From e41cb5d99549bde7628d3ab1fc52fa44f8bcb901 Mon Sep 17 00:00:00 2001
From: Connor Avery <214469360+connoravo-nhs@users.noreply.github.com>
Date: Thu, 29 Jan 2026 16:59:32 +0000
Subject: [PATCH 1/2] Attempt 2 of proxygen deployment. PR temp deploy to Dev
 to test it will deploy

Signed-off-by: Connor Avery <214469360+connoravo-nhs@users.noreply.github.com>
---
 .github/workflows/pull_request.yml         | 41 ++++++++++-
 .github/workflows/run_regression_tests.yml | 82 +++++++++++-----------
 .github/workflows/sam_release_code.yml     |  2 +-
 3 files changed, 82 insertions(+), 43 deletions(-)

diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
index 93d006e01..8973434ae 100644
--- a/.github/workflows/pull_request.yml
+++ b/.github/workflows/pull_request.yml
@@ -118,7 +118,7 @@ jobs:
       RUN_REGRESSION_TESTS: true
       REGRESSION_TEST_PRODUCT: PFP-AWS
       FORWARD_CSOC_LOGS: false
-      DEPLOY_APIGEE: false
+      DEPLOY_APIGEE: true
       ALLOW_NHS_NUMBER_OVERRIDE: true
     secrets:
       REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }}
@@ -153,3 +153,42 @@ jobs:
       TARGET_SPINE_SERVER: sandbox
       TARGET_SERVICE_SEARCH_SERVER: sandbox
       PROXYGEN_ROLE: ${{ secrets.PROXYGEN_PTL_ROLE }}
+  release_dev:
+    needs: [tag_release, package_code, get_commit_id]
+    uses: ./.github/workflows/sam_release_code.yml
+    with:
+      ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
+      STACK_NAME: pfp
+      TARGET_ENVIRONMENT: dev
+      APIGEE_ENVIRONMENT: internal-dev
+      ENABLE_MUTUAL_TLS: true
+      MTLS_KEY: prescriptions-for-patients-mtls-1
+      BUILD_ARTIFACT: packaged_code
+      TRUSTSTORE_FILE: pfp-truststore.pem
+      VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}}
+      COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
+      LOG_LEVEL: DEBUG
+      LOG_RETENTION_DAYS: 30
+      CREATE_INT_RELEASE_NOTES: true
+      CREATE_PROD_RELEASE_NOTES: true
+      TOGGLE_GET_STATUS_UPDATES: true
+      ENABLE_ALERTS: true
+      STATE_MACHINE_LOG_LEVEL: ALL
+      RUN_REGRESSION_TESTS: true
+      REGRESSION_TEST_NON_PROXYGEN: true
+      REGRESSION_TEST_PRODUCT: PFP-APIGEE
+      FORWARD_CSOC_LOGS: false
+      TC007_NHS_NUMBERS: ${{vars.TC007_NHS_NUMBERS}}
+      TC008_NHS_NUMBERS: ${{vars.TC008_NHS_NUMBERS}}
+      TC009_NHS_NUMBERS: ${{vars.TC009_NHS_NUMBERS}}
+      ALLOW_NHS_NUMBER_OVERRIDE: true
+    secrets:
+      REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }}
+      CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
+      TARGET_SPINE_SERVER: ${{ secrets.DEV_TARGET_SPINE_SERVER }}
+      TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.DEV_TARGET_SERVICE_SEARCH_SERVER }}
+      DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
+      INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
+      PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
+      DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
+      PROXYGEN_ROLE: ${{ secrets.PROXYGEN_PTL_ROLE }}
diff --git a/.github/workflows/run_regression_tests.yml b/.github/workflows/run_regression_tests.yml
index c92462e0f..e0c7af117 100644
--- a/.github/workflows/run_regression_tests.yml
+++ b/.github/workflows/run_regression_tests.yml
@@ -113,44 +113,44 @@ jobs:
             --regression_test_workflow_tag "${REGRESSION_TEST_WORKFLOW_TAG}"
           fi
 
