From 45b2250e81f91e6363650c3d94afd948aaba2378 Mon Sep 17 00:00:00 2001 From: Matt Dean Date: Fri, 9 May 2025 13:56:34 +0100 Subject: [PATCH 1/4] [NRL-1375] Switch all remaining workflows to run on codebuild project --- .github/workflows/activate-stack.yml | 2 +- .github/workflows/persistent-environment.yml | 12 ++++++------ .github/workflows/pr-env-deploy.yml | 12 ++++++------ .github/workflows/pr-env-destroy.yml | 4 ++-- .github/workflows/rollback-stack.yml | 2 +- .github/workflows/update-lambda-permissions.yml | 10 +++++----- 6 files changed, 21 insertions(+), 21 deletions(-) diff --git a/.github/workflows/activate-stack.yml b/.github/workflows/activate-stack.yml index 44d213cd8..ce5bf971e 100644 --- a/.github/workflows/activate-stack.yml +++ b/.github/workflows/activate-stack.yml @@ -23,7 +23,7 @@ permissions: jobs: activate-stack: name: Activate ${{ inputs.stack_name }} for ${{ inputs.environment }} - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} steps: diff --git a/.github/workflows/persistent-environment.yml b/.github/workflows/persistent-environment.yml index 7e4016354..1d6fbc9f2 100644 --- a/.github/workflows/persistent-environment.yml +++ b/.github/workflows/persistent-environment.yml @@ -22,7 +22,7 @@ permissions: jobs: build: name: Build - ${{ inputs.branch_name }} - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} steps: - name: Git clone - ${{ inputs.branch_name }} @@ -91,7 +91,7 @@ jobs: name: Terraform Plan - ${{ inputs.environment }} needs: [build] environment: ${{ inputs.environment }} - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} steps: - name: Git clone - ${{ inputs.branch_name }} @@ -170,7 +170,7 @@ jobs: terraform-apply: name: Terraform Apply - ${{ inputs.environment }} needs: [terraform-plan] - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} steps: @@ -252,7 +252,7 @@ jobs: activate-stack: name: Activate - ${{ inputs.environment }} needs: [terraform-apply] - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} steps: @@ -297,7 +297,7 @@ jobs: post-release-verify: name: Verify - ${{ inputs.environment }} needs: [activate-stack] - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} steps: @@ -342,7 +342,7 @@ jobs: name: Rollback - ${{ inputs.environment }} needs: [post-release-verify] if: always() && ( needs.post-release-verify.result == 'failure' ) - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} steps: diff --git a/.github/workflows/pr-env-deploy.yml b/.github/workflows/pr-env-deploy.yml index c21dbc24d..fee283c2e 100644 --- a/.github/workflows/pr-env-deploy.yml +++ b/.github/workflows/pr-env-deploy.yml @@ -19,7 +19,7 @@ permissions: jobs: set-environment-id: name: Set Environment ID - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: pull-request steps: - name: Set a ID based on the branch name @@ -44,7 +44,7 @@ jobs: build: name: Build Application - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: pull-request steps: - name: Git Clone - ${{ github.event.pull_request.head.ref }} @@ -121,7 +121,7 @@ jobs: deploy: name: Deploy PR Environment - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: pull-request needs: [set-environment-id, build] @@ -221,7 +221,7 @@ jobs: name: Run Integration Tests needs: [set-environment-id, deploy] environment: pull-request - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} steps: - name: Git Clone - ${{ github.event.pull_request.head.ref }} @@ -270,7 +270,7 @@ jobs: name: Run Smoke Tests needs: [set-environment-id, integration-test] environment: pull-request - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} steps: - name: Git Clone - ${{ github.event.pull_request.head.ref }} uses: actions/checkout@v4 @@ -317,7 +317,7 @@ jobs: name: Run Performance Tests needs: [set-environment-id, integration-test] environment: pull-request - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} steps: - name: Git Clone - ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/pr-env-destroy.yml b/.github/workflows/pr-env-destroy.yml index fded06408..09b6efb6a 100644 --- a/.github/workflows/pr-env-destroy.yml +++ b/.github/workflows/pr-env-destroy.yml @@ -19,7 +19,7 @@ permissions: jobs: set-environment-id: name: Set Environment ID - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} steps: - name: Set a ID based on the branch name id: set_environment_id @@ -46,7 +46,7 @@ jobs: name: Destroy PR Environment needs: [set-environment-id] environment: pull-request - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} steps: - name: Git Clone - ${{ github.event.pull_request.head.ref }} diff --git a/.github/workflows/rollback-stack.yml b/.github/workflows/rollback-stack.yml index 13793ac38..41b2b034b 100644 --- a/.github/workflows/rollback-stack.yml +++ b/.github/workflows/rollback-stack.yml @@ -18,7 +18,7 @@ permissions: jobs: rollback-stack: name: Rollback to inactive stack for ${{ inputs.environment }} - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} steps: diff --git a/.github/workflows/update-lambda-permissions.yml b/.github/workflows/update-lambda-permissions.yml index 55214220b..b3c69c60e 100644 --- a/.github/workflows/update-lambda-permissions.yml +++ b/.github/workflows/update-lambda-permissions.yml @@ -29,7 +29,7 @@ permissions: jobs: check-versions: name: Check versions - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} steps: - name: Git clone - ${{ github.ref }} @@ -90,7 +90,7 @@ jobs: build-permissions: name: Build permissions - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} needs: [check-versions] @@ -142,7 +142,7 @@ jobs: pull-deployed-lambdas: name: Pull deployed lambdas - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} needs: [check-versions] @@ -181,7 +181,7 @@ jobs: terraform-plan: name: Plan changes - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} needs: [build-permissions, pull-deployed-lambdas] @@ -256,7 +256,7 @@ jobs: terraform-apply: name: Apply permissions - runs-on: [self-hosted, ci] + runs-on: codebuild-nhsd-nrlf-ci-build-project-${{ github.run_id }}-${{ github.run_attempt }} environment: ${{ inputs.environment }} needs: terraform-plan From d822683f0f50bb4c094557b80d9bdf703750e68f Mon Sep 17 00:00:00 2001 From: Matt Dean Date: Fri, 9 May 2025 14:21:12 +0100 Subject: [PATCH 2/4] [NRL-1375] Remove all ASDF stuff from CI workflows --- .github/workflows/persistent-environment.yml | 96 ------------------- .github/workflows/pr-env-deploy.yml | 71 -------------- .github/workflows/pr-env-destroy.yml | 8 -- .github/workflows/rollback-stack.yml | 16 ---- .../workflows/update-lambda-permissions.yml | 48 ---------- 5 files changed, 239 deletions(-) diff --git a/.github/workflows/persistent-environment.yml b/.github/workflows/persistent-environment.yml index 1d6fbc9f2..a8a16e22d 100644 --- a/.github/workflows/persistent-environment.yml +++ b/.github/workflows/persistent-environment.yml @@ -30,22 +30,6 @@ jobs: with: ref: ${{ inputs.branch_name }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -99,19 +83,6 @@ jobs: with: ref: ${{ inputs.branch_name }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -130,9 +101,6 @@ jobs: name: build-artifacts path: dist - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -179,19 +147,6 @@ jobs: with: ref: ${{ inputs.branch_name }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Download build artifacts uses: actions/download-artifact@v4 with: @@ -220,9 +175,6 @@ jobs: account=$(echo '${{ inputs.environment }}' | cut -d '-' -f1) make truststore-pull-server ENV=${account} - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -261,19 +213,6 @@ jobs: with: ref: ${{ inputs.branch_name }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -281,9 +220,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -306,19 +242,6 @@ jobs: with: ref: ${{ inputs.branch_name }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -326,9 +249,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -351,19 +271,6 @@ jobs: with: ref: ${{ inputs.branch_name }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -371,9 +278,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root diff --git a/.github/workflows/pr-env-deploy.yml b/.github/workflows/pr-env-deploy.yml index fee283c2e..cb1d00412 100644 --- a/.github/workflows/pr-env-deploy.yml +++ b/.github/workflows/pr-env-deploy.yml @@ -52,22 +52,6 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -131,19 +115,6 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -167,9 +138,6 @@ jobs: - name: Retrieve Server Certificates run: make truststore-pull-server ENV=dev - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -229,19 +197,6 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf and tools - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Python Dependency Install run: poetry install --no-root @@ -277,19 +232,6 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf and tools - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Setup Python environment run: | poetry install --no-root @@ -325,19 +267,6 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf and tools - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Setup Python environment run: | poetry install --no-root diff --git a/.github/workflows/pr-env-destroy.yml b/.github/workflows/pr-env-destroy.yml index 09b6efb6a..2a7a121f1 100644 --- a/.github/workflows/pr-env-destroy.yml +++ b/.github/workflows/pr-env-destroy.yml @@ -54,14 +54,6 @@ jobs: with: ref: ${{ github.event.pull_request.merged && github.event.pull_request.base.ref || github.event.pull_request.head.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: diff --git a/.github/workflows/rollback-stack.yml b/.github/workflows/rollback-stack.yml index 41b2b034b..553628d6e 100644 --- a/.github/workflows/rollback-stack.yml +++ b/.github/workflows/rollback-stack.yml @@ -27,19 +27,6 @@ jobs: with: ref: ${{ github.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -47,9 +34,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root diff --git a/.github/workflows/update-lambda-permissions.yml b/.github/workflows/update-lambda-permissions.yml index b3c69c60e..e75fc0c3e 100644 --- a/.github/workflows/update-lambda-permissions.yml +++ b/.github/workflows/update-lambda-permissions.yml @@ -37,22 +37,6 @@ jobs: with: ref: ${{ github.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -101,22 +85,6 @@ jobs: with: ref: ${{ github.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root @@ -192,22 +160,6 @@ jobs: with: ref: ${{ github.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 - - - name: Install zip - run: sudo apt-get install zip - - name: Setup Python environment run: | poetry install --no-root From e9554723b61cb529fd651d47db76f305bdeee187 Mon Sep 17 00:00:00 2001 From: Matt Dean Date: Fri, 9 May 2025 14:44:59 +0100 Subject: [PATCH 3/4] [NRL-1375] Update all workflows to use new codebuild setup-env step --- .github/workflows/daily-build.yml | 8 +-- .github/workflows/persistent-environment.yml | 49 ++++++++++--------- .github/workflows/pr-env-deploy.yml | 28 ++++++----- .github/workflows/pr-env-destroy.yml | 5 ++ .github/workflows/rollback-stack.yml | 10 ++-- .../workflows/update-lambda-permissions.yml | 5 ++ 6 files changed, 58 insertions(+), 47 deletions(-) diff --git a/.github/workflows/daily-build.yml b/.github/workflows/daily-build.yml index 9205594af..6a5265431 100644 --- a/.github/workflows/daily-build.yml +++ b/.github/workflows/daily-build.yml @@ -39,13 +39,7 @@ jobs: run: make test - name: Build Project - run: | - echo "PATH: ${PATH}" - echo "HOME: ${HOME}" - echo "python: $(which python)" - echo "asdf: $(which asdf)" - echo "/usr/local/bin: $(ls -la /usr/local/bin)" - make build + run: make build - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 diff --git a/.github/workflows/persistent-environment.yml b/.github/workflows/persistent-environment.yml index a8a16e22d..2025bd24b 100644 --- a/.github/workflows/persistent-environment.yml +++ b/.github/workflows/persistent-environment.yml @@ -30,10 +30,10 @@ jobs: with: ref: ${{ inputs.branch_name }} - - name: Setup Python environment + - name: Setup environment run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH poetry install --no-root - source $(poetry env info --path)/bin/activate - name: Run Linting run: make lint @@ -83,6 +83,11 @@ jobs: with: ref: ${{ inputs.branch_name }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -101,11 +106,6 @@ jobs: name: build-artifacts path: dist - - name: Setup