-
Notifications
You must be signed in to change notification settings - Fork 62
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge branch 'master' into MHV-42363-radiology-images
- Loading branch information
Showing
2,573 changed files
with
143,135 additions
and
467,480 deletions.
There are no files selected for viewing
Large diffs are not rendered by default.
Oops, something went wrong.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,91 @@ | ||
name: Require backend-review-group approval | ||
on: | ||
pull_request: | ||
types: [opened, reopened, review_requested, synchronize, ready_for_review] | ||
pull_request_review: | ||
types: [submitted] | ||
|
||
jobs: | ||
check-approval-requirements: | ||
permissions: write-all | ||
runs-on: ubuntu-latest | ||
steps: | ||
- name: Checkout code | ||
uses: actions/checkout@v4 | ||
|
||
- name: Configure AWS Credentials | ||
uses: aws-actions/[email protected] | ||
with: | ||
aws-access-key-id: ${{ secrets.aws_access_key_id }} | ||
aws-secret-access-key: ${{ secrets.aws_secret_access_key }} | ||
aws-region: "us-gov-west-1" | ||
|
||
- name: Get bot token from Parameter Store | ||
uses: marvinpinto/action-inject-ssm-secrets@latest | ||
with: | ||
ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN | ||
env_variable_name: VA_VSP_BOT_GITHUB_TOKEN | ||
|
||
|
||
# Find Backend Labels, Approvals and Comments | ||
- name: Find Approval Comment | ||
uses: peter-evans/find-comment@v3 | ||
id: find_backend_approval_comment | ||
with: | ||
issue-number: ${{ github.event.pull_request.number }} | ||
body-includes: Backend-review-group approval confirmed. | ||
|
||
- name: Get backend-review-group members | ||
if: contains(github.event.pull_request.labels.*.name, 'require-backend-approval') | ||
id: get_team_members | ||
uses: octokit/[email protected] | ||
with: | ||
route: GET /orgs/department-of-veterans-affairs/teams/backend-review-group/members | ||
env: | ||
GITHUB_TOKEN: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} | ||
|
||
- name: Check backend-review-group approval status | ||
if: contains(github.event.pull_request.labels.*.name, 'require-backend-approval') | ||
id: check_backend_review_group_approval_status | ||
uses: octokit/[email protected] | ||
with: | ||
route: GET /repos/${{ github.repository }}/pulls/${{ github.event.pull_request.number || github.event.pull_request_review.pull_request.number }}/reviews | ||
env: | ||
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | ||
|
||
- name: Verify backend-review-group approval | ||
if: contains(github.event.pull_request.labels.*.name, 'require-backend-approval') | ||
id: verify_approval | ||
run: | | ||
BACKEND_REVIEWERS=$(cat <<'EOF' | jq -r '.[].login' | tr '\n' '|' | sed 's/|$//' | ||
${{ steps.get_team_members.outputs.data }} | ||
EOF | ||
) | ||
APPROVALS=$(cat <<'EOF' | jq -r '.[] | select(.state == "APPROVED") | .user.login' | grep -iE "$BACKEND_REVIEWERS" | wc -l | ||
${{ steps.check_backend_review_group_approval_status.outputs.data }} | ||
EOF | ||
) | ||
echo "Number of backend-review-group approvals: $APPROVALS" | ||
if [ "$APPROVALS" -eq 0 ]; then | ||
echo "approval_status=required" >> $GITHUB_OUTPUT | ||
exit 1 | ||
else | ||
echo "approval_status=confirmed" >> $GITHUB_OUTPUT | ||
fi | ||
- name: Comment PR - Approval Confirmed | ||
if: success() && steps.verify_approval.outputs.approval_status == 'confirmed' && steps.find_backend_approval_comment.outputs.comment-id == '' | ||
uses: peter-evans/create-or-update-comment@v4 | ||
with: | ||
issue-number: ${{ github.event.pull_request.number }} | ||
body: "Backend-review-group approval confirmed." | ||
|
||
- name: Remove ready-for-review label | ||
if: success() && steps.verify_approval.outputs.approval_status == 'confirmed' && contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review') | ||
uses: actions-ecosystem/action-remove-labels@v1 | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
ready-for-backend-review |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -33,7 +33,7 @@ jobs: | |
uses: aws-actions/[email protected] | ||
with: | ||
mask-password: true | ||
- name: Build Docker Image | ||
- name: Build vets-api Docker Image | ||
uses: docker/build-push-action@v6 | ||
env: | ||
DOCKER_BUILD_SUMMARY: false | ||
|
@@ -63,3 +63,20 @@ jobs: | |