-      # - name: Run Regression Testing Proxygen API
-      #   working-directory: scripts
-      #   env:
-      #     TARGET_ENVIRONMENT: ${{ inputs.ENVIRONMENT }}
-      #     VERSION_NUMBER: ${{ inputs.VERSION_NUMBER }}
-      #     GITHUB-TOKEN: ${{ steps.generate-token.outputs.token }}
-      #   run: |
-      #     if [[ "$TARGET_ENVIRONMENT" != "prod" && "$TARGET_ENVIRONMENT" != "ref" ]]; then
-      #       REGRESSION_TEST_REPO_TAG="v3.8.19" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name
-      #       REGRESSION_TEST_WORKFLOW_TAG="v3.8.19" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG
-
-      #       if [[ -z "$REGRESSION_TEST_REPO_TAG" || -z "$REGRESSION_TEST_WORKFLOW_TAG" ]]; then
-      #         echo "Error: One or both tag variables are not set" >&2
-      #         exit 1
-      #       fi
-
-      #       # HELPER IF STATEMENT - It will automatically determine the correct Git URL to use based on the REGRESSION_TEST_WORKFLOW_TAG value
-      #       if [[ "$REGRESSION_TEST_WORKFLOW_TAG" =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
-      #         echo "REGRESSION_TEST_WORKFLOW_TAG is a version tag, using tag link"
-      #         curl "https://raw.githubusercontent.com/NHSDigital/electronic-prescription-service-api-regression-tests/refs/tags/${REGRESSION_TEST_WORKFLOW_TAG}/scripts/run_regression_tests.py" -o run_regression_tests.py
-      #       else
-      #         echo "REGRESSION_TEST_WORKFLOW_TAG doesn't look like a version tag, using branch link"
-      #         curl "https://raw.githubusercontent.com/NHSDigital/electronic-prescription-service-api-regression-tests/refs/heads/${REGRESSION_TEST_REPO_TAG}/scripts/run_regression_tests.py" -o run_regression_tests.py
-      #       fi
-
-      #       if [[ ! -f run_regression_tests.py ]]; then
-      #         echo "Error: run_regression_tests.py not found" >&2
-      #         exit 1
-      #       fi
-
-      #       poetry install
-      #       echo Running regression tests in the "$TARGET_ENVIRONMENT" environment
-      #       poetry run python -u run_regression_tests.py \
-      #       --env="$TARGET_ENVIRONMENT" \
-      #       --pr_label="$VERSION_NUMBER" \
-      #       --token=${{ steps.generate-token.outputs.token }} \
-      #       --is_called_from_github=true \
-      #       --product="PFP-PROXYGEN" \
-      #       --regression_test_repo_tag "${REGRESSION_TEST_REPO_TAG}" \
-      #       --regression_test_workflow_tag "${REGRESSION_TEST_WORKFLOW_TAG}"
-      #     fi
+      - name: Run Regression Testing Proxygen API
+        working-directory: scripts
+        env:
+          TARGET_ENVIRONMENT: ${{ inputs.ENVIRONMENT }}
+          VERSION_NUMBER: ${{ inputs.VERSION_NUMBER }}
+          GITHUB-TOKEN: ${{ steps.generate-token.outputs.token }}
+        run: |
+          if [[ "$TARGET_ENVIRONMENT" != "prod" && "$TARGET_ENVIRONMENT" != "ref" ]]; then
+            REGRESSION_TEST_REPO_TAG="v3.8.19" # This is the tag or branch of the regression test code to run, usually a version tag like v3.1.0 or a branch name
+            REGRESSION_TEST_WORKFLOW_TAG="v3.8.19" # This is the tag of the github workflow to run, usually the same as REGRESSION_TEST_REPO_TAG
+
+            if [[ -z "$REGRESSION_TEST_REPO_TAG" || -z "$REGRESSION_TEST_WORKFLOW_TAG" ]]; then
+              echo "Error: One or both tag variables are not set" >&2
+              exit 1
+            fi
+
+            # HELPER IF STATEMENT - It will automatically determine the correct Git URL to use based on the REGRESSION_TEST_WORKFLOW_TAG value
+            if [[ "$REGRESSION_TEST_WORKFLOW_TAG" =~ ^v([0-9]+)\.([0-9]+)\.([0-9]+)$ ]]; then
+              echo "REGRESSION_TEST_WORKFLOW_TAG is a version tag, using tag link"
+              curl "https://raw.githubusercontent.com/NHSDigital/electronic-prescription-service-api-regression-tests/refs/tags/${REGRESSION_TEST_WORKFLOW_TAG}/scripts/run_regression_tests.py" -o run_regression_tests.py
+            else
+              echo "REGRESSION_TEST_WORKFLOW_TAG doesn't look like a version tag, using branch link"
+              curl "https://raw.githubusercontent.com/NHSDigital/electronic-prescription-service-api-regression-tests/refs/heads/${REGRESSION_TEST_REPO_TAG}/scripts/run_regression_tests.py" -o run_regression_tests.py
+            fi
+
+            if [[ ! -f run_regression_tests.py ]]; then
+              echo "Error: run_regression_tests.py not found" >&2
+              exit 1
+            fi
+
+            poetry install
+            echo Running regression tests in the "$TARGET_ENVIRONMENT" environment
+            poetry run python -u run_regression_tests.py \
+            --env="$TARGET_ENVIRONMENT" \
+            --pr_label="$VERSION_NUMBER" \
+            --token=${{ steps.generate-token.outputs.token }} \
+            --is_called_from_github=true \
+            --product="PFP-PROXYGEN" \
+            --regression_test_repo_tag "${REGRESSION_TEST_REPO_TAG}" \
+            --regression_test_workflow_tag "${REGRESSION_TEST_WORKFLOW_TAG}"
+          fi
diff --git a/.github/workflows/sam_release_code.yml b/.github/workflows/sam_release_code.yml
index 27d1be29a..f2261f05e 100644
--- a/.github/workflows/sam_release_code.yml
+++ b/.github/workflows/sam_release_code.yml
@@ -80,7 +80,7 @@ on:
         type: string
       DEPLOY_APIGEE:
         type: boolean
-        default: false
+        default: true
       MTLS_KEY:
         type: string
         required: true

