remove apex stuff

.github/workflows/ci.yml

@@ -8,24 +8,6 @@ env:
   BRANCH_NAME: ${{ github.event.ref.BRANCH_NAME }}
 
 jobs:
-  get_asdf_version:
-    runs-on: ubuntu-22.04
-    outputs:
-      asdf_version: ${{ steps.asdf-version.outputs.version }}
-      tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-
-      - name: Get asdf version
-        id: asdf-version
-        run: echo "version=$(awk '!/^#/ && NF {print $1; exit}' .tool-versions.asdf)" >> "$GITHUB_OUTPUT"
-      - name: Load config value
-        id: load-config
-        run: |
-          TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
-          echo "TAG_FORMAT=$TAG_FORMAT" >> "$GITHUB_OUTPUT"
-
   get_commit_id:
     runs-on: ubuntu-22.04
     outputs:

.github/workflows/pull_request.yml

@@ -8,40 +8,6 @@ env:
   BRANCH_NAME: ${{ github.event.pull_request.head.ref }}
 
 jobs:
-  get_asdf_version:
-    runs-on: ubuntu-22.04
-    outputs:
-      asdf_version: ${{ steps.asdf-version.outputs.version }}
-      tag_format: ${{ steps.load-config.outputs.TAG_FORMAT }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-
-      - name: Get asdf version
-        id: asdf-version
-        run: echo "version=$(awk '!/^#/ && NF {print $1; exit}' .tool-versions.asdf)" >> "$GITHUB_OUTPUT"
-      - name: Load config value
-        id: load-config
-        run: |
-          TAG_FORMAT=$(yq '.TAG_FORMAT' .github/config/settings.yml)
-          echo "TAG_FORMAT=$TAG_FORMAT" >> "$GITHUB_OUTPUT"
-
-  get_commit_message:
-    runs-on: ubuntu-22.04
-    outputs:
-      commit_message: ${{ steps.commit_message.outputs.commit_message }}
-    steps:
-      - name: Checkout code
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd
-        with:
-          ref: ${{ env.BRANCH_NAME }}
-          fetch-depth: 0
-      - name: Get Commit message
-        id: commit_message
-        run: |
-          echo "commit_message=$(git show -s --format=%s)" >> "$GITHUB_OUTPUT"
-
-
   get_issue_number:
     runs-on: ubuntu-22.04
     outputs:

