Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
181 commits
Select commit Hold shift + click to select a range
94d6741
fix: Move docker scripts from ftrs as check english work with that
ri-nhs Jan 22, 2026
ab2a418
fix: Minor change
ri-nhs Jan 22, 2026
56764d8
fix: Minor changes to script
ri-nhs Jan 22, 2026
2a9031b
fix: Add tfvars such that they are not ignored
ri-nhs Jan 22, 2026
6c7355d
fix: Add github runner tfvars to infrastructure folder
ri-nhs Jan 22, 2026
24e4708
fix: Remove mgmt as it is not currently present
ri-nhs Jan 22, 2026
ff12b1e
fix: Remove project_name variable and use project instead
ri-nhs Jan 22, 2026
4d4c149
fix: Use the correct role as the repo name changed the roles created …
ri-nhs Jan 22, 2026
069e5af
fix: Handle check english error
ri-nhs Jan 23, 2026
5bd03dc
fix: The formatting issue
ri-nhs Jan 23, 2026
3b7de4d
fix: change the name
ri-nhs Jan 23, 2026
c234a94
fix: Added for testing
ri-nhs Jan 23, 2026
d55c4bb
Adding the account polices stack and using the pipeline to deploy this
JackCullen-nhs Jan 23, 2026
771aa57
Added JMeter to vale accept and fixed spacing issue in json
JackCullen-nhs Jan 23, 2026
10df9d0
fix: handle check file format issue
ri-nhs Jan 23, 2026
aaf5ea4
fix: Add stack account_policies to plan and apply
ri-nhs Jan 23, 2026
e820615
fix: Remove athena as it is not used
ri-nhs Jan 23, 2026
d398fa4
fix: Remove trailing white space
ri-nhs Jan 23, 2026
8b272bc
fix: Add the data ro policy which was mistakenly deleted
ri-nhs Jan 23, 2026
6f3b9e3
fix: SAET-0000 check format issue
ri-nhs Jan 23, 2026
efa17b3
fix: SAET-0000 replace template with simple json logic
ri-nhs Jan 23, 2026
f5bd0e2
fix: SAET-0000 Remove unwanted stacks for now
ri-nhs Jan 23, 2026
0e7115f
fix: SAET-0000 Add account security stack tfvars
ri-nhs Jan 23, 2026
a12246d
fix: SAET-0000 Add tfvars for terraform management
ri-nhs Jan 23, 2026
826440e
fix: SAET-0000 Add for testing the pipeline
ri-nhs Jan 24, 2026
68eefc3
fix: SAET-0000 Handle create service linked role error
ri-nhs Jan 26, 2026
7b0b802
Adding the account wide stack
JackCullen-nhs Jan 27, 2026
e5f2921
Adding the kms module
JackCullen-nhs Jan 27, 2026
e9ac333
Adding the kms to the s3 bucket
JackCullen-nhs Jan 27, 2026
4d1a807
adding fixes to the account wide stack
JackCullen-nhs Jan 27, 2026
485671b
adding fixes to the account wide stack s3 specifically
JackCullen-nhs Jan 27, 2026
612aae7
adding fixes to the account wide stack cidr block ranges specifically
JackCullen-nhs Jan 28, 2026
4c651aa
Fixed a botched edit of teh json
JackCullen-nhs Jan 28, 2026
4374703
Removed db subnet from locals in the vpc.tf
JackCullen-nhs Jan 28, 2026
d0c42d7
Removed db subnet from locals in the vpc.tf
JackCullen-nhs Jan 28, 2026
1199fec
Removed db subnet from locals in the vpc.tf
JackCullen-nhs Jan 28, 2026
f77fd8a
Removed db subnet from locals in the vpc.tf
JackCullen-nhs Jan 28, 2026
e9a24c5
Removed db subnet from locals in the vpc.tf
JackCullen-nhs Jan 28, 2026
2df04dc
Removed db subnet from locals in the vpc.tf
JackCullen-nhs Jan 28, 2026
6cdd305
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 29, 2026
214f0a8
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 29, 2026
7df47a0
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 29, 2026
377c2d2
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 29, 2026
6cff29a
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 29, 2026
3723ac3