Python environment - run: | - poetry install --no-root - source $(poetry env info --path)/bin/activate - - name: Restore NRLF permissions cache uses: actions/cache/restore@v4 with: @@ -147,6 +147,11 @@ jobs: with: ref: ${{ inputs.branch_name }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Download build artifacts uses: actions/download-artifact@v4 with: @@ -175,11 +180,6 @@ jobs: account=$(echo '${{ inputs.environment }}' | cut -d '-' -f1) make truststore-pull-server ENV=${account} - - name: Setup Python environment - run: | - poetry install --no-root - source $(poetry env info --path)/bin/activate - - name: Terraform Init run: | inactive_stack=$(poetry run python ./scripts/get_env_config.py inactive-stack ${{ inputs.environment }}) @@ -213,6 +213,11 @@ jobs: with: ref: ${{ inputs.branch_name }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -220,11 +225,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Setup Python environment - run: | - poetry install --no-root - source $(poetry env info --path)/bin/activate - - name: Activate Stack run: | inactive_stack=$(poetry run python ./scripts/get_env_config.py inactive-stack ${{ inputs.environment }}) @@ -242,6 +242,11 @@ jobs: with: ref: ${{ inputs.branch_name }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -249,11 +254,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Setup Python environment - run: | - poetry install --no-root - source $(poetry env info --path)/bin/activate - - name: "Smoke Test" run: | make ENV=${{ inputs.environment }} test-smoke-public @@ -271,6 +271,11 @@ jobs: with: ref: ${{ inputs.branch_name }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: diff --git a/.github/workflows/pr-env-deploy.yml b/.github/workflows/pr-env-deploy.yml index cb1d00412..d5ac9a878 100644 --- a/.github/workflows/pr-env-deploy.yml +++ b/.github/workflows/pr-env-deploy.yml @@ -52,10 +52,10 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Setup Python environment + - name: Setup environment run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH poetry install --no-root - source $(poetry env info --path)/bin/activate - name: Run Linting run: make lint @@ -115,6 +115,11 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -138,11 +143,6 @@ jobs: - name: Retrieve Server Certificates run: make truststore-pull-server ENV=dev - - name: Setup Python environment - run: | - poetry install --no-root - source $(poetry env info --path)/bin/activate - - name: Terraform Init run: | terraform -chdir=terraform/infrastructure init @@ -197,8 +197,10 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Python Dependency Install - run: poetry install --no-root + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 @@ -232,10 +234,10 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Setup Python environment + - name: Setup environment run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH poetry install --no-root - source $(poetry env info --path)/bin/activate - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 @@ -267,10 +269,10 @@ jobs: with: ref: ${{ github.event.pull_request.head.ref }} - - name: Setup Python environment + - name: Setup environment run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH poetry install --no-root - source $(poetry env info --path)/bin/activate - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 diff --git a/.github/workflows/pr-env-destroy.yml b/.github/workflows/pr-env-destroy.yml index 2a7a121f1..42e5bab46 100644 --- a/.github/workflows/pr-env-destroy.yml +++ b/.github/workflows/pr-env-destroy.yml @@ -54,6 +54,11 @@ jobs: with: ref: ${{ github.event.pull_request.merged && github.event.pull_request.base.ref || github.event.pull_request.head.ref }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Configure AWS Credentials uses: aws-actions/configure-aws-credentials@v4 with: diff --git a/.github/workflows/rollback-stack.yml b/.github/workflows/rollback-stack.yml index 553628d6e..954abc18b 100644 --- a/.github/workflows/rollback-stack.yml +++ b/.github/workflows/rollback-stack.yml @@ -27,6 +27,11 @@ jobs: with: ref: ${{ github.ref }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 