.github/workflows/release_all_stacks.yml

@@ -170,6 +170,7 @@ jobs:
         env:
           CDK_APP_NAME: "HackApp"
           CDK_STACK_NAME: "UsCertsStack"
+          CDK_CONFIG_serviceName: "${{ inputs.SERVICE_NAME }}"
           CDK_CONFIG_stackName: "${{ inputs.SERVICE_NAME }}-us-certs"
           CDK_CONFIG_versionNumber: "${{ inputs.VERSION_NUMBER }}"
           CDK_CONFIG_commitId: "${{ inputs.COMMIT_ID }}"
@@ -212,6 +213,7 @@ jobs:
           AWS_MAX_ATTEMPTS: 20
           CDK_APP_NAME: "HackApp"
           CDK_STACK_NAME: "HackStack"
+          CDK_CONFIG_serviceName: "${{ inputs.SERVICE_NAME }}"
           CDK_CONFIG_stackName: "${{ inputs.SERVICE_NAME }}-hack-stack"
           CDK_CONFIG_versionNumber: "${{ inputs.VERSION_NUMBER }}"
           CDK_CONFIG_commitId: "${{ inputs.COMMIT_ID }}"
@@ -308,30 +310,36 @@ jobs:
           CF_LONDON_EXPORTS=$(aws cloudformation list-exports --region eu-west-2 --output json)
           CDK_CONFIG_cloudfrontCertArn=$(echo "$CF_US_EXPORTS" | \
               jq \
-              --arg EXPORT_NAME "${SERVICE_NAME}-us-certs:cloudfrontCertificate:Arn" \
+              --arg EXPORT_NAME "${{ inputs.SERVICE_NAME }}-us-certs:cloudfrontCertificate:Arn" \
               -r '.Exports[] | select(.Name == $EXPORT_NAME) | .Value')
           CDK_CONFIG_shortCloudfrontDomain=$(echo "$CF_US_EXPORTS" | \
               jq \
-              --arg EXPORT_NAME "${SERVICE_NAME}-us-certs:shortCloudfrontDomain:Name" \
+              --arg EXPORT_NAME "${{ inputs.SERVICE_NAME }}-us-certs:shortCloudfrontDomain:Name" \
               -r '.Exports[] | select(.Name == $EXPORT_NAME) | .Value')
           CDK_CONFIG_fullCloudfrontDomain=$(echo "$CF_US_EXPORTS" | \
               jq \
-              --arg EXPORT_NAME "${SERVICE_NAME}-us-certs:fullCloudfrontDomain:Name" \
+              --arg EXPORT_NAME "${{ inputs.SERVICE_NAME }}-us-certs:fullCloudfrontDomain:Name" \
               -r '.Exports[] | select(.Name == $EXPORT_NAME) | .Value')
           CDK_CONFIG_cloudfrontDistributionId=$(echo "$CF_LONDON_EXPORTS" | \
               jq \
-              --arg EXPORT_NAME "${{ inputs.SERVICE_NAME }}:cloudfrontDistribution:Id" \
+              --arg EXPORT_NAME "${{ inputs.SERVICE_NAME }}-stateful-resources:cloudfrontDistribution:Id" \
               -r '.Exports[] | select(.Name == $EXPORT_NAME) | .Value')
           CDK_CONFIG_cloudfrontDistributionArn=$(echo "$CF_LONDON_EXPORTS" | \
               jq \
-              --arg EXPORT_NAME "${{ inputs.SERVICE_NAME }}:cloudfrontDistribution:Arn" \
+              --arg EXPORT_NAME "${{ inputs.SERVICE_NAME }}-stateful-resources:cloudfrontDistribution:Arn" \
               -r '.Exports[] | select(.Name == $EXPORT_NAME) | .Value')
+          export CDK_CONFIG_cloudfrontCertArn
+          export CDK_CONFIG_shortCloudfrontDomain
+          export CDK_CONFIG_fullCloudfrontDomain
+          export CDK_CONFIG_cloudfrontDistributionId
+          export CDK_CONFIG_cloudfrontDistributionArn
           npm run cdk-deploy --workspace packages/cdk
         shell: bash
         env:
           AWS_MAX_ATTEMPTS: 20
           CDK_APP_NAME: "HackApp"
           CDK_STACK_NAME: "HackStack"
+          CDK_CONFIG_serviceName: "${{ inputs.SERVICE_NAME }}"
           CDK_CONFIG_stackName: "${{ inputs.SERVICE_NAME }}-hack-stack"
           CDK_CONFIG_versionNumber: "${{ inputs.VERSION_NUMBER }}"
           CDK_CONFIG_commitId: "${{ inputs.COMMIT_ID }}"

Makefile

@@ -2,6 +2,7 @@ export CDK_CONFIG_versionNumber=undefined
 export CDK_CONFIG_commitId=undefined
 export CDK_CONFIG_isPullRequest=true
 export CDK_CONFIG_environment=dev
+export CDK_CONFIG_serviceName=hackapp
 
 guard-%:
 	@ if [ "${${*}}" = "" ]; then \

packages/cdk/bin/HackApp.ts

@@ -2,6 +2,7 @@ import {UsCertsStack} from "../stacks/UsCertsStack"
 import {HackStack} from "../stacks/HackStack"
 import {
   createApp,
+  getConfigFromEnvVar,
 } from "@nhsdigital/eps-cdk-constructs"
 
 
@@ -15,7 +16,7 @@ async function main() {
     driftDetectionGroup: "hackapp-drift-group",
   })
 
