Skip to content

Oracle: delius-mis-stage-release-update-{ "AWSSnapshot": "No AWS Snapshot", "ApplyMode": "switch-clone", "ComboPatch": "default", "OraclePatchDirectory": "/u02/stage", "SourceCodeVersion": "main", "SourceConfigVersion": "main", "TargetEnvironment": "delius-mis-stage", "TargetHost": "dsd_primarydb", "VerboseOutput": "-vv" } #108

Oracle: delius-mis-stage-release-update-{ "AWSSnapshot": "No AWS Snapshot", "ApplyMode": "switch-clone", "ComboPatch": "default", "OraclePatchDirectory": "/u02/stage", "SourceCodeVersion": "main", "SourceConfigVersion": "main", "TargetEnvironment": "delius-mis-stage", "TargetHost": "dsd_primarydb", "VerboseOutput": "-vv" }

Oracle: delius-mis-stage-release-update-{ "AWSSnapshot": "No AWS Snapshot", "ApplyMode": "switch-clone", "ComboPatch": "default", "OraclePatchDirectory": "/u02/stage", "SourceCodeVersion": "main", "SourceConfigVersion": "main", "TargetEnvironment": "delius-mis-stage", "TargetHost": "dsd_primarydb", "VerboseOutput": "-vv" } #108

