diff --git a/.github/actions/build-vars/action.yml b/.github/actions/build-vars/action.yml
index 07a7fe0bf3e..35bf7e7914e 100644
--- a/.github/actions/build-vars/action.yml
+++ b/.github/actions/build-vars/action.yml
@@ -170,7 +170,7 @@ runs:
- 'frontend-react/**/!(*.md)'
- '.github/actions/build-vars/action.yml'
- '.github/actions/build-frontend/action.yml'
- - '.github/workflows/frontend_ci.yml'
+ - '.github/workflows/frontend_ci.yml'
terraform:
- 'operations/app/terraform/**/!(*.md)'
- '.github/workflows/validate_terraform.yml'
@@ -215,7 +215,7 @@ runs:
else
echo "has_router_change=${{ steps.filter.outputs.router }}" >> $GITHUB_OUTPUT
fi
-
+
- name: Determine if frontend changed
if: github.event_name != 'schedule'
id: frontend_change_result
@@ -234,7 +234,7 @@ runs:
echo "has_frontend_change=${{ steps.filter.outputs.frontend_react }}" >> $GITHUB_OUTPUT
fi
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
if: inputs.sp-creds != 'false'
with:
creds: ${{ inputs.sp-creds }}
diff --git a/.github/actions/vpn-azure/action.yml b/.github/actions/vpn-azure/action.yml
index faba23787a2..f52373efb58 100644
--- a/.github/actions/vpn-azure/action.yml
+++ b/.github/actions/vpn-azure/action.yml
@@ -63,7 +63,7 @@ runs:
fi
shell: bash
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
if: inputs.sp-creds
with:
creds: ${{ inputs.sp-creds }}
diff --git a/.github/workflows/alert_cert_expire.yml b/.github/workflows/alert_cert_expire.yml
index 430ee3353d4..304a8e37a75 100644
--- a/.github/workflows/alert_cert_expire.yml
+++ b/.github/workflows/alert_cert_expire.yml
@@ -5,6 +5,9 @@ on:
# The workflow runs every day at 8:07am
- cron: "7 13 * * *" #UTC-5
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
check-certificates:
runs-on: ubuntu-latest
@@ -23,7 +26,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: Add Runner IP to Key Vault Firewall
run: |
@@ -48,7 +51,7 @@ jobs:
echo "LIST<<$EOF" >> $GITHUB_OUTPUT
cat certificates.json >> $GITHUB_OUTPUT
echo "$EOF" >> $GITHUB_OUTPUT
-
+
- name: Slack Notification
if: ${{ steps.format_out.outputs.LIST != '' }}
uses: ./.github/actions/notifications
diff --git a/.github/workflows/alert_resource_costs.yml b/.github/workflows/alert_resource_costs.yml
index 0b16f6491b6..a085af0132e 100644
--- a/.github/workflows/alert_resource_costs.yml
+++ b/.github/workflows/alert_resource_costs.yml
@@ -7,6 +7,7 @@ on:
env:
ALERT_THRESHOLD: 60
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
jobs:
alert_costs:
@@ -23,7 +24,7 @@ jobs:
- name: Login into Azure
uses: ./.github/actions/vpn-azure
with:
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: Run Az Cost CLI
id: az-cost
@@ -59,7 +60,7 @@ jobs:
message: |
Resource Group \`${{ matrix.rg }}\` is exceeding the cost threshold and is ${{ steps.env-age.outputs.age_in_days }} days old.
If still running and no longer needed, please [destroy](https://github.com/CDCgov/prime-reportstream/actions/workflows/destroy_demo_environment.yml).