-  const serviceName = "hackapp"
+  const serviceName: string = getConfigFromEnvVar("serviceName")
   const shortCloudfrontDomain = serviceName
   const usCertsStack = new UsCertsStack(app, "UsCertsStack", {
     env: {

packages/cdk/resources/CloudfrontBehaviors.ts

@@ -63,14 +63,6 @@ export class CloudfrontBehaviors extends Construct{
         {
           key: "api_path",
           value: "/api"
-        },
-        {
-          key: "oauth2_proxyPath",
-          value: "/oauth2"
-        },
-        {
-          key: "jwks_rewrite",
-          value: "jwks.json"
         }
       ]}))
     })
@@ -148,44 +140,12 @@ export class CloudfrontBehaviors extends Construct{
     on how many can be created simultaneously */
     apiGatewayStripPathFunction.node.addDependency(s3StaticContentUriRewriteFunction)
 
-    const oauth2GatewayStripPathFunction = new CloudfrontFunction(this, "OAuth2GatewayStripPathFunction", {
-      functionName: `${props.serviceName}-OAuth2GatewayStripPathFunction`,
-      sourceFileName: "genericStripPathUriRewrite.js",
-      keyValueStore: keyValueStore,
-      codeReplacements: [
-        {
-          valueToReplace: "PATH_PLACEHOLDER",
-          replacementValue: "oauth2_proxyPath"
-        }
-      ]
-    })
-    /* Add dependency on previous function to force them to build one by one to avoid aws limits
-    on how many can be created simultaneously */
-    oauth2GatewayStripPathFunction.node.addDependency(apiGatewayStripPathFunction)
-
-    const s3JwksUriRewriteFunction = new CloudfrontFunction(this, "s3JwksUriRewriteFunction", {
-      functionName: `${props.serviceName}-s3JwksUriRewriteFunction`,
-      sourceFileName: "genericS3FixedObjectUriRewrite.js",
-      keyValueStore: keyValueStore,
-      codeReplacements: [
-        {
-          valueToReplace: "OBJECT_PLACEHOLDER",
-          replacementValue: "jwks_rewrite"
-        }
-      ]
-    })
-    /* Add dependency on previous function to force them to build one by one to avoid aws limits
-    on how many can be created simultaneously */
-    s3JwksUriRewriteFunction.node.addDependency(oauth2GatewayStripPathFunction)
 
     const s3StaticContentRootSlashRedirect = new CloudfrontFunction(this, "s3StaticContentRootSlashRedirect", {
       functionName: `${props.serviceName}-s3StaticContentRootSlashRedirect`,
       sourceFileName: "s3StaticContentRootSlashRedirect.js"
     })
 
-    /* Add dependency on previous function to force them to build one by one to avoid aws limits
-    on how many can be created simultaneously */
-    s3StaticContentRootSlashRedirect.node.addDependency(s3JwksUriRewriteFunction)
 
 
     const additionalBehaviors = {
@@ -242,6 +202,7 @@ export class CloudfrontBehaviors extends Construct{
     }
 
     //Outputs
+    this.additionalBehaviors = additionalBehaviors
     this.s3404UriRewriteFunction = s3404UriRewriteFunction
     this.s3404ModifyStatusCodeFunction = s3404ModifyStatusCodeFunction
     this.s3StaticContentUriRewriteFunction = s3StaticContentUriRewriteFunction

packages/cdk/resources/CloudfrontDistribution.ts

@@ -59,25 +59,15 @@ export class CloudfrontDistribution extends Construct {
       errorResponses: props.errorResponses,
     })
 
-    if (props.shortCloudfrontDomain === "APEX_DOMAIN") {
-      new ARecord(this, "CloudFrontAliasIpv4Record", {
-        zone: props.hostedZone,
-        target: RecordTarget.fromAlias(new CloudFrontTarget(cloudfrontDistribution))})
+    new ARecord(this, "CloudFrontAliasIpv4Record", {
+      zone: props.hostedZone,
+      recordName: props.shortCloudfrontDomain,
+      target: RecordTarget.fromAlias(new CloudFrontTarget(cloudfrontDistribution))})
 