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 29, 2026
fe424ff
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 29, 2026
dc3462d
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 29, 2026
6755bf1
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 30, 2026
a57ad6e
Fixing formatting issues in jmx file for pipeline to run
JackCullen-nhs Jan 30, 2026
9cb3fca
Added extra information into the pre commit file
JackCullen-nhs Jan 30, 2026
c3e4804
Added extra information into the pre commit file
JackCullen-nhs Jan 30, 2026
31e6e53
Added extra information into the pre commit file
JackCullen-nhs Jan 30, 2026
df20d28
Added extra information into the pre commit file
JackCullen-nhs Jan 30, 2026
d77ace3
Adding the deploy application and triage files
JackCullen-nhs Feb 2, 2026
f192cd0
Adding the deploy application and triage files
JackCullen-nhs Feb 3, 2026
d782246
Adding the deploy application and triage files
JackCullen-nhs Feb 3, 2026
eda39e4
Adding the deploy application and triage files
JackCullen-nhs Feb 3, 2026
feacfb5
Adding the deploy application and triage files
JackCullen-nhs Feb 3, 2026
532b8c5
Adding the deploy application and triage files
JackCullen-nhs Feb 3, 2026
7f5f26a
Adding the deploy application and triage files
JackCullen-nhs Feb 3, 2026
9f38269
Added extra information into the pre commit file
JackCullen-nhs Feb 3, 2026
4cbacd1
Added extra information into the pre commit file
JackCullen-nhs Feb 3, 2026
a110c84
Added extra information into the pre commit file
JackCullen-nhs Feb 3, 2026
7998629
Added extra information into the pre commit file
JackCullen-nhs Feb 3, 2026
a2c63c3
Added extra information into the pre commit file
JackCullen-nhs Feb 3, 2026
0492f4e
Added extra information into the pre commit file
JackCullen-nhs Feb 3, 2026
4655567
Fix terraform directory paths for stack deployments
JackCullen-nhs Feb 4, 2026
7a33f73
Added extra information into the pre commit file
JackCullen-nhs Feb 4, 2026
8504ee8
Initial application deployment
JackCullen-nhs Feb 5, 2026
caa2291
Initial application deployment
JackCullen-nhs Feb 5, 2026
ae4c3cf
Initial application deployment
JackCullen-nhs Feb 5, 2026
f196240
Initial application deployment
JackCullen-nhs Feb 5, 2026
9c9dbaf
Initial application deployment
JackCullen-nhs Feb 5, 2026
8e112cc
Initial application deployment
JackCullen-nhs Feb 5, 2026
9dbd485
Initial application deployment
JackCullen-nhs Feb 5, 2026
2f975ae
Adding lambda
JackCullen-nhs Feb 6, 2026
a1c483f
fix: SAET-0000 test pre-commit
ri-nhs Jan 30, 2026
5449fe2
feat: SAET-0000 Add triage to the application pipeline
ri-nhs Feb 5, 2026
50cdd84
fix: SAET-0000 Add default workspace for now
ri-nhs Feb 5, 2026
c96a9e2
fix: SAET-0000 fix pipeline issue
ri-nhs Feb 5, 2026
161a1b8
Adding lambda
JackCullen-nhs Feb 6, 2026
46586c3
Adding lambda
JackCullen-nhs Feb 6, 2026
5d889c3
Added extra information into the pre commit file
JackCullen-nhs Feb 9, 2026
a52d236
adding Iam and lambda and fixing these
JackCullen-nhs Feb 9, 2026
af60a7b
adding Iam and lambda and fixing these
JackCullen-nhs Feb 9, 2026
7b7478a
adding Iam and lambda and fixing these
JackCullen-nhs Feb 9, 2026
b1c158c
adding Iam and lambda and fixing these
JackCullen-nhs Feb 9, 2026
e6b733a
adding Iam and lambda and fixing these
JackCullen-nhs Feb 9, 2026
5db22fe
adding Iam and lambda and fixing these
JackCullen-nhs Feb 9, 2026
c0479c5
adding Iam and lambda and fixing these
JackCullen-nhs Feb 10, 2026
d7d4d07