-
+
* **Cost per day: 💲${{ steps.az-cost.outputs.result }}**
* **Provisioned by: \`${{ steps.last-pusher.outputs.username }}\`**
* **Last Change Date: \`${{ steps.last-pusher.outputs.last_change_date }}\`**
diff --git a/.github/workflows/alert_terraform_changes.yml b/.github/workflows/alert_terraform_changes.yml
index c7730e3a01a..0e0bb7392a8 100644
--- a/.github/workflows/alert_terraform_changes.yml
+++ b/.github/workflows/alert_terraform_changes.yml
@@ -4,6 +4,10 @@ on:
schedule:
# The workflow runs every day at 8:20am
- cron: "7 13 * * *" #UTC-5
+
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
alert_tf_changes:
name: Check Terraform plan for ${{ matrix.env }}
@@ -24,7 +28,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
tf-auth: true
- name: Collect Terraform stats
diff --git a/.github/workflows/build_hub.yml b/.github/workflows/build_hub.yml
index 4fda37397eb..5727ec498aa 100644
--- a/.github/workflows/build_hub.yml
+++ b/.github/workflows/build_hub.yml
@@ -21,6 +21,7 @@ env:
# These are for CI and not credentials of any system
DB_USER: prime
DB_PASSWORD: changeIT!
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
jobs:
pre_job:
@@ -64,7 +65,7 @@ jobs:
version: ${{ github.run_id }}
upload-build: false
run-integration-tests: true
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: Generate New Schema Docs
working-directory: ./
diff --git a/.github/workflows/cleanup_acr_images.yml b/.github/workflows/cleanup_acr_images.yml
index abf1185097a..fe1bb66d412 100644
--- a/.github/workflows/cleanup_acr_images.yml
+++ b/.github/workflows/cleanup_acr_images.yml
@@ -4,6 +4,10 @@ on:
schedule:
- cron: "0 0 * * *" # Runs daily at midnight UTC
+
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
cleanup_images:
runs-on: ubuntu-latest
@@ -22,7 +26,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: List ${{ matrix.env }} repository images
run: |
@@ -35,7 +39,7 @@ jobs:
- name: Delete old images in ${{ matrix.env }} env
env:
- IMAGE_FILE: ${{ matrix.env }}-images.txt
+ IMAGE_FILE: ${{ matrix.env }}-images.txt
run: |
if [ -e "$IMAGE_FILE" ]; then
while IFS= read -r image_id; do
@@ -49,9 +53,9 @@ jobs:
else
echo "File not found: $IMAGE_FILE"
fi
-
- # Pushing a modified image using an existing tag untags the previously pushed image,
- # resulting in an orphaned (or "dangling") image.
+
+ # Pushing a modified image using an existing tag untags the previously pushed image,
+ # resulting in an orphaned (or "dangling") image.
# The previously pushed image's manifest--and its layer data--remains in the registry.
# They still need to be removed
@@ -65,7 +69,7 @@ jobs:
- name: Delete image manifest in ${{ matrix.env }} env
env:
- UNTAGED_FILE: ${{ matrix.env }}-untaged-images.txt
+ UNTAGED_FILE: ${{ matrix.env }}-untaged-images.txt
run: |
if [ -e "$UNTAGED_FILE" ]; then
while IFS= read -r manifest_id; do
diff --git a/.github/workflows/deploy_terraform.yml b/.github/workflows/deploy_terraform.yml
index b2a44672fde..97f5cc3b0d6 100644
--- a/.github/workflows/deploy_terraform.yml
+++ b/.github/workflows/deploy_terraform.yml
@@ -8,6 +8,9 @@ on:
paths:
- '**.tf'
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
pre_job:
name: Set Build Environment
@@ -48,7 +51,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
tf-auth: true
- name: Collect Terraform stats
@@ -101,7 +104,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
tf-auth: true
- name: Use specific version of Terraform
uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd
diff --git a/.github/workflows/deployment_rollback.yml b/.github/workflows/deployment_rollback.yml
index 1b35fdd641b..4fb20811984 100644
--- a/.github/workflows/deployment_rollback.yml
+++ b/.github/workflows/deployment_rollback.yml
