Create 2025-03-05 #1253
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Post content to Lighthouse Platform Backend (LPB) | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| - reopened | |
| - closed | |
| branches: [main] | |
| jobs: | |
| gather_content: | |
| name: Gather the changed content | |
| runs-on: ubuntu-latest | |
| outputs: | |
| rename_warning: ${{ steps.get_target_environment.outputs.rename_warning }} | |
| target_environment: ${{ steps.get_target_environment.outputs.target_environment }} | |
| steps: | |
| - id: get_target_environment | |
| name: Determine Target Environment | |
| run: | | |
| TARGET_ENVIRONMENT="development" | |
| if [ "${{ github.event.pull_request.merged }}" == "true" ]; then | |
| TARGET_ENVIRONMENT="production" | |
| fi | |
| echo $TARGET_ENVIRONMENT | |
| echo "target_environment=$TARGET_ENVIRONMENT" >> $GITHUB_OUTPUT | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - id: pr_files | |
| uses: Ana06/[email protected] | |
| - id: upload_content | |
| name: Find files and send them | |
| continue-on-error: true | |
| run: | | |
| # If it's a PR change from a space delimited list to one file per line | |
| if [ "${{ steps.pr_files.outputs.added_modified_renamed }}" != "" ]; then | |
| touch changed-files.txt | |
| for f in `echo "${{ steps.pr_files.outputs.added_modified_renamed }}"`; do | |
| echo $f >> changed-files.txt | |
| done | |
| fi | |
| if [ "${{ steps.pr_files.outputs.renamed }}" != "" ]; then | |
| echo "rename_warning=TRUE" >> $GITHUB_OUTPUT | |
| fi | |
| echo "Expected files changes:" | |
| cat changed-files.txt | |
| - name: Save changed files list | |
| uses: actions/upload-artifact@v4 | |
| with: | |
| name: changed-files | |
| path: changed-files.txt | |
| send_content_to_development: | |
| name: Send content to development LPB | |
| needs: [gather_content] | |
| environment: | |
| name: development | |
| url: https://dev-developer.va.gov | |
| runs-on: ubuntu-latest | |
| if: needs.gather_content.outputs.target_environment == 'development' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: NPM install | |
| run: npm ci | |
| - id: get_bearer_token | |
| if: github.actor != 'dependabot[bot]' | |
| name: Get Bearer Token | |
| env: | |
| LPB_HOST: 'dev-api.va.gov' | |
| LPB_CLIENT_ID: ${{ secrets.LPB_CLIENT_ID }} | |
| LPB_RSA_TOKEN: ${{ secrets.LPB_RSA_SECRET }} | |
| OKTA_TOKEN_AUD: 'https://deptva-eval.okta.com/oauth2/ausg95zxf6dFPccy02p7/v1/token' | |
| run: | |
| echo "$LPB_RSA_TOKEN" > ./rsa.pem; | |
| ls -la; | |
| wc -l ./rsa.pem; | |
| node ./get-bearer-token.js $LPB_CLIENT_ID ./rsa.pem $LPB_HOST $OKTA_TOKEN_AUD; | |
| BEARER_TOKEN=`cat ./bearer.token`; | |
| echo "bearer_token=$BEARER_TOKEN" >> $GITHUB_ENV; | |
| - name: Get file list | |
| uses: actions/download-artifact@v4 | |
| if: github.actor != 'dependabot[bot]' | |
| with: | |
| name: changed-files | |
| - name: Send content to development | |
| if: github.actor != 'dependabot[bot]' | |
| env: | |
| LPB_HOST: 'dev-api.va.gov' | |
| run: | |
| for n in `cat changed-files.txt | grep content/`; do | |
| echo "Posting $n to LPB"; | |
| DATE_STRING=`echo $n | sed 's/[\/\.a-z\-]//g' | sed -E 's/([0-9]{4})([0-9]{2})([0-9]{2})/\1-\2-\3/'`; | |
| CONTENT_STRING=`cat $n | base64 -w 0`; | |
| TARGET_API=`echo $n | sed -E 's/.*\/([a-z\-]{1,})\/release-notes.*/\1/'`; | |
