Skip to content

Commit

Permalink
Merge pull request #344 from hmcts/DTSPO-15969
Browse files Browse the repository at this point in the history 
DTSPO-15969 Slack Messaging & Very high approval gate
  • Loading branch information
@JordanHoey96
JordanHoey96 authored Mar 20, 2024
2 parents a25ee33 + cedb980 commit 1bb44ed
Show file tree
Hide file tree
Showing 9 changed files with 361 additions and 51 deletions.
253 changes: 207 additions & 46 deletions .github/workflows/parsegithubissue.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,53 +5,104 @@ on:
types:
- opened
- edited
- labeled
workflow_dispatch:
env:
GH_TOKEN: ${{ secrets.PLATFORM_USER_TOKEN }}
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
APPROVAL_STATE: "Pending Approval"
APPROVAL_COMMENT: "Pending Approval"
permissions:
id-token: write
jobs:
parse:
process-request:
permissions: write-all
runs-on: ubuntu-latest
if: ${{ github.event.issue.user.login != 'renovate[bot]' }}
if: github.event.issue.user.login != 'renovate[bot]'
steps:
- name: Add eyes reaction
uses: aidan-mundy/[email protected]
with:
issue-number: ${{ github.event.issue.number }}
reactions: eyes
#Uncomment for troubleshooting
#- name: Dump context
#uses: crazy-max/ghaction-dump-context@v2

#Adds label for user feedback
- name: add processing label
uses: actions-ecosystem/action-add-labels@v1
with:
labels: "Processing"

#Comment if approver is equal to requester
- name: Cannot self approve comment
if: contains(github.event.issue.labels.*.name, 'approved') && github.event.issue.user.login == github.actor || contains(github.event.issue.labels.*.name, 'auto-approved') && github.event.issue.user.login == github.actor
uses: peter-evans/[email protected]
with:
issue-number: ${{ github.event.issue.number }}
body: |
Requester cannot also be approver - please seek a second approver.
#Remove any approval labels if approver is equal to requester
- name: Remove approved label
if: contains(github.event.issue.labels.*.name, 'approved') && github.event.issue.user.login == github.actor || contains(github.event.issue.labels.*.name, 'auto-approved')
uses: actions-ecosystem/action-remove-labels@v1
with:
labels: |
approved
auto-approved
#End workflow if user is equal to requester
- name: exit flow if approver == requester
if: contains(github.event.issue.labels.*.name, 'approved') && github.event.issue.user.login == github.actor || contains(github.event.issue.labels.*.name, 'auto-approved') && github.event.issue.user.login == github.actor
run: exit 1

#if denied label is applied, set approval environment variables appropriately
- name: set denied status
if: contains(github.event.issue.labels.*.name, 'denied')
run: |
echo "APPROVAL_STATE=Denied" >> $GITHUB_ENV
echo "APPROVAL_COMMENT=Denied by ${{ github.actor }}" >> $GITHUB_ENV
#if approval state == denied, close issue
- name: Close Issue with denied
if: env.APPROVAL_STATE == 'Denied'
uses: peter-evans/close-issue@v3
with:
issue-number: ${{ github.event.issue.number }}
comment: |
Your request has been denied by ${{ github.actor }}, most likely due to associated costs being too high.
Closing issue.
#if approval state == denied, remove processing and pending approval labels
- name: Remove labels
uses: actions-ecosystem/action-remove-labels@v1
if: env.PROCESS_SUCCESS == 'false'
if: env.APPROVAL_STATE == 'Denied'
with:
labels: |
Processing
Pending approval
#Remove labels from a previous run if present
- name: Remove labels
if: contains(github.event.issue.labels.*.name, 'Cost Error') || contains(github.event.issue.labels.*.name, 'Pending Approval') || contains(github.event.issue.labels.*.name, 'Success') || contains(github.event.issue.labels.*.name, 'Very high cost')
uses: actions-ecosystem/action-remove-labels@v1
with:
labels: |
Cost Error
Pending approval
Success
Error in form
High Cost
Very high cost
#Allows workflow to access repo
- name: Checkout
uses: actions/checkout@v4
with:
fetch-depth: '0'
token: ${{ env.GH_TOKEN }}

- name: Parse issue
#Parse issue form that trigger workflow
- name: Read submitted issue
id: parse_issue
uses: onmax/[email protected]
with:
issue_number: ${{ github.event.issue.number }}

- name: Show parsed payload data

#Save parsed date into environment variables
- name: Save parsed payload data
run: |
# Using the character `'` to prevent all characters enclosed within
# them from being treated as special characters (e.g. $ or `)
Expand All @@ -60,19 +111,38 @@ jobs:
echo GITHUB_REPO='${{ github.repository }}' >> $GITHUB_ENV
echo ISSUE_NUMBER='${{ github.event.issue.number }}' >> $GITHUB_ENV
#Setup Python
- uses: actions/setup-python@v5
with:
python-version: '3.11'