name: "Oracle: Release Update"
on:
workflow_dispatch:
inputs:
TargetEnvironment:
description: "Target environment"
required: true
type: choice
options:
- "delius-core-dev"
- "delius-core-test"
- "delius-core-training"
- "delius-core-stage"
- "delius-core-preprod"
- "delius-core-prod"
- "delius-mis-dev"
- "delius-mis-stage"
- "delius-mis-preprod"
- "delius-mis-prod"
TargetHost:
description: "Database target host"
required: true
type: choice
options:
- "delius_primarydb"
- "delius_standbydb1"
- "delius_standbydb2"
- "delius_standbydb1,delius_standbydb2"
- "delius_dbs"
- "mis_primarydb"
- "mis_standbydb1"
- "mis_dbs"
- "boe_primarydb"
- "boe_standbydb1"
- "boe_dbs"
- "dsd_primarydb"
- "dsd_standbydb1"
- "dsd_dbs"
ApplyMode:
description: "Installation Mode (prepare-clone, switch-clone, apply-ojvm-standby)"
required: true
type: choice
options:
- "prepare-clone"
- "switch-clone"
- "apply-ojvm-standby"
OraclePatchDirectory:
description: "Staging area on EC2 instance for downloading software"
required: true
type: choice
options:
- "/u02/stage"
ComboPatch:
description: "Combo Patch to Install (default = use value from environment configuration)"
required: true
type: choice
options:
- "default"
- "36522439:p36522439_190000_Linux-x86-64.zip:(19.24)"
- "36866740:p36866740_190000_Linux-x86-64.zip:(19.25)"
AWSSnapshot:
description: "Number of Days to Keep AWS Snapshot of Primary Database Host"
required: true
type: choice
options:
- "No AWS Snapshot"
- "2"
- "7"
- "14"
- "28"
VerboseOutput:
description: "Verbose Output level"
required: false
type: choice
options:
- "-vv"
- "-vvv"
- "-vvvv"
SourceCodeVersion:
description: "Source version for the hmpps-delius-operation-automation. Enter a pull request, branch, commit ID, tag, or reference."
type: string
default: "main"
SourceConfigVersion:
description: "Source version for the modernisation-platform-configuration-management. Enter a pull request, branch, commit ID, tag, or reference."
type: string
default: "main"
run-name: "Oracle: ${{ format('{0}-release-update-{1}',github.event.inputs.TargetEnvironment,tojson(inputs)) }}"
env:
ansible_config: operations/playbooks/ansible.cfg
command: ansible-playbook operations/playbooks/oracle_release_update/playbook.yml
inventory: inventory/ansible
# Allow permissions on repository and docker image respectively
permissions:
contents: read
packages: read
id-token: write
jobs:
deployment:
environment: ${{ github.event.inputs.TargetEnvironment }}
runs-on: ubuntu-latest
container:
image: ghcr.io/ministryofjustice/hmpps-delius-operational-automation:0.78.0
timeout-minutes: 1440
continue-on-error: false
steps:
- name: Prepare Inventory Names
id: prepareinventorynames
run: |
hosts="environment_name_$(echo ${{ github.event.inputs.TargetEnvironment }} | sed 's/dev/development_dev/;s/test/test_test/;s/training/test_training/;s/stage/preproduction_stage/;s/pre-prod/preproduction_pre_prod/;s/-prod/_production_prod/;s/-/_/g')_${{ github.event.inputs.TargetHost }}"
echo "hosts=${hosts}" >> $GITHUB_OUTPUT
- name: Checkout Inventory From modernisation-platform-configuration-management
uses: actions/checkout@v4
with:
repository: ministryofjustice/modernisation-platform-configuration-management
sparse-checkout-cone-mode: false
sparse-checkout: |
ansible/hosts
ansible/group_vars
path: inventory
ref: ${{ github.event.inputs.SourceConfigVersion }}
fetch-depth: 0
- name: Checkout Role From modernisation-platform-configuration-management
uses: actions/checkout@v4
with:
repository: ministryofjustice/modernisation-platform-configuration-management
sparse-checkout-cone-mode: false
sparse-checkout: |
ansible/roles/secretsmanager-passwords
ansible/roles/get-ec2-facts
ansible/roles/get-modernisation-platform-facts
path: roles
ref: ${{ github.event.inputs.SourceConfigVersion }}
fetch-depth: 0
- name: Checkout From hmpps-delius-operational-automation
uses: actions/checkout@v4
with:
repository: ministryofjustice/hmpps-delius-operational-automation
sparse-checkout-cone-mode: false
sparse-checkout: |
playbooks/oracle_release_update
playbooks/delius_oem_metrics_setup
playbooks/oracle_interim_patch
common/*
ansible.cfg
path: operations
ref: ${{ github.event.inputs.SourceCodeVersion }}
fetch-depth: 0
- name: Configure AWS Credentials
id: login-aws
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: "arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/modernisation-platform-oidc-cicd"
role-session-name: "hmpps-delius-operational-automation-${{ github.run_number }}"
aws-region: "eu-west-2"
role-duration-seconds: 21600
# We have not included support for separate Release Update patches for GI and OJVM.
# Instead only the ComboPatchInfo parameter is allowed to support the Release Update Combo Patch.
# However, GI and OJVM patches are still available (but hidden) within the Ansible playbook
# so we get the parameters gi_ru_patch_info and ojvm_ru_patch_info to the empty string to
# disable this functionality. (It may be desirable to remove this at a later date, but
# occassionally the Combo patch can be delayed in which case being able to install the
# individual patches can be potentially useful.)
- name: Run Release Update Playbook
run: |
export ANSIBLE_CONFIG=$ansible_config
# Link the checked out configuration roles to somewhere Ansible will be able to find them
ln -svf $PWD/roles/ansible/roles $PWD/operations/playbooks/oracle_release_update/roles
# Link the Interim Patching Play to allow it to be used as a role
ln -svf $PWD/operations/playbooks/oracle_interim_patch/oracle_interim_patch $PWD/roles/ansible/roles/oracle_interim_patch
# Link the OEM Metrics Setup Play to allow it to be used as a role
ln -svf $PWD/operations/playbooks/delius_oem_metrics_setup/delius_oem_metrics_setup $PWD/roles/ansible/roles/delius_oem_metrics_setup
$command -i $inventory -e ansible_aws_ssm_bucket_name=${{ vars.ANSIBLE_AWS_SSM_BUCKET_NAME }} \
-e target_hosts=${{ steps.prepareinventorynames.outputs.hosts }} \
-e apply_mode=${{ github.event.inputs.ApplyMode }} \
-e oracle_patch_directory=${{ github.event.inputs.OraclePatchDirectory }} \
-e combo_patch_info='${{ github.event.inputs.ComboPatch }}' \
-e "keep_aws_snapshot='${{github.event.inputs.AWSSnapShot }}'" \
-e gi_ru_patch_info='' \
-e ojvm_ru_patch_info=''