with: @@ -34,11 +39,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Setup Python environment - run: | - poetry install --no-root - source $(poetry env info --path)/bin/activate - - name: Get current environment config run: | poetry run python ./scripts/get_env_config.py all ${{ inputs.environment }} diff --git a/.github/workflows/update-lambda-permissions.yml b/.github/workflows/update-lambda-permissions.yml index e75fc0c3e..eaeaf3bb4 100644 --- a/.github/workflows/update-lambda-permissions.yml +++ b/.github/workflows/update-lambda-permissions.yml @@ -219,6 +219,11 @@ jobs: with: ref: ${{ github.ref }} + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root + - name: Restore pulled lambda artifacts uses: actions/cache/restore@v4 with: From 1f1f802f46193e5fb0dc04db6ae7b675dbbfd180 Mon Sep 17 00:00:00 2001 From: Matt Dean Date: Thu, 15 May 2025 08:31:36 +0100 Subject: [PATCH 4/4] [NRL-1375] Fixup environment changes in workflows for codebuild --- .github/workflows/activate-stack.yml | 24 ++++--------------- .github/workflows/persistent-environment.yml | 5 ---- .../workflows/update-lambda-permissions.yml | 12 +++++----- 3 files changed, 10 insertions(+), 31 deletions(-) diff --git a/.github/workflows/activate-stack.yml b/.github/workflows/activate-stack.yml index ce5bf971e..97a7e141b 100644 --- a/.github/workflows/activate-stack.yml +++ b/.github/workflows/activate-stack.yml @@ -32,18 +32,10 @@ jobs: with: ref: ${{ github.ref }} - - name: Setup asdf cache - uses: actions/cache@v4 - with: - path: ~/.asdf - key: ${{ runner.os }}-asdf-${{ hashFiles('**/.tool-versions') }} - restore-keys: | - ${{ runner.os }}-asdf- - - - name: Install asdf - uses: asdf-vm/actions/install@v3.0.2 - with: - asdf_branch: v0.13.1 + - name: Setup environment + run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH + poetry install --no-root - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 @@ -52,14 +44,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Install zip - run: sudo apt-get install zip - - - name: Setup Python environment - run: | - poetry install --no-root - source $(poetry env info --path)/bin/activate - - name: Get current environment config run: | poetry run python ./scripts/get_env_config.py all ${{ inputs.environment }} diff --git a/.github/workflows/persistent-environment.yml b/.github/workflows/persistent-environment.yml index 2025bd24b..c4f2e49f4 100644 --- a/.github/workflows/persistent-environment.yml +++ b/.github/workflows/persistent-environment.yml @@ -283,11 +283,6 @@ jobs: role-to-assume: ${{ secrets.MGMT_ROLE_ARN }} role-session-name: github-actions-ci-${{ inputs.environment }}-${{ github.run_id}} - - name: Setup Python environment - run: | - poetry install --no-root - source $(poetry env info --path)/bin/activate - - name: Deactivate Stack run: | inactive_stack_name=$(poetry run python ./scripts/get_env_config.py inactive-stack ${{ inputs.environment }}) diff --git a/.github/workflows/update-lambda-permissions.yml b/.github/workflows/update-lambda-permissions.yml index eaeaf3bb4..6a68e371f 100644 --- a/.github/workflows/update-lambda-permissions.yml +++ b/.github/workflows/update-lambda-permissions.yml @@ -37,10 +37,10 @@ jobs: with: ref: ${{ github.ref }} - - name: Setup Python environment + - name: Setup environment run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH poetry install --no-root - source $(poetry env info --path)/bin/activate - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 @@ -85,10 +85,10 @@ jobs: with: ref: ${{ github.ref }} - - name: Setup Python environment + - name: Setup environment run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH poetry install --no-root - source $(poetry env info --path)/bin/activate - name: Configure Management Credentials uses: aws-actions/configure-aws-credentials@v4 @@ -160,10 +160,10 @@ jobs: with: ref: ${{ github.ref }} - - name: Setup Python environment + - name: Setup environment run: | + echo "${HOME}/.asdf/bin" >> $GITHUB_PATH poetry install --no-root - source $(poetry env info --path)/bin/activate - name: Restore pulled lambda artifacts uses: actions/cache/restore@v4