Task/saet 0000 baseline set up by JackCullen-nhs · Pull Request #16 · NHSDigital/patient-triage-api

JackCullen-nhs · 2026-02-20T13:42:49Z

Description

Context

Type of changes

Refactoring (non-breaking change)
New feature (non-breaking change which adds functionality)
Breaking change (fix or feature that would change existing functionality)
Bug fix (non-breaking change which fixes an issue)

Checklist

I am familiar with the contributing guidelines
I have followed the code style of the project
I have added tests to cover my changes
I have updated the documentation accordingly
This PR is a result of pair or mob programming

Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.

I confirm that neither PII/PID nor sensitive data are included in this PR and the codebase changes.

…as well

.github/actions/artefact-cleardown/action.yaml

+      id: delete_artefacts
+      shell: bash
+      run: |
+        export WORKSPACE=${{inputs.workspace}}


.github/actions/artefact-cleardown/action.yaml

+      shell: bash
+      run: |
+        export WORKSPACE=${{inputs.workspace}}
+        export ARTEFACT_BUCKET_NAME=${{inputs.artefact_bucket_name}}


.github/actions/check-tf-state/action.yaml

+      id: delete_tf_state
+      shell: bash
+      run: |
+        export WORKSPACE=${{inputs.workspace}}


.github/actions/check-tf-state/action.yaml

+      shell: bash
+      run: |
+        export WORKSPACE=${{inputs.workspace}}
+        export ENVIRONMENT=${{inputs.environment}}


.github/actions/derive-workspace/action.yaml

+        export TRIGGER=${{ github.ref_type }}
+        export TRIGGER_ACTION=${{ github.event_name }}
+        export TRIGGER_REFERENCE=${{ github.ref_name }}
+        export TRIGGER_HEAD_REFERENCE=${{ github.head_ref }}


.github/workflows/deploy-data-migration-project.yaml

+            echo "working_directory=services/${{ inputs.name }}" >> $GITHUB_OUTPUT
+            echo "build_directory=build/services/${{ inputs.name }}" >> $GITHUB_OUTPUT
+          elif [[ "${{ inputs.build_type }}" == "package" ]]; then
+            echo "working_directory=application/packages/${{ inputs.name }}" >> $GITHUB_OUTPUT


.github/workflows/deploy-data-migration-project.yaml

+            echo "build_directory=build/services/${{ inputs.name }}" >> $GITHUB_OUTPUT
+          elif [[ "${{ inputs.build_type }}" == "package" ]]; then
+            echo "working_directory=application/packages/${{ inputs.name }}" >> $GITHUB_OUTPUT
+            echo "build_directory=build/packages/${{ inputs.name }}" >> $GITHUB_OUTPUT


.github/workflows/deploy-data-migration-project.yaml

+            echo "working_directory=application/packages/${{ inputs.name }}" >> $GITHUB_OUTPUT
+            echo "build_directory=build/packages/${{ inputs.name }}" >> $GITHUB_OUTPUT
+          else
+            echo "Invalid build type: ${{ inputs.build_type }}"


.github/workflows/infrastructure-cleardown.yaml

+name: Cleardown Infrastructure
+
+permissions:
+      id-token: write


.github/workflows/infrastructure-cleardown.yaml

+
+permissions:
+      id-token: write
+      contents: read


sonarqubecloud · 2026-02-20T15:29:43Z

Quality Gate failed

Failed conditions
8 Security Hotspots
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

ri-nhs and others added 30 commits February 20, 2026 13:25

fix: Move docker scripts from ftrs as check english work with that

94d6741

fix: Minor change

ab2a418

fix: Minor changes to script

56764d8

fix: Add tfvars such that they are not ignored

2a9031b

fix: Add github runner tfvars to infrastructure folder

6c7355d

fix: Remove mgmt as it is not currently present

24e4708

fix: Remove project_name variable and use project instead

ff12b1e

fix: Use the correct role as the repo name changed the roles created …

4d4c149

…as well

fix: Handle check english error

069e5af

fix: The formatting issue

5bd03dc

fix: change the name

3b7de4d

fix: Added for testing

c234a94

Adding the account polices stack and using the pipeline to deploy this

d55c4bb

Added JMeter to vale accept and fixed spacing issue in json

771aa57

fix: handle check file format issue

10df9d0

fix: Add stack account_policies to plan and apply

aaf5ea4

fix: Remove athena as it is not used

e820615

fix: Remove trailing white space

d398fa4

fix: Add the data ro policy which was mistakenly deleted

8b272bc

fix: SAET-0000 check format issue

6f3b9e3

fix: SAET-0000 replace template with simple json logic

efa17b3

fix: SAET-0000 Remove unwanted stacks for now

f5bd0e2

fix: SAET-0000 Add account security stack tfvars

0e7115f

fix: SAET-0000 Add tfvars for terraform management

a12246d

fix: SAET-0000 Add for testing the pipeline

826440e

fix: SAET-0000 Handle create service linked role error

68eefc3

Adding the account wide stack

7b0b802

Adding the kms module

e5f2921

Adding the kms to the s3 bucket

e9ac333

adding fixes to the account wide stack

4d1a807

Fixing github runner in mgmt account

0ee52bd

JackCullen-nhs requested review from Richard-NHS, anwa-nhs and ri-nhs February 20, 2026 13:42

JackCullen-nhs self-assigned this Feb 20, 2026

github-advanced-security bot found potential problems Feb 20, 2026

View reviewed changes

Ensuring proper branch naming conventions

eb543db

JackCullen-nhs force-pushed the task/SAET-0000_Baseline_set_up branch from b7ab804 to eb543db Compare February 20, 2026 14:33

JackCullen-nhs temporarily deployed to dev February 20, 2026 14:33 — with GitHub Actions Inactive

JackCullen-nhs had a problem deploying to dev February 20, 2026 14:33 — with GitHub Actions Failure

JackCullen-nhs temporarily deployed to dev February 20, 2026 14:33 — with GitHub Actions Inactive

JackCullen-nhs temporarily deployed to mgmt February 20, 2026 14:34 — with GitHub Actions Inactive

JackCullen-nhs deployed to mgmt February 20, 2026 14:34 — with GitHub Actions Active

JackCullen-nhs temporarily deployed to mgmt February 20, 2026 14:34 — with GitHub Actions Inactive

JackCullen-nhs temporarily deployed to dev February 20, 2026 14:34 — with GitHub Actions Inactive

testing signed commits

cf77f17

JackCullen-nhs temporarily deployed to dev February 20, 2026 15:29 — with GitHub Actions Inactive

JackCullen-nhs deployed to dev February 20, 2026 15:29 — with GitHub Actions Active

JackCullen-nhs requested review from mmg-nhse February 20, 2026 15:30

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Comments

Task/saet 0000 baseline set up#16

Task/saet 0000 baseline set up#16
JackCullen-nhs wants to merge 181 commits intodevelopfrom
task/SAET-0000_Baseline_set_up

JackCullen-nhs commented Feb 20, 2026

Uh oh!

Check failure

Check failure

Check failure

Check failure

Check failure

Check failure

Check failure

Check failure

Check notice

Check notice

sonarqubecloud bot commented Feb 20, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Comments

Conversation

JackCullen-nhs commented Feb 20, 2026

Description

Context

Type of changes

Checklist

Sensitive Information Declaration

Uh oh!

Check failure

Check failure

Check failure

Check failure

Check failure

Check failure

Check failure

Check failure

Check notice

Check notice

sonarqubecloud bot commented Feb 20, 2026

Quality Gate failed

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants