# HG changeset patch # User Marc Davis # Date 1713898032 14400 # Node ID e483148f528345a83b45e4ce0685d739844a56f1 # Parent 4b026170dfeaef693a1219cdcbf7b6ff9dff0d00 Add backup, restore, and update ess scripts. Handle ess in workflows update and remove container stop/removal from install ess script. diff -r 4b026170dfea -r e483148f5283 prod/install-ess-app.sh --- a/prod/install-ess-app.sh Thu Apr 18 14:09:02 2024 +0100 +++ b/prod/install-ess-app.sh Tue Apr 23 14:47:12 2024 -0400 @@ -13,14 +13,6 @@ echo "Attempting to pull $artifactUrl/ess-app:$appVersion" docker pull $artifactUrl/ess-app:$appVersion # -# docker stop ess app container -echo "Attempting to stop $entityId-ess-app container" -docker stop $entityId-ess-app -# -# docker rm ess app container -echo "Attempting to remove $entityId-ess-app container" -docker rm $entityId-ess-app -# # Builder docker run command based on settings in env files echo "Building docker run command" dockerRunCommand="docker run --name $entityId-ess-app diff -r 4b026170dfea -r e483148f5283 prod/update-ess-app.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/prod/update-ess-app.sh Tue Apr 23 14:47:12 2024 -0400 @@ -0,0 +1,119 @@ +#!/bin/bash +# +# read required env variables +BASEDIR="$PWD" +source $BASEDIR/.env/ess-shared.properties +source $BASEDIR/.env/ess-app.properties +# +# docker login +echo "Attempting to login to $artifactUrl" +docker login $artifactUrl -u $artifactUser -p $artifactPassword +# +# docker pull app image +echo "Attempting to pull $artifactUrl/ess-app:$appVersion" +docker pull $artifactUrl/ess-app:$appVersion +# +# docker stop ess app container +echo "Attempting to stop $entityId-ess-app container" +docker stop $entityId-ess-app +# +# docker rm ess app container +echo "Attempting to remove $entityId-ess-app container" +docker rm $entityId-ess-app +# +# Builder docker run command based on settings in env files +echo "Building docker run command" +dockerRunCommand="docker run --name $entityId-ess-app + --restart=unless-stopped + --network $entityId-ess-net + -e SPRING_DATASOURCE_URL=jdbc:postgresql://$entityId-ess-db:5432/essdb + -e SPRING_DATASOURCE_DRIVER_CLASS_NAME=org.postgresql.Driver + -e SPRING_DATASOURCE_USERNAME=postgres + -e SPRING_DATASOURCE_PASSWORD=$dbPassword + -e SPRING_PROFILES_ACTIVE=prod + -e APPLICATION_ADMIN_PASSWORD=$adminPassword + -e APPLICATION_ADMIN_RESET=$resetAdminPassword + -e USPS_CONFIGURATION_HOST=$uspsHost + -e USPS_CONFIGURATION_PORT=$uspsPort + -e USPS_CONFIGURATION_APIKEY=$uspsApiKey + -e USPS_CONFIGURATION_REMOTEAPIKEY=$uspsRemoteApiKey + -e WORKFLOWS_CONFIGURATION_HOST=$workflowsHost + -e WORKFLOWS_CONFIGURATION_PORT=$workflowsPort + -e WORKFLOWS_CONFIGURATION_API_KEY=$workflowsApiKey + -e WORKFLOWS_CONFIGURATION_REMOTE_API_KEY=$workflowsRemoteApiKey + -e JAVA_OPTS=$java_opts" +# +if [ ! -z "$virtualHost" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" +fi +# +if [ ! -z "$virtualPort" ]; then + dockerRunCommand="$dockerRunCommand -e VIRTUAL_PORT=$virtualPort" +fi +# +if [ ! -z "$letsencryptHost" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_HOST=$letsencryptHost" +fi +# +if [ ! -z "$letsencryptEmail" ]; then + dockerRunCommand="$dockerRunCommand -e LETSENCRYPT_EMAIL=$letsencryptEmail" +fi +# +if [ ! -z "$hostPort" ]; then + dockerRunCommand="$dockerRunCommand -p $hostPort" +fi +# +# +if [ ! -z "$duoEnabled" ]; then + echo "Adding Duo