers=headers, data=request_body) + response = requests.post(url, headers=headers, json=request_body) response.raise_for_status() subscription_id = response.json().get("id") return subscription_id @@ -58,8 +57,9 @@ def get_subscription_id(event_type): if __name__ == "__main__": for event, parameter in events.items(): + subscription_id = get_subscription_id(event) ssm_service.update_ssm_parameter( parameter_key=parameter, - parameter_value=get_subscription_id(event), + parameter_value=subscription_id, parameter_type="SecureString", ) From f540a3b94f206c1d0b98e7b66d602b3b43425fc0 Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Mon, 2 Dec 2024 09:11:27 +0000 Subject: [PATCH 11/15] [PRMP-1185] PR changes --- .github/workflows/subscribe-to-mns.yml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index b2a9b150e..cef952e99 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -12,12 +12,8 @@ on: required: true type: string default: development - secrets: - AWS_ASSUME_ROLE: - required: true permissions: - pull-requests: write id-token: write # This is required for requesting the JWT contents: read # This is required for actions/checkout From 56904544b3181633ea03ef920423c8614813b7f8 Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Mon, 2 Dec 2024 12:19:39 +0000 Subject: [PATCH 12/15] [PRMP-1185] change sandbox input to choice --- .github/workflows/subscribe-to-mns.yml | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index cef952e99..0eca8a969 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -6,7 +6,12 @@ on: sandbox: description: Which sandbox would you like to run against? required: true - type: string + type: choice + options: + - ndr-dev + - test + - pre-prod + - prod environment: description: Which environment settings to use? required: true From e78d39e6f1b3b068c83938cff18e08bba273cef1 Mon Sep 17 00:00:00 2001 From: NogaNHS Date: Tue, 10 Dec 2024 08:52:40 +0000 Subject: [PATCH 13/15] prmp-1185 change sandbox name from test to ndr-test --- .github/workflows/subscribe-to-mns.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 0eca8a969..1e74a0682 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -9,7 +9,7 @@ on: type: choice options: - ndr-dev - - test + - ndr-test - pre-prod - prod environment: From 58d367eadebfeed6915381e148afc3462e167eed Mon Sep 17 00:00:00 2001 From: NogaNHS Date: Tue, 10 Dec 2024 08:53:59 +0000 Subject: [PATCH 14/15] prmp-1185 change step name in github actions workflow --- .github/workflows/subscribe-to-mns.yml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 1e74a0682..b5cbc087d 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -48,10 +48,12 @@ jobs: with: python-version: '3.11' cache: 'pip' - - name: Install dependencies and run script + + - name: Install dependencies run: | pip install boto3 requests pyjwt cryptography echo "Installed requirements" + - name: Run script working-directory: ./lambdas run: | From 5cc7b0dd251aee6e2de475eeae1b3a22e6a77425 Mon Sep 17 00:00:00 2001 From: Steph Torres Date: Fri, 20 Dec 2024 14:16:12 +0000 Subject: [PATCH 15/15] add env --- .github/workflows/subscribe-to-mns.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/subscribe-to-mns.yml b/.github/workflows/subscribe-to-mns.yml index 0eca8a969..2a634aa2e 100644 --- a/.github/workflows/subscribe-to-mns.yml +++ b/.github/workflows/subscribe-to-mns.yml @@ -8,6 +8,7 @@ on: required: true type: choice options: + - ndra - ndr-dev - test - pre-prod