Merge branch 'master' into API-replace-bgs-ext-flash-updater

.github/workflows/backend-pr-labeler.yml

@@ -9,7 +9,7 @@ on:
       - "Code Checks"
     types: [completed]
 jobs:
-  check-pr-status:
+  get-pr-data:
     runs-on: ubuntu-latest
     env:
       GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -18,45 +18,46 @@ jobs:
       pr_draft: ${{ steps.get_pr_data.outputs.pr_draft }}
       pr_labels: ${{ steps.get_pr_data.outputs.pr_labels }}
       pr_requested_teams: ${{ steps.get_pr_data.outputs.pr_requested_teams }}
-      test_status: ${{ steps.get_code_checks_conclusion.outputs.test_status }}
-      exempt: ${{ steps.check_exemption.outputs.exempt }}
-      failures_detected: ${{ steps.audit_pr_labels.outputs.failures_detected }}
     steps:
       - name: Get pull_request data
         id: get_pr_data
         run: |
-          if ${{ github.event_name == 'pull_request'}}; then
+          if ${{ github.event_name == 'pull_request' || github.event_name == 'pull_request_review'}}; then
             echo "pr_number=${{ github.event.pull_request.number }}" >> $GITHUB_OUTPUT
             echo "pr_draft=${{ github.event.pull_request.draft }}" >> $GITHUB_OUTPUT
             echo "pr_labels=$(echo '${{ toJSON(github.event.pull_request.labels.*.name) }}' | jq -c '.')" >> $GITHUB_OUTPUT
             echo "pr_requested_teams=$(echo '${{ toJSON(github.event.pull_request.requested_teams.*.name) }}' | jq -c '.')" >> $GITHUB_OUTPUT
-          elif ${{ github.event_name == 'pull_request_review' }}; then
-            echo "pr_number=${{ github.event.pull_request_review.pull_request.number }}" >> $GITHUB_OUTPUT
-            echo "pr_draft=${{ github.event.pull_request_review.pull_request.draft }}" >> $GITHUB_OUTPUT
-            echo "pr_labels=$(echo '${{ toJSON(github.event.pull_request_review.pull_request.labels.*.name) }}' | jq -c '.')" >> $GITHUB_OUTPUT
-            echo "pr_requested_teams=$(echo '${{ toJSON(github.event.pull_request_review.pull_request.requested_teams.*.name) }}' | jq -c '.')" >> $GITHUB_OUTPUT
-          elif ${{ github.event_name == 'workflow_run' }} && ${{ toJSON(github.event.workflow_run.pull_requests) != '[]' }}; then
-            PR_NUMBER="${{ github.event.workflow_run.pull_requests[0].number }}"
-            echo "pr_number=${PR_NUMBER}" >> $GITHUB_OUTPUT
-            
-            # Fetch PR details from GitHub API
-            PR_INFO=$(gh api /repos/${{ github.repository }}/pulls/${PR_NUMBER} --jq '{
-              draft: .draft,
-              labels: [.labels[].name],
-              requested_teams: [.requested_teams[].slug]
-            }')
+          elif ${{ github.event_name == 'workflow_run' }}; then
+            if ${{ github.event.workflow_run.event == 'push' }}; then
+              echo "Workflow was triggered by push to ${{ github.event.workflow_run.head_branch }}. Labeling not required."
+              exit 0
+            elif ${{ toJSON(github.event.workflow_run.pull_requests) != '[]' }}; then
+              PR_NUMBER="${{ github.event.workflow_run.pull_requests[0].number }}"
+              echo "pr_number=${PR_NUMBER}" >> $GITHUB_OUTPUT
             
-            # Extract and store individual fields
-            echo "pr_draft=$(echo "$PR_INFO" | jq -r '.draft')" >> $GITHUB_OUTPUT
-            echo "pr_labels=$(echo "$PR_INFO" | jq -c '.labels')" >> $GITHUB_OUTPUT
-            echo "pr_requested_teams=$(echo "$PR_INFO" | jq -c '.requested_teams')" >> $GITHUB_OUTPUT
+              # Fetch PR details from GitHub API
+              PR_INFO=$(gh api /repos/${{ github.repository }}/pulls/${PR_NUMBER} --jq '{
+                draft: .draft,
+                labels: [.labels[].name],
+                requested_teams: [.requested_teams[].slug]
+              }')
+              
+              # Extract and store individual fields
+              echo "pr_draft=$(echo "$PR_INFO" | jq -r '.draft')" >> $GITHUB_OUTPUT
+              echo "pr_labels=$(echo "$PR_INFO" | jq -c '.labels')" >> $GITHUB_OUTPUT
+              echo "pr_requested_teams=$(echo "$PR_INFO" | jq -c '.requested_teams')" >> $GITHUB_OUTPUT
+            else
+              echo "Workflow run has no associated pull requests. Labeling not performed."
+              exit 0
+            fi
           else
             echo "event_name: ${{ github.event_name }}"
             echo "Pull Request not successfully retrieved."
             exit 1
           fi
 