-      new AaaaRecord(this, "CloudFrontAliasIpv6Record", {
-        zone: props.hostedZone,
-        target: RecordTarget.fromAlias(new CloudFrontTarget(cloudfrontDistribution))})
-    } else {
-      new ARecord(this, "CloudFrontAliasIpv4Record", {
-        zone: props.hostedZone,
-        recordName: props.shortCloudfrontDomain,
-        target: RecordTarget.fromAlias(new CloudFrontTarget(cloudfrontDistribution))})
-
-      new AaaaRecord(this, "CloudFrontAliasIpv6Record", {
-        zone: props.hostedZone,
-        recordName: props.shortCloudfrontDomain,
-        target: RecordTarget.fromAlias(new CloudFrontTarget(cloudfrontDistribution))})
-    }
+    new AaaaRecord(this, "CloudFrontAliasIpv6Record", {
+      zone: props.hostedZone,
+      recordName: props.shortCloudfrontDomain,
+      target: RecordTarget.fromAlias(new CloudFrontTarget(cloudfrontDistribution))})
 
     // Outputs
     this.distribution = cloudfrontDistribution

packages/cdk/resources/RestApiGateway.ts

@@ -33,7 +33,6 @@ export class RestApiGateway extends Construct {
   public readonly apiGateway: RestApi
   public readonly apiGatewayRole: Role
   public readonly stageArn: string
-  oauth2ApiGateway: RestApi
 
   public constructor(scope: Construct, id: string, props: RestApiGatewayProps) {
     super(scope, id)

packages/cdk/resources/RestApiGateway/RestApiGatewayMethods.ts

@@ -33,7 +33,7 @@ export class RestApiGatewayMethods extends Construct {
     }
 
 
-    const prescriptionDetailsLambdaResource = props.restApiGateway.root
+    const prescriptionDetailsLambdaResource = props.restApiGateway.root.addResource("foo")
     prescriptionDetailsLambdaResource.addMethod("GET", new LambdaIntegration(props.fooLambda, {
        credentialsRole: props.restAPiGatewayRole
      }), {

packages/cdk/stacks/nagSuppression.ts

@@ -64,6 +64,26 @@ export const addNagSuppressions = (stack: Stack) => {
       }
     ]
   )
+  safeAddNagSuppression(
+    stack,
+    "/HackStack/ApiGateway/ApiGateway/Default/foo/GET/Resource",
+    [
+      {
+        id: "AwsSolutions-APIG4",
+        reason: "this is for hack day stack"
+      }
+    ]
+  )
+  safeAddNagSuppression(
+    stack,
+    "/HackStack/ApiGateway/ApiGateway/Default/foo/GET/Resource",
+    [
+      {
+        id: "AwsSolutions-COG4",
+        reason: "this is for hack day stack"
+      }
+    ]
+  )
 
 }
 

packages/foo/src/handler.ts

@@ -3,7 +3,6 @@ import {injectLambdaContext} from "@aws-lambda-powertools/logger/middleware"
 import middy from "@middy/core"
 import inputOutputLogger from "@middy/input-output-logger"
 import errorHandler from "@nhs/fhir-middy-error-handler"
-import {createSpineClient} from "@nhsdigital/eps-spine-client"
 
 const logger = new Logger({serviceName: "status"})
 
@@ -29,10 +28,8 @@ const lambdaHandler = async (event: any): Promise<any> => {
   const commitId = process.env.COMMIT_ID
   const versionNumber = process.env.VERSION_NUMBER
 
-  const spineClient = createSpineClient(logger)
-  const spineStatus = await spineClient.getStatus()
 
-  const statusBody = {...spineStatus, commitId: commitId, versionNumber: versionNumber}
+  const statusBody = {commitId: commitId, versionNumber: versionNumber}
 
   return {
     statusCode: 200,

packages/hack/react-router.config.ts

@@ -3,5 +3,6 @@ import type { Config } from "@react-router/dev/config";
 export default {
   // Config options...
   // Server-side render by default, to enable SPA mode set this to `false`
+  basename: "/site",
   ssr: false,
 } satisfies Config;

packages/hack/vite.config.ts

@@ -4,5 +4,6 @@ import { defineConfig } from "vite";
 import tsconfigPaths from "vite-tsconfig-paths";
 
 export default defineConfig({
+  base: "/site/",
   plugins: [tailwindcss(), reactRouter(), tsconfigPaths()],
 });