generated from ministryofjustice/template-repository
-
Notifications
You must be signed in to change notification settings - Fork 0
139 lines (131 loc) · 5.27 KB
/
oracle-db-patching.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
name: "Oracle: Patching"
on:
workflow_dispatch:
inputs:
TargetEnvironment:
description: "Target environment"
required: true
type: choice
options:
- "delius-core-dev"
- "delius-core-test"
- "delius-core-training"
- "delius-core-stage"
- "delius-core-pre-prod"
- "delius-core-prod"
TargetHost:
description: "Database target host"
required: true
type: choice
options:
- "delius_primarydb"
- "delius_standbydb1"
- "delius_standbydb2"
- "mis_primarydb"
- "mis_standbydb1"
- "misboe_primarydb"
- "misboe_standbydb1"
- "misdsd_primarydb"
- "misdsd_standbydb1"
PatchId:
description: "OPTIONAL [ID of Patch to be Installed (Patch should already be available in S3 bucket)]. If not specified then all configured patches will be installed."
type: string
default: ""
InstallAbsentPatches:
description: Install any patches found to be absent according to the configuration for this environment. By default no patches are installed and instead an error is returned if any are missing."
type: choice
default: "no"
options:
- "no"
- "yes"
OnlyPatchOffline:
description: "Install any patches offline (recommended), even those indicated to be online installable."
type: choice
default: "yes"
options:
- "no"
- "yes"
VerboseOutput:
description: "Verbose Output level"
type: choice
options:
- " "
- "-v"
- "-vv"
- "-vvv"
- "-vvvv"
SourceConfigVersion:
description: "Source version for the modernisation-platform-configuration-management. Enter a pull request, branch, commit ID, tag, or reference."
type: string
default: "main"
run-name: "Oracle: ${{ format('{0}-patching-{1}',github.event.inputs.TargetEnvironment,tojson(inputs)) }}"
# Allow permissions on repository and docker image respectively
permissions:
contents: read
packages: read
id-token: write
jobs:
build_target_name:
runs-on: ubuntu-latest
outputs:
TargetHost: ${{ steps.preparetargetname.outputs.TargetHost }}
steps:
- name: Prepare Target Name
id: preparetargetname
run: echo TargetHost="environment_name_$(echo ${{ github.event.inputs.TargetEnvironment }} | sed 's/delius-core-dev/delius_core_development_dev/;s/delius-core-test/delius_core_test_test/;s/delius-core-training/delius_core_test_training/;s/delius-core-stage/delius_core_preproduction_stage/;s/delius-core-pre-prod/delius_core_preproduction_pre_prod/;s/delius-core-prod/delius_core_production_prod/')_${{ github.event.inputs.TargetHost }}" >> $GITHUB_OUTPUT
deployment:
name: oracle-db-patching
needs: build_target_name
environment: ${{ github.event.inputs.TargetEnvironment }}
runs-on: ubuntu-latest
container:
image: ghcr.io/ministryofjustice/hmpps-delius-operational-automation:0.1
timeout-minutes: 1440
env:
command: ansible-playbook operations/playbooks/oracle_interim_patch/playbook.yml
inventory: inventory/ansible
continue-on-error: false
steps:
- name: Checkout Role From modernisation-platform-configuration-management
uses: actions/checkout@v4
with:
repository: ministryofjustice/modernisation-platform-configuration-management
path: operations
ref: ${{ github.event.inputs.SourceConfigVersion }}
fetch-depth: 0
- name: Checkout Inventory From modernisation-platform-configuration-management
uses: actions/checkout@v4
with:
repository: ministryofjustice/modernisation-platform-configuration-management
sparse-checkout-cone-mode: false
sparse-checkout: |
ansible/hosts
ansible/group_vars
path: inventory
ref: ${{ github.event.inputs.SourceConfigVersion }}
fetch-depth: 0
- name: Checkout From hmpps-delius-operational-automation
uses: actions/checkout@v4
with:
repository: ministryofjustice/hmpps-delius-operational-automation
sparse-checkout-cone-mode: false
sparse-checkout: |
playbooks/oracle_interim_patch
ansible.cfg
path: operations
ref: ${{ github.event.inputs.SourceCodeVersion }}
fetch-depth: 0
- name: Configure AWS Credentials
id: login-aws
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: "arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/modernisation-platform-oidc-cicd"
role-session-name: "hmpps-delius-operational-automation-${{ github.run_number }}"
aws-region: "eu-west-2"
- name: Start Oracle Patching
run: |
$command -i $inventory \
-e target_hosts=${{needs.build_target_name.outputs.TargetHost}} \
-e install_absent_patches=${{ github.event.inputs.InstallAbsentPatches }} \
-e requested_patch_id=${{ github.event.inputs.PatchId }} \
-e only_patch_offline=${{ github.event.inputs.OnlyPatchOffline }}