From ec635906aa04253fdddd3139c6d658a123a5a1f3 Mon Sep 17 00:00:00 2001
From: Connor Avery <214469360+connoravo-nhs@users.noreply.github.com>
Date: Thu, 29 Jan 2026 17:21:20 +0000
Subject: [PATCH 2/2] Remove dev deployment from PR after successful test

Signed-off-by: Connor Avery <214469360+connoravo-nhs@users.noreply.github.com>
---
 .github/workflows/pull_request.yml | 39 ------------------------------
 1 file changed, 39 deletions(-)

diff --git a/.github/workflows/pull_request.yml b/.github/workflows/pull_request.yml
index 8973434ae..4df0ca290 100644
--- a/.github/workflows/pull_request.yml
+++ b/.github/workflows/pull_request.yml
@@ -153,42 +153,3 @@ jobs:
       TARGET_SPINE_SERVER: sandbox
       TARGET_SERVICE_SEARCH_SERVER: sandbox
       PROXYGEN_ROLE: ${{ secrets.PROXYGEN_PTL_ROLE }}
-  release_dev:
-    needs: [tag_release, package_code, get_commit_id]
-    uses: ./.github/workflows/sam_release_code.yml
-    with:
-      ARTIFACT_BUCKET_PREFIX: ${{needs.tag_release.outputs.version_tag}}
-      STACK_NAME: pfp
-      TARGET_ENVIRONMENT: dev
-      APIGEE_ENVIRONMENT: internal-dev
-      ENABLE_MUTUAL_TLS: true
-      MTLS_KEY: prescriptions-for-patients-mtls-1
-      BUILD_ARTIFACT: packaged_code
-      TRUSTSTORE_FILE: pfp-truststore.pem
-      VERSION_NUMBER: ${{needs.tag_release.outputs.version_tag}}
-      COMMIT_ID: ${{needs.get_commit_id.outputs.commit_id}}
-      LOG_LEVEL: DEBUG
-      LOG_RETENTION_DAYS: 30
-      CREATE_INT_RELEASE_NOTES: true
-      CREATE_PROD_RELEASE_NOTES: true
-      TOGGLE_GET_STATUS_UPDATES: true
-      ENABLE_ALERTS: true
-      STATE_MACHINE_LOG_LEVEL: ALL
-      RUN_REGRESSION_TESTS: true
-      REGRESSION_TEST_NON_PROXYGEN: true
-      REGRESSION_TEST_PRODUCT: PFP-APIGEE
-      FORWARD_CSOC_LOGS: false
-      TC007_NHS_NUMBERS: ${{vars.TC007_NHS_NUMBERS}}
-      TC008_NHS_NUMBERS: ${{vars.TC008_NHS_NUMBERS}}
-      TC009_NHS_NUMBERS: ${{vars.TC009_NHS_NUMBERS}}
-      ALLOW_NHS_NUMBER_OVERRIDE: true
-    secrets:
-      REGRESSION_TESTS_PEM: ${{ secrets.REGRESSION_TESTS_PEM }}
-      CLOUD_FORMATION_DEPLOY_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_DEPLOY_ROLE }}
-      TARGET_SPINE_SERVER: ${{ secrets.DEV_TARGET_SPINE_SERVER }}
-      TARGET_SERVICE_SEARCH_SERVER: ${{ secrets.DEV_TARGET_SERVICE_SEARCH_SERVER }}
-      DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
-      INT_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.INT_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
-      PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE: ${{ secrets.PROD_CLOUD_FORMATION_CHECK_VERSION_ROLE }}
-      DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE: ${{ secrets.DEV_CLOUD_FORMATION_EXECUTE_LAMBDA_ROLE }}
-      PROXYGEN_ROLE: ${{ secrets.PROXYGEN_PTL_ROLE }}