nhs-notify-supplier-api/.github/workflows/pr_closed.yaml at 4f6452b95f5adf0c2961018a16498e036b3fffd9 · NHSDigital/nhs-notify-supplier-api · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
name: PR Closed

on:
  workflow_dispatch:
  pull_request:
    types: [ closed ]
    branches:
      - main

concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: false

jobs:
  check-merge-or-workflow-dispatch:
    runs-on: ubuntu-latest
    outputs:
      deploy: ${{ steps.check.outputs.deploy }}
    steps:
      - name: Check if PR was merged or workflow is triggered by workflow_dispatch
        id: check
        run: |
          if [[ "${{ github.event_name }}" == "workflow_dispatch" ]]; then
            echo "deploy=true" >> $GITHUB_OUTPUT
            echo "Job triggered by workflow_dispatch - running 'deploy-main'"
          elif [[ "${{ github.event_name }}" == "pull_request" && "${{ github.event.pull_request.merged }}" == "true" ]]; then
            echo "deploy=true" >> $GITHUB_OUTPUT
            echo "Job triggered by Merged PR - running 'deploy-main'"
          else
            echo "deploy=false" >> $GITHUB_OUTPUT
            echo "Job not triggered by workflow_dispatch or Merged PR - Skipping 'deploy-main'"
          fi

  deploy-main:
    needs: check-merge-or-workflow-dispatch
    name: Deploy changes to main in dev AWS account
    if: needs.check-merge-or-workflow-dispatch.outputs.deploy == 'true'
    uses: ./.github/workflows/deploy-supplier-api.yaml
    secrets: inherit
    with:
      source_type: branch
      source_value: main
      deploy_backend: true
      backend_account_group: dev
      deploy_proxy: false

  check-event-schemas-version-change:
    name: Check for event schemas package version change
    needs: check-merge-or-workflow-dispatch
    if: needs.check-merge-or-workflow-dispatch.outputs.deploy == 'true'
    outputs:
      version_changed: ${{ steps.check-version.outputs.version_changed }}
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: read
    steps:
      - name: Checkout code
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
      - name: Setup NodeJS
        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
        with:
          node-version-file: ".tool-versions"
          registry-url: "https://npm.pkg.github.com"

      - name: check if local version differs from latest published version
        id: check-version
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: |
          published_version=$(npm view @nhsdigital/nhs-notify-event-schemas-supplier-api --json 2>/dev/null | jq -r '.["dist-tags"].latest // "null"')
          echo "Published version: $published_version"

          local_version=$(jq -r '.version' internal/events/package.json)
          echo "Local version: $local_version"

          if [[ $local_version = $published_version ]]; then
            echo "Local version is the same as the latest published version - skipping publish"
            echo "version_changed=false" >> $GITHUB_OUTPUT
          else
            echo "Local version is different to the latest published version - publishing new version"
            echo "version_changed=true" >> $GITHUB_OUTPUT
          fi

  test-contract:
    name: "Test contracts (provider)"
    needs: check-event-schemas-version-change
    if: needs.check-event-schemas-version-change.outputs.version_changed == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: read
    steps:
      - name: "Checkout code"
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
      - name: "Repo setup"
        uses: ./.github/actions/node-install
        with:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
      - name: "Run provider contract tests"
        run: make test-contract
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}

  publish-event-schemas:
    name: Publish event schemas package to GitHub package registry
    needs:
      - check-event-schemas-version-change
      - test-contract
    if: needs.check-event-schemas-version-change.outputs.version_changed == 'true'
    runs-on: ubuntu-latest
    permissions:
      contents: read
      packages: write

    steps:
      - name: Checkout code
        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
      - name: Setup NodeJS
        uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0
        with:
          node-version-file: ".tool-versions"
          registry-url: "https://npm.pkg.github.com"

      - name: Install dependencies
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        run: npm ci

      - name: Publish to GitHub Packages
        run: npm publish --workspace internal/events
        env:
          NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }}