CDD-2442 Fix delete secrets pipeline error

UKHSA-Internal · Feb 19, 2025 · 59be983 · 59be983
1 parent 2b4b184
commit 59be983
Showing 1 changed file with 20 additions and 7 deletions.
diff --git a/.github/workflows/pull-request.yml b/.github/workflows/pull-request.yml
@@ -56,7 +56,7 @@ jobs:
           fi
 
   unit_test_functions:
-    needs: ["build_base"]
+    needs: [ "build_base" ]
     strategy:
       matrix:
         function: [ lambda-producer-handler, lambda-db-password-rotation, lambda-alarm-notification, legacy-dashboard-redirect-viewer-request, public-api-cloud-front-viewer-request ]
@@ -77,7 +77,7 @@ jobs:
   unit_test_report:
     name: Unit test coverage report
     runs-on: ubuntu-latest
-    needs: ["unit_test_functions"]
+    needs: [ "unit_test_functions" ]
     permissions:
       contents: read
       id-token: write
@@ -109,7 +109,7 @@ jobs:
   terraform_plan:
     name: Terraform plan
     runs-on: ubuntu-latest
-    needs: ["build_base", "unit_test_functions"]
+    needs: [ "build_base", "unit_test_functions" ]
     env:
       TARGET_ENV: ${{ needs.build_base.outputs.target_env }}
     steps:
@@ -137,7 +137,7 @@ jobs:
   terraform_apply:
     name: Terraform apply
     runs-on: ubuntu-latest
-    needs: ["build_base", "terraform_plan"]
+    needs: [ "build_base", "terraform_plan" ]
     env:
       TARGET_ENV: ${{ needs.build_base.outputs.target_env }}
     steps:
@@ -165,7 +165,7 @@ jobs:
   push_docker_images:
     name: Push docker images
     runs-on: ubuntu-latest
-    needs: ["terraform_apply"]
+    needs: [ "terraform_apply" ]
     steps:
       - uses: actions/checkout@v4
 
@@ -187,7 +187,7 @@ jobs:
   restart_services:
     name: Restart services
     runs-on: ubuntu-latest
-    needs: ["push_docker_images"]
+    needs: [ "push_docker_images" ]
     steps:
       - uses: actions/checkout@v4
 
@@ -273,6 +273,11 @@ jobs:
       - uses: ./.github/actions/setup-zsh
       - uses: ./.github/actions/short-sha
 
+      - name: Debug AWS Role Selection
+        run: |
+          echo "TARGET_ENV is set to: $TARGET_ENV"
+          echo "Selected AWS_ROLE: $AWS_ROLE"
+
       - name: Set AWS Role for Target Environment
         env:
           TARGET_ENV: ${{ needs.build_base.outputs.target_env || 'test' }}
@@ -288,7 +293,15 @@ jobs:
             echo "AWS_ROLE=$AWS_ROLE_TEST" >> $GITHUB_ENV
           fi
 
+      - name: Ensure uhd.sh is Executable
+        run: chmod +x uhd.sh
+
       - name: Delete secrets
         run: |
-          uhd secrets delete-all-secrets ci-$SHORT_SHA
+          if [[ ! -f uhd.sh ]]; then
+            echo "ERROR: uhd.sh not found! Cleanup skipped."
+            exit 1
+          fi
+          source uhd.sh
+          uhd secrets delete-all-secrets ci-$SHORT_SHA || echo "Warning: Secret deletion failed!"
         shell: zsh {0}