Merge pull request #173 from ministryofjustice/DBA-562

ranbeersingh1 · web-flow · commit 5e0980239a0e · 2024-02-07T13:58:44.000Z
Dba 562
diff --git a/.github/workflows/oracle-db-restore-points.yml b/.github/workflows/oracle-db-restore-points.yml
@@ -143,6 +143,7 @@ jobs:
             playbooks/oracle_restore_points
             playbooks/block_sessions
             playbooks/oracle_password_rotation
+            playbooks/oem_blackout
             playbooks/ansible.cfg
           path: operations
           ref: ${{ github.event.inputs.SourceCodeVersion }}
@@ -160,26 +161,30 @@ jobs:
           ref: ${{ github.event.inputs.SourceConfigVersion }}
           fetch-depth: 0
 
-      - name: Install yq
-        uses: dcarbone/install-yq-action@v1.1.1
+      - name: Checkout Ansible Required Roles From modernisation-platform-configuration-management
+        uses: actions/checkout@v4
         with:
-          download-compressed: true
-          version: "v4.35.1"
-          force: true
+          repository: ministryofjustice/modernisation-platform-configuration-management
+          sparse-checkout-cone-mode: false
+          sparse-checkout: |
+            ansible/roles/secretsmanager-passwords
+            ansible/roles/get-modernisation-platform-facts
+          path: roles
+          ref: ${{ github.event.inputs.SourceConfigVersion }}
+          fetch-depth: 0
 
       - name: Define Targets
         id: definetargets
         working-directory: ${{ env.inventory }}
         run: |
-          set -x
           targets=""
           prefix="environment_name_$(echo ${{ github.event.inputs.TargetEnvironment}} | sed 's/delius-core-dev/delius_core_development_dev/;s/delius-core-test/delius_core_test_test/;s/delius-core-training/delius_core_test_training/;s/delius-core-stage/delius_core_preproduction_stage/;s/delius-core-pre-prod/delius_core_preproduction_pre_prod/;s/delius-core-prod/delius_core_production_prod/')"
           build_targets() {
             databasetype=${1}
-            high_availability_count=$(yq .high_availability_count.${databasetype} group_vars/${prefix}_all.yml)
-            [ $high_availability_count -le 2 ] && targets="${targets}${prefix}_${databasetype}_primarydb,"
-            [ $high_availability_count -eq 1 ] && targets="${targets}${prefix}_${databasetype}_standbydb1,"
-            [ $high_availability_count -eq 2 ] && targets="${targets}${prefix}_${databasetype}_standbydb1,${prefix}_${databasetype}_standbydb2,"
+            if [[ -e group_vars/${prefix}_${databasetype}_primarydb.yml ]]
+            then
+              targets="${targets}${prefix}_${databasetype}_dbs,"
+            fi
             echo
           }
           [ "${{ github.event.inputs.IncludeDelius }}" == "yes" ] && build_targets delius
@@ -207,6 +212,7 @@ jobs:
         shell: bash
         run: |
           export ANSIBLE_CONFIG=$ansible_config
+          ln -s $PWD/roles/ansible/roles $PWD/operations/playbooks/oracle_password_rotation/roles
           $command -i $inventory \
           -e target_dbs=${{ steps.definetargets.outputs.targets }} \
           -e "required_action='${{ github.event.inputs.RequiredAction }}'" \
diff --git a/playbooks/oracle_restore_points/playbook.yml b/playbooks/oracle_restore_points/playbook.yml
@@ -68,22 +68,22 @@
             - ( get_fast_start_failover.stdout | trim ) not in ['','Disabled']
 