@@ -11,6 +11,10 @@ on:
- staging
- test
type: choice
+
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
DeployToCandidateSlot:
runs-on: ubuntu-latest
@@ -45,7 +49,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: Add runner IP to Function App firewall
run: |
diff --git a/.github/workflows/destroy_demo_environment.yml b/.github/workflows/destroy_demo_environment.yml
index a64a2e21f81..b74c11ae406 100644
--- a/.github/workflows/destroy_demo_environment.yml
+++ b/.github/workflows/destroy_demo_environment.yml
@@ -12,6 +12,10 @@ on:
- demo3
type: choice
+
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
destroy_demo_environment:
name: "Destroy Environment: ${{ github.event.inputs.env_name }}"
@@ -36,7 +40,7 @@ jobs:
uses: ./.github/actions/vpn-azure
with:
env-name: ${{ github.event.inputs.env_name }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
tf-auth: true
- name: Destroy demo environment
diff --git a/.github/workflows/export_cost_data.yml b/.github/workflows/export_cost_data.yml
index 05969238c83..434fbcf6c96 100644
--- a/.github/workflows/export_cost_data.yml
+++ b/.github/workflows/export_cost_data.yml
@@ -4,6 +4,10 @@ on:
schedule:
# The workflow runs every day at 3PM
- cron: "0 19 * * *" #UTC-5
+
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
export_cost_data:
name: Export Azure Cost Data to Storage
@@ -27,7 +31,7 @@ jobs:
uses: ./.github/actions/vpn-azure
with:
env-name: ${{ matrix.env }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
tf-auth: false
- name: Run Az Cost CLI
id: az-cost
@@ -76,7 +80,7 @@ jobs:
user: prime
database: prime_data_hub
output-file: result.txt
- query: |
+ query: |
CREATE TABLE IF NOT EXISTS Azure_Costs (
Date date,
Cost NUMERIC(13, 8),
diff --git a/.github/workflows/release_chatops_app.yml b/.github/workflows/release_chatops_app.yml
index 9edac887f3d..89543decad6 100644
--- a/.github/workflows/release_chatops_app.yml
+++ b/.github/workflows/release_chatops_app.yml
@@ -12,6 +12,9 @@ on:
paths:
- "operations/slack-boltjs-app"
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
pre_job:
name: Set Build Environment
@@ -40,9 +43,9 @@ jobs:
with:
submodules: true
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
with:
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
- name: Set environment variables
shell: bash
diff --git a/.github/workflows/release_to_azure.yml b/.github/workflows/release_to_azure.yml
index aaa7ceaee7b..481834e4db4 100644
--- a/.github/workflows/release_to_azure.yml
+++ b/.github/workflows/release_to_azure.yml
@@ -15,6 +15,9 @@ defaults:
run:
working-directory: prime-router
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
pre_job:
name: "Set Build Environment"
@@ -33,7 +36,7 @@ jobs:
id: build_vars
uses: ./.github/actions/build-vars
with:
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
build_router_release:
name: "Release: Build Router"
@@ -102,7 +105,7 @@ jobs:
uses: ./.github/actions/vpn-azure
with:
env-name: ${{ needs.pre_job.outputs.env_name }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
tf-auth: true
- name: Provision demo environment
@@ -138,7 +141,7 @@ jobs:
uses: ./.github/actions/vpn-azure
with:
env-name: ${{ needs.pre_job.outputs.env_name }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: Get function app checksum
env:
@@ -194,7 +197,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
dns-ip: ${{ needs.pre_job.outputs.dns_ip }}
- name: Deploy backend
@@ -233,7 +236,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
dns-ip: ${{ needs.pre_job.outputs.dns_ip }}
- name: Deploy frontend
diff --git a/.github/workflows/release_trial_frontend.yml b/.github/workflows/release_trial_frontend.yml
index 9c8df9192c7..10bddf055f9 100644
