Alfresco Data Refresh #65
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| --- | |
| name: Alfresco Data Refresh | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| source_env: | |
| description: Environment to copy data from | |
| required: true | |
| type: choice | |
| options: | |
| - dev | |
| destination_env: | |
| description: Environment to copy data to | |
| required: true | |
| type: choice | |
| options: | |
| - poc | |
| permissions: | |
| contents: read | |
| jobs: | |
| stop-destination-environment: | |
| name: Stop ${{ github.event.inputs.destination_env }} Environment | |
| runs-on: ubuntu-22.04 | |
| environment: | |
| name: ${{ github.event.inputs.destination_env }} | |
| steps: | |
| - name: Configure kubectl | |
| run: | | |
| echo "${{ secrets.KUBE_CERT }}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${{ secrets.KUBE_TOKEN }} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} | |
| - name: Stop ${{ github.event.inputs.destination_env }} Environment | |
| run: | | |
| kubectl scale deployment alfresco-content-services-alfresco-cs-repository --replicas=0 | |
| kubectl scale deployment alfresco-content-services-alfresco-cs-share --replicas=0 | |
| kubectl scale deployment alfresco-content-services-alfresco-search-solr --replicas=0 | |
| refresh-db: | |
| name: Refresh DB | |
| runs-on: [self-hosted, Linux, management-infrastructure] | |
| environment: | |
| name: ${{ github.event.inputs.source_env }} | |
| needs: stop-destination-environment | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Install Kubernetes | |
| uses: azure/[email protected] | |
| with: | |
| version: 'v1.26.0' # default is latest stable | |
| id: kubectl_install | |
| - name: Install Helm | |
| uses: azure/[email protected] | |
| with: | |
| version: 'v3.9.0' | |
| id: helm_install | |
| - name: Configure kubectl | |
| run: | | |
| echo "${{ secrets.KUBE_CERT }}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${{ secrets.KUBE_TOKEN }} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} | |
| - name: DB Refresh | |
| working-directory: jobs/refresh-db | |
| run: | | |
| helm install refresh-db . \ | |
| --set sourceEnvironment=${{ github.event.inputs.source_env }} \ | |
| --set destinationEnvironment=${{ github.event.inputs.destination_env }} | |
| kubectl wait job refresh-db --for=condition=complete --timeout 10h | |
| - name: Uninstall DB Refresh chart | |
| run: helm uninstall refresh-db | |
| refresh-s3: | |
| name: Refresh S3 | |
| runs-on: [self-hosted, Linux, management-infrastructure] | |
| environment: | |
| name: ${{ github.event.inputs.source_env }} | |
| needs: stop-destination-environment | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Install Kubernetes | |
| uses: azure/[email protected] | |
| with: | |
| version: 'v1.26.0' # default is latest stable | |
| id: kubectl_install | |
| - name: Install Helm | |
| uses: azure/[email protected] | |
| with: | |
| version: 'v3.9.0' | |
| id: helm_install | |
| - name: Configure kubectl | |
| run: | | |
| echo "${{ secrets.KUBE_CERT }}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${{ secrets.KUBE_TOKEN }} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} | |
| - name: S3 Refresh | |
| working-directory: jobs/refresh-s3 | |
| run: | | |
| set -xeo pipefail | |
| SERVICE_POD_DEPLOYMENT=$(kubectl get deployment -l app=service-pod -o jsonpath="{.items[0].metadata.name}") | |
| SERVICE_POD_NAME=$(kubectl get pod -l app=$SERVICE_POD_DEPLOYMENT -o jsonpath="{.items[0].metadata.name}") | |
| SRC_BUCKET=$(kubectl get secrets s3-bucket-output -o jsonpath='{.data.BUCKET_NAME}' | base64 -d) | |
| DIRS=$(kubectl exec $SERVICE_POD_NAME -- aws s3 ls $SRC_BUCKET | grep -v contentstore | awk -F ' ' '{print $2}' | tr -d '/' | tr '\n' ',') | |
| helm install refresh-s3 . \ | |
| --set sourceEnvironment=${{ github.event.inputs.source_env }} \ | |
| --set destinationEnvironment=${{ github.event.inputs.destination_env }} \ | |
| --set directories="{${DIRS:0:-1}}" | |
| kubectl wait jobs -l name-prefix=refresh-s3 --for=condition=complete --timeout 10h | |
| - name: Uninstall S3 Refresh chart | |
| run: helm uninstall refresh-s3 | |
| wipe-solr-data: | |
| name: Wipe Solr Data | |
| runs-on: ubuntu-22.04 | |
| environment: | |
| name: ${{ github.event.inputs.destination_env }} | |
| needs: stop-destination-environment | |
| steps: | |
| - uses: actions/[email protected] | |
| - name: Configure kubectl | |
| run: | | |
| echo "${{ secrets.KUBE_CERT }}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${{ secrets.KUBE_TOKEN }} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} | |
| - name: Start Solr Data Wipe Job | |
| run: | | |
| kubectl apply -f jobs/wipe-solr-data.yaml | |
| kubectl wait --timeout 10m --for=condition=complete job/wipe-solr-data | |
| - name: Delete Refresh Job | |
| run: kubectl delete job wipe-solr-data | |
| start-destination-environment: | |
| name: Start ${{ github.event.inputs.destination_env }} Environment | |
| runs-on: ubuntu-22.04 | |
| environment: | |
| name: ${{ github.event.inputs.destination_env }} | |
| needs: | |
| - refresh-db | |
| - refresh-s3 | |
| - wipe-solr-data | |
| steps: | |
| - name: Configure kubectl | |
| run: | | |
| echo "${{ secrets.KUBE_CERT }}" > ca.crt | |
| kubectl config set-cluster ${KUBE_CLUSTER} --certificate-authority=./ca.crt --server=https://${KUBE_CLUSTER} | |
| kubectl config set-credentials deploy-user --token=${{ secrets.KUBE_TOKEN }} | |
| kubectl config set-context ${KUBE_CLUSTER} --cluster=${KUBE_CLUSTER} --user=deploy-user --namespace=${KUBE_NAMESPACE} | |
| kubectl config use-context ${KUBE_CLUSTER} | |
| env: | |
| KUBE_NAMESPACE: ${{ secrets.KUBE_NAMESPACE }} | |
| KUBE_CLUSTER: ${{ secrets.KUBE_CLUSTER }} | |
| - name: Stop ${{ github.event.inputs.destination_env }} Environment | |
| run: | | |
| apt update && apt install -y jq | |
| HELM_VALUES=$(helm get values alfresco-content-services -o json) | |
| kubectl scale deployment alfresco-content-services-alfresco-cs-repository --replicas=$(echo $HELM_VALUES | jq '.repository.replicaCount') | |
| kubectl scale deployment alfresco-content-services-alfresco-cs-share --replicas=$(echo $HELM_VALUES | jq '.share.replicaCount') | |
| kubectl scale deployment alfresco-content-services-alfresco-search-solr --replicas=1 |