 # Allow OEM jobs to run during the flashback so we can pick up Audited Interaction Data for archival if required
-# - name: Start Blackout for Flashback
-#   import_playbook: ../oem-blackout/playbook.yml
-#   when: required_action == "Flashback to Restore Point"
-#   vars:
-#       target: "{{ target_dbs }}"
-#       blackout: "Flashback_to_{{ restore_point_name }}"
-#       object_type: all
-#       action: start
-#       allow_jobs: true
+- name: Start Blackout for Flashback
+  import_playbook: ../oem_blackout/playbook.yml
+  when: required_action == "Flashback to Restore Point"
+  vars:
+    target: "{{ target_dbs }}"
+    blackout: "Flashback_to_{{ restore_point_name }}"
+    object_type: all
+    action: start
+    allow_jobs: true
 
 # Ensure all connections to Delius Primary are blocked and removed
 # prior to a Flashback
 - name: Block connections to Delius primary database
   import_playbook: ../block_sessions/playbook.yml
   vars:
-    target_host: "{{ target_dbs.split(',') | select('search', '.*delius_primarydb') | first  }}"
+    target_host: "{{ target_dbs.split(',') | select('match','.*delius_dbs') | first | replace('dbs','primarydb') }}"
     database: { "delius": { "high_availability_count": 0 } }
     action: block
   when:
@@ -198,17 +198,12 @@
 
           when: (restore_date_time | default() | length > 0) and database_primary_sid is defined
 
-        - name: Get environment name and application name
-          set_fact:
-            environment_name: "{{ hostvars[inventory_hostname].group_names[2] | replace(hostvars[inventory_hostname].group_names[2].split('_')[-1],'') }}"
-            application_name: "{{ hostvars[inventory_hostname].group_names[3].split('_')[-2] }}"
-
         - name: Create Oracle Standby Restore Points
           script: create_standby_restore_points.sh
           when: database_standby_sid is defined
           environment:
             RESTORE_POINT_NAME: "{{ uplift_restore_point_name | default(restore_point_name) | upper }}"
-            SCN: "{{ hostvars[groups[environment_name + application_name + '_primarydb'][0]]['scn'] | default('0') }}"
+            SCN: "{{ hostvars[groups[hostvars[inventory_hostname].group_names | select('match','.*_dbs') | first | replace('dbs','primarydb')][0]]['scn'] | default('0') }}"
 
         - name: Create Oracle Primary Restore Points
           script: create_primary_restore_points.sh
@@ -306,7 +301,7 @@
 - name: Unblock connections to Delius primary database
   import_playbook: ../block_sessions/playbook.yml
   vars:
-    target_host: "{{ target_dbs.split(',') | select('search', '.*delius_primarydb') | first }}"
+    target_host: "{{ target_dbs.split(',') | select('match','.*delius_dbs') | first | replace('dbs','primarydb') }}"
     database: { "delius": { "high_availability_count": 0 } }
     action: unblock
     ignore_flashback: true
@@ -389,7 +384,7 @@
 # out of Sync with those in SSM Parameter store and OEM.  Rotate the passwords again to sync everything up.
 # (This step is skipped if not in AWS since there will be no password store)
 - name: Rotate Database Passwords
-  import_playbook: ../oracle_password_rotation/password_rotation.yml
+  import_playbook: ../oracle_password_rotation/database_password_rotation.yml
   vars:
     rotate_database_passwords: true
     rotate_groups: "{{ target_dbs }}"
@@ -445,14 +440,14 @@
     - database_primary_sid is defined
     - database_primary_sid | regex_search('STGMIS')
 
-# - name: Stop Blackout for Flashback
-#   import_playbook: ../oem-blackout/playbook.yml
-#   when: required_action == "Flashback to Restore Point"
-#   vars:
-#       target: "{{ target_dbs }}"
-#       blackout: "Flashback_to_{{ restore_point_name }}"
-#       object_type: all
-#       action: stop
+- name: Stop Blackout for Flashback
+  import_playbook: ../oem_blackout/playbook.yml
+  when: required_action == "Flashback to Restore Point"
+  vars:
+    target: "{{ target_dbs }}"
+    blackout: "Flashback_to_{{ restore_point_name }}"
+    object_type: all
+    action: stop
 
 # Always Run the Restore Point Report at the End
 - name: Report restore points
