Skip to content

Chore: [AEA-0000] - bump dev container version to 1.4.8 #16

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
anthony-nhs merged 2 commits into from
Apr 17, 2026
Merged

Chore: [AEA-0000] - bump dev container version to 1.4.8 #16

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
f9598f3
bump dev container version
anthony-nhs Apr 16, 2026
4feb592
fix
anthony-nhs Apr 17, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion .devcontainer/devcontainer.json
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@
"args": {
"DOCKER_GID": "${env:DOCKER_GID:}",
"IMAGE_NAME": "node_24_python_3_14",
"IMAGE_VERSION": "v1.4.2",
"IMAGE_VERSION": "v1.4.8",
"USER_UID": "${localEnv:USER_ID:}",
"USER_GID": "${localEnv:GROUP_ID:}"
},
Expand Down
7 changes: 0 additions & 7 deletions .gitallowed
View file
Open in desktop

This file was deleted.

15 changes: 9 additions & 6 deletions .github/workflows/ci.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@ name: ci

on:
push:
branches: [main]
branches: [ main ]
permissions: {}
jobs:
get_config_values:
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
permissions:
attestations: "read"
contents: "read"
Expand All @@ -15,21 +15,24 @@ jobs:
verify_published_from_main_image: false

quality_checks:
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@68c2dea999875055ecbfdf055d8391e6e8b8ce2f
needs: [get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
needs: [ get_config_values ]
permissions:
Comment on lines 17 to 20
Copy link

Copilot AI Apr 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only the quality-checks-devcontainer reusable workflow SHA was bumped here, but the tag_release job still points at the previous tag-release-devcontainer.yml@68c2.... If the devcontainer version bump to 1.4.8 is meant to apply end-to-end, consider bumping the tag-release-devcontainer SHA as well (or clarify why tagging should remain on the older version).

Copilot uses AI. Check for mistakes.
contents: "read"
packages: "read"
id-token: "write"
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

tag_release:
needs: [get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@68c2dea999875055ecbfdf055d8391e6e8b8ce2f
needs: [ get_config_values ]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
permissions:
id-token: "write"
contents: "write"
packages: "write"
with:
dry_run: true
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
Expand Down
19 changes: 11 additions & 8 deletions .github/workflows/pull_request.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@ name: pull_request

on:
pull_request:
branches: [main]
branches: [ main ]
permissions: {}
jobs:
get_config_values:
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
permissions:
attestations: "read"
contents: "read"
Expand All @@ -15,7 +15,7 @@ jobs:
verify_published_from_main_image: false

dependabot-auto-approve-and-merge:
uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
uses: NHSDigital/eps-common-workflows/.github/workflows/dependabot-auto-approve-and-merge.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
permissions:
contents: "write"
pull-requests: "write"
Expand All @@ -24,26 +24,29 @@ jobs:
AUTOMERGE_PEM: ${{ secrets.AUTOMERGE_PEM }}

quality_checks:
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@68c2dea999875055ecbfdf055d8391e6e8b8ce2f
needs: [get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
needs: [ get_config_values ]
permissions:
Comment on lines 26 to 29
Copy link

Copilot AI Apr 16, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This updates quality-checks-devcontainer to a new eps-common-workflows SHA, but tag_release in the same workflow still uses the older tag-release-devcontainer.yml@68c2.... If the intent is to bump the devcontainer version to 1.4.8, consider updating the tag-release-devcontainer reference too so the workflow is consistently using the new devcontainer tooling during tagging.

Copilot uses AI. Check for mistakes.
contents: "read"
packages: "read"
id-token: "write"
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

pr_title_format_check:
uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
uses: NHSDigital/eps-common-workflows/.github/workflows/pr_title_check.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
permissions:
pull-requests: "write"

tag_release:
needs: [get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@68c2dea999875055ecbfdf055d8391e6e8b8ce2f
needs: [ get_config_values ]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
permissions:
id-token: "write"
contents: "write"
packages: "write"
with:
dry_run: true
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
Expand Down
13 changes: 8 additions & 5 deletions .github/workflows/release.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ on:
permissions: {}
jobs:
get_config_values:
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@e798d5aee897de6f7dc387dd5623fcd9ba4c8929
uses: NHSDigital/eps-common-workflows/.github/workflows/get-repo-config.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
permissions:
attestations: "read"
contents: "read"
Expand All @@ -16,21 +16,24 @@ jobs:
verify_published_from_main_image: false

quality_checks:
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@68c2dea999875055ecbfdf055d8391e6e8b8ce2f
needs: [get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/quality-checks-devcontainer.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
needs: [ get_config_values ]
permissions:
contents: "read"
packages: "read"
id-token: "write"
with:
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
secrets:
SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

tag_release:
needs: [get_config_values]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@68c2dea999875055ecbfdf055d8391e6e8b8ce2f
needs: [ get_config_values ]
uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release-devcontainer.yml@8b259f4f2d2b8ff1345fb0d2f9b9f0fbb9d19845
permissions:
id-token: "write"
contents: "write"
packages: "write"
with:
dry_run: false
pinned_image: ${{ needs.get_config_values.outputs.pinned_image }}
Expand Down
21 changes: 11 additions & 10 deletions .pre-commit-config.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -26,27 +26,27 @@ repos:
- id: zizmor-action
name: Check action.yml
entry: zizmor
args: ["action.yml"]
args: [ "action.yml" ]
language: system
files: action.yml
pass_filenames: false

- id: lint-githubactions
name: Lint github actions
entry: make
args: ["actionlint"]
args: [ "actionlint" ]
language: system
files: ^.github
types_or: [yaml]
types_or: [ yaml ]
pass_filenames: false

- id: lint-githubaction-scripts
name: Lint github action scripts
entry: make
args: ["shellcheck"]
args: [ "shellcheck" ]
language: system
files: ^.github/scripts
types_or: [sh, shell]
types_or: [ sh, shell ]
pass_filenames: false

- id: check-commit-signing
Expand Down Expand Up @@ -78,14 +78,15 @@ repos:
pass_filenames: false
always_run: true

- id: git-secrets
name: Git Secrets
description: git-secrets scans commits, commit messages, and --no-ff merges to prevent adding secrets into your git repositories.
- id: gitleasks
name: Git Leaks
description: gitleaks scans commits, commit messages, and --no-ff merges to
prevent adding secrets into your git repositories.
entry: bash
args:
- -c
- "git-secrets --pre_commit_hook"
- "gitleaks git --pre-commit --redact --staged --verbose"
language: system

fail_fast: true
default_stages: [pre-commit]
default_stages: [ pre-commit ]