Skip to content

Chore: [AEA-0000] - add workflow to update dev container#1026

Merged
anthony-nhs merged 2 commits intomainfrom
update_dev_container
Mar 23, 2026
Merged

Chore: [AEA-0000] - add workflow to update dev container#1026
anthony-nhs merged 2 commits intomainfrom
update_dev_container

Conversation

@anthony-nhs
Copy link
Contributor

@anthony-nhs anthony-nhs commented Mar 23, 2026

Summary

  • Routine Change

Details

  • add workflow to update dev container version

Copilot AI review requested due to automatic review settings March 23, 2026 11:05
@github-actions
Copy link
Contributor

github-actions bot commented Mar 23, 2026

This PR is linked to a ticket in an NHS Digital JIRA Project. Here's a handy link to the ticket:

AEA-0000

Copilot AI reviewed Mar 23, 2026
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a GitHub Actions workflow to periodically (and manually) update the repository’s dev container version by delegating to a reusable workflow in NHSDigital/eps-common-workflows.

Changes:

  • Introduce a new workflow triggered by workflow_dispatch and a weekly cron schedule.
  • Call the shared update-dev-container-version.yml reusable workflow, passing base_branch and automerge app secrets.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

.github/workflows/update_dev_container_version.yml
Comment on lines +3 to +8
on:
workflow_dispatch:
schedule:
- cron: "0 18 * * 1"

jobs:
Copy link

Copilot AI Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This scheduled workflow relies on the repository default GITHUB_TOKEN permissions (no explicit permissions: block). For least-privilege and to avoid changes in repo/org defaults impacting behavior, explicitly set the minimal permissions required by the called reusable workflow (e.g., only what’s needed to open/update PRs and/or contents).

Copilot uses AI. Check for mistakes.
.github/workflows/update_dev_container_version.yml

jobs:
update_devcontainer_version:
uses: NHSDigital/eps-common-workflows/.github/workflows/update-dev-container-version.yml@d2a4595b1bfa59f04c7cecb080a126321d42a333
Copy link

Copilot AI Mar 23, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This workflow pins eps-common-workflows to a different commit SHA than the rest of the repo (most other workflows use @5ac2707...). Mixing versions can lead to inconsistent behavior and makes it harder to roll forward/back common workflow changes. Consider aligning this reference to the same SHA used elsewhere, or intentionally bump all eps-common-workflows references together to the new SHA (and document why this one differs if it must).

Suggested change
uses: NHSDigital/eps-common-workflows/.github/workflows/update-dev-container-version.yml@d2a4595b1bfa59f04c7cecb080a126321d42a333
uses: NHSDigital/eps-common-workflows/.github/workflows/update-dev-container-version.yml@5ac2707

Copilot uses AI. Check for mistakes.
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 23, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@anthony-nhs anthony-nhs merged commit 0bf0939 into main Mar 23, 2026
15 checks passed
@anthony-nhs anthony-nhs deleted the update_dev_container branch March 23, 2026 11:18
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@anthony-nhs