Skip to content

Add workflow to backup production DB #19

Add workflow to backup production DB

Add workflow to backup production DB #19

Workflow file for this run

name: Backup production database
on:
workflow_dispatch:
schedule:
- cron: "0 4 * * *" # 04:00 UTC
push:
branches:
- backup-db
jobs:
backup:
name: Backup database
runs-on: ubuntu-latest
environment: production_aks
env:
KEYVAULT_NAME: s189p01-trs-pd-inf-kv
CLUSTER_NAME: s189p01-tsc-production-aks
CLUSTER_RG: s189p01-tsc-pd-rg
steps:
- uses: actions/checkout@v4
- uses: hashicorp/setup-terraform@v2
with:
terraform_version: 1.5.0
terraform_wrapper: false
- uses: Azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
- name: Install kubectl
uses: azure/setup-kubectl@v3
- name: Get AKS credentials
run: az aks get-credentials -g ${{ env.CLUSTER_RG }} -n ${{ env.CLUSTER_NAME }}
- name: Install konduit
run: make install-konduit
- name: Dump database
run: bin/konduit.sh -k ${{ env.KEYVAULT_NAME }} -d trs trs-production-ui -- pg_dump -E utf8 --compress=1 --clean --if-exists --no-owner --verbose -f backup.sql.gz
- uses: DFE-Digital/github-actions/set-arm-environment-variables@master
with:
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
- name: Get backup storage account
id: azure-backup-storage
run: |
make ci production_aks terraform-init
echo "account-name=$(terraform -chdir=terraform/aks output -raw postgres_azure_backup_storage_account_name)" >> $GITHUB_OUTPUT
echo "container-name=$(terraform -chdir=terraform/aks output -raw postgres_azure_backup_storage_container_name)" >> $GITHUB_OUTPUT
- name: Get storage account connection string
run: |
RESOURCE_GROUP_NAME=$(jq -r '.resource_group_name' terraform/aks/workspace_variables/production.tfvars.json)
STORAGE_CONN_STR=$(az storage account show-connection-string -g $RESOURCE_GROUP_NAME -n ${{ steps.azure-backup-storage.outputs.account-name }} --query 'connectionString')
echo "::add-mask::$STORAGE_CONN_STR"
echo "AZURE_STORAGE_CONNECTION_STRING=$STORAGE_CONN_STR" >> $GITHUB_ENV
- name: Upload backup
run: |
az config set extension.use_dynamic_install=yes_without_prompt
az config set core.only_show_errors=true
az storage azcopy blob upload \
--container ${{ steps.azure-backup-storage.outputs.container-name }} \
--source backup.sql.gz \
--destination $(date +"%F-%H").sql.gz