Oracle: delius-mis-stage-release-update-{ "AWSSnapshot": "No AWS Snapshot", "ApplyMode": "switch-clone", "ComboPatch": "default", "OraclePatchDirectory": "/u02/stage", "SourceCodeVersion": "main", "SourceConfigVersion": "main", "TargetEnvironment": "delius-mis-stage", "TargetHost": "dsd_primarydb", "VerboseOutput": "-vv" } #108
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: "Oracle: Release Update" | |
on: | |
workflow_dispatch: | |
inputs: | |
TargetEnvironment: | |
description: "Target environment" | |
required: true | |
type: choice | |
options: | |
- "delius-core-dev" | |
- "delius-core-test" | |
- "delius-core-training" | |
- "delius-core-stage" | |
- "delius-core-preprod" | |
- "delius-core-prod" | |
- "delius-mis-dev" | |
- "delius-mis-stage" | |
- "delius-mis-preprod" | |
- "delius-mis-prod" | |
TargetHost: | |
description: "Database target host" | |
required: true | |
type: choice | |
options: | |
- "delius_primarydb" | |
- "delius_standbydb1" | |
- "delius_standbydb2" | |
- "delius_standbydb1,delius_standbydb2" | |
- "delius_dbs" | |
- "mis_primarydb" | |
- "mis_standbydb1" | |
- "mis_dbs" | |
- "boe_primarydb" | |
- "boe_standbydb1" | |
- "boe_dbs" | |
- "dsd_primarydb" | |
- "dsd_standbydb1" | |
- "dsd_dbs" | |
ApplyMode: | |
description: "Installation Mode (prepare-clone, switch-clone, apply-ojvm-standby)" | |
required: true | |
type: choice | |
options: | |
- "prepare-clone" | |
- "switch-clone" | |
- "apply-ojvm-standby" | |
OraclePatchDirectory: | |
description: "Staging area on EC2 instance for downloading software" | |
required: true | |
type: choice | |
options: | |
- "/u02/stage" | |
ComboPatch: | |
description: "Combo Patch to Install (default = use value from environment configuration)" | |
required: true | |
type: choice | |
options: | |
- "default" | |
- "36522439:p36522439_190000_Linux-x86-64.zip:(19.24)" | |
- "36866740:p36866740_190000_Linux-x86-64.zip:(19.25)" | |
AWSSnapshot: | |
description: "Number of Days to Keep AWS Snapshot of Primary Database Host" | |
required: true | |
type: choice | |
options: | |
- "No AWS Snapshot" | |
- "2" | |
- "7" | |
- "14" | |
- "28" | |
VerboseOutput: | |
description: "Verbose Output level" | |
required: false | |
type: choice | |
options: | |
- "-vv" | |
- "-vvv" | |
- "-vvvv" | |
SourceCodeVersion: | |
description: "Source version for the hmpps-delius-operation-automation. Enter a pull request, branch, commit ID, tag, or reference." | |
type: string | |
default: "main" | |
SourceConfigVersion: | |
description: "Source version for the modernisation-platform-configuration-management. Enter a pull request, branch, commit ID, tag, or reference." | |
type: string | |
default: "main" | |
run-name: "Oracle: ${{ format('{0}-release-update-{1}',github.event.inputs.TargetEnvironment,tojson(inputs)) }}" | |
env: | |
ansible_config: operations/playbooks/ansible.cfg | |
command: ansible-playbook operations/playbooks/oracle_release_update/playbook.yml | |
inventory: inventory/ansible | |
# Allow permissions on repository and docker image respectively | |
permissions: | |
contents: read | |
packages: read | |
id-token: write | |
jobs: | |
deployment: | |
environment: ${{ github.event.inputs.TargetEnvironment }} | |
runs-on: ubuntu-latest | |
container: | |
image: ghcr.io/ministryofjustice/hmpps-delius-operational-automation:0.78.0 | |
timeout-minutes: 1440 | |
continue-on-error: false | |
steps: | |
- name: Prepare Inventory Names | |
id: prepareinventorynames | |
run: | | |
hosts="environment_name_$(echo ${{ github.event.inputs.TargetEnvironment }} | sed 's/dev/development_dev/;s/test/test_test/;s/training/test_training/;s/stage/preproduction_stage/;s/pre-prod/preproduction_pre_prod/;s/-prod/_production_prod/;s/-/_/g')_${{ github.event.inputs.TargetHost }}" | |
