From a320a97e04eb90d95d0ec12bfe1c57786540b57e Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Tue, 21 Apr 2026 12:08:44 +0000 Subject: [PATCH 01/12] Remove old app name code for notifications filtering --- .github/workflows/ci.yml | 18 +++++------ .github/workflows/pull_request.yml | 14 ++++----- .github/workflows/release.yml | 7 ----- .../workflows/run_release_code_and_api.yml | 13 ++++---- Makefile | 2 -- SAMtemplates/functions/main.yaml | 8 ----- SAMtemplates/main_template.yaml | 6 ---- SAMtemplates/parameters/main.yaml | 19 ------------ .../.vitest/setup-env.js | 1 - .../src/utils/sqsClient.ts | 8 ++--- .../notificationSiteAndSystemFilters.ts | 31 ++++--------------- .../tests/testSqsClient.test.ts | 2 -- 12 files changed, 29 insertions(+), 100 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 22e31647a9..11a1e52717 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,7 +2,7 @@ name: merge to main workflow on: push: - branches: [main] + branches: [ main ] permissions: {} @@ -18,7 +18,7 @@ jobs: quality_checks: uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8399c1f015c1304e40771cbd8ccc24c7ed48fdbc - needs: [get_config_values] + needs: [ get_config_values ] permissions: contents: read id-token: write @@ -39,7 +39,7 @@ jobs: echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" tag_release: - needs: [quality_checks, get_commit_id, get_config_values] + needs: [ quality_checks, get_commit_id, get_config_values ] uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929 permissions: id-token: write @@ -52,7 +52,7 @@ jobs: tag_format: ${{ needs.get_config_values.outputs.tag_format }} package_code: - needs: [tag_release, get_config_values] + needs: [ tag_release, get_config_values ] uses: ./.github/workflows/run_package_code_and_api.yml permissions: contents: read @@ -62,7 +62,7 @@ jobs: pinned_image: ${{ needs.get_config_values.outputs.pinned_image }} release_dev: - needs: [tag_release, package_code, get_commit_id, get_config_values] + needs: [ tag_release, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -93,7 +93,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: true ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: true - ENABLED_SYSTEMS: "Internal Test System" BLOCKED_SITE_ODS_CODES: "B3J1Z" ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -111,7 +110,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_sandbox_dev: - needs: [tag_release, package_code, get_commit_id, get_config_values] + needs: [ tag_release, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -140,7 +139,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: false ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: true - ENABLED_SYSTEMS: "Internal Test System" BLOCKED_SITE_ODS_CODES: "B3J1Z" ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" # Workaround empty string handling NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -154,8 +152,7 @@ jobs: PROXYGEN_ROLE: ${{ secrets.PROXYGEN_PTL_ROLE }} release_qa: - needs: - [tag_release, release_dev, package_code, get_commit_id, get_config_values] + needs: [ tag_release, release_dev, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -185,7 +182,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: false ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: true - ENABLED_SYSTEMS: "Internal Test System" BLOCKED_SITE_ODS_CODES: "B3J1Z" ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" # Workaround empty string handling NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index f808d201e0..e43d5c9fcb 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -1,7 +1,7 @@ name: deploy_pr on: pull_request: - branches: [main] + branches: [ main ] permissions: {} jobs: get_config_values: @@ -14,7 +14,7 @@ jobs: verify_published_from_main_image: false quality_checks: uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8399c1f015c1304e40771cbd8ccc24c7ed48fdbc - needs: [get_config_values] + needs: [ get_config_values ] permissions: contents: read id-token: write @@ -53,7 +53,7 @@ jobs: } result-encoding: string tag_release: - needs: [get_config_values] + needs: [ get_config_values ] uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929 permissions: id-token: write @@ -74,7 +74,7 @@ jobs: run: | echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" package_code: - needs: [get_issue_number, get_config_values] + needs: [ get_issue_number, get_config_values ] uses: ./.github/workflows/run_package_code_and_api.yml permissions: contents: read @@ -83,7 +83,7 @@ jobs: with: pinned_image: ${{ needs.get_config_values.outputs.pinned_image }} release_code: - needs: [get_issue_number, package_code, get_commit_id, get_config_values] + needs: [ get_issue_number, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -114,7 +114,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: true ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: true - ENABLED_SYSTEMS: "Internal Test System" BLOCKED_SITE_ODS_CODES: "XXXXX" # Workaround empty string handling ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -131,7 +130,7 @@ jobs: PROXYGEN_ROLE: ${{ secrets.PROXYGEN_PTL_ROLE }} REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_sandbox_code: - needs: [get_issue_number, package_code, get_commit_id, get_config_values] + needs: [ get_issue_number, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -158,7 +157,6 @@ jobs: ENABLE_BACKUP: "False" ENABLE_NOTIFICATIONS_INTERNAL: false ENABLE_NOTIFICATIONS_EXTERNAL: false - ENABLED_SYSTEMS: "Internal Test System" BLOCKED_SITE_ODS_CODES: "B3J1Z" ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" # Workaround