diff --git a/.github/workflows/backup-db.yml b/.github/workflows/backup-db.yml new file mode 100644 index 0000000000..1cac92cbbc --- /dev/null +++ b/.github/workflows/backup-db.yml @@ -0,0 +1,38 @@ +name: Backup production database + +on: + workflow_dispatch: + schedule: + - cron: "0 4 * * *" # 04:00 UTC + push: + branches: + - backup-db + +jobs: + backup: + name: Backup database + runs-on: ubuntu-latest + + environment: production + + steps: + - uses: actions/checkout@v4 + + - uses: hashicorp/setup-terraform@v2 + with: + terraform_version: 1.5.0 + terraform_wrapper: false + + - uses: DFE-Digital/github-actions/set-arm-environment-variables@master + with: + azure-credentials: ${{ secrets.AZURE_CREDENTIALS }} + + - name: Get Azure backup storage details + id: azure-backup-storage + run: | + set -e + #make ci production_aks terraform-init + make ci production_aks + terraform -chdir=terraform/aks init -backend-config workspace_variables/production.backend.tfvars -reconfigure -input=false + echo "account-name=$(terraform -chdir=terraform/aks output -raw postgres_azure_backup_storage_account_name)" >> $GITHUB_OUTPUT + echo "container-name=$(terraform -chdir=terraform/aks output -raw postgres_azure_backup_storage_container_name)" >> $GITHUB_OUTPUT diff --git a/Makefile b/Makefile index 93158e7b46..9f675f6fff 100644 --- a/Makefile +++ b/Makefile @@ -209,7 +209,7 @@ terraform-init: $(eval export TF_VAR_azure_resource_prefix=$(RESOURCE_NAME_PREFIX)) [[ "${SP_AUTH}" != "true" ]] && az account set -s $(AZURE_SUBSCRIPTION) || true - terraform -chdir=terraform/$(PLATFORM) init -backend-config workspace_variables/${DEPLOY_ENV}.backend.tfvars -reconfigure + terraform -chdir=terraform/$(PLATFORM) init -backend-config workspace_variables/${DEPLOY_ENV}.backend.tfvars -reconfigure -input=false terraform-plan: terraform-init # make [env] terraform-plan init terraform -chdir=terraform/$(PLATFORM) plan -var-file workspace_variables/${DEPLOY_ENV}.tfvars.json diff --git a/terraform/aks/outputs.tf b/terraform/aks/outputs.tf new file mode 100644 index 0000000000..c4b216c264 --- /dev/null +++ b/terraform/aks/outputs.tf @@ -0,0 +1,7 @@ +output "postgres_azure_backup_storage_account_name" { + value = module.postgres.azure_backup_storage_account_name +} + +output "postgres_azure_backup_storage_container_name" { + value = module.postgres.azure_backup_storage_container_name +}