update db workflows to match new templates

DFE-Digital · Oct 15, 2024 · 1f9eb94 · 1f9eb94
1 parent 90c0b5e
commit 1f9eb94
Show file tree

Hide file tree

Showing 3 changed files with 179 additions and 33 deletions.
diff --git a/.github/workflows/database_backup.yml b/.github/workflows/database_backup.yml
@@ -3,22 +3,74 @@ concurrency: build_and_deploy_main
 
 on:
   workflow_dispatch:
+    inputs:
+      environment:
+        description: Environment to backup
+        required: true
+        default: test
+        type: choice
+        options:
+        - 'test'
+        - 'production'
+      backup-file:
+        description: |
+          Backup file name (without extension). Default is capt_[env]_adhoc_YYYY-MM-DD. Set it explicitly when backing up a point-in-time (PTR) server. (Optional)
+        required: false
+        type: string
+        default: default
+      db-server:
+        description: |
+          Name of the database server. Default is the live server. When backing up a point-in-time (PTR) server, use the full name of the PTR server. (Optional)
+
   schedule: # 03:00 UTC
     - cron: "0 3 * * *"
 
+env:
+  SERVICE_NAME: claim-additional-payments-for-teaching
+  SERVICE_SHORT: capt
+  TF_VARS_PATH: terraform/application/config
+
 jobs:
   backup:
-    name: Backup AKS Database (production)
+    name: Backup AKS Database
     runs-on: ubuntu-latest
-    environment: production-aks
+    environment:
+      name: ${{ inputs.environment || 'production' }}
+    env:
+      DEPLOY_ENV: ${{ inputs.environment || 'production'  }}
+      BACKUP_FILE: ${{ inputs.backup-file || 'schedule'  }}
 
     steps:
-      - name: Backup postgres
-        uses: DFE-Digital/github-actions/backup-postgres@master
-        with:
-          storage-account: s189p01captdbbkppdsa
-          resource-group: s189p01-capt-pd-rg
-          app-name: claim-additional-payments-for-teaching-production-web
-          cluster: production
-          azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
-          backup-file: capt_prod_$(date +"%F").sql
+    - uses: actions/checkout@v4
+      name: Checkout
+
+    - name: Set environment variables
+      run: |
+        source global_config/${{ env.DEPLOY_ENV }}.sh
+        tf_vars_file=${{ env.TF_VARS_PATH }}/${{ env.DEPLOY_ENV }}.tfvars.json
+        echo "CLUSTER=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
+        echo "RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg" >> $GITHUB_ENV
+        echo "STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_SHORT}dbbkp${CONFIG_SHORT}sa" >> $GITHUB_ENV
+        TODAY=$(date +"%F")
+        echo "DB_SERVER=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-pg" >> $GITHUB_ENV
+        if [ "${{ env.BACKUP_FILE }}" == "schedule" ]; then
+          BACKUP_FILE=${SERVICE_SHORT}_${CONFIG_SHORT}_${TODAY}
+        elif [ "${{ env.BACKUP_FILE }}" == "default" ]; then
+          BACKUP_FILE=${SERVICE_SHORT}_${CONFIG_SHORT}_adhoc_${TODAY}
+        else
+          BACKUP_FILE=${BACKUP_FILE}
+        fi
+        echo "BACKUP_FILE=$BACKUP_FILE" >> $GITHUB_ENV
+        echo "KEYVAULT_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-inf-kv" >> $GITHUB_ENV
+
+    - name: Backup ${{ env.DEPLOY_ENV }} postgres
+      uses: DFE-Digital/github-actions/backup-postgres@2082-template-github-action-workflows
+      with:
+        storage-account: ${{ env.STORAGE_ACCOUNT_NAME }}
+        resource-group: ${{ env.RESOURCE_GROUP_NAME }}
+        app-name: ${{ env.SERVICE_NAME }}-${{ env.DEPLOY_ENV }}-web
+        cluster: ${{ env.CLUSTER }}
+        azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
+        backup-file: ${{ env.BACKUP_FILE }}.sql
+        db-server-name: ${{ inputs.db-server }}
+        slack-webhook: ${{ secrets.SLACK_WEBHOOK_URL }}
diff --git a/.github/workflows/database_restore.yml b/.github/workflows/database_restore.yml
@@ -4,8 +4,16 @@ concurrency: build_and_deploy_main
 on:
   workflow_dispatch:
     inputs:
-      confirm:
-        description: Set to true to restore nightly backup to production
+      environment:
+        description: Environment to restore
+        required: true
+        default: test
+        type: choice
+        options:
+        - 'test'
+#        - 'production'
+      confirm-production:
+        description: Must be set to true if restoring production
         required: true
         default: 'false'
         type: choice
@@ -15,30 +23,48 @@ on:
       backup-file:
         description: Name of the backup file in Azure storage. e.g. capt_prod_2024-07-15.sql.gz. The default value is today's backup.
         type: string
+        required: false
+
+env:
+  SERVICE_NAME: claim-additional-payments-for-teaching
+  SERVICE_SHORT: capt
+  TF_VARS_PATH: terraform/application/config
 
 jobs:
   restore:
-    name: Restore AKS Database (production)
-    if: inputs.confirm == 'true'
+    name: Restore AKS Database
+    if: ${{ inputs.environment != 'production' || (inputs.environment == 'production' && github.event.inputs.confirm-production == 'true' )  }}
     runs-on: ubuntu-latest
-    environment: production-aks
+    environment: ${{ inputs.environment }}
 