empty string handling NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 925abd4a86..de24292db8 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -95,7 +95,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: false ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: true - ENABLED_SYSTEMS: "Internal Test System" BLOCKED_SITE_ODS_CODES: "XXXXX" # Workaround empty string handling ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -145,7 +144,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: false ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: false - ENABLED_SYSTEMS: "Internal Test System" BLOCKED_SITE_ODS_CODES: "B3J1Z" ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -201,7 +199,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: false ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: false - ENABLED_SYSTEMS: "Internal Test System, Apotec Ltd - Apotec CRM - Production, CrxPatientApp, nhsPrescriptionApp, Titan PSU Prod" BLOCKED_SITE_ODS_CODES: "B3J1Z" ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -257,7 +254,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: false ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: true - ENABLED_SYSTEMS: "Internal Test System, Apotec Ltd - Apotec CRM - Production, CrxPatientApp, nhsPrescriptionApp, Titan PSU Prod" BLOCKED_SITE_ODS_CODES: "B3J1Z" ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -306,7 +302,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: true ENABLE_NOTIFICATIONS_EXTERNAL: true ENABLE_POST_DATED_NOTIFICATIONS: true - ENABLED_SYSTEMS: "CrxPatientApp" BLOCKED_SITE_ODS_CODES: "XXXXX" # Workaround empty string handling ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -357,7 +352,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: false ENABLE_NOTIFICATIONS_EXTERNAL: false ENABLE_POST_DATED_NOTIFICATIONS: false - ENABLED_SYSTEMS: "Internal Test System, Apotec Ltd - Apotec CRM - Production, CrxPatientApp, nhsPrescriptionApp, Titan PSU Prod" BLOCKED_SITE_ODS_CODES: "B3J1Z" ENABLED_SUPPLIER_APPLICATION_IDS: "XXXXX" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" @@ -413,7 +407,6 @@ jobs: ENABLE_NOTIFICATIONS_INTERNAL: true ENABLE_NOTIFICATIONS_EXTERNAL: true ENABLE_POST_DATED_NOTIFICATIONS: false - ENABLED_SYSTEMS: "CrxPatientApp" BLOCKED_SITE_ODS_CODES: "XXXXX" # Workaround empty string handling ENABLED_SUPPLIER_APPLICATION_IDS: "30c8d461-e875-4882-85d1-4d5d90f7f17b,f7a08809-09f5-4215-a5c8-e280705aba77,401b11d1-5608-4d6e-8359-9bbed6c90e7e,4b2d703f-d8bb-4c82-8340-b1a97481a46a,9331742d-ccc3-4081-b54b-22e8f946a1ce,ee353200-2b8f-47be-8b70-d0777e80d92f" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" # INT and PROD share a value diff --git a/.github/workflows/run_release_code_and_api.yml b/.github/workflows/run_release_code_and_api.yml index 3b551d8f69..3d81d4562c 100644 --- a/.github/workflows/run_release_code_and_api.yml +++ b/.github/workflows/run_release_code_and_api.yml @@ -79,9 +79,6 @@ on: required: false type: boolean default: false - ENABLED_SYSTEMS: - required: true - type: string BLOCKED_SITE_ODS_CODES: required: true type: string @@ -220,7 +217,6 @@ jobs: ENABLE_POST_DATED_NOTIFICATIONS: ${{ inputs.ENABLE_POST_DATED_NOTIFICATIONS }} REQUIRE_APPLICATION_NAME: ${{ inputs.REQUIRE_APPLICATION_NAME }} ENABLED_SITE_ODS_CODES: ${{ steps.read.outputs.ods_csv }} - ENABLED_SYSTEMS: ${{ inputs.ENABLED_SYSTEMS }} BLOCKED_SITE_ODS_CODES: ${{ inputs.BLOCKED_SITE_ODS_CODES }} ENABLED_SUPPLIER_APPLICATION_IDS: ${{ inputs.ENABLED_SUPPLIER_APPLICATION_IDS }} NOTIFY_ROUTING_PLAN_ID: ${{ inputs.NOTIFY_ROUTING_PLAN_ID }} @@ -253,7 +249,8 @@ jobs: - name: Deploy PSU API shell: bash working-directory: .github/scripts - if: ${{ inputs.DEPLOY_APIGEE == true && always() && !failure() && !cancelled() }} + if: ${{ inputs.DEPLOY_APIGEE == true && always() && !failure() && !cancelled() + }} env: API_TYPE: standard VERSION_NUMBER: ${{ inputs.VERSION_NUMBER }} @@ -275,7 +272,8 @@ jobs: - name: Deploy CPSU API shell: bash working-directory: .github/scripts - if: ${{ inputs.DEPLOY_APIGEE_CPSU == true && always() && !failure() && !cancelled() }} + if: ${{ inputs.DEPLOY_APIGEE_CPSU == true && always() && !failure() && + !cancelled() }} env: API_TYPE: custom VERSION_NUMBER: ${{ inputs.VERSION_NUMBER }} @@ -319,7 +317,8 @@ jobs: VERSION_NUMBER: ${{ inputs.VERSION_NUMBER }} regression_tests: - if: ${{ inputs.RUN_REGRESSION_TEST == true && always() && !failure() && !cancelled() }} + if: ${{ inputs.RUN_REGRESSION_TEST == true && always() && !failure() && + !cancelled() }} name: Regression Tests uses: ./.github/workflows/run_regression_tests.yml needs: release_code_and_api diff --git a/Makefile b/Makefile index 251be16be8..4f6e5a93f7 100644 --- a/Makefile +++ b/Makefile @@ -45,7 +45,6 @@ sam-sync: guard-AWS_DEFAULT_PROFILE guard-stack_name compile TestPresciptionsParamValue2=$${TEST_PRESCRIPTIONS_2:-PLACEHOLDER} \ TestPresciptionsParamValue3=$${TEST_PRESCRIPTIONS_3:-PLACEHOLDER} \ TestPresciptionsParamValue4=$${TEST_PRESCRIPTIONS_4:-PLACEHOLDER} \ - "EnabledSystemsValue=$${ENABLED_SYSTEMS:-Internal Test System}" \ "EnabledSiteODSCodesValue=$${ENABLED_SITE_ODS_CODES:-A83008,FA565}" \ BlockedSiteODSCodesValue=$${BLOCKED_SITE_ODS_CODES:-XXXXX} \ EnabledSupplierApplicationIDsValue=$${ENABLED_SUPPLIER_APPLICATION_IDS:-XXXXX} \ @@ -78,7 +77,6 @@ sam-deploy: guard-AWS_DEFAULT_PROFILE guard-stack_name TestPresciptionsParamValue2=$${TEST_PRESCRIPTIONS_2:-PLACEHOLDER} \ TestPresciptionsParamValue3=$${TEST_PRESCRIPTIONS_3:-PLACEHOLDER} \ TestPresciptionsParamValue4=$${TEST_PRESCRIPTIONS_4:-PLACEHOLDER} \ - "EnabledSystemsValue=$${ENABLED_SYSTEMS:-Internal Test System}" \ "EnabledSiteODSCodesValue=$${ENABLED_SITE_ODS_CODES:-A83008,FA565}" \ BlockedSiteODSCodesValue=$${BLOCKED_SITE_ODS_CODES:-XXXXX} \ EnabledSupplierApplicationIDsValue=$${ENABLED_SUPPLIER_APPLICATION_IDS:-XXXXX} \ diff --git a/SAMtemplates/functions/main.yaml b/SAMtemplates/functions/main.yaml index 7f79415f29..210a325add 100644 --- a/SAMtemplates/functions/main.yaml +++ b/SAMtemplates/functions/main.yaml @@ -43,9 +43,6 @@ Parameters: EnabledSiteODSCodesParam: Type: AWS::SSM::Parameter::Name - EnabledSystemsParam: - Type: AWS::SSM::Parameter::Name - EnabledSupplierApplicationIDsParam: Type: AWS::SSM::Parameter::Name @@ -135,11 +132,6 @@ Resources: POST_DATED_PRESCRIPTIONS_SQS_QUEUE_URL: !Ref PostDatedNotificationsSQSQueueUrl ENABLE_POST_DATED_NOTIFICATIONS: !Ref EnablePostDatedNotifications SQS_SALT: !Ref SQSSaltSecret - # Remove this once we've confirmed that product ID based filtering is working as expected and we - # no longer need the ability to switch back to the old filtering method - USE_APP_ID_FOR_NOTIFICATIONS_FILTERING: true - ENABLED_SYSTEMS_PARAM: !Ref EnabledSystemsParam - # ENABLED_APPLICATION_IDS_PARAM: !Ref EnabledSupplierApplicationIDsParam ENABLED_SITE_ODS_CODES_PARAM: !Ref EnabledSiteODSCodesParam BLOCKED_SITE_ODS_CODES_PARAM: !Ref BlockedSiteODSCodesParam diff --git a/SAMtemplates/main_template.yaml b/SAMtemplates/main_template.yaml index e1448ddc00..52c92b0d88 100644 --- a/SAMtemplates/main_template.yaml +++ b/SAMtemplates/main_template.yaml @@ -125,10 +125,6 @@ Parameters: Type: String Default: " " - EnabledSystemsValue: - Type: String - Default: " " - EnabledSupplierApplicationIDsValue: Type: String Default: " " @@ -191,7 +187,6 @@ Resources: EnableNotificationsInternalValue: !Ref EnableNotificationsInternal EnableNotificationsExternalValue: !Ref EnableNotificationsExternal EnabledSiteODSCodesValue: !Ref EnabledSiteODSCodesValue - EnabledSystemsValue: !Ref EnabledSystemsValue EnabledSupplierApplicationIDsValue: !Ref EnabledSupplierApplicationIDsValue BlockedSiteODSCodesValue: !Ref BlockedSiteODSCodesValue NotifyRoutingPlanIDValue: !Ref NotifyRoutingPlanIDValue @@ -258,7 +253,6 @@ Resources: EnablePostDatedNotifications: !Ref EnablePostDatedNotifications SQSSaltSecret: !GetAtt Secrets.Outputs.SQSSaltSecret EnabledSiteODSCodesParam: !GetAtt Parameters.Outputs.EnabledSiteODSCodesParameterName - EnabledSystemsParam: !GetAtt Parameters.Outputs.EnabledSystemsParameterName EnabledSupplierApplicationIDsParam: !GetAtt Parameters.Outputs.EnabledSupplierApplicationIDsParameterName BlockedSiteODSCodesParam: !GetAtt Parameters.Outputs.BlockedSiteODSCodesParameterName NotifyRoutingPlanIDParam: !GetAtt Parameters.Outputs.NotifyRoutingPlanIDParameterName diff --git a/SAMtemplates/parameters/main.yaml b/SAMtemplates/parameters/main.yaml index bb4f7ce793..4fc0d09cec 100644 --- a/SAMtemplates/parameters/main.yaml +++ b/SAMtemplates/parameters/main.yaml @@ -24,10 +24,6 @@ Parameters: Type: String Default: " " - EnabledSystemsValue: - Type: String - Default: " " - EnabledSupplierApplicationIDsValue: Type: String Default: " " @@ -65,14 +61,6 @@ Resources: Type: String Value: !Ref EnabledSiteODSCodesValue - EnabledSystemsParameter: - Type: AWS::SSM::Parameter - Properties: - Name: !Sub ${StackName}-PSUNotifyEnabledSystems - Description: "List of application names for which notifications are enabled" - Type: String - Value: !Ref EnabledSystemsValue - EnabledSupplierApplicationIDsParameter: Type: AWS::SSM::Parameter Properties: @@ -166,7 +154,6 @@ Resources: - ssm:GetParameters Resource: - !Sub arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/${StackName}-PSUNotifyEnabledSiteODSCodes - - !Sub arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/${StackName}-PSUNotifyEnabledSystems - !Sub arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/${StackName}-PSUNotifyEnabledSupplierApplicationIDs - !Sub arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/${StackName}-PSUNotifyBlockedSiteODSCodes - !Sub arn:aws:ssm:${AWS::Region}:${AWS::AccountId}:parameter/${StackName}-PSUNotifyRoutingPlanID @@ -186,12 +173,6 @@ Outputs: Export: Name: !Sub ${StackName}-PSUNotifyEnabledSiteODSCodesParam - EnabledSystemsParameterName: - Description: "Name of the SSM parameter holding enabled system names" - Value: !Ref EnabledSystemsParameter - Export: - Name: !Sub ${StackName}-PSUNotifyEnabledSystemsParam - EnabledSupplierApplicationIDsParameterName: Description: "Name of the SSM parameter holding enabled supplier apigee application IDs" Value: !Ref EnabledSupplierApplicationIDsParameter diff --git a/packages/updatePrescriptionStatus/.vitest/setup-env.js b/packages/updatePrescriptionStatus/.vitest/setup-env.js index 67d1f3297a..965c591f31 100644 --- a/packages/updatePrescriptionStatus/.vitest/setup-env.js +++ b/packages/updatePrescriptionStatus/.vitest/setup-env.js @@ -5,7 +5,6 @@ process.env.ENABLE_POST_DATED_NOTIFICATIONS = "true"; process.env.AWS_REGION = "eu-west-2"; process.env.SQS_SALT = "the quick brown fox something something" process.env.ENABLED_SITE_ODS_CODES_PARAM = "ENABLED_SITE_ODS_CODES_PARAM" -process.env.ENABLED_SYSTEMS_PARAM = "ENABLED_SYSTEMS_PARAM" process.env.BLOCKED_SITE_ODS_CODES_PARAM = "BLOCKED_SITE_ODS_CODES_PARAM" process.env.ENABLE_NOTIFICATIONS_PARAM = "ENABLE_NOTIFICATIONS_PARAM" process.env.REQUIRE_APPLICATION_NAME = "false" diff --git a/packages/updatePrescriptionStatus/src/utils/sqsClient.ts b/packages/updatePrescriptionStatus/src/utils/sqsClient.ts index fd73b6aaa8..a331bd2f97 100644 --- a/packages/updatePrescriptionStatus/src/utils/sqsClient.ts +++ b/packages/updatePrescriptionStatus/src/utils/sqsClient.ts @@ -144,10 +144,7 @@ export function saltedHash( export async function getSaltValue(logger: Logger): Promise { let sqsSalt: string - if (!process.env.SQS_SALT) { - // No secret name configured at all, so fall back - sqsSalt = fallbackSalt - } else { + if (process.env.SQS_SALT) { try { // grab the secret, expecting JSON like { "salt": "string" } const secretJson = await getSecret(process.env.SQS_SALT, {transform: "json"}) @@ -172,6 +169,9 @@ export async function getSaltValue(logger: Logger): Promise { logger.error("Failed to fetch SQS_SALT from Secrets Manager, using DEV SALT", {error}) sqsSalt = fallbackSalt } + } else { + // No secret name configured at all, so fall back + sqsSalt = fallbackSalt } if (sqsSalt === fallbackSalt) { diff --git a/packages/updatePrescriptionStatus/src/validation/notificationSiteAndSystemFilters.ts b/packages/updatePrescriptionStatus/src/validation/notificationSiteAndSystemFilters.ts index a1bb33f60b..619f38c533 100644 --- a/packages/updatePrescriptionStatus/src/validation/notificationSiteAndSystemFilters.ts +++ b/packages/updatePrescriptionStatus/src/validation/notificationSiteAndSystemFilters.ts @@ -2,12 +2,7 @@ import {PSUDataItemWithPrevious} from "@psu-common/commonTypes" import {initiatedSSMProvider} from "@psu-common/utilities" import {Logger} from "@aws-lambda-powertools/logger" -const USE_APP_ID_FOR_NOTIFICATIONS_FILTERING = - (process.env.USE_APP_ID_FOR_NOTIFICATIONS_FILTERING || "false") - .toLowerCase() === "true" - -function str2set(value: string | undefined): Set { - const raw = value ?? "" +function str2set(raw = ""): Set { return new Set(raw .split(",") .map((s) => s.trim().toLowerCase()) @@ -17,26 +12,22 @@ function str2set(value: string | undefined): Set { async function loadConfig(): Promise<{ enabledSiteODSCodes: Set, - enabledSystemAppNames: Set, enabledSystemAppIds: Set, blockedSiteODSCodes: Set }> { const paramNames = { [process.env.ENABLED_SITE_ODS_CODES_PARAM!]: {maxAge: 5}, - [process.env.ENABLED_SYSTEMS_PARAM!]: {maxAge: 5}, [process.env.ENABLED_APPLICATION_IDS_PARAM!]: {maxAge: 5}, [process.env.BLOCKED_SITE_ODS_CODES_PARAM!]: {maxAge: 5} } const all = await initiatedSSMProvider.getParametersByName(paramNames) const enabledSiteODSCodes = str2set(all[process.env.ENABLED_SITE_ODS_CODES_PARAM!] as string) - const enabledSystemAppNames = str2set(all[process.env.ENABLED_SYSTEMS_PARAM!] as string) const enabledSystemAppIds = str2set(all[process.env.ENABLED_APPLICATION_IDS_PARAM!] as string) const blockedSiteODSCodes = str2set(all[process.env.BLOCKED_SITE_ODS_CODES_PARAM!] as string) return { enabledSiteODSCodes, - enabledSystemAppNames, enabledSystemAppIds, blockedSiteODSCodes } @@ -56,13 +47,12 @@ export async function checkSiteOrSystemIsNotifyEnabled( logger?: Logger ): Promise> { // Get the configuration from either the cache or SSM - const {enabledSiteODSCodes, enabledSystemAppNames, enabledSystemAppIds, blockedSiteODSCodes} = await loadConfig() + const {enabledSiteODSCodes, enabledSystemAppIds, blockedSiteODSCodes} = await loadConfig() const unfilteredItemCount = data.length logger?.info("Filtering items based on enabled sites and systems configuration", { enabledSystemAppIds: Array.from(enabledSystemAppIds), - enabledSystemAppNames: Array.from(enabledSystemAppNames), enabledODSCodes: Array.from(enabledSiteODSCodes), blockedODSCodes: Array.from(blockedSiteODSCodes) } @@ -78,19 +68,10 @@ export async function checkSiteOrSystemIsNotifyEnabled( {appId, appName, odsCode} ) - // Is this item supplier enabled? - if (USE_APP_ID_FOR_NOTIFICATIONS_FILTERING) { - logger?.info("Using application ID for notifications filtering") - const isEnabledApplication = enabledSiteODSCodes.has(odsCode) || enabledSystemAppIds.has(appId) - if (!isEnabledApplication) { - return false - } - } else { - logger?.info("Using application name for notifications filtering") - const isEnabledSystem = enabledSiteODSCodes.has(odsCode) || enabledSystemAppNames.has(appName) - if (!isEnabledSystem) { - return false - } + // Is this item's supplier enabled? + const isEnabledApplication = enabledSiteODSCodes.has(odsCode) || enabledSystemAppIds.has(appId) + if (!isEnabledApplication) { + return false } // Cannot have a blocked ODS code diff --git a/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts b/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts index c051d1b456..6eecd6eea3 100644 --- a/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts +++ b/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts @@ -14,8 +14,6 @@ import {createMockDataItem} from "./utils/testUtils" const {mockSend, mockGetSecret, mockInitiatedSSMProvider} = vi.hoisted(() => { const mockGetParametersByName = vi.fn(async () => ({ [process.env.ENABLED_SITE_ODS_CODES_PARAM!]: "FA565", - // eslint-disable-next-line max-len - [process.env.ENABLED_SYSTEMS_PARAM!]: "Internal Test System,Apotec Ltd - Apotec CRM - Production,CrxPatientApp,nhsPrescriptionApp,Titan PSU Prod", [process.env.BLOCKED_SITE_ODS_CODES_PARAM!]: "B3J1Z" })) From 51faee53cbcf1b902b32bf10ac61bd57e8a0a531 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Tue, 21 Apr 2026 12:55:31 +0000 Subject: [PATCH 02/12] Remove wrong app IDs --- .github/workflows/release.yml | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index de24292db8..a61d280000 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: verify_published_from_main_image: true quality_checks: uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8399c1f015c1304e40771cbd8ccc24c7ed48fdbc - needs: [get_config_values] + needs: [ get_config_values ] permissions: contents: read id-token: write @@ -37,7 +37,7 @@ jobs: echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" tag_release: - needs: [quality_checks, get_commit_id, get_config_values] + needs: [ quality_checks, get_commit_id, get_config_values ] uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929 permissions: id-token: write @@ -54,7 +54,7 @@ jobs: EXECUTE_JIRA_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} package_code: - needs: [tag_release, get_config_values] + needs: [ tag_release, get_config_values ] uses: ./.github/workflows/run_package_code_and_api.yml permissions: contents: read @@ -64,7 +64,7 @@ jobs: pinned_image: ${{ needs.get_config_values.outputs.pinned_image }} release_dev: - needs: [tag_release, package_code, get_commit_id, get_config_values] + needs: [ tag_release, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -116,7 +116,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_dev_sandbox: - needs: [tag_release, package_code, get_commit_id, get_config_values] + needs: [ tag_release, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -271,8 +271,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_int: - needs: - [tag_release, release_qa, package_code, get_commit_id, get_config_values] + needs: [ tag_release, release_qa, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -323,8 +322,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_int_sandbox: - needs: - [tag_release, release_qa, package_code, get_commit_id, get_config_values] + needs: [ tag_release, release_qa, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -408,7 +406,7 @@ jobs: ENABLE_NOTIFICATIONS_EXTERNAL: true ENABLE_POST_DATED_NOTIFICATIONS: false BLOCKED_SITE_ODS_CODES: "XXXXX" # Workaround empty string handling - ENABLED_SUPPLIER_APPLICATION_IDS: "30c8d461-e875-4882-85d1-4d5d90f7f17b,f7a08809-09f5-4215-a5c8-e280705aba77,401b11d1-5608-4d6e-8359-9bbed6c90e7e,4b2d703f-d8bb-4c82-8340-b1a97481a46a,9331742d-ccc3-4081-b54b-22e8f946a1ce,ee353200-2b8f-47be-8b70-d0777e80d92f" + ENABLED_SUPPLIER_APPLICATION_IDS: ee353200-2b8f-47be-8b70-d0777e80d92f" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" # INT and PROD share a value NOTIFY_API_BASE_URL: "https://api.service.nhs.uk" MTLS_KEY: psu-mtls-1 From 5efe9c602ae8cf0e2061ef8baf873c3492bd3f85 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Tue, 21 Apr 2026 14:16:20 +0000 Subject: [PATCH 03/12] Address copilot comments --- .github/workflows/release.yml | 2 +- packages/updatePrescriptionStatus/.vitest/setup-env.js | 1 + packages/updatePrescriptionStatus/tests/testSqsClient.test.ts | 3 ++- 3 files changed, 4 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index a61d280000..92d79bce97 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -406,7 +406,7 @@ jobs: ENABLE_NOTIFICATIONS_EXTERNAL: true ENABLE_POST_DATED_NOTIFICATIONS: false BLOCKED_SITE_ODS_CODES: "XXXXX" # Workaround empty string handling - ENABLED_SUPPLIER_APPLICATION_IDS: ee353200-2b8f-47be-8b70-d0777e80d92f" + ENABLED_SUPPLIER_APPLICATION_IDS: "ee353200-2b8f-47be-8b70-d0777e80d92f" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" # INT and PROD share a value NOTIFY_API_BASE_URL: "https://api.service.nhs.uk" MTLS_KEY: psu-mtls-1 diff --git a/packages/updatePrescriptionStatus/.vitest/setup-env.js b/packages/updatePrescriptionStatus/.vitest/setup-env.js index 965c591f31..30880bdefe 100644 --- a/packages/updatePrescriptionStatus/.vitest/setup-env.js +++ b/packages/updatePrescriptionStatus/.vitest/setup-env.js @@ -7,4 +7,5 @@ process.env.SQS_SALT = "the quick brown fox something something" process.env.ENABLED_SITE_ODS_CODES_PARAM = "ENABLED_SITE_ODS_CODES_PARAM" process.env.BLOCKED_SITE_ODS_CODES_PARAM = "BLOCKED_SITE_ODS_CODES_PARAM" process.env.ENABLE_NOTIFICATIONS_PARAM = "ENABLE_NOTIFICATIONS_PARAM" +process.env.ENABLED_APPLICATION_IDS_PARAM = "ENABLED_APPLICATION_IDS_PARAM" process.env.REQUIRE_APPLICATION_NAME = "false" diff --git a/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts b/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts index 6eecd6eea3..d93ba18e90 100644 --- a/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts +++ b/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts @@ -14,7 +14,8 @@ import {createMockDataItem} from "./utils/testUtils" const {mockSend, mockGetSecret, mockInitiatedSSMProvider} = vi.hoisted(() => { const mockGetParametersByName = vi.fn(async () => ({ [process.env.ENABLED_SITE_ODS_CODES_PARAM!]: "FA565", - [process.env.BLOCKED_SITE_ODS_CODES_PARAM!]: "B3J1Z" + [process.env.BLOCKED_SITE_ODS_CODES_PARAM!]: "B3J1Z", + [process.env.ENABLED_APPLICATION_IDS_PARAM!]: "550e8400-e29b-41d4-a716-446655440000" })) return { From c496223ad6e603928c8754cf816351ba2e0dd243 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Tue, 21 Apr 2026 14:25:14 +0000 Subject: [PATCH 04/12] Update zizmor --- zizmor.