Skip to content

Commit

Permalink
Remove paas prod workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
johnake committed Oct 18, 2023
1 parent e97616b commit de92327
Showing 1 changed file with 0 additions and 143 deletions.
143 changes: 0 additions & 143 deletions .github/workflows/database-backup.yml
Original file line number Diff line number Diff line change
Expand Up @@ -77,146 +77,3 @@ jobs:
SLACK_WEBHOOK: ${{ steps.keyvault-yaml-secret.outputs.SLACK_WEBHOOK }}
SLACK_COLOR: failure
SLACK_FOOTER: Sent from backup job in database-backup workflow

backup_v2:
name: Backup AKS Database (production)
if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && github.event.inputs.overwriteThisMorningsBackup == 'true') }}
runs-on: ubuntu-latest
services:
postgres:
image: postgres:11.10
env:
POSTGRES_USER: postgres
POSTGRES_PASSWORD: postgres
POSTGRES_DB: postgres
ports:
- 5432:5432
options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
steps:
- uses: actions/checkout@v4
name: Checkout

- name: Set KV environment variables
run: |
tf_vars_file=terraform/aks/workspace_variables/production_aks.tfvars.json
echo "APP_KEY_VAULT=$(jq -r '.app_key_vault' ${tf_vars_file})" >> $GITHUB_ENV
echo "INF_KEY_VAULT=$(jq -r '.infra_key_vault' ${tf_vars_file})" >> $GITHUB_ENV
echo "NAMESPACE=$(jq -r '.namespace' ${tf_vars_file})" >> $GITHUB_ENV
echo "CLUSTER=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
echo "APP_ENVIRONMENT=$(jq -r '.app_environment' ${tf_vars_file})" >> $GITHUB_ENV
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS_PRODUCTION_AKS }}

- name: Install kubectl
uses: azure/setup-kubectl@v3
with:
version: "v1.26.1" # default is latest stable

- name: K8 setup
shell: bash
run: |
az aks get-credentials -g s189p01-tsc-pd-rg -n s189p01-tsc-production-aks
make install-konduit
- name: Setup postgres client
uses: DFE-Digital/github-actions/install-postgres-client@master

- name: Set environment variable
run: echo "BACKUP_FILE_NAME=register_prod_$(date +"%F")" >> $GITHUB_ENV

- name: Backup Prod DB
run: |
bin/konduit.sh register-production -- pg_dump -E utf8 --clean --if-exists --no-owner --verbose --no-password -f ${BACKUP_FILE_NAME}.sql
tar -cvzf ${BACKUP_FILE_NAME}.tar.gz ${BACKUP_FILE_NAME}.sql
- name: Set Connection String
run: |
STORAGE_CONN_STR="$(az keyvault secret show --name REGISTER-BACKUP-STORAGE-CONNECTION-STRING-AKS --vault-name ${{ env.key_vault_name }} | jq -r .value)"
echo "::add-mask::$STORAGE_CONN_STR"
echo "STORAGE_CONN_STR=$STORAGE_CONN_STR" >> $GITHUB_ENV
- name: Upload Backup to Azure Storage
run: |
az storage blob upload --container-name database-backup \
--file ${BACKUP_FILE_NAME}.tar.gz --name ${BACKUP_FILE_NAME}.tar.gz --overwrite \
--connection-string '${{ env.STORAGE_CONN_STR }}'
rm ${BACKUP_FILE_NAME}.tar.gz
- name: Restore backup to aks productiondata database
if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && github.event.inputs.restoreToProductionDataEnv == 'true') }}
shell: bash
run: |
bin/konduit.sh -i ${{ env.BACKUP_FILE_NAME }}.sql -t 7200 register-productiondata -- psql
- name: Restore backup to aks analysis database
if: ${{ github.event_name == 'schedule' || (github.event_name == 'workflow_dispatch' && github.event.inputs.restoreToProductionAnalysisEnv == 'true') }}
shell: bash
run: |
bin/konduit.sh -i ${{ env.BACKUP_FILE_NAME }}.sql -p ANALYSIS_DATABASE_URL -t 7200 register-production -- psql
bin/konduit.sh -p ANALYSIS_DATABASE_URL -t 300 register-production -- psql -c 'GRANT ALL PRIVILEGES ON ALL TABLES IN SCHEMA public TO "${{ env.SQLPAD_USER }}"'
bin/konduit.sh -p ANALYSIS_DATABASE_URL -t 300 register-production -- psql -c 'GRANT ALL PRIVILEGES ON ALL SEQUENCES IN SCHEMA public TO "${{ env.SQLPAD_USER }}"'
env:
SQLPAD_USER: ${{ secrets.SQLPAD_USER }}

- name: Disk cleanup
shell: bash
run: |
sudo rm -rf /usr/local/lib/android || true
sudo rm -rf /usr/share/dotnet || true
sudo rm -rf /opt/ghc || true
- name: Create local Sanitised Database
run: |
createdb ${DATABASE_NAME} && psql -f ${{ env.BACKUP_FILE_NAME }}.sql -d ${DATABASE_NAME}
env:
DATABASE_NAME: register_trainee_teachers
PGUSER: postgres
PGPASSWORD: postgres
PGHOST: localhost
PGPORT: 5432

- name: Remove backup file
shell: bash
run: |
rm ${{ env.BACKUP_FILE_NAME }}.sql
- name: Sanitise the local Database
run: |
psql -d ${DATABASE_NAME} -f db/scripts/sanitise.sql
env:
DATABASE_NAME: register_trainee_teachers
PGUSER: postgres
PGPASSWORD: postgres
PGHOST: localhost
PGPORT: 5432

- name: Dump the Sanitised Database
run: |
pg_dump --encoding utf8 --compress=1 --clean --no-owner --if-exists -d ${DATABASE_NAME} -f backup_sanitised.sql.gz
env:
DATABASE_NAME: register_trainee_teachers
PGUSER: postgres
PGPASSWORD: postgres
PGHOST: localhost
PGPORT: 5432

- name: Upload Sanitised Backup
uses: actions/upload-artifact@v3
with:
name: backup_sanitised
path: backup_sanitised.sql.gz
retention-days: 3

- name: Check for Failure
if: ${{ failure() }}
uses: rtCamp/action-slack-notify@master
env:
SLACK_CHANNEL: twd_publish_register_tech
SLACK_COLOR: '#ef5343'
SLACK_ICON_EMOJI: ':github-logo:'
SLACK_USERNAME: Register Trainee Teachers
SLACK_TITLE: Backup Failure
SLACK_MESSAGE: ':alert: Backup failure :sadparrot:'
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

0 comments on commit de92327

Please sign in to comment.