--- a/.github/workflows/release_trial_frontend.yml
+++ b/.github/workflows/release_trial_frontend.yml
@@ -12,6 +12,9 @@ defaults:
run:
working-directory: prime-router
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
pre_job:
name: "Set Build Environment"
@@ -76,7 +79,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: Deploy frontend
uses: ./.github/actions/deploy-frontend
diff --git a/.github/workflows/restore_databases.yml b/.github/workflows/restore_databases.yml
index 628f82c377e..1d159a31d51 100644
--- a/.github/workflows/restore_databases.yml
+++ b/.github/workflows/restore_databases.yml
@@ -43,6 +43,9 @@ defaults:
run:
working-directory: prime-router
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
pre_job:
name: "Set Build Environment"
@@ -66,7 +69,7 @@ jobs:
shell: bash
run: |
echo "event_name: ${{ github.event_name }}"
- if [[ "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
+ if [[ "${{ github.event_name }}" == 'workflow_dispatch' ]]; then
echo "ENV_NAME=${{ github.event.inputs.backup_from }}" >> $GITHUB_ENV
echo "SINK_ENV_NAME=${{ github.event.inputs.restore_to }}" >> $GITHUB_ENV
echo "RESTORE_IGNORE_BACKUP_AGE=${{ github.event.inputs.restore_ignore_backup_age }}" >> $GITHUB_ENV
@@ -79,7 +82,7 @@ jobs:
echo "BACKUP_AGE_LIMIT_MINS=1440" >> $GITHUB_ENV
echo "DATABASES=[\"prime_data_hub_candidate\"]" >> $GITHUB_ENV
fi
-
+
- name: Set backup and restore variables
shell: bash
run: |
@@ -90,9 +93,9 @@ jobs:
echo "SINK_BACKUP_STORAGE=pdh${{ env.SINK_ENV_NAME }}terraform" >> $GITHUB_ENV
# Login to Azure
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
with:
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
# Restores will fail if sink server is not pre-expanded
- name: Increase sink server size if necessary
@@ -139,9 +142,9 @@ jobs:
- name: Check out changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
with:
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
- name: Get public ip
shell: bash
@@ -155,7 +158,7 @@ jobs:
--share-name dbbackups --query 'exists' -o tsv --only-show-errors)
if [ $backup_exists == "false" ]; then
lastModified="1970-01-01"
- else
+ else
lastModified=$(az storage directory show --name ${{ env.env_name }}_${{ matrix.db }} --share-name dbbackups \
--account-name ${{ env.sink_backup_storage }} --query 'properties.lastModified' --only-show-errors -o tsv)
fi
@@ -230,9 +233,9 @@ jobs:
- name: Check out changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
with:
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
- name: Get public ip
shell: bash
@@ -293,15 +296,15 @@ jobs:
\echo setting table changes:
\echo
UPDATE
- setting
- SET
+ setting
+ SET
values = values || '{"transport": {"host": "10.0.1.100", "port": "22", "type": "SFTP", "filePath": "./staging", "credentialName": null}}'::jsonb
- WHERE
+ WHERE
type = 'RECEIVER'
AND values -> 'transport' ->> 'type' = 'SFTP';
\echo
- SELECT
- relname, n_tup_ins - n_tup_del as rowcount
+ SELECT
+ relname, n_tup_ins - n_tup_del as rowcount
FROM pg_stat_all_tables
WHERE schemaname NOT IN ('pg_catalog', 'information_schema') AND
schemaname !~ '^pg_toast'
diff --git a/.github/workflows/start_test_servers.yml b/.github/workflows/start_test_servers.yml
index 292ef517956..45fcb8279ed 100644
--- a/.github/workflows/start_test_servers.yml
+++ b/.github/workflows/start_test_servers.yml
@@ -2,12 +2,16 @@ name: Start apps in Test server
on:
workflow_dispatch:
- # push:
+ # push:
# branches:
# - feature/9537-schedulemaintenance_DemoandTest
schedule:
- cron: "0 5 * * MON" #UTC-5
- cron: '0 11 * * 1-5'
+
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
alert_stale_branches:
name: Start Test Subscription apps
@@ -15,11 +19,11 @@ jobs:
steps:
