From 712b86422e874b845fa212d34d69f54b09356c8c Mon Sep 17 00:00:00 2001 From: Tim Stephenson <231503406+tstephen-nhs@users.noreply.github.com> Date: Mon, 3 Nov 2025 12:47:00 +0000 Subject: [PATCH 1/4] Chore: devcontainer fail fast, posix equality, force docker gid --- .devcontainer/Dockerfile | 39 +++++++++++++++++++++++++++------------ 1 file changed, 27 insertions(+), 12 deletions(-) diff --git a/.devcontainer/Dockerfile b/.devcontainer/Dockerfile index f25502096..3cd09f31b 100644 --- a/.devcontainer/Dockerfile +++ b/.devcontainer/Dockerfile @@ -1,11 +1,16 @@ FROM mcr.microsoft.com/devcontainers/base:ubuntu +# provide DOCKER_GID via build args if you need to force group id to match host +ARG DOCKER_GID ARG TARGETARCH ENV TARGETARCH=${TARGETARCH} ARG ASDF_VERSION COPY .tool-versions.asdf /tmp/.tool-versions.asdf +# Anticipate and resolve potential permission issues with apt +RUN mkdir -p /tmp && chmod 1777 /tmp + RUN apt-get update \ && export DEBIAN_FRONTEND=noninteractive \ && apt-get -y dist-upgrade \ @@ -18,7 +23,7 @@ RUN apt-get update \ xz-utils tk-dev liblzma-dev netcat-traditional libyaml-dev # Download correct AWS CLI for arch -RUN if [ "$TARGETARCH" = "arm64" ] || [ "$TARGETARCH" == "aarch64" ]; then \ +RUN if [ "$TARGETARCH" = "arm64" ] || [ "$TARGETARCH" = "aarch64" ]; then \ wget -O /tmp/awscliv2.zip "https://awscli.amazonaws.com/awscli-exe-linux-aarch64.zip"; \ else \ wget -O /tmp/awscliv2.zip "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip"; \ @@ -28,7 +33,7 @@ RUN if [ "$TARGETARCH" = "arm64" ] || [ "$TARGETARCH" == "aarch64" ]; then \ rm /tmp/awscliv2.zip && rm -rf /tmp/aws-cli # Download correct SAM CLI for arch -RUN if [ "$TARGETARCH" = "arm64" ] || [ "$TARGETARCH" == "aarch64" ]; then \ +RUN if [ "$TARGETARCH" = "arm64" ] || [ "$TARGETARCH" = "aarch64" ]; then \ wget -O /tmp/aws-sam-cli.zip "https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-arm64.zip"; \ else \ wget -O /tmp/aws-sam-cli.zip "https://github.com/aws/aws-sam-cli/releases/latest/download/aws-sam-cli-linux-x86_64.zip"; \ @@ -43,6 +48,16 @@ RUN ASDF_VERSION=$(awk '!/^#/ && NF {print $1; exit}' /tmp/.tool-versions.asdf) tar -xvzf /tmp/asdf.tar.gz; \ mv asdf /usr/bin +# specify DOCKER_GID to force container docker group id to match host +RUN if [ -n "${DOCKER_GID}" ]; then \ + if ! getent group docker; then \ + groupadd -g ${DOCKER_GID} docker; \ + else \ + groupmod -g ${DOCKER_GID} docker; \ + fi && \ + usermod -aG docker vscode; \ + fi + USER vscode ENV PATH="/home/vscode/.asdf/shims/:$PATH" @@ -54,15 +69,15 @@ RUN \ echo 'export PATH="$HOME/gems/bin:$PATH"' >> ~/.bashrc; # Install ASDF plugins -RUN asdf plugin add python; \ - asdf plugin add poetry https://github.com/asdf-community/asdf-poetry.git; \ - asdf plugin add shellcheck https://github.com/luizm/asdf-shellcheck.git; \ - asdf plugin add nodejs https://github.com/asdf-vm/asdf-nodejs.git; \ - asdf plugin add java; \ - asdf plugin add direnv; \ - asdf plugin add golang https://github.com/kennyp/asdf-golang.git; \ - asdf plugin add golangci-lint https://github.com/hypnoglow/asdf-golangci-lint.git; \ - asdf plugin add actionlint; \ +RUN asdf plugin add python && \ + asdf plugin add poetry https://github.com/asdf-community/asdf-poetry.git && \ + asdf plugin add shellcheck https://github.com/luizm/asdf-shellcheck.git && \ + asdf plugin add nodejs https://github.com/asdf-vm/asdf-nodejs.git && \ + asdf plugin add java && \ + asdf plugin add direnv && \ + asdf plugin add golang https://github.com/kennyp/asdf-golang.git && \ + asdf plugin add golangci-lint https://github.com/hypnoglow/asdf-golangci-lint.git && \ + asdf plugin add actionlint && \ asdf plugin add ruby https://github.com/asdf-vm/asdf-ruby.git @@ -71,5 +86,5 @@ ADD .tool-versions /workspaces/prescriptionsforpatients/.tool-versions ADD .tool-versions /home/vscode/.tool-versions # install python before poetry to ensure correct python version is used -RUN asdf install python; \ +RUN asdf install python && \ asdf install From b2ebc80f9946ae6e3a7f364ae4e9981f1025f85c Mon Sep 17 00:00:00 2001 From: Tim Stephenson <231503406+tstephen-nhs@users.noreply.github.com> Date: Tue, 4 Nov 2025 12:42:04 +0000 Subject: [PATCH 2/4] chore: provide docker gid from env --- .devcontainer/devcontainer.json | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/.devcontainer/devcontainer.json