       - name: Echo PR data
+        if: ${{ steps.get_pr_data.outputs.pr_number != '' }}
         run: |
           echo "pr_number: ${{ steps.get_pr_data.outputs.pr_number }}"
           echo "pr_draft: ${{ steps.get_pr_data.outputs.pr_draft }}"
@@ -65,6 +66,23 @@ jobs:
           echo "pr_requested_teams: ${{ steps.get_pr_data.outputs.pr_requested_teams }}"
           echo "pr_requested_teams: ${{ fromJSON(steps.get_pr_data.outputs.pr_requested_teams)[0] }}"
 
+  check-pr-status:
+    runs-on: ubuntu-latest
+    needs: get-pr-data
+    if: ${{ needs.get-pr-data.outputs.pr_number != '' }}
+    env:
+      pr_labels: ${{ needs.get-pr-data.outputs.pr_labels }}
+      pr_requested_teams: ${{ needs.get-pr-data.outputs.pr_requested_teams }}
+    outputs:
+      test_status: ${{ steps.get_code_checks_conclusion.outputs.test_status }}
+      exempt: ${{ steps.check_exemption.outputs.exempt }}
+      failures_detected: ${{ steps.audit_pr_labels.outputs.failures_detected }}
+    steps:
+      - name: Print vars (DELETE ME)
+        run: |
+          echo "pr_labels=${{ needs.get-pr-data.outputs.pr_labels }}"
+          echo "pr_requested_teams=${{ needs.get-pr-data.outputs.pr_requested_teams }}"
+
       - name: Get Code Checks result
         if: github.event_name == 'workflow_run'
         run: |
@@ -74,7 +92,7 @@ jobs:
       - name: Check for exemption
         id: check_exemption
         run: |
-          if ${{ contains(fromJSON(steps.get_pr_data.outputs.pr_requested_teams), 'backend-review-group') }}; then
+          if ${{ contains(fromJSON(env.pr_requested_teams), 'backend-review-group') }}; then
             echo "exempt=false" >> $GITHUB_OUTPUT
             echo "PR requires backend approval."
           else
@@ -84,18 +102,105 @@ jobs:
 
