Merge latest from master (#22366)

* APPEALS-44287: Excluding disposition held and select that appeal for distribution (#22277) * first run at an SQL query removing duplicate appeals from distribution * code refactor and excluding disposition held and select that appeal for distribution * automated test for the duplicate hearing bug * fix rubocop offense SpaceInsideBlockBraces --------- Co-authored-by: Sean Parker <Sean.Parker3@va.gov> Co-authored-by: samasudhirreddy <sudhirreddy.sama@va.gov> * APPEALS-51237, APPEALS-51536: Optimize feature tests in intake/appeal/edit_spec.rb and optimize automatic case distribution tests (#22280) * refactoring edit_spec * move one assertion and remove duplicate test * refactor withdraw issues context * move duplicate test assertions * move duplicate test assertions to existing tests and remove duplicate tests * move assertion and remove duplicate test * consolidate SCT appeal tests * refactor SCT tests to use step blocks * consolidate a individual test into a step * move CC appeal task tests to appeals_controller_spec intead of a feature test * remove unnecessary code comments * consolidate member not admin tests * remove commented portions of test * move tests from affinity_days_levers_spec.rb * move tests from affinity_days_levers_spec.rb, last commit was from audit_lever_history_table_spec.rb * remove ama_np_dist_goals_by_docket_lever_spec.rb * remove batch_size_levers_spec.rb * remove inactive_data_elements_levers_spec.rb * remove lever_buttons_spec.rb * refactor * move jest file for convention, add snapshot * move test for admin ui not interactable for non-admins to a jest test * remove unnecessary comments, whitespace * restore jest folder structure * modify edit spec to use case details page instead of searching again * modify assertions * remove TODO comment * add assertion to allow async save actions to be executed * add check to ensure banner is gone before trying to save * refactor assertions for lever history display * fix failing dependency report tests * APPEALS-53151: Update ECR Workflow to Utilize OIDC Flow (#22348) * Reconfigure ECR login workflow to utilize Github's OIDC flow * Add permissions * Update AWS account number to one for VAEC * Update account number for main CI workflow * Try using a separate secret in test * Try using a separate secret in test * Change name of secret --------- Co-authored-by: Matthew Thornton <ThorntonMatthew@users.noreply.github.com> * Fix snapshots --------- Co-authored-by: Craig Reese <109101548+craigrva@users.noreply.github.com> Co-authored-by: Sean Parker <Sean.Parker3@va.gov> Co-authored-by: samasudhirreddy <sudhirreddy.sama@va.gov> Co-authored-by: Matthew Thornton <99351305+ThorntonMatthew@users.noreply.github.com> Co-authored-by: Matthew Thornton <ThorntonMatthew@users.noreply.github.com>
department-of-veterans-affairs · Aug 1, 2024 · 6155fd2 · 6155fd2
1 parent bed868d
commit 6155fd2
Show file tree

Hide file tree

Showing 19 changed files with 2,254 additions and 1,598 deletions.
diff --git a/.github/workflows/ecr-login.yml b/.github/workflows/ecr-login.yml
@@ -4,31 +4,47 @@ on:
   # Every 6 hours, the password validity is 12 hours
   schedule:
     - cron:  '0 */6 * * *'
+
+permissions:
+  id-token: write
+  contents: read
+
 jobs:
   login:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
         uses: actions/checkout@v3
+
+      - name: Configure AWS Credentials
+        id: acquire-credentials
+        uses: aws-actions/configure-aws-credentials@v4
+        with:
+          aws-region: us-gov-west-1
+          role-to-assume: ${{ secrets.AWS_ROLE }}
+          output-credentials: true
+
       - name: retrieve ecr password and store as secret
+        if: steps.acquire-credentials.outcome == 'success'
         run: |
           pip3 install -r .github/workflows/requirements.txt
           python3 .github/workflows/ecr_password_updater.py
         env:
-          AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
-          AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
+          AWS_ACCESS_KEY_ID: ${{ steps.acquire-credentials.outputs.aws-access-key-id }}
+          AWS_SECRET_ACCESS_KEY: ${{ steps.acquire-credentials.outputs.aws-secret-access-key }}
           AWS_DEFAULT_REGION: us-gov-west-1
           GH_API_ACCESS_TOKEN: ${{ secrets.GH_API_ACCESS_TOKEN }}
-  # This 'test' job is usefull for fast debugging
+
+  # This 'test' job is useful for fast debugging
   test:
     needs: login
     runs-on: ubuntu-latest
     timeout-minutes: 1
     container:
-      image: 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
+      image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
       credentials:
         username: AWS
         # Here is the password retrieved as a secret that is set by the `login` job
-        password: ${{ secrets.ECR_PASSWORD }}
+        password: ${{ secrets.VAEC_ECR_PASSWORD }}
     steps:
       - run: echo "Inside a container pulled from ECR!!"
diff --git a/.github/workflows/ecr_password_updater.py b/.github/workflows/ecr_password_updater.py
@@ -41,7 +41,7 @@ def get_ecr_password() -> str:
 