# Install Python requirements
- name: Install Python Requirements
run: |
pip3 install -r requirements.txt
# Run custom python script to handle form data / apply form verification
- name: process form data
continue-on-error: true
run: |
python ./scripts/file_handling.py
# Remove label if present
- name: Remove error labels
uses: actions-ecosystem/action-remove-labels@v1
if: env.PROCESS_SUCCESS == 'true' && contains(github.event.issue.labels.*.name, 'Error in form')
with:
labels: |
Error in form
# Add form error label if process_success not equal to true
- name: Add error label
if: env.PROCESS_SUCCESS != 'true'
uses: actions-ecosystem/action-add-labels@v1
with:
labels: "Error in form"

# Provide any error messages to user as a comment
- name: Create Issue Comment
if: env.PROCESS_SUCCESS != 'true'
uses: peter-evans/[email protected]
Expand All @@ -82,23 +152,55 @@ jobs:
${{ env.ISSUE_COMMENT }}
Please edit this issue and select "Update comment" to resubmit.
#End workflow if for processing finds an error
- name: exit flow if approver == requester
if: env.PROCESS_SUCCESS != 'true'
run: exit 1

# Login to Azure CLI (for cost analysis)
- name: 'Az CLI login'
uses: azure/login@v1
with:
client-id: 2b6fa9d7-7dba-4600-a58a-5e25554997aa # DTS AKS Auto-Shutdown
tenant-id: 531ff96d-0ae9-462a-8d2d-bec7c0b42082 # HMCTS.NET
allow-no-subscriptions: true

#Run bash script to get Azure resouce details for cost analysis
- name: get aks resource details
if: env.PROCESS_SUCCESS == 'true'
continue-on-error: true
run: ./scripts/aks/resource-details.sh

#Run cost calculator python script
- name: process costs
if: env.PROCESS_SUCCESS == 'true'
continue-on-error: true
run: |
python ./scripts/cost-calculator.py || echo "Calculating cost failed"
#Send slack message if approval_state == denied
- name: Send denied slack message
if: env.APPROVAL_STATE == 'Denied'
run: ./scripts/aks/send-slack-message.sh
env:
SLACK_WEBHOOK: ${{ env.SLACK_WEBHOOK }}
ISSUE_TITLE: ${{ github.event.issue.title }}
CHANGE_JIRA_ID: ${{ env.CHANGE_JIRA_ID }}
REQUEST_URL: ${{ env.REQUEST_URL }}
BUSINESS_AREA_ENTRY: ${{ env.BUSINESS_AREA_ENTRY }}
START_DATE: ${{ env.START_DATE }}
END_DATE: ${{ env.END_DATE }}
COST_DETAILS_FORMATTED: ${{ env.COST_DETAILS_FORMATTED }}
ENVIRONMENT: ${{ env.ENVIRONMENT }}
REQUESTER: ${{ github.event.issue.user.login }}
APPROVAL_COMMENT: ${{ env.APPROVAL_COMMENT }}

#End workflow if approval state == denied
- name: exit flow if denied
if: env.APPROVAL_STATE == 'Denied'
run: exit 1

#Add output of cost calculator as a comment to user
- name: Add cost details as a comment
if: env.PROCESS_SUCCESS == 'true' && env.ERROR_IN_COSTS != 'true'
uses: peter-evans/[email protected]
Expand All @@ -107,6 +209,7 @@ jobs:
body: |
Total estimated cost of skipping shutdown for the provided dates is **£${{ env.COST_DETAILS_FORMATTED }}**
#If cost calculator fails, provide feedback to user as a comment
- name: Add cost error details as a comment
if: env.PROCESS_SUCCESS == 'true' && env.ERROR_IN_COSTS == 'true'
uses: peter-evans/[email protected]
Expand All @@ -115,48 +218,73 @@ jobs:
body: |
We have been unable to estimate the cost of this skip request.
- name: Add high cost label
if: env.COST_DETAILS > 1000
uses: actions-ecosystem/action-add-labels@v1
with:
labels: "High Cost"

#If cost calculator finds an error, add cost error label
- name: Add costs error label
if: env.ERROR_IN_COSTS == 'true'
uses: actions-ecosystem/action-add-labels@v1
with:
labels: "Cost Error"

- name: Remove error labels
uses: actions-ecosystem/action-remove-labels@v1
if: env.PROCESS_SUCCESS == 'true'
#Set approval_state environment var to auto-approved if cost value is less than £5,000
- name: set approved status
if: env.COST_DETAILS < 5000
run: |
echo "APPROVAL_STATE=auto-approved" >> $GITHUB_ENV
echo "APPROVAL_COMMENT=Auto approved" >> $GITHUB_ENV
#Add auto approved label if approval_state == auto-approved
- name: Add auto-approved label
if: env.APPROVAL_STATE == 'auto-approved'
uses: actions-ecosystem/action-add-labels@v1
with:
labels: |
Error in form
Processing
labels: "auto-approved"