adding Iam and lambda and fixing these
JackCullen-nhs Feb 10, 2026
46dc4b8
adding Iam and lambda and fixing these
JackCullen-nhs Feb 10, 2026
aea6742
adding Iam and lambda and fixing these
JackCullen-nhs Feb 10, 2026
b900502
adding Iam and lambda and fixing these
JackCullen-nhs Feb 10, 2026
40b3692
Added extra information into the pre commit file
JackCullen-nhs Feb 10, 2026
5185aa9
Added extra information into the pre commit file
JackCullen-nhs Feb 10, 2026
b1d5d3a
Added extra information into the pre commit file
JackCullen-nhs Feb 10, 2026
ec887cd
Added extra information into the pre commit file
JackCullen-nhs Feb 10, 2026
e1f1818
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
447c29e
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
f2187e7
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
c629562
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
079112e
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
6551ec6
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
0229d7c
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
02b0add
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
405f3e5
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
c128cd1
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
1f4e778
Added extra information into the pre commit file
JackCullen-nhs Feb 11, 2026
eafa557
Adding rest api config
JackCullen-nhs Feb 11, 2026
1e6b5aa
Adding rest api config
JackCullen-nhs Feb 11, 2026
0565642
Adding rest api config
JackCullen-nhs Feb 11, 2026
3e15a0b
Adding tfstate to git ignore
JackCullen-nhs Feb 11, 2026
745ca8e
Adding rest api config
JackCullen-nhs Feb 11, 2026
2706ba0
Adding rest api config
JackCullen-nhs Feb 11, 2026
c9da8bf
Adding trigger config
JackCullen-nhs Feb 11, 2026
e0796cc
Adding trigger config with alias
JackCullen-nhs Feb 11, 2026
d589295
Adding trigger config with alias
JackCullen-nhs Feb 11, 2026
cb3ca9c
Adding trigger config with alias
JackCullen-nhs Feb 11, 2026
93120ae
Pipeline test
JackCullen-nhs Feb 12, 2026
bdfe005
Pipeline test
JackCullen-nhs Feb 12, 2026
837da4c
Pipeline test with Rajiv
JackCullen-nhs Feb 12, 2026
604515f
Pipeline test with Rajiv
JackCullen-nhs Feb 12, 2026
0775b10
testing api changes
JackCullen-nhs Feb 12, 2026
a5d5193
testing api changes
JackCullen-nhs Feb 12, 2026
9e382da
testing api changes
JackCullen-nhs Feb 13, 2026
144c3cc
testing api changes
JackCullen-nhs Feb 13, 2026
2d4648d
testing api changes
JackCullen-nhs Feb 13, 2026
8c1bcdf
testing api changes
JackCullen-nhs Feb 13, 2026
86bcee4
testing api changes
JackCullen-nhs Feb 13, 2026
cb3cb87
testing api changes
JackCullen-nhs Feb 16, 2026
96337a7
testing api changes
JackCullen-nhs Feb 16, 2026
4abc20f
testing api changes
JackCullen-nhs Feb 16, 2026
7c65e2b
testing api changes
JackCullen-nhs Feb 16, 2026
be560e5
testing api changes
JackCullen-nhs Feb 16, 2026
8b319c4
testing api changes
JackCullen-nhs Feb 16, 2026
e4d600d
testing api changes
JackCullen-nhs Feb 16, 2026
f269834
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
a7d7e3d
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
eb98066
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
51bdb2d
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
613881e
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
bd5d572
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
1c94ac9
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
1d0d7e4
