Skip to content

Commit ed1bdec

Browse files
refactor: add Status List Mock to Mocks repo (#39)
* refactor: add status list mock in mocks # Conflicts: # status-list-mock/sonar-project.properties * refactor: rename workflows for status list mock * refactor: rename the workflows * refactor: move workflows and rename them * refactor: rename workflow deploy to dev and update PR checks for status list mock * refactor: update workflow dev deploy for status list mock * refactor: update workflow push to main for status list mock * refactor: update conformance workflow for status list mock * refactor: update check oas for drift workflow for status list mock * refactor: update package in dependabot for mock status list * refactor: add status list mock in mocks # Conflicts: # status-list-mock/sonar-project.properties * refactor: rebase my branch * refactor: rename workflow deploy to dev and update PR checks for status list mock * refactor: add status list mock quality gate checks * refactor: add right path for dev deploy status list mock workflow * refactor: rename files and uses in workflows * refactor: add right paths for pr workflow in status list mock * refactor: update push to main workflow for status list mock * refactor: align names and add notify slack workflow * refactor: add pre-commit hooks for status list mock * chore: test pre-commit hooks and format and add --unsafe flag for yaml file * chore: fix the test for failing to test pre-commit hooks * refactor: align with main * refactor: add pre-push in readme instructions * docs: update readme file and add lint fix * style: format * refactor: remove a line from readme * ci: corret path for files * refactor: correct name for workflows * refactor: remove unnecessary pipelines * refactor: correct working directory in dev deploy for status list mock * refactor: add quality gate check in push to main * refactor: remove unnecessary checks * refactor: correct path in conformance * refactor: add install rain command * refactor: update version for rain * refactor: correct path for package lock * refactor: pass the configs as an array * chore: format template * refactor: add right path for crs and oas path * refactor: add ts fiels in config * refactor: remove array and as string * refactor: add array * refactor: remove array and spread from eslint config * refactor: add array * fix: resolve deprecated tseslint.config signature warning * chore: revert the code back * fix: import defineConfig * refactor: add back exclude in pre-commit config file and add for status list mock * refactor: update package json * refactor: update package lock json * refactor: resolve PR comments * refactor: add back important info in readme file and format * refactor: crs spec is aligned with crs-backend * chore: check yaml testing * refactor: remove install command for rain * refactor: add working directory in dev deploy workflow for status list mock * refactor: correct name of the workflow in readme * refactor: correct path in quality gate * refactor: correct name for workflow * refactor: add the new service in the readme * refactor: remove checkov section from readme * refactor: correct name of the workflow for sts mock * refactor: add running checks manually section in readme * refactor: correct secret name for dev * refactor: correct secret name for build * refactor: add right path for package lock file * refactor: add right path for package lock file * refactor: add right path * refactor: add signing profile name for build and dev * refactor: add jobs from workflows in quality gate * refactor: add job for checkov in pre-upload * refactor: update quality gate with remaining jobs
1 parent 0e99287 commit ed1bdec

71 files changed

Lines changed: 14024 additions & 27 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.github/dependabot.yml

Lines changed: 19 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -30,3 +30,22 @@ updates:
3030
prefix: chore
3131
cooldown:
3232
default-days: 7
33+
- package-ecosystem: "npm"
34+
directory: "/status-list-mock"
35+
cooldown:
36+
default-days: 7
37+
schedule:
38+
interval: "weekly"
39+
day: "monday"
40+
time: "06:00"
41+
labels:
42+
- dependencies
43+
commit-message:
44+
prefix: chore
45+
groups:
46+
npm-updates:
47+
patterns:
48+
- "*"
49+
update-types:
50+
- "minor"
51+
- "patch"

.github/workflows/check-sam-template-formatting.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -22,7 +22,7 @@ jobs:
2222

