Merge pull request #82 from DFE-Digital/1855-dr-restore-postgres-from…

…-backup-github-action

Restore postgres from backup github action

backup-postgres/README.md

@@ -9,7 +9,6 @@ Mainly designed to be used in DR and DR test procedures
 - `app-name`: Name of the aks app deployment (Required)
 - `cluster`: AKS cluster to use, test or production (Required)
 - `azure-credentials`: A JSON string containing service principle credentials (Required)
-- `environment`: Application environment that containes the database (Required)
 - `backup-file`: Name of the backup file (Required)
 
 ## Example
@@ -29,6 +28,5 @@ jobs:
           app-name: myservice-qa
           cluster: test
           azure-credentials: ${{ secrets.AZURE_CREDENTIALS}}
-          environment: qa
           backup-file: backup290224.sql
 ```

backup-postgres/action.yml

@@ -20,9 +20,6 @@ inputs:
   azure-credentials:
     description: A JSON string containing service principle credentials.
     required: true
-  environment:
-    description: App environment
-    required: true
   backup-file:
     description: Name of the backup file
     required: true

restore-postgres-backup/README.md

@@ -0,0 +1,32 @@
+# Restore Postgres Backup
+
+Restore an Azure Postgresql server database from a previous backup that is stored in an Azure storage account
+Mainly designed to be used in DR and DR test procedures
+
+## Inputs
+- `storage-account`: Name of the Azure atorage account that contains the backup (Required)
+- `resource-group`: Azure resource group of the storage account (Required)
+- `app-name`: Name of the aks app deployment (Required)
+- `cluster`: AKS cluster to use, test or production (Required)
+- `azure-credentials`: A JSON string containing service principle credentials (Required)
+- `backup-file`: Name of the source backup file that is being restored (Required)
+
+## Example
+
+```yaml
+jobs:
+  main:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+      - name: Restore postgres backup
+        uses: DFE-Digital/github-actions/restore-postgres-backup@master
+        with:
+          storage-account: myserviceqabkpsa
+          resource-group: s189t01-app-rg
+          app-name: myservice-qa
+          cluster: test
+          azure-credentials: ${{ secrets.AZURE_CREDENTIALS}}
+          backup-file: backup290224
+```

restore-postgres-backup/action.yml

@@ -0,0 +1,94 @@
+name: Restore postgres from backup
+description: Restore an Azure postgres database from a daily backup
+inputs:
+  storage-account:
+    description: Name of the Azure storage account that contains the backup
+    type: string
+    required: true
+  app-name:
+    description: Name of the app deployment
+    type: string
+    required: true
+  resource-group:
+    description: Name of the Azure resource group
+    type: string
+    required: true
+  cluster:
+    description: Cluster being used. Test or Production.
+    required: true
+  azure-credentials:
+    description: A JSON string containing service principle credentials.
+    required: true
+  backup-file:
+    description: Name of the backup file to restore
+    required: true
+
+runs:
+  using: composite
+  steps:
+    - uses: azure/login@v2
+      with:
+        creds: ${{ inputs.azure-credentials }}
+
+    - name: Setup postgres client
+      uses: DFE-Digital/github-actions/install-postgres-client@master
+      with:
+        version: 14
+
+    - name: Install kubectl
+      uses: DFE-Digital/github-actions/set-kubectl@master
+
+    - uses: DFE-Digital/github-actions/set-kubelogin-environment@master
+      with:
+        azure-credentials: ${{ inputs.azure-credentials }}
+
+    - name: Set up cluster environment variables
+      shell: bash
+      run: |
+        case ${{ inputs.cluster }} in
+          test)
+            echo "cluster_rg=s189t01-tsc-ts-rg" >> $GITHUB_ENV
+            echo "cluster_name=s189t01-tsc-test-aks" >> $GITHUB_ENV
+            ;;
+          production)
+            echo "cluster_rg=s189p01-tsc-pd-rg" >> $GITHUB_ENV
+            echo "cluster_name=s189p01-tsc-production-aks" >> $GITHUB_ENV
+            ;;
+          *)
+            echo "unknown cluster"
+            ;;
+        esac
+
+    - name: K8 setup
+      shell: bash
+      run: |
+        az aks get-credentials --overwrite-existing -g ${{ env.cluster_rg }} -n ${{ env.cluster_name }}
+        kubelogin convert-kubeconfig -l spn
+        # install konduit
+        curl -s https://raw.githubusercontent.com/DFE-Digital/teacher-services-cloud/master/scripts/konduit.sh -o bin/konduit.sh
+        chmod +x bin/konduit.sh
+
+    - name: Set Connection String
+      shell: bash
+      run: |
+        STORAGE_CONN_STR=$(az storage account show-connection-string -g ${{ inputs.resource-group }} -n ${{ inputs.storage-account }} --query 'connectionString')
+        echo "::add-mask::$STORAGE_CONN_STR"
+        echo "AZURE_STORAGE_CONNECTION_STRING=$STORAGE_CONN_STR" >> $GITHUB_ENV
+
+    - name: Download Backup from Azure Storage
+      shell: bash
+      run: |
+        az config set extension.use_dynamic_install=yes_without_prompt
+        az config set core.only_show_errors=true
+        az storage azcopy blob download --container database-backup \
+        --source ${{ inputs.backup-file }} --destination ${{ inputs.backup-file }}
+
+    - name: Restore backup to aks env database
+      shell: bash
+      run: |
+        COMPRESS=$( file --brief ${{ inputs.backup-file }} | grep -ic compressed || true )
+        if [[ $COMPRESS -gt 0 ]]; then
+          bin/konduit.sh -i ${{ inputs.backup-file }} -c -t 7200 ${{ inputs.app-name }} -- psql
+        else
+          bin/konduit.sh -i ${{ inputs.backup-file }} -t 7200 ${{ inputs.app-name }} -- psql
+        fi