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
7aa2ce7
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
1e1d153
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
035a739
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
51e4144
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
ebcd172
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
9e79229
adding Derrive workspace
JackCullen-nhs Feb 17, 2026
0b7114b
Management account set up
JackCullen-nhs Feb 18, 2026
70c46ab
Management account set up
JackCullen-nhs Feb 19, 2026
c4235ed
Management account set up
JackCullen-nhs Feb 19, 2026
89472f6
Management account set up
JackCullen-nhs Feb 19, 2026
0f2ebdf
Management account set up
JackCullen-nhs Feb 19, 2026
5dca3c0
Management account set up
JackCullen-nhs Feb 19, 2026
a2ed585
Management account set up
JackCullen-nhs Feb 19, 2026
33dd40c
Management account set up
JackCullen-nhs Feb 19, 2026
437ceb2
Management account set up
JackCullen-nhs Feb 19, 2026
cc664f8
Management account set up
JackCullen-nhs Feb 19, 2026
2cd4350
Management account set up
JackCullen-nhs Feb 19, 2026
9b26f44
Management account set up
JackCullen-nhs Feb 19, 2026
45b07ec
Management account set up
JackCullen-nhs Feb 19, 2026
411cfef
Management account set up
JackCullen-nhs Feb 19, 2026
2acf323
Management account set up
JackCullen-nhs Feb 19, 2026
50999d4
Management account set up
JackCullen-nhs Feb 19, 2026
d9c3909
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
4a293e2
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
ac6827c
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
6d95a1c
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
f749a93
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
4eae5ed
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
143aa14
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
3e9e866
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
aa6a7c3
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
45f95bd
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
b1f7cb2
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
0ee52bd
Fixing github runner in mgmt account
JackCullen-nhs Feb 20, 2026
eb543db
Ensuring proper branch naming conventions
JackCullen-nhs Feb 20, 2026
cf77f17
testing signed commits
JackCullen-nhs Feb 20, 2026
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/actions/action-infrastructure-stack/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -28,6 +28,9 @@ inputs:
mgmt_account_id:
description: "The management account ID for the action"
required: true
account_id_dev:
description: "AWS dev account ID"
required: false
release_tag:
description: "The release tag identifying the timeline in the repository to deploy from"
required: false
Expand Down Expand Up @@ -59,6 +62,7 @@ runs:
APPLICATION_TAG: ${{ inputs.application_tag }}
RELEASE_TAG: ${{ inputs.release_tag }}
COMMIT_HASH: ${{ inputs.commit_hash }}
AWS_ACCOUNT_ID_DEV: ${{ inputs.account_id_dev }}
id: "action_stack"
shell: bash
run: |
Expand Down
20 changes: 20 additions & 0 deletions .github/actions/artefact-cleardown/action.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
name: "Cleardown redundant artefacts action"
description: "Delete the redundant artefacts"
inputs:
workspace:
description: "The name of the workspace to action the infrastructure into."
required: true
artefact_bucket_name:
description: "The name of the s3 bucket holding domain artefacts"
required: true