2323
- name: Install Rain
2424
env:
25-
VERSION: v1.24.3
25+
VERSION: v1.24.4
2626
ARCH: linux-amd64
2727
run: |
2828
wget -q "https://github.com/aws-cloudformation/rain/releases/download/${VERSION}/rain-${VERSION}_${ARCH}.zip"
Lines changed: 22 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,22 @@
1+
name: Notify Slack on Failure
2+
3+
on:
4+
workflow_call:
5+
secrets:
6+
GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL:
7+
required: true
8+
9+
jobs:
10+
notify-slack-on-failure:
11+
name: Notify Slack on Failure
12+
runs-on: ubuntu-24.04
13+
permissions: {}
14+
steps:
15+
- name: Send Slack alert
16+
uses: slackapi/slack-github-action@45a88b9581bfab2566dc881e2cd66d334e621e2c # v3.0.3
17+
with:
18+
webhook: ${{ secrets.GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL }}
19+
webhook-type: incoming-webhook
20+
payload: |
21+
"repository": "${{ github.repository }}"
22+
"run": ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
Lines changed: 55 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,55 @@
1+
name: Status List Mock - Check OAS for Drift
2+
on:
3+
schedule:
4+
# runs at midnight every day
5+
- cron: '0 0 * * *'
6+
workflow_dispatch:
7+
workflow_call:
8+
secrets:
9+
WALLET_CRS_DEPLOY_KEY:
10+
required: true
11+
GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL:
12+
required: true
13+
14+
concurrency:
15+
group: ${{ github.workflow }}-${{ github.ref }}
16+
cancel-in-progress: true
17+
18+
jobs:
19+
check-oas-for-drift:
20+
name: Check Status List OAS for Drift
21+
runs-on: ubuntu-24.04
22+
timeout-minutes: 15
23+
permissions:
24+
contents: read
25+
env:
26+
CRS_CHECKOUT_PATH: status-list-mock/crs-backend
27+
CRS_OAS_PATH: backend/openApiSpecs/crs-private-spec.yaml
28+
LOCAL_OAS_PATH: status-list-mock/openApiSpec/crs/crs-private-spec.yaml
29+
30+
steps:
31+
- name: Check out OP Mocks repo
32+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
33+
34+
- name: Checkout CRS repo
35+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
36+
with:
37+
repository: govuk-one-login/crs-backend
38+
path: ${{ env.CRS_CHECKOUT_PATH }}
39+
ref: 'main'
40+
ssh-key: ${{ secrets.WALLET_CRS_DEPLOY_KEY }}
41+
42+
- name: Check OAS for drift
43+
uses: oasdiff/oasdiff-action/diff@e7609f171f253c3e2be2a2e5c508f749ca476a07 # v0.0.45
44+
with:
45+
base: ${{ env.CRS_CHECKOUT_PATH }}/${{ env.CRS_OAS_PATH }}
46+
revision: ${{ env.LOCAL_OAS_PATH }}
47+
fail-on-diff: true
48+
49+
notify-slack-on-failure:
50+
name: Notify Slack on Failure
51+
needs: [ check-oas-for-drift ]
52+
if: failure()
53+
uses: ./.github/workflows/notify-slack-on-failure.yml
54+
secrets:
55+
GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL: ${{ secrets.GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL }}
Lines changed: 58 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,58 @@
1+
name: OAS Conformance Tests
2+
3+
on:
4+
schedule:
5+
# runs at midnight every day
6+
- cron: '0 0 * * *'
7+
workflow_dispatch:
8+
inputs:
9+
environment:
10+
description: Target environment to run conformance tests against
11+
required: true
12+
default: build
13+
type: choice
14+
options:
15+
- dev
16+
- build
17+
18+
concurrency:
19+
group: ${{ github.workflow }}-${{ inputs.environment || 'build' }}
20+
cancel-in-progress: true
21+
22+
jobs:
23+
conformance-tests:
24+
name: Prism Conformance Tests (${{ inputs.environment || 'build' }})
25+
runs-on: ubuntu-24.04
26+
timeout-minutes: 15
27+
permissions:
28+
contents: read
29+
env:
30+
UPSTREAM_URL: ${{ inputs.environment == 'build' && 'https://status-list-mock.wallet-onboarding.build.account.gov.uk' || 'https://status-list-mock.wallet-onboarding.dev.account.gov.uk' }}
31+
steps:
32+
- name: Check out repository code
33+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
34+
35+
- name: Set up Node.js
36+
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
37+
with:
38+
node-version-file: status-list-mock/.nvmrc
39+
cache: npm
40+
cache-dependency-path: status-list-mock/package-lock.json
41+
42+
- name: Install dependencies
43+
run: npm ci --ignore-scripts
44+
45+
- name: Run Prism conformance tests
46+
run: npm run test:conformance:ci
47+
48+
- name: Stop Prism
49+
if: always()
50+
run: pkill -f "prism proxy" || true
51+
52+
notify-slack-on-failure:
53+
name: Notify Slack on Failure
54+
needs: [ conformance-tests ]
55+
if: failure()
56+
uses: ./.github/workflows/notify-slack-on-failure.yml
57+
secrets:
58+
GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL: ${{ secrets.GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL }}

