From 854d82e92ef5ba4b28a857b28c3e1def41798c12 Mon Sep 17 00:00:00 2001
From: vipin-dfe <vipin.chadha@education.gov.uk>
Date: Wed, 27 Aug 2025 13:42:29 +0100
Subject: [PATCH] Add recover db workflow

---
 .../workflows/postgres-recover-deleted-db.yml | 69 +++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 .github/workflows/postgres-recover-deleted-db.yml

diff --git a/.github/workflows/postgres-recover-deleted-db.yml b/.github/workflows/postgres-recover-deleted-db.yml
new file mode 100644
index 000000000..f81a27c46
--- /dev/null
+++ b/.github/workflows/postgres-recover-deleted-db.yml
@@ -0,0 +1,69 @@
+name: Recover deleted postgres database server
+
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: Environment to restore
+        required: true
+        default: test
+        type: choice
+        options:
+          - test
+          - preprod
+          - production
+      confirm-production:
+        description: Must be set to true if restoring production
+        required: true
+        default: "false"
+        type: choice
+        options:
+          - "false"
+          - "true"
+      restore-time:
+        description: Restore point in time in UTC. e.g. 2024-07-24T06:00:00. This is required and should be at least 10 minutes after the server was deleted.
+        type: string
+        required: true
+      deleted-server:
+        description: This should be the name of the deleted postgres server. ex. s189t01-afqts-ts-pg
+        required: true
+        type: string
+
+env:
+  SERVICE_SHORT: afqts
+  TF_VARS_PATH: terraform/application/config
+
+permissions:
+  id-token: write
+
+jobs:
+  recover-deleted-postgres:
+    name: Recover Deleted Postgres
+    if: ${{ inputs.environment != 'production' || (inputs.environment == 'production' && github.event.inputs.confirm-production == 'true' )  }}
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    concurrency: deploy_${{ inputs.environment }}
+
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: Set environment variables
+        run: |
+          source global_config/${{ inputs.environment }}.sh
+          tf_vars_file=${TF_VARS_PATH}/${{ inputs.environment }}/variables.tfvars.json
+          echo "CLUSTER=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
+          echo "RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg" >> $GITHUB_ENV
+
+          DELETED_DB_SERVER="${{ inputs.deleted-server }}"
+          echo "DELETED_DB_SERVER=${DELETED_DB_SERVER}" >> $GITHUB_ENV
+
+      - name: Recover deleted postgres for ${{ inputs.environment }} environment
+        uses: DFE-Digital/github-actions/restore-deleted-postgres@master
+        with:
+          resource-group: ${{ env.RESOURCE_GROUP_NAME }}
+          deleted-server: ${{ env.DELETED_DB_SERVER }}
+          restore-time: ${{ inputs.restore-time }}
+          cluster: ${{ env.CLUSTER }}
+          azure-client-id: ${{ secrets.AZURE_CLIENT_ID }}
+          azure-tenant-id: ${{ secrets.AZURE_TENANT_ID }}
+          azure-subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}