runs:
using: composite
steps:
- name: Delete artefacts
id: delete_artefacts
shell: bash
run: |
export WORKSPACE=${{inputs.workspace}}

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this action to not use user-controlled data directly in a run block. See more on SonarQube Cloud
export ARTEFACT_BUCKET_NAME=${{inputs.artefact_bucket_name}}

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this action to not use user-controlled data directly in a run block. See more on SonarQube Cloud
./scripts/workflow/cleardown-artefacts.sh
20 changes: 20 additions & 0 deletions .github/actions/check-tf-state/action.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,20 @@
name: "Check terraform state cleardown action"
description: "Check deletion of terraform state"
inputs:
workspace:
description: "The name of the workspace to check."
required: true
environment:
description: "The name of the environment to action the infrastructure into."
required: true

runs:
using: composite
steps:
- name: Delete terraform state
id: delete_tf_state
shell: bash
run: |
export WORKSPACE=${{inputs.workspace}}

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this action to not use user-controlled data directly in a run block. See more on SonarQube Cloud
export ENVIRONMENT=${{inputs.environment}}

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this action to not use user-controlled data directly in a run block. See more on SonarQube Cloud
./scripts/workflow/check-terraform-state.sh
2 changes: 1 addition & 1 deletion .github/actions/configure-credentials/action.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,6 @@ runs:
- name: configure aws credentials
uses: aws-actions/configure-aws-credentials@v5.1.1
with:
role-to-assume: arn:aws:iam::${{ inputs.aws_account_id }}:role/saet-triage-api-dev-account-github-runner
role-to-assume: arn:aws:iam::${{ inputs.aws_account_id }}:role/${{ github.event.repository.name }}${{ inputs.environment != 'mgmt' && format('-{0}', inputs.environment) || '' }}-${{ inputs.type }}-github-runner
role-session-name: GitHub_to_AWS_via_FederatedOIDC
aws-region: ${{ inputs.aws_region }}
24 changes: 24 additions & 0 deletions .github/actions/derive-workspace/action.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
name: "Derive Workspace action"
description: "Derives the name of the workspace for subsequent actions to run against"

outputs:
workspace:
description: "The derived workspace name"
value: ${{ steps.derive-workspace.outputs.workspace }}

runs:
using: "composite"
steps:
- name: "Derive workspace"
id: "derive-workspace"
shell: bash
run: |
export TRIGGER=${{ github.ref_type }}
export TRIGGER_ACTION=${{ github.event_name }}
export TRIGGER_REFERENCE=${{ github.ref_name }}
export TRIGGER_HEAD_REFERENCE=${{ github.head_ref }}

Check failure

Code scanning / SonarCloud

GitHub Actions should not be vulnerable to script injections High

Change this action to not use user-controlled data directly in a run block. See more on SonarQube Cloud
export TRIGGER_EVENT_REF=${{ github.event.ref}}
export COMMIT_HASH=$(git rev-parse --short $GITHUB_SHA)
. scripts/workflow/derive-workspace.sh
echo "Workspace Name: ${WORKSPACE}"
echo "workspace=${WORKSPACE}" >> $GITHUB_OUTPUT
42 changes: 42 additions & 0 deletions .github/actions/perform-static-analysis copy/action.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,42 @@
name: "Run SonarCloud static analysis"
description: "Perform SonarCloud static analysis"

inputs:
sonar_organisation_key:
description: "Sonar organisation key, used to identify the project"
required: false
sonar_project_key:
description: "Sonar project key, used to identify the project"
required: false
sonar_token:
description: "Sonar token, the API key"
required: false

runs:
using: "composite"
steps:
- name: "Download code coverage reports"
uses: actions/download-artifact@v4
with:
path: coverage/
pattern: coverage-*.xml

- name: "Find coverage files"
id: coverage-files
shell: bash
run: |
FILES=$(find coverage -name 'coverage-*.xml' | paste -sd "," -)
echo "files=$FILES" >> $GITHUB_OUTPUT

- name: "Perform SonarCloud static analysis"
uses: sonarsource/sonarqube-scan-action@v5.3.1
env:
SONAR_TOKEN: ${{ inputs.sonar_token }}
with:
args: >
-Dsonar.organization=${{ inputs.sonar_organisation_key }}
-Dsonar.projectKey=${{ inputs.sonar_project_key }}
-Dsonar.branch.name=${{ github.ref_name }}
-Dsonar.python.coverage.reportPaths=${{ steps.coverage-files.outputs.files }}
-Dproject.settings=./scripts/config/sonar-scanner.properties
continue-on-error: true
56 changes: 56 additions & 0 deletions .github/workflows/artefacts-cleardown.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
name: Cleardown Artefacts

permissions:
id-token: write
contents: read
on:
workflow_call:
inputs:
environment:
description: "Defines the Github environment in which to pull environment variables from"
required: true
type: string
workspace:
description: "Name of the workspace"
required: true
type: string
workflow_timeout:
description: "Timeout duration in minutes"
required: false
default: 10
type: number
artefact_bucket_name:
description: "The name of the s3 bucket holding domain artefacts"
required: true
type: string
type:
description: "The type of permissions (e.g., account, app)"
required: true
type: string

jobs:
cleardown-artefacts:
name: "Cleardown redundant artefacts"
runs-on: ubuntu-latest
timeout-minutes: ${{ inputs.workflow_timeout }}
environment: ${{ inputs.environment }}

steps:
- name: "Checkout code"
uses: actions/checkout@v6
with:
ref: ${{ inputs.tag }}

