Backup database to Azure storage #7

Workflow file for this run

.github/workflows/backup-db.yml at f0808ce

	name: Backup database to Azure storage

	on:
	workflow_dispatch:
	inputs:
	environment:
	description: Environment to backup
	required: true
	default: staging
	type: choice
	options:
	- staging
	- production
	backup-file:
	description: \|
	Backup file name (without extension). Default is cpdec2_[env]_adhoc_YYYY-MM-DD. Set it explicitly when backing up a point-in-time (PTR) server. (Optional)
	required: false
	type: string
	default: default
	db-server:
	description: \|
	Name of the database server. Default is the live server. When backing up a point-in-time (PTR) server, use the full name of the PTR server. (Optional)

	workflow_call:
	secrets:
	azure-credentials:
	description: Azure credentials
	required: false
	inputs:
	environment:
	description: Environment to backup
	required: true
	default: staging
	type: string
	backup-file:
	description: \|
	Backup file name (without extension). Default is cpdec2_[env]_adhoc_YYYY-MM-DD. Set it explicitly when backing up a point-in-time (PTR) server. (Optional)
	required: false
	type: string
	default: default
	db-server:
	description: \|
	Name of the database server. Default is the live server. When backing up a point-in-time (PTR) server, use the full name of the PTR server. (Optional)
	type: string
	required: false

	env:
	SERVICE_NAME: cpd-ec2
	SERVICE_SHORT: cpdec2
	TF_VARS_PATH: config/terraform/application/config

	jobs:
	backup:
	name: Backup database
	runs-on: ubuntu-latest
	environment:
	name: ${{ inputs.environment \|\| 'production' }}
	env:
	DEPLOY_ENV: ${{ inputs.environment \|\| 'production' }}
	BACKUP_FILE: ${{ inputs.backup-file \|\| 'schedule' }}

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- uses: azure/login@v2
	with:
	creds: ${{ secrets.azure-credentials \|\| secrets.AZURE_CREDENTIALS }}

	- name: Set Azure environment variables
	run: \|
	# Load environment-specific configuration
	source config/global_config/${DEPLOY_ENV}.sh
	tf_vars_file=${TF_VARS_PATH}/${DEPLOY_ENV}.tfvars.json

	# Set Azure environment variables
	echo "CLUSTER=$(jq -r '.cluster' ${tf_vars_file})" >> $GITHUB_ENV
	echo "RESOURCE_GROUP_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-rg" >> $GITHUB_ENV
	echo "STORAGE_ACCOUNT_NAME=${AZURE_RESOURCE_PREFIX}${SERVICE_SHORT}dbbkp${CONFIG_SHORT}sa" >> $GITHUB_ENV
	echo "DB_SERVER=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-pg" >> $GITHUB_ENV
	echo "KEYVAULT_NAME=${AZURE_RESOURCE_PREFIX}-${SERVICE_SHORT}-${CONFIG_SHORT}-inf-kv" >> $GITHUB_ENV
	echo "APP_NAME=${SERVICE_NAME}-${DEPLOY_ENV}-web" >> $GITHUB_ENV

	- name: Generate the backup file name
	run: \|
	# Load environment-specific configuration
	source config/global_config/${DEPLOY_ENV}.sh
	TODAY=$(date +"%F")

	# Set BACKUP_FILE variable
	if [ "${BACKUP_FILE}" == "schedule" ]; then
	BACKUP_FILE=${SERVICE_SHORT}_${CONFIG_SHORT}_${TODAY}
	elif [ "${BACKUP_FILE}" == "default" ]; then
	BACKUP_FILE=${SERVICE_SHORT}_${CONFIG_SHORT}_adhoc_${TODAY}
	else
	BACKUP_FILE=${BACKUP_FILE}
	fi
	echo "BACKUP_FILE=${BACKUP_FILE}" >> $GITHUB_ENV

	- name: Fetch secrets from key vault
	uses: azure/CLI@v2
	id: key-vault-secrets
	with:
	inlineScript: \|
	SLACK_WEBHOOK=$(az keyvault secret show --name "SLACK-WEBHOOK" --vault-name ${KEYVAULT_NAME} --query "value" -o tsv)
	echo "::add-mask::$SLACK_WEBHOOK"
	echo "SLACK_WEBHOOK=$SLACK_WEBHOOK" >> $GITHUB_OUTPUT

	- name: Backup ${{ env.DEPLOY_ENV }} postgres
	uses: DFE-Digital/github-actions/backup-postgres@master
	with:
	storage-account: ${{ env.STORAGE_ACCOUNT_NAME }}
	resource-group: ${{ env.RESOURCE_GROUP_NAME }}
	app-name: ${{ env.APP_NAME }}
	cluster: ${{ env.CLUSTER }}
	azure-credentials: ${{ secrets.azure-credentials \|\| secrets.AZURE_CREDENTIALS }}
	backup-file: ${{ env.BACKUP_FILE }}.sql
	db-server-name: ${{ inputs.db-server }}
	slack-webhook: ${{ steps.key-vault-secrets.outputs.SLACK_WEBHOOK }}

	- name: Notify Slack channel on job success
	if: success()
	uses: rtCamp/action-slack-notify@v2
	env:
	SLACK_USERNAME: CI Deployment
	SLACK_TITLE: ${{ env.DEPLOY_ENV }} database dump stored in Azure Storage (${{ env.STORAGE_ACCOUNT_NAME }} / database-backup / ${{ env.BACKUP_FILE }}.sql) - Success
	SLACK_MESSAGE: ${{ env.APP_NAME }} - ${{ env.DEPLOY_ENV }} database backup job succeeded
	SLACK_WEBHOOK: ${{ steps.key-vault-secrets.outputs.SLACK_WEBHOOK }}
	SLACK_COLOR: success
	SLACK_FOOTER: Sent from backup-db workflow

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Backup database to Azure storage #7

Workflow file

Backup database to Azure storage #7

Jobs

Run details

Workflow file for this run