Database #610
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Database | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| environment: | |
| description: Environment to backup | |
| required: true | |
| default: test | |
| type: choice | |
| options: | |
| - test | |
| - preprod | |
| - production | |
| backup-file: | |
| description: | | |
| Backup file name (without extension). Default is afqts_[env]_adhoc_YYYY-MM-DD. Set it explicitly when backing up a point-in-time (PTR) server. (Optional) | |
| required: false | |
| type: string | |
| default: default | |
| db-server: | |
| description: | | |
| Name of the database server. Default is the live server. When backing up a point-in-time (PTR) server, use the full name of the PTR server. (Optional) | |
| schedule: | |
| - cron: "0 4 * * *" # 04:00 UTC | |
| env: | |
| SERVICE_NAME: apply-for-qts | |
| SERVICE_SHORT: afqts | |
| TF_VARS_PATH: terraform/application/config | |
| jobs: | |
| restore-preproduction: | |
| name: Restore preproduction | |
| runs-on: ubuntu-latest | |
| environment: production | |
| env: | |
| GLOBAL_CONFIG: preprod | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Set environment variables | |
| run: | | |
| source global_config/${GLOBAL_CONFIG}.sh | |
| tf_vars_file=${TF_VARS_PATH}/${CONFIG}/variables.tfvars.json | |
| APP_ENVIRONMENT=$(jq -r '.app_environment' ${tf_vars_file}) | |
| echo "APP_NAME=${SERVICE_NAME}-${APP_ENVIRONMENT}-web" >> $GITHUB_ENV | |
| echo "SANITISED_FILE_NAME=afqts_sanitised_$(date +"%F").sql.gz" >> $GITHUB_ENV | |
| echo "CLUSTER_RG=s189t01-tsc-ts-rg" >> $GITHUB_ENV | |
| echo "CLUSTER_NAME=s189t01-tsc-test-aks" >> $GITHUB_ENV | |
| echo "RESOURCE_GROUP_NAME=s189p01-afqts-pd-rg" >> $GITHUB_ENV | |
| echo "STORAGE_ACCOUNT_NAME=s189p01afqtsdbbkppdsa" >> $GITHUB_ENV | |
| # Download backup from production storage account | |
| - uses: azure/login@v2 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS }} | |
| - name: Set Connection String | |
| run: | | |
| STORAGE_CONN_STR=$(az storage account show-connection-string -g ${RESOURCE_GROUP_NAME} -n ${STORAGE_ACCOUNT_NAME} --query 'connectionString') | |
| echo "::add-mask::$STORAGE_CONN_STR" | |
| echo "AZURE_STORAGE_CONNECTION_STRING=$STORAGE_CONN_STR" >> $GITHUB_ENV | |
| - name: Download Backup from Azure Storage | |
| run: | | |
| az config set extension.use_dynamic_install=yes_without_prompt | |
| az config set core.only_show_errors=true | |
| az storage azcopy blob download --container database-backup \ | |
| --source ${{ env.SANITISED_FILE_NAME }} --destination ${{ env.SANITISED_FILE_NAME }} | |
| # Restore backup to preproduction database | |
| - uses: azure/login@v2 | |
| with: | |
| creds: ${{ secrets.AZURE_CREDENTIALS_PREPRODUCTION }} | |
| - name: Setup postgres client | |
| uses: DFE-Digital/github-actions/install-postgres-client@master | |
| with: | |
| version: 14 | |
| - name: Install kubectl | |
| uses: DFE-Digital/github-actions/set-kubectl@master | |
| - uses: DFE-Digital/github-actions/set-kubelogin-environment@master | |
| with: | |
| azure-credentials: ${{ secrets.AZURE_CREDENTIALS_PREPRODUCTION }} | |
| - name: K8 setup | |
| run: | | |
| az aks get-credentials --overwrite-existing -g ${CLUSTER_RG} -n ${CLUSTER_NAME} | |
| kubelogin convert-kubeconfig -l spn | |
| # install konduit | |
| curl -s https://raw.githubusercontent.com/DFE-Digital/teacher-services-cloud/master/scripts/konduit.sh -o ./konduit.sh | |
| chmod +x ./konduit.sh | |
| - name: Restore backup to aks env database | |
| run: | | |
| ./konduit.sh -i ${SANITISED_FILE_NAME} -c -t 7200 -x ${APP_NAME} -- psql | |
| - name: Restore Summary | |
| if: success() | |
| run: | | |
| NOW=$(TZ=Europe/London date +"%F %R") | |
| echo "RESTORE SUCCESSFUL!" >> $GITHUB_STEP_SUMMARY | |
| echo "APP: ${APP_NAME}" >> $GITHUB_STEP_SUMMARY | |
| echo "BACKUP FILE RESTORED: ${STORAGE_ACCOUNT_NAME} / database-backup / ${SANITISED_FILE_NAME}" >> $GITHUB_STEP_SUMMARY | |
| echo "AT: ${NOW}" >> $GITHUB_STEP_SUMMARY |