       - name: Check for failure labels
         id: audit_pr_labels
-        env:
-          labels: ${{ steps.get_pr_data.outputs.pr_labels }}
         run: |
           if \
-            ${{ contains(env.labels, 'code-health-failure') }} ||\
-            ${{ contains(env.labels, 'codeowners-addition-failure') }} ||\
-            ${{ contains(env.labels, 'codeowners-delete-failure') }} ||\
-            ${{ contains(env.labels, 'lint-failure') }} ||\
-            ${{ contains(env.labels, 'test-failure') }} ; then
+            ${{ contains(env.pr_labels, 'code-health-failure') }} || \
+            ${{ contains(env.pr_labels, 'codeowners-addition-failure') }} || \
+            ${{ contains(env.pr_labels, 'codeowners-delete-failure') }} || \
+            ${{ contains(env.pr_labels, 'lint-failure') }} || \
+            ${{ contains(env.pr_labels, 'test-failure') }} ; then
             echo "failures_detected=true" >> $GITHUB_OUTPUT
             echo "Failure labels detected."
           else
             echo "failures_detected=false" >> $GITHUB_OUTPUT
             echo "No failure labels detected."
-          fi
+          fi
+
+  check-approvals:
+    runs-on: ubuntu-latest
+    needs: [get-pr-data, check-pr-status]
+    if: ${{ needs.check-pr-status.outputs.exempt == 'false' && needs.check-pr-status.outputs.pr_draft == 'false' }}
+    env:
+      pr_number: ${{ needs.get-pr-data.outputs.pr_number }}
+    outputs:
+      approval_status: ${{ steps.verify_approval.outputs.approval_status }}
+    steps:
+      - name: Print vars (DELETE ME)
+        run: |
+          echo "pr_number=${{ env.pr_number }}"
+
+      - name: Configure AWS Credentials
+        uses: aws-actions/[email protected]
+        with:
+          aws-access-key-id: ${{ secrets.aws_access_key_id }}
+          aws-secret-access-key: ${{ secrets.aws_secret_access_key }}
+          aws-region: "us-gov-west-1"
+
+      - name: Get bot token from Parameter Store
+        uses: marvinpinto/action-inject-ssm-secrets@latest
+        with:
+          ssm_parameter: /devops/VA_VSP_BOT_GITHUB_TOKEN
+          env_variable_name: VA_VSP_BOT_GITHUB_TOKEN
+
+      - name: Get PR Reviews
+        id: get_pr_reviews
+        uses: octokit/[email protected]
+        with:
+          route: GET /repos/${{ github.repository }}/pulls/${{ env.pr_number }}/reviews
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+      - name: Get backend-review-group members
+        id: get_team_members
+        uses: octokit/[email protected]
+        with:
+          route: GET /orgs/department-of-veterans-affairs/teams/backend-review-group/members
+        env:
+          GITHUB_TOKEN: ${{ env.VA_VSP_BOT_GITHUB_TOKEN }}
+
+      # Confirm an approval exists from at least one BE team member
+      - name: Verify backend-review-group approval
+        id: verify_approval
+        run: |
+          BACKEND_REVIEWERS=$(cat <<'EOF' | jq -r '.[].login' | tr '\n' '|' | sed 's/|$//'
+          ${{ steps.get_team_members.outputs.data }}
+          EOF
+          )
+
+          APPROVALS=$(cat <<'EOF' | jq -r '.[] | select(.state == "APPROVED") | .user.login' | grep -iE "$BACKEND_REVIEWERS" | wc -l
+          ${{ steps.get_pr_reviews.outputs.data }}
+          EOF
+          )
+
+          echo "Number of backend-review-group approvals: $APPROVALS"
+          if [ "$APPROVALS" -eq 0 ]; then
+            echo "approval_status=required" >> $GITHUB_OUTPUT
+            echo "Backend-review-group approval required."
+          else
+            echo "approval_status=confirmed" >> $GITHUB_OUTPUT
+            echo "Backend-review-group approval confirmed."
+          fi
+
+  apply-labels:
+    runs-on: ubuntu-latest
+    needs: [get-pr-data, check-pr-status, check-approvals]
+    if: ${{ always() }}
+    env:
+      exempt: ${{ needs.check-pr-status.outputs.exempt }}
+      pr_number: ${{ needs.get-pr-data.outputs.pr_number }}
+      pr_draft: ${{ needs.get-pr-data.outputs.pr_draft }}
+      pr_labels: ${{ needs.get-pr-data.outputs.pr_labels }}
+      test_status: ${{ needs.check-pr-status.outputs.test_status }}
+      failures_detected: ${{ needs.check-pr-status.outputs.failures_detected }}
+      approval_status: ${{ needs.check-approvals.outputs.approval_status }}
+    steps:
+      - name: print vars (DELETE ME)
+        id: print-vars
+        run: |
+          echo ${{ env.exempt }}
+          echo ${{ env.pr_number }}
+          echo ${{ env.pr_draft }}
+          echo ${{ env.pr_labels }}
+          echo ${{ env.test_status }}
+          echo ${{ env.failures_detected }}
+          echo ${{ env.approval_status }}

Gemfile.lock

@@ -245,7 +245,7 @@ GEM
     attr_extras (7.1.0)
     awesome_print (1.9.2)
     aws-eventstream (1.3.0)
-    aws-partitions (1.1001.0)
+    aws-partitions (1.1004.0)
     aws-sdk-core (3.212.0)
       aws-eventstream (~> 1, >= 1.3.0)
       aws-partitions (~> 1, >= 1.992.0)
@@ -254,7 +254,7 @@ GEM
     aws-sdk-kms (1.95.0)
       aws-sdk-core (~> 3, >= 3.210.0)
       aws-sigv4 (~> 1.5)
-    aws-sdk-s3 (1.169.0)
+    aws-sdk-s3 (1.170.1)
       aws-sdk-core (~> 3, >= 3.210.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.5)
@@ -711,7 +711,7 @@ GEM
     octokit (9.2.0)
       faraday (>= 1, < 3)
       sawyer (~> 0.9)
-    oj (3.16.6)
+    oj (3.16.7)
       bigdecimal (>= 3.0)
       ostruct (>= 0.2)
     okcomputer (1.18.5)
@@ -726,7 +726,7 @@ GEM
     operating_hours (0.1.0)
     optimist (3.1.0)
     os (1.1.4)
-    ostruct (0.6.0)
+    ostruct (0.6.1)
     ox (2.14.18)
     parallel (1.26.3)
     parallel_tests (4.7.2)

