Merge branch 'master' into 21a-api-integration

.devcontainer/devcontainer.json

@@ -24,7 +24,7 @@
 
   "features": {
     "ghcr.io/devcontainers-contrib/features/ruby-asdf:0": {
-      "version": "3.3.3"
+      "version": "3.3.6"
     },
     "ghcr.io/robbert229/devcontainer-features/postgresql-client:1": {
       "version": "15"

.github/workflows/audit_service_tags.yml

@@ -21,14 +21,6 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - name: Remove Review label
-        if:  github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review')
-        uses: actions-ecosystem/action-remove-labels@v1
-        with:
-          number: ${{ github.event.pull_request.number }}
-          labels: |
-            ready-for-backend-review
-
       - uses: docker/login-action@v3
         with:
           username: ${{ secrets.DOCKERHUB_USER }}

.github/workflows/backend-pr-labeler.yml

@@ -5,7 +5,7 @@ on:
   pull_request_review:
     types: [submitted]
   workflow_run:
-    workflows: 
+    workflows:
       - "Code Checks"
     types: [completed]
 jobs:
@@ -34,14 +34,14 @@ jobs:
             elif ${{ toJSON(github.event.workflow_run.pull_requests) != '[]' }}; then
               PR_NUMBER="${{ github.event.workflow_run.pull_requests[0].number }}"
               echo "pr_number=${PR_NUMBER}" >> $GITHUB_OUTPUT
-            
+
               # Fetch PR details from GitHub API
               PR_INFO=$(gh api /repos/${{ github.repository }}/pulls/${PR_NUMBER} --jq '{
                 draft: .draft,
                 labels: [.labels[].name],
                 requested_teams: [.requested_teams[].slug]
               }')
-              
+
               # Extract and store individual fields
               echo "pr_draft=$(echo "$PR_INFO" | jq -r '.draft')" >> $GITHUB_OUTPUT
               echo "pr_labels=$(echo "$PR_INFO" | jq -c '.labels')" >> $GITHUB_OUTPUT
@@ -104,6 +104,7 @@ jobs:
         id: audit_pr_labels
         run: |
           if \
+            ${{ contains(env.pr_labels, 'audit-service-failure') }} || \
             ${{ contains(env.pr_labels, 'code-health-failure') }} || \
             ${{ contains(env.pr_labels, 'codeowners-addition-failure') }} || \
             ${{ contains(env.pr_labels, 'codeowners-delete-failure') }} || \

.github/workflows/check_codeowners.yml

@@ -20,14 +20,6 @@ jobs:
       with:
         fetch-depth: 2
 
-    - name: Remove Review label
-      if:  github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review')
-      uses: actions-ecosystem/action-remove-labels@v1
-      with:
-        number: ${{ github.event.pull_request.number }}
-        labels: |
-          ready-for-backend-review
-
     - name: Configure AWS Credentials
       uses: aws-actions/configure-aws-credentials@v4.0.2
       with:
@@ -80,14 +72,6 @@ jobs:
       with:
         fetch-depth: 2
 
-    - name: Remove Review label
-      if:  github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review')
-      uses: actions-ecosystem/action-remove-labels@v1
-      with:
-        number: ${{ github.event.pull_request.number }}
-        labels: |
-          ready-for-backend-review
-
     - name: Configure AWS Credentials
       uses: aws-actions/configure-aws-credentials@v4.0.2
       with:

.github/workflows/code_checks.yml

@@ -17,18 +17,10 @@ jobs:
     steps:
       - uses: actions/checkout@v4
 
-      - uses: ruby/setup-ruby@1d0e911f615a112e322369596f10ee0b95b010ae # v1.183.0
+      - uses: ruby/setup-ruby@v1
         with:
           bundler-cache: true
 
-      - name: Remove Review label
-        if:  github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review')
-        uses: actions-ecosystem/action-remove-labels@v1
-        with:
-          number: ${{ github.event.pull_request.number }}
-          labels: |
-            ready-for-backend-review
-
       - name: Run bundle-audit (checks gems for CVE issues)
         run: bundle exec bundle-audit check --update --ignore CVE-2024-27456
 
@@ -43,16 +35,14 @@ jobs:
         uses: actions-ecosystem/action-add-labels@v1
         with:
           number: ${{ github.event.pull_request.number }}
-          labels: |
-            lint-failure
+          labels: lint-failure
 
       - name: Remove Lint Failure label
         if: success() && github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'lint-failure')
         uses: actions-ecosystem/action-remove-labels@v1
         with:
           number: ${{ github.event.pull_request.number }}
-          labels: |
-            lint-failure
+          labels: lint-failure
   tests:
     name: Test
     env:
@@ -64,6 +54,8 @@ jobs:
       COMPOSE_DOCKER_CLI_BUILD: 1
     permissions: write-all
     runs-on: ubuntu-32-cores-latest
+    outputs:
+      status: ${{ steps.test-status.outputs.status }}
     steps:
       - uses: actions/checkout@v4
 
@@ -92,22 +84,6 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      - name: Remove Review label
-        if:  github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'ready-for-backend-review')
-        uses: actions-ecosystem/action-remove-labels@v1
-        with:
-          number: ${{ github.event.pull_request.number }}
-          labels: |
-            ready-for-backend-review
-
-      - name: Remove Test Passing label
-        if: github.event_name == 'pull_request' && contains(github.event.pull_request.labels.*.name, 'test-passing')
-        uses: actions-ecosystem/action-remove-labels@v1
-        with:
-          number: ${{ github.event.pull_request.number }}
-          labels: |
-            test-passing
-
       - name: Build Docker Image
         uses: docker/build-push-action@v6
         env:
@@ -126,19 +102,29 @@ jobs:
       - name: Setup Database
         uses: nick-fields/retry@7152eba30c6575329ac0576536151aca5a72780e # v3.0.0
         with:
-          timeout_minutes: 20
+          timeout_minutes: 10
           retry_wait_seconds: 3 # Seconds
           max_attempts: 3
           command: |
             docker compose -f docker-compose.test.yml run web bash \
               -c "CI=true RAILS_ENV=test DISABLE_BOOTSNAP=true bundle exec parallel_test -n 24  -e 'bin/rails db:reset'"
 