- name: Check Out Changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
-
+
# Login to Azure
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
with:
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
- name: Start postgres
uses: ./.github/actions/Start-PostgresDB
@@ -27,7 +31,7 @@ jobs:
name: "pdhtest-pgsql-flex"
resource-group: prime-data-hub-test
subscription: OCIO-DMZ-C1
-
+
- name: Start function app
uses: ./.github/actions/Start-AzFunction
with:
diff --git a/.github/workflows/stop_test_servers.yml b/.github/workflows/stop_test_servers.yml
index 5f16822a7f9..ba8b476ad28 100644
--- a/.github/workflows/stop_test_servers.yml
+++ b/.github/workflows/stop_test_servers.yml
@@ -2,12 +2,15 @@ name: Stop Apps in Test server
on:
workflow_dispatch:
- # push:
+ # push:
# branches:
# - feature/9537-schedulemaintenance_DemoandTest
schedule:
- cron: "0 5 * * SAT" #UTC-5
- - cron: '0 2 * * 1-5'
+ - cron: '0 2 * * 1-5'
+
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
jobs:
alert_stale_branches:
@@ -16,7 +19,7 @@ jobs:
steps:
- name: Check Out Changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
-
+
- name: Connect to VPN and login to Azure
uses: ./.github/actions/vpn-azure
with:
@@ -25,12 +28,12 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
tf-auth: true
# Login to Azure
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
with:
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
- name: Stop postgres
uses: ./.github/actions/Stop-PostgresDB
@@ -39,7 +42,7 @@ jobs:
resource-group: prime-data-hub-test
subscription: OCIO-DMZ-C1
pass: ${{ secrets.POSTGRESQL_Test_PWD }}
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
- name: Stop function app
uses: ./.github/actions/Stop-AzFunction
diff --git a/.github/workflows/sync-translation-schemas.yml b/.github/workflows/sync-translation-schemas.yml
index 45ea3cd7f0c..031ba19bbdc 100644
--- a/.github/workflows/sync-translation-schemas.yml
+++ b/.github/workflows/sync-translation-schemas.yml
@@ -11,6 +11,9 @@ on:
- HL7
required: true
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
sync-schemas:
runs-on: ubuntu-latest
@@ -21,7 +24,7 @@ jobs:
- name: Login into Azure
uses: ./.github/actions/vpn-azure
with:
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: Build backend
uses: ./.github/actions/build-backend
diff --git a/.github/workflows/validate_resources.yml b/.github/workflows/validate_resources.yml
index d05b0b5ae09..01c961b0985 100644
--- a/.github/workflows/validate_resources.yml
+++ b/.github/workflows/validate_resources.yml
@@ -14,6 +14,9 @@ on:
schedule:
- cron: "36 3 * * *"
+env:
+ AZURE_CREDENTIALS: '{"clientId":"${{ secrets.AZURE_CLIENT_ID }}","clientSecret":"${{ secrets.AZURE_CLIENT_SECRET }}","subscriptionId":"${{ secrets.AZURE_SUBSCRIPTION_ID }}","tenantId":"${{ secrets.AZURE_TENANT_ID }}"}'
+
jobs:
pre_job:
name: Set Build Environment
@@ -57,7 +60,7 @@ jobs:
ca-cert: ${{ secrets.CA_CRT}}
user-crt: ${{ secrets.USER_CRT }}
user-key: ${{ secrets.USER_KEY }}
- sp-creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ sp-creds: ${{ env.AZURE_CREDENTIALS }}
- name: Restart DNS if failure
uses: ./.github/actions/retry
@@ -103,9 +106,9 @@ jobs:
- name: Check Out Changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
with:
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
- name: Reduce database replica sizes
uses: ./.github/actions/retry
@@ -136,9 +139,9 @@ jobs:
- name: Check Out Changes
uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938
- - uses: azure/login@a65d910e8af852a8061c627c456678983e180302
+ - uses: azure/login@v2
with:
- creds: ${{ secrets.SERVICE_PRINCIPAL_CREDS }}
+ creds: ${{ env.AZURE_CREDENTIALS }}
- name: Fetch VPN DNS IP
id: fetch_vpn_ip