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zizmor.yml b/zizmor.yml index a77627f532..d4ea4e1227 100644 --- a/zizmor.yml +++ b/zizmor.yml @@ -2,7 +2,7 @@ rules: unpinned-images: # these workflows use unpinned images because they are using a full image passed in that contains the tag ignore: - - run_release_code_and_api.yml:146:18 + - run_release_code_and_api.yml:143:18 - run_regression_tests.yml:26:18 - run_package_code_and_api.yml:16:18 secrets-outside-env: From bbbcb5f0f32aaec3c79fb51ea02c9f5d18bff767 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Thu, 30 Apr 2026 13:00:33 +0000 Subject: [PATCH 05/12] Remove application name from unit tests --- .../tests/testSqsClient.test.ts | 23 ++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts b/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts index d93ba18e90..c4682d538d 100644 --- a/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts +++ b/packages/updatePrescriptionStatus/tests/testSqsClient.test.ts @@ -458,42 +458,41 @@ describe("Unit tests for checkSiteOrSystemIsNotifyEnabled", () => { it("includes an item with an enabled ODS code", async () => { const previous = createMockDataItem({ PharmacyODSCode: "FA565", - ApplicationName: "not a real test supplier", + ApplicationID: "00000000-0000-0000-0000-000000000000", Status: "previous" }) const current = createMockDataItem({ PharmacyODSCode: "FA565", - ApplicationName: "not a real test supplier" + ApplicationID: "00000000-0000-0000-0000-000000000000" }) const result = await checkSiteOrSystemIsNotifyEnabled([{previous, current}], logger) expect(result).toStrictEqual([{previous, current}]) expectLogReceivedAndAllowed(infoSpy, 1, 1) }) - it("includes an item with an enabled ApplicationName", async () => { + it("includes an item with an enabled ApplicationID", async () => { const previous = createMockDataItem({ PharmacyODSCode: "ZZZ999", - ApplicationName: "Internal Test System", + ApplicationID: "550e8400-e29b-41d4-a716-446655440000", Status: "previous" }) const current = createMockDataItem({ PharmacyODSCode: "ZZZ999", - ApplicationName: "Internal Test System" + ApplicationID: "550e8400-e29b-41d4-a716-446655440000" }) const result = await checkSiteOrSystemIsNotifyEnabled([{previous, current}], logger) expect(result).toEqual([{previous, current}]) expectLogReceivedAndAllowed(infoSpy, 1, 1) }) - it("is case insensitive for both ODS code and ApplicationName", async () => { + it("is case insensitive for both ODS code and ApplicationID", async () => { const item1 = createMockDataItem({ PharmacyODSCode: "fa565", - ApplicationName: "not a real test supplier" + ApplicationID: "00000000-0000-0000-0000-000000000000" }) const item2 = createMockDataItem({ PharmacyODSCode: "zzz999", - ApplicationName: "internal test SYSTEM", - ApplicationID: "550e8400-e29b-41d4-a716-446655440000" + ApplicationID: "550E8400-E29B-41D4-A716-446655440000" }) const result = await checkSiteOrSystemIsNotifyEnabled([ { @@ -520,12 +519,12 @@ describe("Unit tests for checkSiteOrSystemIsNotifyEnabled", () => { it("excludes an item when its ODS code is blocked, even if otherwise enabled", async () => { const previous = createMockDataItem({ PharmacyODSCode: "b3j1z", - ApplicationName: "Internal Test System", + ApplicationID: "550e8400-e29b-41d4-a716-446655440000", Status: "previous" }) const current = createMockDataItem({ PharmacyODSCode: "b3j1z", - ApplicationName: "Internal Test System" + ApplicationID: "550e8400-e29b-41d4-a716-446655440000" }) const result = await checkSiteOrSystemIsNotifyEnabled([{previous, current}], logger) expect(result).toEqual([]) @@ -535,13 +534,11 @@ describe("Unit tests for checkSiteOrSystemIsNotifyEnabled", () => { it("excludes items that are neither enabled nor blocked", async () => { const previous = createMockDataItem({ PharmacyODSCode: "NOTINLIST", - ApplicationName: "Some Other System", ApplicationID: "550e8400-e29b-41d4-a716-446655441234", Status: "previous" }) const current = createMockDataItem({ PharmacyODSCode: "NOTINLIST", - ApplicationName: "Some Other System", ApplicationID: "550e8400-e29b-41d4-a716-446655441234" }) const result = await checkSiteOrSystemIsNotifyEnabled([{previous, current}], logger) From cb3ea57b99f0934ce417308c9e9aa3da3d9eed31 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Thu, 30 Apr 2026 13:32:12 +0000 Subject: [PATCH 06/12] Lint --- .github/workflows/release.yml | 37 ++++++----------------------------- 1 file changed, 6 insertions(+), 31 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index d699f909e7..ff6161fcb4 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: verify_published_from_main_image: true quality_checks: uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@b83cff6a2951a8a2951b8c00a7734edd0cc832d3 - needs: [get_config_values] + needs: [ get_config_values ] permissions: contents: read id-token: write @@ -37,7 +37,7 @@ jobs: echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" tag_release: - needs: [quality_checks, get_commit_id, get_config_values] + needs: [ quality_checks, get_commit_id, get_config_values ] uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@b83cff6a2951a8a2951b8c00a7734edd0cc832d3 permissions: id-token: write @@ -161,15 +161,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_ref: - needs: - [ - tag_release, - release_dev, - release_dev_sandbox, - package_code, - get_commit_id, - get_config_values, - ] + needs: [ tag_release, release_dev, release_dev_sandbox, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -216,15 +208,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_qa: - needs: - [ - tag_release, - release_dev, - release_dev_sandbox, - package_code, - get_commit_id, - get_config_values, - ] + needs: [ tag_release, release_dev, release_dev_sandbox, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -368,15 +352,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_prod: - needs: - [ - tag_release, - release_int, - release_int_sandbox, - package_code, - get_commit_id, - get_config_values, - ] + needs: [ tag_release, release_int, release_int_sandbox, package_code, get_commit_id, get_config_values ] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -408,8 +384,7 @@ jobs: ENABLE_POST_DATED_NOTIFICATIONS: false BLOCKED_SITE_ODS_CODES: "XXXXX" # Workaround empty string handling # See https://nhsd-confluence.digital.nhs.uk/spaces/APIMC/pages/1345218865/Mapping+of+Suppliers+to+APIM+Onboarding+Portal+Apps - ENABLED_SUPPLIER_APPLICATION_IDS: "ee353200-2b8f-47be-8b70-d0777e80d92f,30c8d46\ - 1-e875-4882-85d1-4d5d90f7f17b" + ENABLED_SUPPLIER_APPLICATION_IDS: "ee353200-2b8f-47be-8b70-d0777e80d92f,30c8d461-e875-4882-85d1-4d5d90f7f17b" NOTIFY_ROUTING_PLAN_ID: "e57fe5cc-0567-4854-abe2-b7dd9014a50c" # INT and PROD share a value NOTIFY_API_BASE_URL: "https://api.service.nhs.uk" MTLS_KEY: psu-mtls-1 From 0692d326f81b887bc0be54e00e4db7d95d843552 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Thu, 30 Apr 2026 13:51:42 +0000 Subject: [PATCH 07/12] Missed a deprecated flag --- .github/scripts/release_code.