helm package vets-api | ||
aws ecr get-login-password --region us-gov-west-1 | helm registry login --username AWS --password-stdin 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com | ||
helm push vets-api-${{ steps.version.outputs.version }}.tgz oci://008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/dsva/helm | ||
- name: Add Failure label | ||
uses: actions-ecosystem/action-add-labels@v1 | ||
if: ${{ github.event_name == 'pull_request' && failure() && !contains(github.event.pull_request.labels.*.name, 'pe-failure') }} | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
pe-failure | ||
- name: Remove Failure label | ||
uses: actions-ecosystem/action-remove-labels@v1 | ||
if: ${{ github.event_name == 'pull_request' && success() && contains(github.event.pull_request.labels.*.name, 'pe-failure') }} | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
pe-failure |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -30,7 +30,7 @@ jobs: | |
|
||
- name: Check codeowner changes | ||
id: check-codeowner-changes | ||
uses: tj-actions/changed-files@v44 # v36.3.0 | ||
uses: tj-actions/changed-files@v45 # v36.3.0 | ||
with: | ||
files: | | ||
.github/CODEOWNERS | ||
|
@@ -48,4 +48,3 @@ jobs: | |
user_email: '[email protected]' | ||
user_name: 'va-vsp-bot' | ||
commit_message: 'Auto update Atlas with Vets-API CODEOWNERS' | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -20,6 +20,14 @@ jobs: | |
with: | ||
fetch-depth: 2 | ||
|
||
- name: Remove Review label | ||
if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review') | ||
uses: actions-ecosystem/action-remove-labels@v1 | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
ready-for-backend-review | ||
- name: Configure AWS Credentials | ||
uses: aws-actions/[email protected] | ||
with: | ||
|
@@ -41,11 +49,27 @@ jobs: | |
- name: Respond to PR if check CODEOWNERS exists for new files fails | ||
if: ${{ failure() }} | ||
uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0 | ||
uses: thollander/actions-comment-pull-request@e2c37e53a7d2227b61585343765f73a9ca57eda9 # v3.0.0 | ||
with: | ||
message: 'Error: A file (or its parent directories) does not have a CODEOWNERS entry. Please update the .github/CODEOWNERS file and add the entry for the Offending file: ${{ env.offending_file }}' | ||
GITHUB_TOKEN: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} | ||
|
||
- name: Add Failure label | ||
uses: actions-ecosystem/action-add-labels@v1 | ||
if: ${{ failure() }} | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
codeowners-addition-failure | ||
- name: Remove Failure label | ||
uses: actions-ecosystem/action-remove-labels@v1 | ||
if: ${{ success() }} | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
codeowners-addition-failure | ||
check-deletions: | ||
name: Check Codeowners Deletions | ||
runs-on: ubuntu-latest | ||
|
@@ -56,6 +80,14 @@ jobs: | |
with: | ||
fetch-depth: 2 | ||
|
||
- name: Remove Review label | ||
if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review') | ||
uses: actions-ecosystem/action-remove-labels@v1 | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
ready-for-backend-review | ||
- name: Configure AWS Credentials | ||
uses: aws-actions/[email protected] | ||
with: | ||
|
@@ -77,7 +109,23 @@ jobs: | |
- name: Respond to PR if check CODEOWNERS exists for deleted files fails | ||
if: ${{ failure() }} | ||
uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6 # v2.5.0 | ||
uses: thollander/actions-comment-pull-request@e2c37e53a7d2227b61585343765f73a9ca57eda9 # v3.0.0 | ||
with: | ||
message: 'Error: A file (or its parent directories) was deleted but its reference still exists in CODEOWNERS. Please update the .github/CODEOWNERS file and delete the entry for the Offending file: ${{ env.offending_file }}' | ||
GITHUB_TOKEN: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }} | ||
|
||
- name: Add Failure label | ||
uses: actions-ecosystem/action-add-labels@v1 | ||
if: ${{ failure() }} | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
codeowners-delete-failure | ||
- name: Remove Failure label | ||
uses: actions-ecosystem/action-remove-labels@v1 | ||
if: ${{ success() }} | ||
with: | ||
number: ${{ github.event.pull_request.number }} | ||
labels: | | ||
codeowners-delete-failure |
Oops, something went wrong.