Skip to content

VED-1103: Refactor Batch Processor (recordprocessor) deployment to a dedicated pipeline stage#1279

Merged
Thomas-Boyle merged 88 commits intomasterfrom
1103-batch-record-refactor
Mar 27, 2026
Merged

VED-1103: Refactor Batch Processor (recordprocessor) deployment to a dedicated pipeline stage#1279
Thomas-Boyle merged 88 commits intomasterfrom
1103-batch-record-refactor

Conversation

@Thomas-Boyle
Copy link
Copy Markdown
Contributor

@Thomas-Boyle Thomas-Boyle commented Mar 10, 2026

  • Added a new GitHub Actions workflow for deploying the Recordprocessor batch processor.
  • Updated the continuous deployment workflow to include a dependency on the new Recordprocessor deployment.
  • Introduced a new variable for the Recordprocessor image tag in Terraform configuration.
  • Refactored ECS task definition to use the new image tag variable for the Recordprocessor container.

@Thomas-Boyle
Implement deployment workflow for Recordprocessor and update backend …
07aabb1 
…deployment dependencies

- Added a new GitHub Actions workflow for deploying the Recordprocessor batch processor.
- Updated the continuous deployment workflow to include a dependency on the new Recordprocessor deployment.
- Introduced a new variable for the Recordprocessor image tag in Terraform configuration.
- Refactored ECS task definition to use the new image tag variable for the Recordprocessor container.
@Thomas-Boyle
Update AWS credentials configuration in deployment workflows
a935585 
- Explicitly set the AWS_INFRA_ROLE_ARN secret in the continuous deployment workflow.
- Upgrade aws-actions/configure-aws-credentials and aws-actions/amazon-ecr-login to specific versions for improved stability.
@Thomas-Boyle Thomas-Boyle temporarily deployed to internal-dev-sandbox March 10, 2026 11:20 — with GitHub Actions Inactive
@Thomas-Boyle Thomas-Boyle temporarily deployed to internal-dev-sandbox March 10, 2026 11:20 — with GitHub Actions Inactive
@Thomas-Boyle Thomas-Boyle temporarily deployed to internal-dev-sandbox March 10, 2026 11:21 — with GitHub Actions Inactive
@Thomas-Boyle
Refactor deployment workflows to streamline Recordprocessor integration
10f08fa 
- Removed the separate Recordprocessor deployment workflow and integrated its functionality into the backend deployment workflow.
- Added a new input parameter `enable_recordprocessor` to conditionally build and push the Recordprocessor Docker image.
- Updated dependencies in the backend deployment to ensure proper execution order and image tagging for the Recordprocessor.
- Enhanced the continuous deployment workflow by simplifying dependencies and improving clarity.
edhall-nhs
edhall-nhs previously requested changes Mar 10, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@edhall-nhs edhall-nhs left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Discussed on a call but to summarise:

  • Integrate in deploy-backend workflow, not separate
  • Add manual check that ECR repo exists first
  • Pass through new image tag

Comment thread .github/workflows/deploy-recordprocessor.yml Outdated
@Thomas-Boyle
Update ECR repository check in deployment workflow to fail on missing…
d1230ac 
… repository

- Changed the behavior of the ECR repository check to fail the build-and-push-recordprocessor job if the repository does not exist, instead of skipping the image build and push. This ensures that the deployment process is more robust and provides clearer feedback on repository availability.
@Thomas-Boyle Thomas-Boyle temporarily deployed to internal-dev-sandbox March 10, 2026 12:46 — with GitHub Actions Inactive
@Thomas-Boyle Thomas-Boyle temporarily deployed to internal-dev-sandbox March 10, 2026 12:46 — with GitHub Actions Inactive
@Thomas-Boyle Thomas-Boyle temporarily deployed to internal-dev-sandbox March 10, 2026 12:47 — with GitHub Actions Inactive
@Thomas-Boyle Thomas-Boyle requested a review from edhall-nhs March 10, 2026 13:20
@Thomas-Boyle
Update image tag resolution in backend deployment workflow
57fcfbf 
- Modified the backend deployment workflow to include a new step for resolving the image tag based on the `enable_recordprocessor` input. This change ensures that the image tag is set to the output of the build-and-push step if the Recordprocessor is enabled, otherwise defaults to "latest". This enhances the clarity and reliability of the image tagging process during deployment.
Thomas-Boyle and others added 6 commits March 24, 2026 09:13
@Thomas-Boyle
Update Docker context path in backend deployment workflow for improve…
b6e09b7 
…d structure
@Thomas-Boyle
Merge branch 'master' into 1103-batch-record-refactor
3f6a9ff
@Thomas-Boyle
Refactor Lambda deployment workflow to improve path handling
45375dd 
- Replaced string concatenation for `diff_paths` with an array to manage paths more effectively.
- Updated condition checks for deployment mode to utilize the new array structure, enhancing clarity and maintainability.
@Thomas-Boyle
Remove redundant AWS ECR image description check from Lambda deployme…
5decf41 
…nt workflow to streamline the process and improve efficiency.
@Thomas-Boyle
Merge branch 'master' into 1103-batch-record-refactor
15408cf
@Thomas-Boyle
Enhance Lambda deployment workflow to check for existing image digest…
18715a8 
… before building and pushing Docker images. This prevents unnecessary builds and optimizes the deployment process by reusing existing images when available.
shivani-rana-kainos
shivani-rana-kainos reviewed Mar 24, 2026
View reviewed changes
Comment thread infrastructure/account/recordprocessor_ecr_repo.tf Outdated
avshetty1980
avshetty1980 reviewed Mar 24, 2026
View reviewed changes
Comment thread .github/workflows/deploy-lambda-artifact.yml
avshetty1980
avshetty1980 reviewed Mar 24, 2026
View reviewed changes
Comment thread .github/workflows/deploy-lambda-artifact.yml
avshetty1980
avshetty1980 reviewed Mar 24, 2026
View reviewed changes
Comment thread .github/workflows/deploy-lambda-artifact.yml
avshetty1980
avshetty1980 requested changes Mar 24, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@avshetty1980 avshetty1980 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