       - name: Run Specs
-        timeout-minutes: 20
+        timeout-minutes: 15
         run: |
           docker compose -f docker-compose.test.yml run web bash \
           -c "CI=true DISABLE_BOOTSNAP=true bundle exec parallel_rspec spec/ modules/ -n 24 -o '--color --tty'"
 
+      - name: Set Test Status
+        id: test-status
+        if: always()
+        run: |
+          if [ "${{ job.status }}" = "success" ]; then
+            echo "status=success" >> $GITHUB_OUTPUT
+          else
+            echo "status=failure" >> $GITHUB_OUTPUT
+          fi
+
       - name: Upload Coverage Report
         uses: actions/upload-artifact@v4
         if: always()
@@ -155,74 +141,45 @@ jobs:
           path: log/*.xml
           if-no-files-found: ignore
 
-      - name: Add Test Failure label
-        if: failure() && github.event_name == 'pull_request'
-        uses: actions-ecosystem/action-add-labels@v1
-        with:
-          number: ${{ github.event.pull_request.number }}
-          labels: |
-            test-failure
-
+  update_labels:
+    name: Update Test Status Labels
+    needs: tests
+    if: always() && github.event_name == 'pull_request'
+    runs-on: ubuntu-latest
+    permissions: write-all
+    steps:
       - name: Remove Test Failure label
-        if: success() && github.event_name == 'pull_request'
+        if: needs.tests.outputs.status == 'success' && contains(github.event.pull_request.labels.*.name, 'test-failure')
         uses: actions-ecosystem/action-remove-labels@v1
         with:
           number: ${{ github.event.pull_request.number }}
-          labels: |
-            test-failure
+          labels: test-failure
 
-      - name: Add Test Passing label
-        if: success() && github.event_name == 'pull_request'
-        uses: actions-ecosystem/action-add-labels@v1
-        with:
-          number: ${{ github.event.pull_request.number }}
-          labels: |
-            test-passing
-
-      - name: Add omit-backend-approval label
-        if: |
-          github.event_name == 'pull_request' && github.event.pull_request.draft == false &&
-          (
-            contains(toJSON(github.event.pull_request.requested_teams.*.name), 'mobile') ||
-            contains(toJSON(github.event.pull_request.requested_teams.*.name), 'lighthouse') ||
-            contains(toJSON(github.event.pull_request.requested_teams.*.name), 'identity')
-          )
+      - name: Add Test Failure label
+        if: needs.tests.outputs.status == 'failure'
         uses: actions-ecosystem/action-add-labels@v1
         with:
           number: ${{ github.event.pull_request.number }}
-          labels: |
-            omit-backend-approval
+          labels: test-failure
 
-      - name: Add require-backend-approval label
-        uses: actions-ecosystem/action-add-labels@v1
-        if: |
-            github.event_name == 'pull_request' && github.event.pull_request.draft == false &&
-            !contains(toJSON(github.event.pull_request.requested_teams.*.name), 'mobile') &&
-            !contains(toJSON(github.event.pull_request.requested_teams.*.name), 'lighthouse') &&
-            !contains(toJSON(github.event.pull_request.requested_teams.*.name), 'identity')
+      - name: Remove Test Passing label
+        if: needs.tests.outputs.status == 'failure' && contains(github.event.pull_request.labels.*.name, 'test-passing')
+        uses: actions-ecosystem/action-remove-labels@v1
         with:
           number: ${{ github.event.pull_request.number }}
-          labels: |
-            require-backend-approval
+          labels: test-passing
 
-      - name: Add Review label
+      - name: Add Test Passing label
+        if: needs.tests.outputs.status == 'success'
         uses: actions-ecosystem/action-add-labels@v1
-        if: |
-          github.event_name == 'pull_request' && success() && github.event.pull_request.draft == false &&
-          !contains(github.event.pull_request.labels.*.name, 'code-health-failure') &&
-          !contains(github.event.pull_request.labels.*.name, 'codeowners-addition-failure') &&
-          !contains(github.event.pull_request.labels.*.name, 'codeowners-delete-failure') &&
-          !contains(github.event.pull_request.labels.*.name, 'lint-failure') &&
-          !contains(github.event.pull_request.labels.*.name, 'test-failure')
         with:
           number: ${{ github.event.pull_request.number }}
-          labels: |
-            ready-for-backend-review
+          labels: test-passing
 
   publish_results:
     name: Publish Test Results and Coverage
     if: always()
-    needs: [tests]
+    needs: tests
     permissions: write-all
     runs-on: ubuntu-16-cores-latest
 

.github/workflows/income-limits-data-sync.yml

@@ -15,7 +15,7 @@ jobs:
   income_limits_data_sync:
     runs-on: self-hosted
     container:
-      image: public.ecr.aws/docker/library/ruby:3.3.3-bullseye
+      image: public.ecr.aws/docker/library/ruby:3.3.6-bullseye
       env:
         SSL_CERT_FILE: /etc/ssl/certs/ca-certificates.crt
         NODE_EXTRA_CA_CERTS: /etc/ssl/certs/ca-certificates.crt