DB - Apply Anonymized DB #62

Workflow file for this run

.github/workflows/db_apply_anonimized.yml at 21715d4

	name: "DB - Apply Anonymized DB"

	on:
	workflow_dispatch:
	inputs:
	deploy-env:
	description: 'Environment to apply anonymized db'
	required: true
	type: choice
	options:
	- Test
	- Pre-prod
	default: Test

	jobs:
	stop_logstash:
	runs-on: ubuntu-latest
	environment: ${{ inputs.deploy-env \|\| 'Test' }}
	steps:
	- name: Get Environment Name for ${{ vars.ENV_NAME }}
	id: get_env_name
	uses: Entepotenz/change-string-case-action-min-dependencies@v1
	with:
	string: ${{ vars.ENV_NAME }}
	- name: Checkout repo
	uses: actions/checkout@v4
	- name: Stop Logstash for ${{ vars.ENV_NAME }}
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: "eu-west-1"
	run: \|
	aws \
	ecs update-service --desired-count 0 --cluster=ecsOpenSupplyHub${{vars.ENV_NAME}}Cluster \
	--service=OpenSupplyHub${{vars.ENV_NAME}}AppLogstash

	apply-anonymized-db:
	runs-on: self-hosted
	environment: ${{ inputs.deploy-env \|\| 'Test' }}
	needs: stop_logstash
	steps:
	- name: Get Environment Name for ${{ vars.ENV_NAME }}
	id: get_env_name
	uses: Entepotenz/change-string-case-action-min-dependencies@v1
	with:
	string: ${{ vars.ENV_NAME }}
	- name: Checkout repo
	uses: actions/checkout@v4
	- name: Restore database for ${{ vars.ENV_NAME }}
	run: \|
	cd ./src/anon-tools
	mkdir -p ./keys
	echo "${{ secrets.KEY_FILE }}" > ./keys/key
	docker build -t restore -f Dockerfile.restore .
	docker run -v ./keys/key:/keys/key --shm-size=2gb --rm \
	-e AWS_ACCESS_KEY_ID=${{ secrets.AWS_ACCESS_KEY_ID }} \
	-e AWS_SECRET_ACCESS_KEY=${{ secrets.AWS_SECRET_ACCESS_KEY }} \
	-e AWS_DEFAULT_REGION=eu-west-1 \
	-e ENVIRONMENT=${{ vars.ENV_NAME }} \
	-e DATABASE_NAME=opensupplyhub \
	-e DATABASE_USERNAME=opensupplyhub \
	-e DATABASE_PASSWORD=${{ secrets.DATABASE_PASSWORD }} \
	restore

	post_deploy:
	needs: apply-anonymized-db
	runs-on: ubuntu-latest
	environment: ${{ inputs.deploy-env \|\| 'Test' }}
	steps:
	- name: Get Environment Name for ${{ vars.ENV_NAME }}
	id: get_env_name
	uses: Entepotenz/change-string-case-action-min-dependencies@v1
	with:
	string: ${{ vars.ENV_NAME }}
	- name: Checkout repo
	uses: actions/checkout@v4
	- name: Run migrations for ${{ vars.ENV_NAME }}
	run: \|
	./deployment/run_cli_task ${{ vars.ENV_NAME }} "post_deployment"
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: "eu-west-1"

	clear_opensearch:
	needs: post_deploy
	runs-on: ubuntu-latest
	environment: ${{ inputs.deploy-env \|\| 'Test' }}
	steps:
	- name: Get Environment Name for ${{ vars.ENV_NAME }}
	id: get_env_name
	uses: Entepotenz/change-string-case-action-min-dependencies@v1
	with:
	string: ${{ vars.ENV_NAME }}
	- name: Checkout repo
	uses: actions/checkout@v4
	- name: Get OpenSearch domain, filesystem and access point IDs for ${{ vars.ENV_NAME }}
	id: export_variables
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: "eu-west-1"
	run: \|
	OS_DOMAIN_NAME=$(echo "${{ vars.ENV_NAME }}-os-domain" \| tr '[:upper:]' '[:lower:]')
	OPENSEARCH_DOMAIN=$(aws \
	es describe-elasticsearch-domains --domain-names $OS_DOMAIN_NAME \
	--query "DomainStatusList[].Endpoints.vpc" --output text)
	EFS_ID=$(aws \
	efs describe-file-systems \
	--query "FileSystems[?Tags[?Key=='Environment' && Value=='${{ vars.ENV_NAME }}']].FileSystemId" \
	--output text)
	EFS_AP_ID=$(aws \
	efs describe-access-points \
	--query "AccessPoints[?FileSystemId=='$EFS_ID'].AccessPointId" \
	--output text)
	echo "EFS_ID=$EFS_ID" >> $GITHUB_OUTPUT
	echo "EFS_AP_ID=$EFS_AP_ID" >> $GITHUB_OUTPUT
	echo "OPENSEARCH_DOMAIN=$OPENSEARCH_DOMAIN" >> $GITHUB_OUTPUT
	- name: Clear the OpenSearch indexes for ${{ vars.ENV_NAME }}
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	OPENSEARCH_DOMAIN: ${{ steps.export_variables.outputs.OPENSEARCH_DOMAIN }}
	EFS_AP_ID: ${{ steps.export_variables.outputs.EFS_AP_ID }}
	EFS_ID: ${{ steps.export_variables.outputs.EFS_ID }}
	BASTION_IP: ${{ vars.BASTION_IP }}
	run: \|
	cd ./deployment/clear_opensearch
	mkdir -p script
	mkdir -p ssh
	echo -e "Host *\n\tStrictHostKeyChecking no\n\n" > ssh/config
	printf "%s\n" "${{ secrets.SSH_PRIVATE_KEY }}" > ssh/id_rsa
	echo "" >> ssh/id_rsa
	echo -n ${{ vars.BASTION_IP }} > script/.env
	envsubst < clear_opensearch.sh.tpl > script/clear_opensearch.sh
	envsubst < run.sh.tpl > script/run.sh
	docker run --rm \
	-v ./script:/script \
	-v ./ssh:/root/.ssh \
	kroniak/ssh-client bash /script/run.sh

	start_logstash:
	needs: clear_opensearch
	runs-on: ubuntu-latest
	environment: ${{ inputs.deploy-env \|\| 'Test' }}
	steps:
	- name: Get Environment Name for ${{ vars.ENV_NAME }}
	id: get_env_name
	uses: Entepotenz/change-string-case-action-min-dependencies@v1
	with:
	string: ${{ vars.ENV_NAME }}
	- name: Checkout repo
	uses: actions/checkout@v4
	- name: Start Logstash for ${{ vars.ENV_NAME }}
	env:
	AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
	AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
	AWS_DEFAULT_REGION: "eu-west-1"
	run: \|
	aws \
	ecs update-service --desired-count 1 --cluster=ecsOpenSupplyHub${{vars.ENV_NAME}}Cluster \
	--service=OpenSupplyHub${{vars.ENV_NAME}}AppLogstash

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

DB - Apply Anonymized DB #62

Workflow file

DB - Apply Anonymized DB #62

Jobs

Run details

Workflow file for this run