Oracle: Schedule Password Rotation #86
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Oracle: Schedule Password Rotation" | |
| on: | |
| schedule: | |
| - cron: '00 12 * * TUE' | |
| - cron: '00 14 * * TUE' | |
| - cron: '00 10 * * THU' | |
| - cron: '00 14 * * THU' | |
| jobs: | |
| prepare-run-matrix: | |
| runs-on: ubuntu-latest | |
| outputs: | |
| scheduled_matrix: ${{ steps.filter-password-rotation-schedule.outputs.scheduling_matrix }} | |
| steps: | |
| - name: Checkout Password Rotation Schedule | |
| uses: actions/checkout@v4 | |
| with: | |
| sparse-checkout-cone-mode: false | |
| sparse-checkout: | | |
| .github/workflows/oracle-db-password-rotation-schedule.json | |
| path: operations | |
| ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.SourceCodeVersion || 'main' }} | |
| fetch-depth: 0 | |
| - name: Filter Password Rotation Schedule | |
| id: filter-password-rotation-schedule | |
| run: | | |
| SCHEDULED_JSON=$(jq '[.[] | select (.CronSchedule=="${{ github.event.schedule }}") | {"TargetEnvironment"}]' operations/.github/workflows/oracle-db-password-rotation-schedule.json | jq '{include: .}') | |
| echo "scheduling_matrix="$(echo ${SCHEDULED_JSON} | sed 's/ //g') >> $GITHUB_OUTPUT | |
| report-schedule-password-rotation: | |
| needs: prepare-run-matrix | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.prepare-run-matrix.outputs.scheduled_matrix != '{"include":[]}' }} | |
| steps: | |
| - name: Report Password Rotation Scheduled to Run | |
| id: report-run | |
| run: | | |
| echo "Running Password Rotation for these targets: ${{ needs.prepare-run-matrix.outputs.scheduled_matrix }}" | |
| report-no-scheduled-password-rotation: | |
| needs: prepare-run-matrix | |
| runs-on: ubuntu-latest | |
| if: ${{ needs.prepare-run-matrix.outputs.scheduled_matrix == '{"include":[]}' }} | |
| steps: | |
| - name: Report Nothing to Do | |
| id: report-no-run | |
| run: | | |
| echo "No target environments scheduled for password rotation run." | |
| password-rotation: | |
| needs: prepare-run-matrix | |
| if: ${{ needs.prepare-run-matrix.outputs.scheduled_matrix != '{"include":[]}' }} | |
| strategy: | |
| matrix: ${{fromJson(needs.prepare-run-matrix.outputs.scheduled_matrix)}} | |
| name: Password Rotation | |
| uses: | |
| ministryofjustice/hmpps-delius-operational-automation/.github/workflows/oracle-db-password-rotation.yml@main | |
| with: | |
| TargetEnvironment: ${{ matrix.TargetEnvironment }} |