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/scripts/release_code.sh b/.github/scripts/release_code.sh index 47a7e5813b..b338d0b692 100755 --- a/.github/scripts/release_code.sh +++ b/.github/scripts/release_code.sh @@ -68,7 +68,6 @@ sam deploy \ EnableNotificationsExternal="$ENABLE_NOTIFICATIONS_EXTERNAL" \ EnabledSiteODSCodesValue="${ENABLED_SITE_ODS_CODES:-' '}" \ EnablePostDatedNotifications="$ENABLE_POST_DATED_NOTIFICATIONS" \ - EnabledSystemsValue="${ENABLED_SYSTEMS:-' '}" \ EnabledSupplierApplicationIDsValue="${ENABLED_SUPPLIER_APPLICATION_IDS:-' '}" \ BlockedSiteODSCodesValue="${BLOCKED_SITE_ODS_CODES:-' '}" \ NotifyRoutingPlanIDValue="$NOTIFY_ROUTING_PLAN_ID" \ From ef9b99ab47f027dbfaf2f6f7edb124610139a0d8 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Fri, 1 May 2026 11:06:30 +0000 Subject: [PATCH 08/12] Remove unnecessary checks --- .github/workflows/run_release_code_and_api.yml | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/.github/workflows/run_release_code_and_api.yml b/.github/workflows/run_release_code_and_api.yml index f55f37b577..b4b47d51c5 100644 --- a/.github/workflows/run_release_code_and_api.yml +++ b/.github/workflows/run_release_code_and_api.yml @@ -260,8 +260,7 @@ jobs: - name: Deploy PSU API shell: bash working-directory: .github/scripts - if: ${{ inputs.DEPLOY_APIGEE == true && always() && !failure() && !cancelled() - }} + if: ${{ inputs.DEPLOY_APIGEE == true }} env: API_TYPE: standard VERSION_NUMBER: ${{ inputs.VERSION_NUMBER }} @@ -283,8 +282,7 @@ jobs: - name: Deploy CPSU API shell: bash working-directory: .github/scripts - if: ${{ inputs.DEPLOY_APIGEE_CPSU == true && always() && !failure() && - !cancelled() }} + if: ${{ inputs.DEPLOY_APIGEE_CPSU == true }} env: API_TYPE: custom VERSION_NUMBER: ${{ inputs.VERSION_NUMBER }} @@ -328,8 +326,7 @@ jobs: VERSION_NUMBER: ${{ inputs.VERSION_NUMBER }} regression_tests: - if: ${{ inputs.RUN_REGRESSION_TEST == true && always() && !failure() && - !cancelled() }} + if: ${{ inputs.RUN_REGRESSION_TEST == true }} name: Regression Tests uses: ./.github/workflows/run_regression_tests.yml needs: release_code_and_api From ce9db0c2653f369cc5ce41b5e094a5858330db81 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Fri, 1 May 2026 11:08:37 +0000 Subject: [PATCH 09/12] Consistent linting --- .github/workflows/pull_request.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index a170ceac65..aeb71e5ac6 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -14,7 +14,7 @@ jobs: verify_published_from_main_image: false quality_checks: uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@bda627e2ce1a32ea56bcc815aec57b06cfa63c9d - needs: [get_config_values] + needs: [ get_config_values ] permissions: contents: read id-token: write @@ -53,7 +53,7 @@ jobs: } result-encoding: string tag_release: - needs: [get_config_values] + needs: [ get_config_values ] uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@bda627e2ce1a32ea56bcc815aec57b06cfa63c9d permissions: id-token: write From 88b055efa75b5b0f5bd23d762c25d844012b2ee5 Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Fri, 1 May 2026 12:24:07 +0100 Subject: [PATCH 10/12] Remove bracket padding --- .github/workflows/pull_request.yml | 12 ++++++------ .github/workflows/release.yml | 20 ++++++++++---------- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml index aeb71e5ac6..7f7e40a739 100644 --- a/.github/workflows/pull_request.yml +++ b/.github/workflows/pull_request.yml @@ -1,7 +1,7 @@ name: deploy_pr on: pull_request: - branches: [ main ] + branches: [main] permissions: {} jobs: get_config_values: @@ -14,7 +14,7 @@ jobs: verify_published_from_main_image: false quality_checks: uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@bda627e2ce1a32ea56bcc815aec57b06cfa63c9d - needs: [ get_config_values ] + needs: [get_config_values] permissions: contents: read id-token: write @@ -53,7 +53,7 @@ jobs: } result-encoding: string tag_release: - needs: [ get_config_values ] + needs: [get_config_values] uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@bda627e2ce1a32ea56bcc815aec57b06cfa63c9d permissions: id-token: write @@ -74,7 +74,7 @@ jobs: run: | echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" package_code: - needs: [ get_issue_number, get_config_values ] + needs: [get_issue_number, get_config_values] uses: ./.github/workflows/run_package_code_and_api.yml permissions: contents: read @@ -83,7 +83,7 @@ jobs: with: pinned_image: ${{ needs.get_config_values.outputs.pinned_image }} release_code: - needs: [ get_issue_number, package_code, get_commit_id, get_config_values ] + needs: [get_issue_number, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -130,7 +130,7 @@ jobs: PROXYGEN_ROLE: ${{ secrets.PROXYGEN_PTL_ROLE }} REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_sandbox_code: - needs: [ get_issue_number, package_code, get_commit_id, get_config_values ] + needs: [get_issue_number, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index ff6161fcb4..82208259cd 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -16,7 +16,7 @@ jobs: verify_published_from_main_image: true quality_checks: uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@b83cff6a2951a8a2951b8c00a7734edd0cc832d3 - needs: [ get_config_values ] + needs: [get_config_values] permissions: contents: read id-token: write @@ -37,7 +37,7 @@ jobs: echo "commit_id=${{ github.sha }}" >> "$GITHUB_OUTPUT" tag_release: - needs: [ quality_checks, get_commit_id, get_config_values ] + needs: [quality_checks, get_commit_id, get_config_values] uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@b83cff6a2951a8a2951b8c00a7734edd0cc832d3 permissions: id-token: write @@ -54,7 +54,7 @@ jobs: EXECUTE_JIRA_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }} package_code: - needs: [ tag_release, get_config_values ] + needs: [tag_release, get_config_values] uses: ./.github/workflows/run_package_code_and_api.yml permissions: contents: read @@ -64,7 +64,7 @@ jobs: pinned_image: ${{ needs.get_config_values.outputs.pinned_image }} release_dev: - needs: [ tag_release, package_code, get_commit_id, get_config_values ] + needs: [tag_release, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -116,7 +116,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_dev_sandbox: - needs: [ tag_release, package_code, get_commit_id, get_config_values ] + needs: [tag_release, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -161,7 +161,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_ref: - needs: [ tag_release, release_dev, release_dev_sandbox, package_code, get_commit_id, get_config_values ] + needs: [tag_release, release_dev, release_dev_sandbox, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -208,7 +208,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_qa: - needs: [ tag_release, release_dev, release_dev_sandbox, package_code, get_commit_id, get_config_values ] + needs: [tag_release, release_dev, release_dev_sandbox, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -255,7 +255,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_int: - needs: [ tag_release, release_qa, package_code, get_commit_id, get_config_values ] + needs: [tag_release, release_qa, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -307,7 +307,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_int_sandbox: - needs: [ tag_release, release_qa, package_code, get_commit_id, get_config_values ] + needs: [tag_release, release_qa, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -352,7 +352,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_prod: - needs: [ tag_release, release_int, release_int_sandbox, package_code, get_commit_id, get_config_values ] + needs: [tag_release, release_int, release_int_sandbox, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write From f231ca64b4b0f0cd1c2d6b7c4c86771dba6af0ae Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Fri, 1 May 2026 14:51:43 +0100 Subject: [PATCH 11/12] Remove bracket padding --- .github/workflows/ci.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 6d608ebf77..f58f0a37d7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -2,7 +2,7 @@ name: merge to main workflow on: push: - branches: [ main ] + branches: [main] permissions: {} @@ -52,7 +52,7 @@ jobs: tag_format: ${{ needs.get_config_values.outputs.tag_format }} package_code: - needs: [ tag_release, get_config_values ] + needs: [tag_release, get_config_values] uses: ./.github/workflows/run_package_code_and_api.yml permissions: contents: read @@ -62,7 +62,7 @@ jobs: pinned_image: ${{ needs.get_config_values.outputs.pinned_image }} release_dev: - needs: [ tag_release, package_code, get_commit_id, get_config_values ] + needs: [tag_release, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -110,7 +110,7 @@ jobs: REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }} release_sandbox_dev: - needs: [ tag_release, package_code, get_commit_id, get_config_values ] + needs: [tag_release, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write @@ -152,7 +152,7 @@ jobs: PROXYGEN_ROLE: ${{ secrets.PROXYGEN_PTL_ROLE }} release_qa: - needs: [ tag_release, release_dev, package_code, get_commit_id, get_config_values ] + needs: [tag_release, release_dev, package_code, get_commit_id, get_config_values] uses: ./.github/workflows/run_release_code_and_api.yml permissions: contents: write From ba7096d14151443c4eccfeb815d5b3e00f90dc3a Mon Sep 17 00:00:00 2001 From: Jim Wild Date: Fri, 1 May 2026 15:47:56 +0000 Subject: [PATCH 12/12] Update RT tag --- .github/workflows/run_regression_tests.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/run_regression_tests.yml b/.github/workflows/run_regression_tests.yml index 3b658de35f..125d2153e0 100644 --- a/.github/workflows/run_regression_tests.yml +++ b/.github/workflows/run_regression_tests.yml @@ -60,11 +60,11 @@ jobs: run: | if [[ "$TARGET_ENVIRONMENT" != "prod" && "$TARGET_ENVIRONMENT" != "ref" ]]; then # this should be the tag of the tests you want to run - REGRESSION_TEST_REPO_TAG=v3.10.9 + REGRESSION_TEST_REPO_TAG=v3.12.36 # this should be the tag of the regression test workflow you want to run # This will normally be the same as REGRESSION_TEST_REPO_TAG - REGRESSION_TEST_WORKFLOW_TAG=v3.10.9 + REGRESSION_TEST_WORKFLOW_TAG=v3.12.36 curl https://raw.githubusercontent.com/NHSDigital/electronic-prescription-service-api-regression-tests/refs/tags/${REGRESSION_TEST_WORKFLOW_TAG}/scripts/run_regression_tests.py -o run_regression_tests.py poetry install