     password = get_ecr_password()
     encrypted_password = encrypt(public_key_value, password)
-    update_password = requests.put('https://api.github.com/repos/department-of-veterans-affairs/caseflow/actions/secrets/ECR_PASSWORD',
+    update_password = requests.put('https://api.github.com/repos/department-of-veterans-affairs/caseflow/actions/secrets/VAEC_ECR_PASSWORD',
                                    headers={'Accept': 'application/vnd.github.v3+json',
                                             'Authorization': 'token ' + os.environ['GH_API_ACCESS_TOKEN']},
                                    data=json.dumps({'encrypted_value': encrypted_password, 'key_id': public_key_id,

diff --git a/.github/workflows/workflow.yml b/.github/workflows/workflow.yml
@@ -38,10 +38,10 @@ jobs:
           - 6379:6379
 
       facols_db:
-        image: 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/facols:latest
+        image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/facols:latest
         credentials:
           username: AWS
-          password: ${{ secrets.ECR_PASSWORD }}
+          password: ${{ secrets.VAEC_ECR_PASSWORD }}
         ports:
           - 1521:1521
 
@@ -52,11 +52,11 @@ jobs:
         ci_node_index: [0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11]
 
     container:
-      image: 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
+      image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
       options: --privileged # Necessary for Rspec to run with our configuration within GHA
       credentials:
         username: AWS
-        password: ${{ secrets.ECR_PASSWORD }}
+        password: ${{ secrets.VAEC_ECR_PASSWORD }}
 
       env:
         DBUS_SESSION_BUS_ADDRESS: /dev/null
@@ -266,10 +266,10 @@ jobs:
     if: true
     runs-on: ubuntu-latest
     container:
-      image: 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
+      image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
       credentials:
         username: AWS
-        password: ${{ secrets.ECR_PASSWORD }}
+        password: ${{ secrets.VAEC_ECR_PASSWORD }}
       env:
         DBUS_SESSION_BUS_ADDRESS: /dev/null
         RAILS_ENV: test
@@ -328,10 +328,10 @@ jobs:
     if: true
     runs-on: ubuntu-latest
     container:
-      image: 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
+      image: 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/gaimg-ruby:2.7.3-ga-browsers
       credentials:
         username: AWS
-        password: ${{ secrets.ECR_PASSWORD }}
+        password: ${{ secrets.VAEC_ECR_PASSWORD }}
 
     steps:
       - name: Checkout

diff --git a/app/queries/hearing_request_distribution_query.rb b/app/queries/hearing_request_distribution_query.rb
@@ -53,6 +53,7 @@ def not_genpop_appeals
     ama_non_aod_hearing_query.or(ama_aod_hearing_query).uniq
   end
 
+  # rubocop:disable Metrics/AbcSize, Metrics/MethodLength
   def only_genpop_appeals
     ama_non_aod_hearing_query = generate_ama_only_genpop_non_aod_hearing_query(base_relation)
     ama_aod_hearing_query = generate_ama_only_genpop_aod_hearing_query(base_relation)
@@ -79,9 +80,16 @@ def only_genpop_appeals
     # the base result is doing an inner join with hearings so it isn't retrieving any appeals that have no hearings
     # yet, so we add with_no_hearings to retrieve those appeals
     no_hearings_or_no_held_hearings = with_no_hearings.or(with_no_held_hearings)
+    no_hearings_or_only_no_held_hearings = []
+    no_hearings_or_no_held_hearings.each do |appeal|
+      if appeal.hearings.blank? || appeal.hearings.pluck(:disposition).exclude?("held")
+        no_hearings_or_only_no_held_hearings << appeal
+      end
+    end
 
