From 0c0fd03fe7972160561661c636133691c6e4c9ea Mon Sep 17 00:00:00 2001
From: John Ake <johnake@hotmail.com>
Date: Thu, 14 Sep 2023 15:52:39 +0100
Subject: [PATCH] add db refresh from paas to aks

---
 .github/workflows/restore-paas-db-to-aks.yml | 40 +++++++++++++++++++-
 1 file changed, 39 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/restore-paas-db-to-aks.yml b/.github/workflows/restore-paas-db-to-aks.yml
index 084336a2..89d494ec 100644
--- a/.github/workflows/restore-paas-db-to-aks.yml
+++ b/.github/workflows/restore-paas-db-to-aks.yml
@@ -10,7 +10,7 @@ on:
       environment:
         type: choice
         options:
-          - development
+          - dev
 
 jobs:
   backup:
@@ -20,3 +20,41 @@ jobs:
     steps:
     - run: |
         echo "Hello World"
+
+    - uses: actions/checkout@v4
+
+    - uses: DFE-Digital/github-actions/install-postgres-client@master
+    
+    - name: Set environment variables
+      shell: bash
+      run: |
+        tf_vars_file=terraform/paas/workspace_variables/dev.tfvars.json
+        echo "KEY_VAULT_NAME=$(jq -r '.key_vault_name' ${tf_vars_file})" >> $GITHUB_ENV
+        echo "PAAS_SPACE=$(jq -r '.paas_space' ${tf_vars_file})" >> $GITHUB_ENV
+
+    - name: Retrieve Cloudfoundry credentials from KV
+      uses: azure/CLI@v1
+      id: fetch-cf-creds
+      with:
+        inlineScript: |
+          SECRET_VALUE=$(az keyvault secret show --name "PAAS-USER" --vault-name "${{ env.KEY_VAULT_NAME}}" --query "value" -o tsv)
+          echo "::add-mask::$SECRET_VALUE"
+          echo "PAAS-USER=$SECRET_VALUE" >> $GITHUB_OUTPUT
+
+          SECRET_VALUE=$(az keyvault secret show --name "PAAS-PASSWORD" --vault-name "${{ env.KEY_VAULT_NAME}}" --query "value" -o tsv)
+          echo "::add-mask::$SECRET_VALUE"
+          echo "PAAS-PASSWORD=$SECRET_VALUE" >> $GITHUB_OUTPUT
+
+    - uses: DFE-Digital/github-actions/setup-cf-cli@master
+      with:
+        CF_USERNAME: ${{ steps.fetch-cf-creds.outputs.PAAS-USER }}
+        CF_PASSWORD: ${{ steps.fetch-cf-creds.outputs.PAAS-PASSWORD }}
+        CF_SPACE_NAME: ${{ env.PAAS_SPACE }}
+        INSTALL_CONDUIT: true
+    
+    - name: Backup database
+      run: |
+        cf conduit find-a-lost-trn-dev-pg-svc -- pg_dump -E utf8 --clean --compress=1 --if-exists --no-owner --no-privileges --verbose -f backup.sql.gz
+
+
+