b/.devcontainer/devcontainer.json index 6d0da5506..f13304475 100644 --- a/.devcontainer/devcontainer.json +++ b/.devcontainer/devcontainer.json @@ -3,7 +3,9 @@ "build": { "dockerfile": "Dockerfile", "context": "..", - "args": {} + "args": { + "DOCKER_GID": "${env:DOCKER_GID:}" + } }, "mounts": [ "source=${env:HOME}${env:USERPROFILE}/.aws,target=/home/vscode/.aws,type=bind", From 3dc613b93504c9f70bb5d769e265ec61f2119ae4 Mon Sep 17 00:00:00 2001 From: Connor Avery <214469360+connoravo-nhs@users.noreply.github.com> Date: Wed, 14 Jan 2026 13:53:07 +0000 Subject: [PATCH 3/4] Raise regression test version to benefit from automated PR apigee addition Signed-off-by: Connor Avery <214469360+connoravo-nhs@users.noreply.github.com> --- .github/workflows/run_regression_tests.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/run_regression_tests.yml b/.github/workflows/run_regression_tests.yml index ceb19f1b6..958bddf72 100644 --- a/.github/workflows/run_regression_tests.yml +++ b/.github/workflows/run_regression_tests.yml @@ -79,8 +79,8 @@ jobs: GITHUB-TOKEN: ${{ steps.generate-token.outputs.token }} run: | if [[ "$TARGET_ENVIRONMENT" != "prod" && "$TARGET_ENVIRONMENT" != "ref" ]]; then - REGRESSION_TEST_REPO_TAG="v3.7.12" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name - REGRESSION_TEST_WORKFLOW_TAG="v3.7.12" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG + REGRESSION_TEST_REPO_TAG="v3.8.2" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name + REGRESSION_TEST_WORKFLOW_TAG="v3.8.2" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG if [[ -z "$REGRESSION_TEST_REPO_TAG" || -z "$REGRESSION_TEST_WORKFLOW_TAG" ]]; then echo "Error: One or both tag variables are not set" >&2 @@ -121,8 +121,8 @@ jobs: GITHUB-TOKEN: ${{ steps.generate-token.outputs.token }} run: | if [[ "$TARGET_ENVIRONMENT" != "prod" && "$TARGET_ENVIRONMENT" != "ref" ]]; then - REGRESSION_TEST_REPO_TAG="v3.7.12" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name - REGRESSION_TEST_WORKFLOW_TAG="v3.7.12" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG + REGRESSION_TEST_REPO_TAG="v3.8.2" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name + REGRESSION_TEST_WORKFLOW_TAG="v3.8.2" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG if [[ -z "$REGRESSION_TEST_REPO_TAG" || -z "$REGRESSION_TEST_WORKFLOW_TAG" ]]; then echo "Error: One or both tag variables are not set" >&2 From a931f05beec574c8c3bdd0172e9017dbe6131cac Mon Sep 17 00:00:00 2001 From: Connor Avery <214469360+connoravo-nhs@users.noreply.github.com> Date: Wed, 21 Jan 2026 14:43:29 +0000 Subject: [PATCH 4/4] Bump regression tests to v3.8.10 Signed-off-by: Connor Avery <214469360+connoravo-nhs@users.noreply.github.com> --- .github/workflows/run_regression_tests.yml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/run_regression_tests.yml b/.github/workflows/run_regression_tests.yml index 48728ccd6..84d211e71 100644 --- a/.github/workflows/run_regression_tests.yml +++ b/.github/workflows/run_regression_tests.yml @@ -79,8 +79,8 @@ jobs: GITHUB-TOKEN: ${{ steps.generate-token.outputs.token }} run: | if [[ "$TARGET_ENVIRONMENT" != "prod" && "$TARGET_ENVIRONMENT" != "ref" ]]; then - REGRESSION_TEST_REPO_TAG="v3.8.2" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name - REGRESSION_TEST_WORKFLOW_TAG="v3.8.2" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG + REGRESSION_TEST_REPO_TAG="v3.8.10" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name + REGRESSION_TEST_WORKFLOW_TAG="v3.8.10" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG if [[ -z "$REGRESSION_TEST_REPO_TAG" || -z "$REGRESSION_TEST_WORKFLOW_TAG" ]]; then echo "Error: One or both tag variables are not set" >&2 @@ -121,8 +121,8 @@ jobs: GITHUB-TOKEN: ${{ steps.generate-token.outputs.token }} run: | if [[ "$TARGET_ENVIRONMENT" != "prod" && "$TARGET_ENVIRONMENT" != "ref" ]]; then - REGRESSION_TEST_REPO_TAG="v3.8.2" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name - REGRESSION_TEST_WORKFLOW_TAG="v3.8.2" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG + REGRESSION_TEST_REPO_TAG="v3.8.10" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name + REGRESSION_TEST_WORKFLOW_TAG="v3.8.10" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG if [[ -z "$REGRESSION_TEST_REPO_TAG" || -z "$REGRESSION_TEST_WORKFLOW_TAG" ]]; then echo "Error: One or both tag variables are not set" >&2