     steps:
-      - name: Set backup file
-        run: |
-          if [ "${{ inputs.backup-file }}" != "" ]; then
-            BACKUP_FILE=${{ inputs.backup-file }}
-          else
-            BACKUP_FILE=capt_prod_$(date +"%F").sql.gz
-          fi
-          echo "BACKUP_FILE=$BACKUP_FILE" >> $GITHUB_ENV
+    - uses: actions/checkout@v4
+      name: Checkout
+
+    - name: Set environment variables
+      run: |
+        source global_config/${{ inputs.environment }}.sh
+        tf_vars_file=${{ env.TF_VARS_PATH }}/${{ inputs.environment }}.tfvars.json
+        echo "CLUSTER=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
+        echo "RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg" >> $GITHUB_ENV
+        echo "STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_SHORT}dbbkp${CONFIG_SHORT}sa" >> $GITHUB_ENV
+        echo "DB_SERVER=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-pg" >> $GITHUB_ENV
+        TODAY=$(date +"%F")
+        echo "BACKUP_FILE=${SERVICE_SHORT}_${CONFIG_SHORT}_${TODAY}.sql" >> $GITHUB_ENV
+        if [ "${{ inputs.backup-file }}" != "" ]; then
+          BACKUP_FILE=${{ inputs.backup-file }}
+        else
+          BACKUP_FILE=${SERVICE_SHORT}_${CONFIG_SHORT}_${TODAY}.sql.gz
+        fi
+        echo "BACKUP_FILE=$BACKUP_FILE" >> $GITHUB_ENV
 
-      - name: Restore postgres
-        uses: DFE-Digital/github-actions/restore-postgres-backup@master
-        with:
-          storage-account: s189p01captdbbkppdsa
-          resource-group: s189p01-capt-pd-rg
-          app-name: claim-additional-payments-for-teaching-production-web
-          cluster: production
-          azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
-          backup-file: ${{ env.BACKUP_FILE }}
+    - name: Restore ${{ inputs.environment }} postgres
+      uses: DFE-Digital/github-actions/restore-postgres-backup@2082-template-github-action-workflows
+      with:
+        storage-account: ${{ env.STORAGE_ACCOUNT_NAME }}
+        resource-group: ${{ env.RESOURCE_GROUP_NAME }}
+        app-name: ${{ env.SERVICE_NAME }}-${{ inputs.environment }}-web
+        cluster: ${{ env.CLUSTER }}
+        azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
+        backup-file: ${{ env.BACKUP_FILE }}
+        db-server-name: ${{ env.DB_SERVER }}
diff --git a/.github/workflows/postgres-ptr.yml b/.github/workflows/postgres-ptr.yml
@@ -0,0 +1,68 @@
+name: Restore database from point in time to new database server
+
+on:
+  workflow_dispatch:
+    inputs:
+      environment:
+        description: Environment to restore
+        required: true
+        default: test
+        type: choice
+        options:
+        - 'test'
+        - 'production'
+      confirm-production:
+        description: Must be set to true if restoring production
+        required: true
+        default: 'false'
+        type: choice
+        options:
+        - 'false'
+        - 'true'
+      restore-time:
+        description: Restore point in time in UTC. e.g. 2024-07-24T06:00:00
+        type: string
+        required: true
+      new-db-server:
+        description: Name of the new database server. Default is <original-server-name>-ptr.
+        type: string
+
+env:
+  SERVICE_SHORT: capt
+  TF_VARS_PATH: terraform/application/config
+
+jobs:
+  ptr-restore:
+    name: PTR Restore AKS Database
+    if: ${{ inputs.environment != 'production' || (inputs.environment == 'production' && github.event.inputs.confirm-production == 'true' )  }}
+    runs-on: ubuntu-latest
+    environment: ${{ inputs.environment }}
+    concurrency: deploy_${{ inputs.environment }}
+
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set environment variables
+      run: |
+        source global_config/${{ inputs.environment }}.sh
+        tf_vars_file=${TF_VARS_PATH}/${{ inputs.environment }}.tfvars.json
+        echo "CLUSTER=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
+        echo "RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg" >> $GITHUB_ENV
+        DB_SERVER="${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-pg"
+        if [[ -n "${{ inputs.new-db-server }}" ]]; then
+          NEW_DB_SERVER="${{ inputs.new-db-server }}"
+        else
+          NEW_DB_SERVER="${DB_SERVER}-ptr"
+        fi
+        echo "DB_SERVER=${DB_SERVER}" >> $GITHUB_ENV
+        echo "NEW_DB_SERVER=${NEW_DB_SERVER}" >> $GITHUB_ENV
+
+    - name: Restore ${{ inputs.environment }} postgres
+      uses: DFE-Digital/github-actions/ptr-postgres@2082-template-github-action-workflows
+      with:
+        resource-group: ${{ env.RESOURCE_GROUP_NAME }}
+        source-server: ${{ env.DB_SERVER }}
+        new-server: ${{ env.NEW_DB_SERVER }}
+        restore-time: ${{ inputs.restore-time }}
+        cluster: ${{ env.CLUSTER }}
+        azure-credentials: ${{ secrets.AZURE_CREDENTIALS}}