echo "hosts=${hosts}" >> $GITHUB_OUTPUT | |
- name: Checkout Inventory From modernisation-platform-configuration-management | |
uses: actions/checkout@v4 | |
with: | |
repository: ministryofjustice/modernisation-platform-configuration-management | |
sparse-checkout-cone-mode: false | |
sparse-checkout: | | |
ansible/hosts | |
ansible/group_vars | |
path: inventory | |
ref: ${{ github.event.inputs.SourceConfigVersion }} | |
fetch-depth: 0 | |
- name: Checkout Role From modernisation-platform-configuration-management | |
uses: actions/checkout@v4 | |
with: | |
repository: ministryofjustice/modernisation-platform-configuration-management | |
sparse-checkout-cone-mode: false | |
sparse-checkout: | | |
ansible/roles/secretsmanager-passwords | |
ansible/roles/get-ec2-facts | |
ansible/roles/get-modernisation-platform-facts | |
path: roles | |
ref: ${{ github.event.inputs.SourceConfigVersion }} | |
fetch-depth: 0 | |
- name: Checkout From hmpps-delius-operational-automation | |
uses: actions/checkout@v4 | |
with: | |
repository: ministryofjustice/hmpps-delius-operational-automation | |
sparse-checkout-cone-mode: false | |
sparse-checkout: | | |
playbooks/oracle_release_update | |
playbooks/delius_oem_metrics_setup | |
playbooks/oracle_interim_patch | |
common/* | |
ansible.cfg | |
path: operations | |
ref: ${{ github.event.inputs.SourceCodeVersion }} | |
fetch-depth: 0 | |
- name: Configure AWS Credentials | |
id: login-aws | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: "arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/modernisation-platform-oidc-cicd" | |
role-session-name: "hmpps-delius-operational-automation-${{ github.run_number }}" | |
aws-region: "eu-west-2" | |
role-duration-seconds: 21600 | |
# We have not included support for separate Release Update patches for GI and OJVM. | |
# Instead only the ComboPatchInfo parameter is allowed to support the Release Update Combo Patch. | |
# However, GI and OJVM patches are still available (but hidden) within the Ansible playbook | |
# so we get the parameters gi_ru_patch_info and ojvm_ru_patch_info to the empty string to | |
# disable this functionality. (It may be desirable to remove this at a later date, but | |
# occassionally the Combo patch can be delayed in which case being able to install the | |
# individual patches can be potentially useful.) | |
- name: Run Release Update Playbook | |
run: | | |
export ANSIBLE_CONFIG=$ansible_config | |
# Link the checked out configuration roles to somewhere Ansible will be able to find them | |
ln -svf $PWD/roles/ansible/roles $PWD/operations/playbooks/oracle_release_update/roles | |
# Link the Interim Patching Play to allow it to be used as a role | |
ln -svf $PWD/operations/playbooks/oracle_interim_patch/oracle_interim_patch $PWD/roles/ansible/roles/oracle_interim_patch | |
# Link the OEM Metrics Setup Play to allow it to be used as a role | |
ln -svf $PWD/operations/playbooks/delius_oem_metrics_setup/delius_oem_metrics_setup $PWD/roles/ansible/roles/delius_oem_metrics_setup | |
$command -i $inventory -e ansible_aws_ssm_bucket_name=${{ vars.ANSIBLE_AWS_SSM_BUCKET_NAME }} \ | |
-e target_hosts=${{ steps.prepareinventorynames.outputs.hosts }} \ | |
-e apply_mode=${{ github.event.inputs.ApplyMode }} \ | |
-e oracle_patch_directory=${{ github.event.inputs.OraclePatchDirectory }} \ | |
-e combo_patch_info='${{ github.event.inputs.ComboPatch }}' \ | |
-e "keep_aws_snapshot='${{github.event.inputs.AWSSnapShot }}'" \ | |
-e gi_ru_patch_info='' \ | |
-e ojvm_ru_patch_info='' |