generated from ministryofjustice/template-repository
-
Notifications
You must be signed in to change notification settings - Fork 0
121 lines (113 loc) · 5.05 KB
/
oracle-db-validate-chunks.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
name: "Oracle: Validate Chunks"
run-name: "Oracle: ${{ github.event_name == 'workflow_dispatch' && format('{0}_{1}_{2}', github.event.inputs.TargetEnvironment, github.event.inputs.Period, github.event.inputs.TargetHost) }}_validate_chunks"
on:
workflow_dispatch:
inputs:
TargetEnvironment:
description: "Target environment"
required: true
type: string
TargetHost:
description: "Backup target host"
required: true
type: string
VerboseOutput:
description: "Verbose Output level"
required: false
type: string
default: ""
workflow_call:
inputs:
TargetEnvironment:
description: "Target environment"
required: true
type: string
TargetHost:
description: "Backup target host"
required: true
type: string
VerboseOutput:
description: "Verbose Output level"
required: false
type: string
default: ""
# Allow permissions on repository and docker image and OIDC token
permissions:
contents: read
packages: read
id-token: write # This is required for requesting the JWT
jobs:
# Start deployment container job based on the build delius-ansible-aws image
deployment:
name: oracle-backup
environment: ${{ github.event.inputs.TargetEnvironment }}
runs-on: ubuntu-latest
container:
image: ghcr.io/ministryofjustice/hmpps-delius-operational-automation:0.41.0
timeout-minutes: 1440
env:
validate_command: ansible-playbook operations/playbooks/oracle_backup/validate.yml
inventory: inventory/ansible
RmanTarget: "${{ github.event.inputs.TargetHost }}"
TargetEnvironment: "${{ github.event.inputs.TargetEnvironment }}"
SSMParameter: "/oracle-backups/${{ github.event.inputs.TargetHost }}"
ansible_config: operations/playbooks/ansible.cfg
continue-on-error: false
steps:
- name: Checkout hmpps-delius-operation-automation
uses: actions/checkout@v4
with:
sparse-checkout-cone-mode: false
sparse-checkout: |
playbooks/oracle_backup
playbooks/ansible.cfg
path: operations
ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.SourceCodeVersion || 'main' }}
fetch-depth: 0
- name: Checkout Ansible Inventory From modernisation-platform-configuration-management
uses: actions/checkout@v4
with:
repository: ministryofjustice/modernisation-platform-configuration-management
sparse-checkout-cone-mode: false
sparse-checkout: |
ansible/hosts
ansible/group_vars
path: inventory
ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.SourceConfigVersion || 'main' }}
fetch-depth: 0
- name: Checkout Ansible Required Roles From modernisation-platform-configuration-management
uses: actions/checkout@v4
with:
repository: ministryofjustice/modernisation-platform-configuration-management
sparse-checkout-cone-mode: false
sparse-checkout: |
ansible/roles/secretsmanager-passwords
ansible/roles/get-modernisation-platform-facts
path: roles
ref: ${{ github.event_name == 'workflow_dispatch' && github.event.inputs.SourceConfigVersion || 'main' }}
fetch-depth: 0
- name: Configure AWS Credentials
id: login-aws
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: "arn:aws:iam::${{ vars.AWS_ACCOUNT_ID }}:role/modernisation-platform-oidc-cicd"
role-session-name: "hmpps-delius-operational-automation-${{ github.run_number }}"
aws-region: "eu-west-2"
- name: Check And Set Backup Runtime
id: check-and-set-backup-runtime
shell: bash
run: |
RUNTIME=$(aws ssm get-parameter --region ${AWS_REGION} --name "$SSMParameter" --query "Parameter.Value" --output text 2>&1) || true
PHASE=$(echo $RUNTIME | jq -r '.Phase')
STATUS=$(echo $RUNTIME | jq -r '.Status')
echo "Backup Phase and Status: $PHASE $STATUS"
if [[ $PHASE != 'Backup' ]] || [[ $STATUS != 'Success' ]]; then
echo "Backup must be successful before running Chunk Validation." && exit 1
fi
aws ssm put-parameter --region ${AWS_REGION} --name "$SSMParameter" --type String --overwrite \
--value "{\"Phase\":\"Validate Chunks\",\"Status\":\"Initializing\",\"Message\":\"Running on $RmanTarget\",\"TargetEnvironment\":\"$TargetEnvironment\",\"RmanTarget\":\"$RmanTarget\"}" \
- name: Start Ansible Validate And Fix Absent Chunks
run: |
export ANSIBLE_CONFIG=$ansible_config
ln -s $PWD/roles/ansible/roles $PWD/operations/playbooks/oracle_backup/roles
$validate_command -i $inventory -e ansible_aws_ssm_bucket_name=${{ vars.ANSIBLE_AWS_SSM_BUCKET_NAME }} -e rman_target=$RmanTarget -e fix_absent_chunks=yes ${{ github.event.inputs.VerboseOutput }}