.github/workflows/status-list-mock-dev-deploy.yml

Lines changed: 40 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -17,8 +17,47 @@ jobs:
1717
permissions:
1818
id-token: write
1919
contents: read
20+
defaults:
21+
run:
22+
working-directory: ./status-list-mock
2023
steps:
2124
- name: Check out repository code
2225
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
2326
with:
24-
ref: ${{ inputs.gitRef }}
27+
ref: ${{ inputs.gitRef }}
28+
29+
- name: Set up Node.js
30+
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
31+
with:
32+
node-version-file: status-list-mock/.nvmrc
33+
cache: npm
34+
cache-dependency-path: status-list-mock/package-lock.json
35+
36+
- name: Configure AWS credentials
37+
uses: aws-actions/configure-aws-credentials@ec61189d14ec14c8efccab744f656cffd0e33f37 # v6.1.0
38+
with:
39+
role-to-assume: ${{ secrets.DEV_STATUS_LIST_MOCK_GH_ACTIONS_ROLE_ARN }}
40+
aws-region: eu-west-2
41+
42+
- name: Set up SAM CLI
43+
uses: aws-actions/setup-sam@89ddb14d60e682855e3fea4be85b3c56485de310 # v3
44+
with:
45+
version: 1.132.0
46+
use-installer: true
47+
48+
- name: Validate SAM template
49+
run: |
50+
echo "SAM_CLI_TELEMETRY=0" >> $GITHUB_ENV
51+
sam validate --lint
52+
53+
- name: Build SAM template
54+
run: sam build --parallel
55+
56+
- name: Upload SAM artifacts
57+
# Upload the built SAM application artifacts to the deployment pipeline S3 bucket
58+
uses: govuk-one-login/devplatform-upload-action@5879c30205266ad61e8299a4fcea76364530c9c1 # v3.14.0
59+
with:
60+
artifact-bucket-name: ${{ secrets.DEV_STATUS_LIST_MOCK_GH_ARTIFACT_SOURCE_BUCKET_NAME }}
61+
signing-profile-name: ${{ secrets.DEV_STATUS_LIST_MOCK_SIGNING_PROFILE_NAME }}
62+
template-file: .aws-sam/build/template.yaml
63+
working-directory: ./status-list-mock
Lines changed: 105 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,105 @@
1+
name: Status List Mock - Pull Request Checks
2+
3+
on:
4+
pull_request:
5+
types:
6+
- opened
7+
- reopened
8+
- ready_for_review
9+
- synchronize
10+
paths:
11+
- status-list-mock/**
12+
- .github/workflows/status-list-mock-pull-request-checks.yml
13+
14+
concurrency:
15+
group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }}
16+
cancel-in-progress: true
17+
18+
permissions:
19+
id-token: write
20+
contents: read
21+
22+
jobs:
23+
check-sam-template-formatting:
24+
name: Check SAM template formatting
25+
uses: ./.github/workflows/check-sam-template-formatting.yml
26+
with:
27+
working-directory: ./status-list-mock
28+
29+
validate-and-build-sam-template:
30+
name: Validate and build SAM template
31+
runs-on: ubuntu-24.04
32+
timeout-minutes: 15
33+
defaults:
34+
run:
35+
working-directory: ./status-list-mock
36+
steps:
37+
- name: Check out repository code
38+
uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
39+
with:
40+
fetch-depth: 0
41+
42+
- name: Set up Node.js
43+
uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
44+
with:
45+
node-version-file: status-list-mock/.nvmrc
46+
cache: npm
47+
cache-dependency-path: status-list-mock/package-lock.json
48+
49+
- name: Install dependencies
50+
run: npm ci
51+
52+
- name: Check code formatting
53+
run: npm run format:check
54+
55+
- name: Run the linter
56+
run: npm run lint
57+
58+
- name: Run unit tests
59+
run: npm run test
60+
61+
- name: Set up SAM CLI
62+
uses: aws-actions/setup-sam@89ddb14d60e682855e3fea4be85b3c56485de310 # v3
63+
with:
64+
version: 1.132.0
65+
use-installer: true
66+
67+
- name: Validate SAM template
68+
run: |
69+
echo "SAM_CLI_TELEMETRY=0" >> $GITHUB_ENV
70+
sam validate --lint
71+
72+
- name: Build SAM template
73+
run: sam build --parallel
74+
75+
- name: SonarQube Scan
76+
if: ${{ github.actor != 'dependabot[bot]' }}
77+
uses: sonarsource/sonarqube-scan-action@59db25f34e16620e48ab4bb9e4a5dce155cb5432 # v8.0.0
78+
with:
79+
projectBaseDir: ./status-list-mock
80+
env:
81+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
82+
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
83+
84+
- name: Check SonarQube quality gate
85+
if: ${{ github.actor != 'dependabot[bot]' }}
86+
uses: SonarSource/sonarqube-quality-gate-action@cf038b0e0cdecfa9e56c198bbb7d21d751d62c3b # v1.2.0
87+
timeout-minutes: 5
88+
env:
89+
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
90+
with:
91+
scanMetadataReportFile: status-list-mock/.scannerwork/report-task.txt
92+
93+
run-checkov:
94+
name: Run Checkov
95+
uses: ./.github/workflows/run-checkov.yml
96+
with:
97+
file-to-scan: status-list-mock/template.yaml
98+
99+
check-oas-for-drift:
100+
name: Check Status List OAS for drift
101+
uses: ./.github/workflows/status-list-mock-check-oas-for-drift.yml
102+
if: github.event.pull_request.user.login != 'dependabot[bot]'
103+
secrets:
104+
WALLET_CRS_DEPLOY_KEY: ${{ secrets.WALLET_CRS_DEPLOY_KEY }}
105+
GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL: ${{ secrets.GH_WORKFLOW_FAILURE_BOT_SLACK_WEBHOOK_URL }}

0 commit comments

Comments
 (0)