just a few more changes before we can handoff to the next PR I think. Nearly there 👍🏾

Thomas-Boyle and others added 3 commits March 25, 2026 08:48
@Thomas-Boyle
Enhance Lambda deployment workflow by adding support for implicit tag…
db92d2d 
… prefix reuse. Introduced a new input parameter to allow resolving the latest tag when the image version is not provided, improving flexibility in deployment configurations. Additionally, updated the manifest generation to include more contextual information such as build timestamp and Git metadata.
@Thomas-Boyle
Update continuous deployment and backend deployment workflows to incl…
d16fa51 
…ude new parameters for image processing. Added support for building the record processor image and specifying the image version based on the Git SHA, enhancing deployment flexibility and traceability.
@Thomas-Boyle
Merge branch 'master' into 1103-batch-record-refactor
a285e4e
avshetty1980
avshetty1980 reviewed Mar 25, 2026
View reviewed changes
Comment thread .github/workflows/continuous-deployment.yml Outdated
uses: ./.github/workflows/deploy-backend.yml
with:
apigee_environment: ${{ matrix.sub_environment_name }}
recordprocessor_image_version: internal-dev-git-${{ github.sha }}
Copy link
Copy Markdown
Contributor

@avshetty1980 avshetty1980 Mar 25, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I know that you only update the deploy-lambda-artifact.yml file but I want to capture this incase it is missed.

Higher dev environments does not consume the actual output from the producer job: The build workflow creates the recordprocessor GIT_TAG from the first 12 characters of the commit SHA.

Instead they synthesize their own selector as internal-dev-git-${{ github.sha }}, which uses the full SHA.

The reuse path resolves an image digest from the exact requested image version. So if internal-dev built internal-dev-git-abcdef123456, but higher environments request internal-dev-git-abcdef1234567890..., the lookup will fail.

Thomas-Boyle and others added 2 commits March 25, 2026 11:40
@Thomas-Boyle
Update deployment workflows to include output for record processor im…
9238749 
…age version. Adjusted dependencies in the continuous deployment workflow to ensure proper image versioning based on previous job outputs, enhancing deployment accuracy.
@Thomas-Boyle
Merge branch 'master' into 1103-batch-record-refactor
6173d54
avshetty1980
avshetty1980 previously approved these changes Mar 25, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@avshetty1980 avshetty1980 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice, Great start to moving to consistent and reusable deployment for recordprocessor and lambdas 👍🏾

@Thomas-Boyle
Update deployment workflows to disable record processor image build i…
2ed0248 
…n continuous deployment. Adjusted output variable for image version in backend deployment workflow and refined implicit tag prefix reuse logic. Added AWS connection step in Lambda artifact deployment workflow, enhancing deployment efficiency and flexibility.
@Thomas-Boyle
Enhance PR teardown workflow to include fallback for record processor…
0da81f3 
… image URI. Added logic to set a placeholder value if the image output is unavailable, ensuring variable validation during destruction processes remains functional.
@Thomas-Boyle
Update deployment workflows to disable diff check in continuous deplo…
413d91f 
…yment and introduce conditional deployment mode for Lambda artifacts. This change enhances flexibility by allowing image reuse when a version is specified, streamlining the deployment process.
avshetty1980
avshetty1980 approved these changes Mar 26, 2026
View reviewed changes
Copy link
Copy Markdown
Contributor

@avshetty1980 avshetty1980 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks really good, thanks Thomas 👍🏾

@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Mar 27, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@avshetty1980 avshetty1980 avshetty1980 approved these changes

@Akol125 Akol125 Akol125 approved these changes

@amarauzoma amarauzoma Awaiting requested review from amarauzoma

+2 more reviewers

@shivani-rana-kainos shivani-rana-kainos shivani-rana-kainos left review comments

@edhall-nhs edhall-nhs edhall-nhs left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

feature New feature or request infrastructure Pull requests that update terraform code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@Thomas-Boyle @edhall-nhs @avshetty1980 @shivani-rana-kainos @github-advanced-security @Akol125