| echo "Target URL https://$LPB_HOST/internal/platform-backend/v0/providers/$TARGET_API/release-notes"; | |
| curl | |
| --request POST | |
| --header 'Content-Type:application/json' | |
| --header "Authorization:Bearer ${{ env.bearer_token }}" | |
| --data "{\"date\":\"$DATE_STRING\",\"content\":\"base64:$CONTENT_STRING\"}" | |
| https://$LPB_HOST/internal/platform-backend/v0/providers/$TARGET_API/release-notes; | |
| done; | |
| - name: Comment on PR | |
| uses: actions/github-script@v7 | |
| if: github.actor != 'dependabot[bot]' | |
| with: | |
| script: | | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: 'These changes have been pushed to [dev](https://dev-developer.va.gov/).' | |
| }) | |
| - name: Previously Merged Warning Comment on PR | |
| uses: actions/github-script@v7 | |
| if: | | |
| needs.gather_content.outputs.rename_warning == 'TRUE' && | |
| github.actor != 'dependabot[bot]' | |
| with: | |
| script: | | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: 'If this release note was merged to the `main` branch on another PR, you will need to reach out to [Team Okapi](https://lighthouseva.slack.com/archives/C01931CFMTQ) to remove the copy that remains on the previous date.' | |
| }) | |
| send_content_to_production: | |
| name: Send content to production LPB | |
| needs: [gather_content] | |
| environment: | |
| name: production | |
| url: https://developer.va.gov | |
| runs-on: ubuntu-latest | |
| if: needs.gather_content.outputs.target_environment == 'production' | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: NPM install | |
| run: npm ci | |
| - id: get_bearer_token | |
| if: github.actor != 'dependabot[bot]' | |
| name: Get Bearer Token | |
| env: | |
| LPB_HOST: 'api.va.gov' | |
| LPB_CLIENT_ID: ${{ secrets.LPB_CLIENT_ID }} | |
| LPB_RSA_TOKEN: ${{ secrets.LPB_RSA_SECRET }} | |
| OKTA_TOKEN_AUD: 'https://va.okta.com/oauth2/ausdppulkgBFJDZZe297/v1/token' | |
| run: | |
| echo "$LPB_RSA_TOKEN" > ./rsa.pem; | |
| ls -la; | |
| wc -l ./rsa.pem; | |
| node ./get-bearer-token.js $LPB_CLIENT_ID ./rsa.pem $LPB_HOST $OKTA_TOKEN_AUD; | |
| BEARER_TOKEN=`cat ./bearer.token`; | |
| echo "bearer_token=$BEARER_TOKEN" >> $GITHUB_ENV; | |
| - name: Get file list | |
| uses: actions/download-artifact@v4 | |
| if: github.actor != 'dependabot[bot]' | |
| with: | |
| name: changed-files | |
| - name: Send content to production | |
| env: | |
| LPB_HOST: 'api.va.gov' | |
| if: github.actor != 'dependabot[bot]' | |
| run: | |
| for n in `cat changed-files.txt | grep content/`; do | |
| echo "Posting $n to LPB"; | |
| DATE_STRING=`echo $n | sed 's/[\/\.a-z\-]//g' | sed -E 's/([0-9]{4})([0-9]{2})([0-9]{2})/\1-\2-\3/'`; | |
| CONTENT_STRING=`cat $n | base64 -w 0`; | |
| TARGET_API=`echo $n | sed -E 's/.*\/([a-z\-]{1,})\/release-notes.*/\1/'`; | |
| echo "Target URL https://$LPB_HOST/internal/platform-backend/v0/providers/$TARGET_API/release-notes"; | |
| curl | |
| --request POST | |
| --header 'Content-Type:application/json' | |
| --header "Authorization:Bearer ${{ env.bearer_token }}" | |
| --data "{\"date\":\"$DATE_STRING\",\"content\":\"base64:$CONTENT_STRING\"}" | |
| https://$LPB_HOST/internal/platform-backend/v0/providers/$TARGET_API/release-notes; | |
| done; | |
| - name: Comment on PR | |
| uses: actions/github-script@v7 | |
| if: github.actor != 'dependabot[bot]' | |
| with: | |
| script: | | |
| github.rest.issues.createComment({ | |
| issue_number: context.issue.number, | |
| owner: context.repo.owner, | |
| repo: context.repo.repo, | |
| body: 'These changes have been pushed to [production](https://developer.va.gov/).' | |
| }) | |
| send_notifications: | |
| name: Send Slack notification for newly published release notes | |
| needs: [gather_content, send_content_to_production] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout | |
| uses: actions/checkout@v4 | |
| with: | |
| fetch-depth: 0 | |
| - name: Get file list | |
| uses: actions/download-artifact@v4 | |
| if: github.actor != 'dependabot[bot]' | |
| with: | |
| name: changed-files | |
| - id: get_urls_list | |
| name: Get list of URLs with new release notes | |
| if: github.actor != 'dependabot[bot]' | |
| continue-on-error: true | |
| run: | | |
| # In practice this should only have a single API per merged | |
| # release note but because there isn't a technical limitation | |
| # that means it can't we need to build it to support multiples | |
| # Empty string of URLs with new release notes | |
| URLS="" | |
| # Download legacy.json file so we can get the url_slugs | |
| wget -O legacy.json https://developer.va.gov/platform-backend/v0/providers/transformations/legacy.json?environment=sandbox | |
| # Loop over the list of changed release note files | |
| for n in `cat changed-files.txt | grep content/ | grep release-notes`; do | |
| TARGET_API=`echo $n | sed -E 's/.*\/([a-z\-]{1,})\/release-notes.*/\1/'`; | |
| TARGET_API_NAME=`jq -r ".[].apis[] | select(.altID==\"$TARGET_API\" or .urlSlug==\"$TARGET_API\") | .name" legacy.json`; | |
| TARGET_URL_SLUG=`jq -r ".[].apis[] | select(.altID==\"$TARGET_API\" or .urlSlug==\"$TARGET_API\") | .urlSlug" legacy.json`; | |
| URLS+="[$TARGET_API_NAME release notes](https://developer.va.gov/explore/api/$TARGET_URL_SLUG/release-notes)\n"; | |
| done | |
| echo "URLs: $URLS" | |
| echo "urls=${URLS}" >> $GITHUB_OUTPUT | |
| - name: Send Slack notification on success | |
| if: github.actor != 'dependabot[bot]' && success() | |
| uses: slackapi/slack-github-action@v2 | |
| with: | |
| method: chat.postMessage | |
| token: ${{ secrets.SLACK_BOT_TOKEN }} | |
| payload: | | |
| # This ID is for #team-marmoset-alerts in Lighthouse Slack | |
| channel: C02B97B1WUR | |
| text: "Developer Portal Content Update" | |
| blocks: | |
| - type: "section" | |
| text: | |
| type: "mrkdwn" | |
| text: "A new release note has been posted to the developer portal. Please see the following links:" | |
| - type: "section" | |
| text: | |
| type: "mrkdwn" | |
| text: "${{ steps.get_urls_list.outputs.urls }}" | |
| - id: send_slack_failure_message | |
| if: github.actor != 'dependabot[bot]' && failure() | |
| uses: slackapi/slack-github-action@v2 | |
| with: | |
| method: chat.postMessage | |
| token: ${{ secrets.SLACK_BOT_TOKEN }} | |
| payload: | | |
| # This ID is for #team-okapi-alerts in Lighthouse Slack | |
| channel: C05HL4MTAFR | |
| text: "Developer Portal Content Slack Notification Failure" | |
| blocks: | |
| - type: "section" | |
| text: | |
| type: "mrkdwn" | |
| text: "The Marmoset Release Note alert failed in the Developer Portal Content repository." | |
| - type: "section" | |
| text: | |
| type: "mrkdwn" | |
| text: "@teamokapi please investigate." |