create action

anthony-nhs · anthony-nhs · commit fd4b2194adc2 · 2026-03-30T15:22:00.000Z
diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile
@@ -0,0 +1,14 @@
+ARG IMAGE_NAME=node_24_python_3_14
+ARG IMAGE_VERSION=latest
+FROM ghcr.io/nhsdigital/eps-devcontainers/${IMAGE_NAME}:${IMAGE_VERSION}
+
+USER root
+# specify DOCKER_GID to force container docker group id to match host
+RUN if [ -n "${DOCKER_GID}" ]; then \
+    if ! getent group docker; then \
+    groupadd -g ${DOCKER_GID} docker; \
+    else \
+    groupmod -g ${DOCKER_GID} docker; \
+    fi && \
+    usermod -aG docker vscode; \
+    fi
diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json
@@ -0,0 +1,48 @@
+{
+  "name": "eps-copilot-instructions",
+  "build": {
+    "dockerfile": "Dockerfile",
+    "context": "..",
+    "args": {
+      "DOCKER_GID": "${env:DOCKER_GID:}",
+      "IMAGE_NAME": "node_24_python_3_14",
+      "IMAGE_VERSION": "v1.2.0",
+      "USER_UID": "${localEnv:USER_ID:}",
+      "USER_GID": "${localEnv:GROUP_ID:}"
+    },
+    "updateRemoteUserUID": false
+  },
+  "postAttachCommand": "git-secrets --register-aws; git-secrets --add-provider -- cat /usr/share/secrets-scanner/nhsd-rules-deny.txt",
+  "mounts": [
+    "source=${env:HOME}${env:USERPROFILE}/.aws,target=/home/vscode/.aws,type=bind",
+    "source=${env:HOME}${env:USERPROFILE}/.ssh,target=/home/vscode/.ssh,type=bind",
+    "source=${env:HOME}${env:USERPROFILE}/.gnupg,target=/home/vscode/.gnupg,type=bind",
+    "source=${env:HOME}${env:USERPROFILE}/.npmrc,target=/home/vscode/.npmrc,type=bind"
+  ],
+  "containerUser": "vscode",
+  "remoteEnv": {
+    "LOCAL_WORKSPACE_FOLDER": "${localWorkspaceFolder}"
+  },
+  "features": {},
+  "customizations": {
+    "vscode": {
+      "extensions": [
+        "AmazonWebServices.aws-toolkit-vscode",
+        "redhat.vscode-yaml",
+        "eamodio.gitlens",
+        "github.vscode-pull-request-github",
+        "streetsidesoftware.code-spell-checker",
+        "timonwong.shellcheck",
+        "github.vscode-github-actions"
+      ],
+      "settings": {
+        "cSpell.words": [
+          "fhir",
+          "Formik",
+          "pino",
+          "serialisation"
+        ]
+      }
+    }
+  }
+}
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -0,0 +1,44 @@
+name: pull_request
+
+on:
+    pull_request:
+        branches: [main]
+
+env:
+    BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
+
+jobs:
+    get_config_values:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        with:
+            verify_published_from_main_image: false
+
+    dependabot-auto-approve-and-merge:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        secrets:
+            AUTOMERGE_APP_ID: ${{ secrets.AUTOMERGE_APP_ID }}
+            AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}
+
+    quality_checks:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        needs: [get_config_values]
+        with:
+            pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
+        secrets:
+            SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+    pr_title_format_check:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+
+    tag_release:
+        needs: [get_config_values]
+        uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        permissions:
+            id-token: "write"
+            contents: "write"
+        with:
+            dry_run: true
+            pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
+            branch_name: ${{ github.event.pull_request.head.ref }}
+            tag_format: ${{ needs.get_config_values.outputs.tag_format }}
+        secrets: inherit
diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
@@ -0,0 +1,44 @@
+name: pull_request
+
+on:
+    pull_request:
+        branches: [main]
+
+env:
+    BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
+
+jobs:
+    get_config_values:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        with:
+            verify_published_from_main_image: false
+
+    dependabot-auto-approve-and-merge:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        secrets:
+            AUTOMERGE_APP_ID: ${{ secrets.AUTOMERGE_APP_ID }}
+            AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}
+
+    quality_checks:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        needs: [get_config_values]
+        with:
+            pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
+        secrets:
+            SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+    pr_title_format_check:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+
+    tag_release:
+        needs: [get_config_values]
+        uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        permissions:
+            id-token: "write"
+            contents: "write"
+        with:
+            dry_run: true
+            pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
+            branch_name: ${{ github.event.pull_request.head.ref }}
+            tag_format: ${{ needs.get_config_values.outputs.tag_format }}
+        secrets: inherit
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -0,0 +1,44 @@
+name: pull_request
+
+on:
+    pull_request:
+        branches: [main]
+
+env:
+    BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
+
+jobs:
+    get_config_values:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        with:
+            verify_published_from_main_image: false
+
+    dependabot-auto-approve-and-merge:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        secrets:
+            AUTOMERGE_APP_ID: ${{ secrets.AUTOMERGE_APP_ID }}
+            AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}
+
+    quality_checks:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        needs: [get_config_values]
+        with:
+            pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
+        secrets:
+            SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
+
+    pr_title_format_check:
+        uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+
+    tag_release:
+        needs: [get_config_values]
+        uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@f3d19a678a725917a5c59cae4d76db621bb7c9c7
+        permissions:
+            id-token: "write"
+            contents: "write"
+        with:
+            dry_run: false
+            pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
+            branch_name: ${{ github.event.pull_request.head.ref }}
+            tag_format: ${{ needs.get_config_values.outputs.tag_format }}
+        secrets: inherit
diff --git a/README.md b/README.md
@@ -1,5 +1,5 @@
 # EPS Copilot Instructions
 