-    [*result, *no_hearings_or_no_held_hearings].uniq
+    [*result, *no_hearings_or_only_no_held_hearings].uniq
   end
+  # rubocop:enable Metrics/AbcSize, Metrics/MethodLength
 
   def generate_ama_not_genpop_non_aod_hearing_query(base_relation)
     query =

diff --git a/ci-bin/circle_docker_container/build_and_push.sh b/ci-bin/circle_docker_container/build_and_push.sh
@@ -7,12 +7,12 @@ fi
 
 rm instant-client-12-1.tar.gz
 
-aws ecr get-login-password --region us-gov-west-1 | docker login --username AWS --password-stdin 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com
+aws ecr get-login-password --region us-gov-west-1 | docker login --username AWS --password-stdin 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com
 
 docker build -t cimg-ruby .
 # In case we modify this image and keep the same ruby version, we should use a different tag (i.e. image digest)
-docker tag cimg-ruby:latest 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/cimg-ruby:2.7.3-browsers
-if docker push 008577686731.dkr.ecr.us-gov-west-1.amazonaws.com/cimg-ruby:2.7.3-browsers ; then
+docker tag cimg-ruby:latest 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/cimg-ruby:2.7.3-browsers
+if docker push 065403089830.dkr.ecr.us-gov-west-1.amazonaws.com/cimg-ruby:2.7.3-browsers ; then
   echo 'Success the latest docker image has been pushed.'
 else
   echo 'Failed. You likely need to sign in with MFA https://aws.amazon.com/premiumsupport/knowledge-center/authenticate-mfa-cli/'

diff --git a/client/test/app/caseDistribution/pages/CaseDistributionApp.test.js b/client/test/app/caseDistribution/pages/CaseDistributionApp.test.js
@@ -1,10 +1,19 @@
 import React from 'react';
 import CaseDistributionApp from 'app/caseDistribution/pages/CaseDistributionApp';
+import {
+  history as leverHistory,
+  mockAffinityDaysLevers,
+  mockBatchLevers,
+  mockDocketDistributionPriorLevers,
+  mockDocketTimeGoalsLevers,
+  mockStaticLevers
+} from '../../../data/adminCaseDistributionLevers';
 import { Provider } from 'react-redux';
 import { createStore, applyMiddleware } from 'redux';
 import rootReducer from 'app/caseDistribution/reducers/root';
 import thunk from 'redux-thunk';
 import { mount } from 'enzyme';
+import { render } from '@testing-library/react';
 
 describe('render Case Distribution Application', () => {
 
@@ -13,26 +22,26 @@ describe('render Case Distribution Application', () => {
     applyMiddleware(thunk));
 
   let testLevers = {
-    static: [],
-    batch: [],
-    affinity: [],
-    docket_distribution_prior: [],
-    docket_time_goal: []
+    static: mockStaticLevers,
+    batch: mockBatchLevers,
+    affinity: mockAffinityDaysLevers,
+    docket_distribution_prior: mockDocketDistributionPriorLevers,
+    docket_time_goal: mockDocketTimeGoalsLevers
   };
 
   afterEach(() => {
     jest.clearAllMocks();
   });
 
-  it('renders Case Distribution App', () => {
+  it('renders Case Distribution App as editable for an admin', () => {
     const store = getStore();
 
     let wrapper = mount(
       <Provider store={store}>
         <CaseDistributionApp
           acdLeversForStore={testLevers}
           acd_levers={testLevers}
-          acd_history={[]}
+          acd_history={leverHistory}
           user_is_an_acd_admin
         />
       </Provider>
@@ -43,7 +52,50 @@ describe('render Case Distribution Application', () => {
     expect(wrapper.find('#lever-history-table').exists()).toBeTruthy();
     expect(wrapper.find('.inactive-data-content').exists()).toBeTruthy();
     expect(wrapper.find('.lever-content').exists()).toBeTruthy();
+    // the buttons and inputs will only render for admin users
+    expect(wrapper.find('button').exists()).toBe(true);
+    expect(wrapper.find('input').length > 0).toBe(true);
   });
 
+  it('renders Case Distribution App as read-only for a non admin', () => {
+    const store = getStore();
+
+    let wrapper = mount(
+      <Provider store={store}>
+        <CaseDistributionApp
+          acdLeversForStore={testLevers}
+          acd_levers={testLevers}
+          acd_history={leverHistory}
+          user_is_an_acd_admin={false}
+        />
+      </Provider>
+    );
+
+    wrapper.update();
+
+    expect(wrapper.find('#lever-history-table').exists()).toBeTruthy();
+    expect(wrapper.find('.inactive-data-content').exists()).toBeTruthy();
+    expect(wrapper.find('.lever-content').exists()).toBeTruthy();
+    // the buttons and inputs will only render for admin users
+    expect(wrapper.find('button').exists()).toBe(false);
+    expect(wrapper.find('input').length === 0).toBe(true);
+  });
+
+  it('matches snapshot', () => {
+    const store = getStore();
+
+    const { container } = render(
+      <Provider store={store}>
+        <CaseDistributionApp
+          acdLeversForStore={testLevers}
+          acd_levers={testLevers}
+          acd_history={leverHistory}
+          user_is_an_acd_admin
+        />
+      </Provider>
+    );
+
+    expect(container).toMatchSnapshot();
+  });
 });