-
Notifications
You must be signed in to change notification settings - Fork 0
109 lines (98 loc) · 4.01 KB
/
backup-db.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
name: Backup production database
on:
workflow_dispatch:
inputs:
environment:
description: Environment to backup
required: true
default: tes
type: choice
options:
- test
- production
backupFileName:
description: Backup file name. Default is [SERVICE_NAME]_[CONFIG_SHORT]_adhoc_YYYY-MM-DD
required: false
type: string
default: default
backupPTRServer:
description: Set to true if backing up a point in time restored database server
required: false
type: boolean
default: false
schedule:
- cron: "0 4 * * *" # 04:00 UTC
env:
SERVICE_NAME: trs
TF_VARS_PATH: terraform/aks/config
jobs:
backup:
name: Backup database
runs-on: ubuntu-latest
environment:
name: ${{ inputs.environment || production }}
env:
DEPLOY_ENV: ${{ inputs.environment || production }}
BACKUP_FILE: ${{ inputs.backupFileName || schedule }}
steps:
- uses: actions/checkout@v4
- name: Set environment variables
run: |
source global_config/${DEPLOY_ENV}.sh
tf_vars_file=${{ env.TF_VARS_PATH }}/${DEPLOY_ENV}.tfvars.json
echo "CLUSTER=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
echo "RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_NAME}-${CONFIG_SHORT}-rg" >> $GITHUB_ENV
echo "STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_NAME}dbbkp${CONFIG_SHORT}sa" >> $GITHUB_ENV
TODAY=$(date +"%F")
echo "DB_SERVER=${AZURE_RESOURCE_PREFIX}-${SERVICE_NAME}-${CONFIG_SHORT}-pg" >> $GITHUB_ENV
if [ "${{ env.BACKUP_FILE }}" == "schedule" ]; then
BACKUP_FILE=${SERVICE_NAME}_${CONFIG_SHORT}_${TODAY}
elif [ "${{ env.BACKUP_FILE }}" == "default" ]; then
BACKUP_FILE=${SERVICE_NAME}_${CONFIG_SHORT}_adhoc_${TODAY}
else
BACKUP_FILE=${{ env.BACKUP_FILE }}
fi
echo "BACKUP_FILE=$BACKUP_FILE" >> $GITHUB_ENV
echo "KEYVAULT_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-inf-kv" >> $GITHUB_ENV
- name: Set PTR variables
if: ${{ github.event.inputs.backupPTRServer == 'true' }}
run: |
echo "PTR_DB_SERVER=${{ env.DB_SERVER }}-ptr" >> $GITHUB_ENV
echo "BACKUP_FILE=${{ env.BACKUP_FILE }}-ptr" >> $GITHUB_ENV
- name: Backup ${{ env.DEPLOY_ENV }} postgres
uses: DFE-Digital/github-actions/backup-postgres@master
with:
storage-account: ${{ env.STORAGE_ACCOUNT_NAME }}
resource-group: ${{ env.RESOURCE_GROUP_NAME }}
app-name: ${{ env.SERVICE_NAME }}-${{ env.DEPLOY_ENV }}-api
cluster: ${{ env.CLUSTER }}
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
backup-file: ${{ env.BACKUP_FILE }}.sql
ptr-db-server-name: ${{ env.PTR_DB_SERVER }}
- name: Backup Summary
if: success()
run: |
NOW=$(TZ=Europe/London date +"%F %R")
echo 'BACKUP SUCCESSFUL!' >> $GITHUB_STEP_SUMMARY
echo ' ENV: ${{ env.DEPLOY_ENV }}' >> $GITHUB_STEP_SUMMARY
echo " AT : ${NOW}" >> $GITHUB_STEP_SUMMARY
echo ' DB SERVER: ${{ env.PTR_DB_SERVER || env.DB_SERVER }}' >> $GITHUB_STEP_SUMMARY
echo ' STORAGE ACCOUNT: ${{ env.STORAGE_ACCOUNT_NAME }}' >> $GITHUB_STEP_SUMMARY
echo ' FILENAME: ${{ env.BACKUP_FILE }}.sql.gz' >> $GITHUB_STEP_SUMMARY
- name: Get Slack webhook
uses: Azure/get-keyvault-secrets@v1
if: failure()
id: key-vault-secrets
with:
keyvault: ${{ env.KEYVAULT_NAME }}
secrets: "SLACK-WEBHOOK"
- name: Notify Slack channel on job failure
if: failure()
uses: rtCamp/action-slack-notify@v2
env:
SLACK_USERNAME: CI Deployment
SLACK_TITLE: Database backup failure
SLACK_MESSAGE: Production database backup job failed
SLACK_WEBHOOK: ${{ steps.key-vault-secrets.outputs.SLACK-WEBHOOK }}
SLACK_COLOR: failure
SLACK_FOOTER: Sent from backup job in backup-db workflow