- name: "Configure AWS Credentials"
uses: ./.github/actions/configure-credentials
with:
aws_account_id: ${{ secrets.ACCOUNT_ID }}
aws_region: ${{ vars.AWS_REGION }}
type: ${{ inputs.type }}
environment: ${{ inputs.environment }}

- name: "Cleardown redundant artefacts"
uses: ./.github/actions/artefact-cleardown
with:
workspace: ${{ inputs.workspace }}
artefact_bucket_name: ${{ inputs.artefact_bucket_name }}
104 changes: 104 additions & 0 deletions .github/workflows/build-project.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,104 @@
name: Build project workflow
run-name: Build ${{ inputs.type }} - ${{ inputs.name }}

permissions:
id-token: write
contents: read
on:
workflow_call:
inputs:
build_type:
description: "The type of project to build (service, package)"
required: true
type: string
name:
description: "The name of the package to build"
required: true
type: string
python_version:
description: "The version of Python"
required: true
type: string
commit_hash:
description: "The commit hash, set by the CI/CD pipeline workflow"
required: false
type: string
environment:
description: "The deployment environment"
required: true
type: string
repo_name:
description: "The name of the Git repo"
required: true
type: string
workspace:
description: "The name of the workspace to deploy the infrastructure into"
required: true
type: string
application_tag:
description: "The application tag identifying the timeline in the repository to deploy from"
required: false
type: string
type:
description: "The type of permissions (e.g., account, app)"
required: true
type: string
release_build:
description: "Flag to indicate if this is a release build"
required: false
type: boolean
default: false

jobs:
build-project:
name: "Build ${{ inputs.build_type }} - ${{ inputs.name }}"
runs-on: ubuntu-latest
environment: ${{ inputs.environment }}

steps:
- name: "Checkout code"
uses: actions/checkout@v6

- name: "Configure AWS Credentials"
uses: ./.github/actions/configure-credentials
with:
aws_account_id: ${{ secrets.ACCOUNT_ID }}
aws_region: ${{ vars.AWS_REGION }}
type: ${{ inputs.type }}
environment: ${{ inputs.environment }}

- name: "Set up Python"
uses: actions/setup-python@v5
with:
python-version: ${{ inputs.python_version }}

- name: "Build project"
run: make build
env:
SERVICE: ${{ inputs.name }}
PACKAGE: ${{ inputs.name }}
COMMIT_HASH: ${{ inputs.commit_hash }}
ENVIRONMENT: ${{ inputs.environment }}
REPO_NAME: ${{ inputs.repo_name }}
WORKSPACE: ${{ inputs.workspace }}
APPLICATION_TAG: ${{ inputs.application_tag }}
RELEASE_BUILD: ${{ inputs.release_build }}

- name: "Publish artefacts to S3"
run: make publish
env:
SERVICE: ${{ inputs.name }}
PACKAGE: ${{ inputs.name }}
COMMIT_HASH: ${{ inputs.commit_hash }}
ENVIRONMENT: ${{ inputs.environment }}
REPO_NAME: ${{ inputs.repo_name }}
WORKSPACE: ${{ inputs.workspace }}
APPLICATION_TAG: ${{ inputs.application_tag }}
RELEASE_BUILD: ${{ inputs.release_build }}

- name: "Publish artefacts to GitHub"
uses: actions/upload-artifact@v6
with:
name: ${{ inputs.name }}-${{ inputs.build_type }}-artefacts
path: src/lambda_function.zip
if-no-files-found: error
Loading
Loading