- name: Remove labels
uses: actions-ecosystem/action-remove-labels@v1
if: env.PROCESS_SUCCESS == 'false'
#Add auto-approval comment if approval_state == auto-approved
- name: Add auto approval comment
if: env.APPROVAL_STATE == 'auto-approved'
uses: peter-evans/[email protected]
with:
labels: |
Processing
Success
issue-number: ${{ github.event.issue.number }}
body: |
You request has been automatically approved.
- name: Add success label
if: env.PROCESS_SUCCESS == 'true'
#If approval_state == Pending Approval add appropriate labels
- name: Add very high cost label
if: env.APPROVAL_STATE == 'Pending Approval'
uses: actions-ecosystem/action-add-labels@v1
with:
labels: "Success"
labels: |
Pending approval
Very high cost
- name: Add error label
if: env.PROCESS_SUCCESS != 'true'
uses: actions-ecosystem/action-add-labels@v1
#If approval_state == Pending Approval && workflow is running at submission time, not approval time.
- name: Very High Cost approval comment
if: env.APPROVAL_STATE == 'Pending Approval' && github.event.issue.user.login == github.actor
uses: peter-evans/[email protected]
with:
labels: "Error in form"
issue-number: ${{ github.event.issue.number }}
body: |
Due to the level of cost associated with this request, an approval will be required from any additional person. Note, you cannot approve your own request.
#If approved label is applued, set approval variables.
- name: set approved status
if: contains(github.event.issue.labels.*.name, 'approved')
run: |
echo "APPROVAL_STATE=Approved" >> $GITHUB_ENV
echo "APPROVAL_COMMENT=Approved by ${{ github.actor }}" >> $GITHUB_ENV
#Add approval comment if approval_state == Approved
- name: Add auto approval comment
if: env.APPROVAL_STATE == 'Approved'
uses: peter-evans/[email protected]
with:
issue-number: ${{ github.event.issue.number }}
body: |
${{ env.APPROVAL_COMMENT }}
#Commit issue submission to master if approved or auto-approved.
- name: Commit to master
if: env.PROCESS_SUCCESS == 'true'
if: env.PROCESS_SUCCESS == 'true' && env.APPROVAL_STATE == 'Approved' || env.PROCESS_SUCCESS == 'true' && env.APPROVAL_STATE == 'auto-approved'
run: |
git config user.name hmcts-platform-operations
git config user.email [email protected]
Expand All @@ -166,12 +294,45 @@ jobs:
commit_tree_url=$(gh browse -c -n)
commit_url=${commit_tree_url/tree/commit}
echo "COMMIT_URL=$(echo $commit_url)" >> $GITHUB_ENV
#Remove processing label
- name: Remove processing label
uses: actions-ecosystem/action-remove-labels@v1
with:
labels: |
Processing
#Remove pending approval label if approved
- name: Remove processing label
if: env.APPROVAL_STATE == 'Approved'
uses: actions-ecosystem/action-remove-labels@v1
with:
labels: |
Pending approval
- name: Close Issue
if: env.PROCESS_SUCCESS == 'true'
#Close issue if approved
- name: Close Issue with success
if: env.PROCESS_SUCCESS == 'true' && env.APPROVAL_STATE == 'Approved' || env.PROCESS_SUCCESS == 'true' && env.APPROVAL_STATE == 'auto-approved'
uses: peter-evans/close-issue@v3
with:
issue-number: ${{ github.event.issue.number }}
comment: |
Success! Your [commit](${{ env.COMMIT_URL }}) has been added to the json exclusions file.
Auto-closing issue.
Auto-closing issue.
#Send slack message if form parse process is successfull.
- name: Send slack message
if: env.PROCESS_SUCCESS == 'true'
run: ./scripts/aks/send-slack-message.sh
env:
SLACK_WEBHOOK: ${{ env.SLACK_WEBHOOK }}
ISSUE_TITLE: ${{ github.event.issue.title }}
CHANGE_JIRA_ID: ${{ env.CHANGE_JIRA_ID }}
REQUEST_URL: ${{ env.REQUEST_URL }}
BUSINESS_AREA_ENTRY: ${{ env.BUSINESS_AREA_ENTRY }}
START_DATE: ${{ env.START_DATE }}
END_DATE: ${{ env.END_DATE }}
COST_DETAILS_FORMATTED: ${{ env.COST_DETAILS_FORMATTED }}
ENVIRONMENT: ${{ env.ENVIRONMENT }}
REQUESTER: ${{ github.event.issue.user.login }}
APPROVAL_COMMENT: ${{ env.APPROVAL_COMMENT }}
Loading

0 comments on commit 1bb44ed

Please sign in to comment.