app/models/saved_claim/burial.rb

@@ -84,5 +84,6 @@ def benefits_claimed
     claimed << 'Burial Allowance' if parsed_form['burialAllowance']
     claimed << 'Plot Allowance' if parsed_form['plotAllowance']
     claimed << 'Transportation' if parsed_form['transportation']
+    claimed
   end
 end

app/services/sign_in/session_spawner.rb

@@ -76,7 +76,7 @@ def create_new_access_token
         refresh_token_hash:,
         parent_refresh_token_hash:,
         anti_csrf_token:,
-        last_regeneration_time: refresh_creation,
+        last_regeneration_time:,
         user_attributes: JSON.parse(user_attributes)
       )
     end
@@ -106,7 +106,11 @@ def create_new_session
     end
 
     def refresh_expiration_time
-      @refresh_expiration_time ||= refresh_creation + client_config.refresh_token_duration
+      @refresh_expiration_time ||= last_regeneration_time + client_config.refresh_token_duration
+    end
+
+    def last_regeneration_time
+      @last_regeneration_time ||= Time.zone.now
     end
 
     def get_hash(object)

config/features.yml

@@ -492,6 +492,10 @@ features:
     actor_type: user
     description: enables new version of add disabilities page, with updates to content and search functionality
     enable_in_development: true
+  disability_526_expanded_contention_classification:
+    actor_type: user
+    description: Enables the expanded contention classification service maintained by the Conditions Team.
+    enable_in_development: true
   disability_compensation_flashes:
     actor_type: user
     description: enables sending flashes to BGS for disability_compensation submissions.
@@ -713,7 +717,7 @@ features:
   form40_10007_confirmation_email:
     actor_type: user
     description: Enables form 40-10007 email submission error (VaNotify)
-    enable_in_development: true  
+    enable_in_development: true
   form1990meb_confirmation_email:
     actor_type: user
     description: Enables form 1990 MEB email submission confirmation (VaNotify)
@@ -1672,6 +1676,10 @@ features:
     actor_type: user
     description: Show updated confirmation page with form data & downloadable PDF
     enable_in_development: true
+  hlr_confirmation_update:
+    actor_type: user
+    description: Show updated confirmation page with form data & downloadable PDF
+    enable_in_development: true
   hlr_updateed_contnet:
     actor_type: user
     description: HLR show form content updates

lib/claim_letters/claim_letter_downloader.rb

@@ -6,6 +6,20 @@ module ClaimStatusTool
   class ClaimLetterDownloader
     FILENAME = 'ClaimLetter'
     DEFAULT_ALLOWED_DOCTYPES = %w[184].freeze
+    DOCTYPE_TO_TYPE_DESCRIPTION = {
+      '27' => 'Board decision',
+      '34' => 'Request for specific evidence or information',
+      '184' => 'Claim decision (or other notification, like Intent to File)',
+      '408' => 'Notification: Exam with VHA has been scheduled',
+      '700' => 'Request for specific evidence or information',
+      '704' => 'List of evidence we may need ("5103 notice")',
+      '706' => 'List of evidence we may need ("5103 notice")',
+      '858' => 'List of evidence we may need ("5103 notice")',
+      '859' => 'Request for specific evidence or information',
+      '864' => 'Copy of request for medical records sent to a non-VA provider',
+      '942' => 'Final notification: Request for specific evidence or information',
+      '1605' => 'Copy of request for non-medical records sent to a non-VA organization'
+    }.freeze
 
     def initialize(user, allowed_doctypes = DEFAULT_ALLOWED_DOCTYPES)
       @user = user
@@ -79,6 +93,8 @@ def format_letter_data(docs)
       # using marshal_dump here because each document is an OpenStruct
       letters = docs.map { |d| filter_letters(d.marshal_dump) }.compact
       letters = letters.select { |d| filter_boa_letters(d) }
+      # Issue 96224, consolidating letters' display names upstream
+      letters.each { |d| d[:type_description] = DOCTYPE_TO_TYPE_DESCRIPTION[d[:doc_type]] }
       # TODO: (rare) Handle nil received_at
       letters.sort_by { |d| d[:received_at] }.reverse
     end

lib/lighthouse/benefits_claims/service.rb

@@ -266,7 +266,10 @@ def override_pmr_pending(claim)
       tracked_items = claim['attributes']['trackedItems']
       return unless tracked_items
 
-      tracked_items.select { |i| i['displayName'] == 'PMR Pending' }.each { |i| i['status'] = 'NEEDED_FROM_OTHERS' }
+      tracked_items.select { |i| i['displayName'] == 'PMR Pending' }.each do |i|
+        i['status'] = 'NEEDED_FROM_OTHERS'
+        i['displayName'] = 'Private Medical Record'
+      end
       tracked_items
     end