Update Staging Database #4
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Update Staging Database | |
| on: | |
| workflow_dispatch: | |
| # on: | |
| # schedule: | |
| # - cron: '0 0 * * *' # Runs at 00:00 UTC daily. | |
| jobs: | |
| backup_upload: | |
| runs-on: ubuntu-latest | |
| environment: staging | |
| steps: | |
| - name: Setup SSH | |
| run: | | |
| mkdir -p ~/.ssh | |
| echo "${{ secrets.SSH_PRIVATE_KEY }}" > ~/.ssh/private_key.pem | |
| chmod 600 ~/.ssh/private_key.pem | |
| ssh-keyscan -H ${{ secrets.SERVER_HOST }} >> ~/.ssh/known_hosts | |
| - name: Update from backup | |
| run: | | |
| echo "Authenticating with GCP." | |
| echo '${{ secrets.GCP_SA_KEY }}' > /tmp/gcp-sa-key.json | |
| gcloud auth activate-service-account --key-file=/tmp/gcp-sa-key.json | |
| rm /tmp/gcp-sa-key.json $BACKUP_NAME | |
| BACKUP=$(gsutil ls -l gs://ocho-osai/track/pg_data/ | grep -v "TOTAL:" | sort -k2,2 -r | awk '{ $1=$2=""; print $0 }' | sed 's/^[ \t]*//' | head -n 1 | tr -d '\n') | |
| BACKUP_NAME=$(basename $BACKUP) | |
| BACKUP_FILE="backups/$BACKUP_NAME" | |
| mkdir -p ./track/backups/ | |
| gsutil cp $BACKUP $BACKUP_FILE | |
| echo "Most recent backup found: $BACKUP_NAME" | |
| # Check if the backup file exists and is a gzip file | |
| if [ -f "$BACKUP_FILE" ] && [[ $BACKUP_FILE == *.gz ]]; then | |
| echo "Decompressing backup file $BACKUP_FILE" | |
| gunzip -k "$BACKUP_FILE" | |
| BACKUP_FILE="${BACKUP_FILE%.gz}" | |
| echo "Backup decompressed to $BACKUP_FILE" | |
| else | |
| echo "Backup file does not exist or is not a gzip file." | |
| exit 1 | |
| fi | |
| ssh -i ~/.ssh/private_key.pem ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} << ENDSSH | |
| echo "Removing old backups." | |
| rm -r /home/${{ secrets.SERVER_USER }}/track/backups/ || true | |
| mkdir -p /home/${{ secrets.SERVER_USER }}/track/backups/ | |
| ENDSSH | |
| scp -i ~/.ssh/private_key.pem $BACKUP_FILE ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }}:/home/${{ secrets.SERVER_USER }}/track/$BACKUP_FILE | |
| ssh -i ~/.ssh/private_key.pem ${{ secrets.SERVER_USER }}@${{ secrets.SERVER_HOST }} << ENDSSH | |
| echo "Restoring from backup: ./track/$BACKUP_FILE" | |
| export APP_ENV=${{ vars.APP_ENV }} | |
| export HOST_PORT=${{ vars.HOST_PORT }} | |
| export POSTGRES_PASSWORD=${{ secrets.POSTGRES_PASSWORD }} | |
| # Restore from backup. The postgres docker service is called "db" | |
| docker compose -f track/base.yml -f track/prod.yml down | |
| docker compose -f track/base.yml -f track/prod.yml up -d db | |
| docker compose -f track/base.yml -f track/prod.yml exec db psql -U postgres -d postgres -f /home/${{ secrets.SERVER_USER }}/track/$BACKUP_FILE | |
| docker compose -f track/base.yml -f track/prod.yml down | |
| docker compose -f track/base.yml -f track/prod.yml up -d | |
| # docker compose -f track/base.yml -f track/prod.yml pull | |
| ENDSSH |