-This project contains copilot instruction files that can be copied to each EPS repo as an initial instructions.   
+This project contains copilot instruction files that are copied to each EPS repo as an initial instructions.   
 
-It also contains language specific instruction files that are kept in sync in each EPS project using git submodules
+It also contains an action that are used to cepy the files to each repo
diff --git a/action.yml b/action.yml
@@ -0,0 +1,69 @@
+name: Sync Copilot Instructions
+description: "Syncs Copilot instructions from the repository to the GitHub Action's metadata file."
+inputs:
+  common_workflows_ref:
+    description: "The ref to sync from the central repository"
+    required: false
+    default: "main"
+    type: string
+  calling_repo_base_branch:
+    description: "The base branch from the calling repository that should be merged into"
+    required: false
+    type: string
+    default: main
+runs:
+  using: "composite"
+  steps:
+      - name: Checkout calling repo code
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+        with:
+          ref: ${{ inputs.calling_repo_base_branch }}
+          fetch-depth: 0
+
+      - name: Checkout central repo code
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
+        with:
+          ref: ${{ inputs.common_workflows_ref }}
+          fetch-depth: 0
+          path: eps-common-workflows
+          repository: NHSDigital/eps-common-workflows
+          sparse-checkout: |
+            .github/instructions/general
+            .github/instructions/languages
+            .github/copilot-instructions.md
+            .github/prompts
+
+      - name: Copy central instructions
+        run: |
+          rm -rf .github/instructions/general
+          rm -rf .github/instructions/languages
+          rm -rf .github/copilot-instructions.md
+          rm -rf .github/prompts
+          mkdir -p .github/instructions/
+          cp -R eps-common-workflows/.github/instructions/general .github/instructions/general
+          cp -R eps-common-workflows/.github/instructions/languages .github/instructions/languages
+          cp eps-common-workflows/.github/copilot-instructions.md .github/copilot-instructions.md
+          cp -R eps-common-workflows/.github/prompts .github/prompts
+          rm -rf eps-common-workflows
+
+      - name: Create GitHub App Token
+        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859
+        id: generate-token
+        with:
+          app-id: "${{ secrets.CREATE_PULL_REQUEST_APP_ID }}"
+          private-key: "${{ secrets.CREATE_PULL_REQUEST_PEM }}"
+
+      - name: Create Pull Request
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0
+        with:
+          token: "${{ steps.generate-token.outputs.token }}"
+          commit-message: "Upgrade: [dependabot] - sync Copilot instructions"
+          title: "Upgrade: [dependabot] - sync Copilot instructions"
+          body: |
+            Syncing Copilot instructions from central repo.
+            Ref: `${{ inputs.common_workflows_ref }}`
+          branch: copilot-instructions-sync
+          base: ${{ inputs.calling_repo_base_branch }}
+          branch-suffix: random
+          sign-commits: true
+          delete-branch: true