Configuration" + dockerRunCommand="$dockerRunCommand + -e DUO_ENABLED=$duoEnabled + -e DUO_CLIENT_ID=$duoClientId + -e DUO_CLIENT_SECRET=$duoClientSecret + -e DUO_API_HOSTNAME=$duoApiHostname + -e DUO_FAIL_OPEN=$duoFailOpen + -e DUO_ESS_HOST=$duoEssHost + -e DUO_ESS_PORT=$duoEssPort + -e DUO_ESS_CONTEXT=$duoEssContext + -e DUO_MINUTES_UNTIL_EXPIRATION=$duoMinutesUntilExpiration" +fi +# +# +if [ ! -z "$ads_config1_enabled" ]; then + echo "Add Window Active Director Configuration 1" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG1_ENABLED=$ads_config1_enabled + -e SSDT_ADS_CONFIG1_DOMAIN=$ads_config1_domain + -e SSDT_ADS_CONFIG1_LDAP_URL=$ads_config1_ldap_url + -e SSDT_ADS_CONFIG1_ROOT_DN=$ads_config1_root_dn + -e SSDT_ADS_CONFIG1_SEARCH_FILTER=$ads_config1_search_filter" +fi +# +# +if [ ! -z "$ads_config2_enabled" ]; then + echo "Add Window Active Director Configuration 2" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG2_ENABLED=$ads_config2_enabled + -e SSDT_ADS_CONFIG2_DOMAIN=$ads_config2_domain + -e SSDT_ADS_CONFIG2_LDAP_URL=$ads_config2_ldap_url + -e SSDT_ADS_CONFIG2_ROOT_DN=$ads_config2_root_dn + -e SSDT_ADS_CONFIG2_SEARCH_FILTER=$ads_config2_search_filter" +fi +# +# +if [ ! -z "$ads_config3_enabled" ]; then + echo "Add Window Active Director Configuration 3" + dockerRunCommand="$dockerRunCommand + -e SSDT_ADS_CONFIG3_ENABLED=$ads_config3_enabled + -e SSDT_ADS_CONFIG3_DOMAIN=$ads_config3_domain + -e SSDT_ADS_CONFIG3_LDAP_URL=$ads_config3_ldap_url + -e SSDT_ADS_CONFIG3_ROOT_DN=$ads_config3_root_dn + -e SSDT_ADS_CONFIG3_SEARCH_FILTER=$ads_config3_search_filter" +fi +# +# +dockerRunCommand="$dockerRunCommand -d $artifactUrl/ess-app:$appVersion" +# +# Execute constructed docker run command to create $entityId-ess-app container connected to db and docker network +echo "Executing docker run command" +$dockerRunCommand diff -r 4b026170dfea -r e483148f5283 prod/update-workflows-app.sh --- a/prod/update-workflows-app.sh Thu Apr 18 14:09:02 2024 +0100 +++ b/prod/update-workflows-app.sh Tue Apr 23 14:47:12 2024 -0400 @@ -50,6 +50,20 @@ dockerRunCommand="$dockerRunCommand -e USPS_CONFIGURATION_CONTEXT=$uspsContext" fi # +# If ESS Host is provided, assuming ESS connection needs configured. +# +if [ ! -z "$essHost" ]; then + echo "configuring employee self-service environment variables" + dockerRunCommand="$dockerRunCommand + -e ESS_HOST=$essHost + -e ESS_PORT=$essPort + -e ESS_API_KEY=$essApiKey + -e ESS_REMOTE_API_KEY=$essRemoteApiKey" +fi +# +if [ ! -z "$essContext" ]; then + dockerRunCommand="$dockerRunCommand -e ESS_CONTEXT=$essContext" +fi if [ ! -z "$virtualHost" ]; then dockerRunCommand="$dockerRunCommand -e VIRTUAL_HOST=$virtualHost" fi @@ -74,4 +88,4 @@ # # Execute constructed docker run command to create $entityId-workflows-app container connected to db and docker network echo "Executing docker run command" -$dockerRunCommand \ No newline at end of file +$dockerRunCommand diff -r 4b026170dfea -r e483148f5283 scripts/backup-ess.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/backup-ess.sh Tue Apr 23 14:47:12 2024 -0400 @@ -0,0 +1,5 @@ +#!/bin/bash + +source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh" + +${SSDT_SCRIPTS}/backup-container-docker.sh essdb ${1} diff -r 4b026170dfea -r e483148f5283 scripts/restore-ess.sh --- /dev/null Thu Jan 01 00:00:00 1970 +0000 +++ b/scripts/restore-ess.sh Tue Apr 23 14:47:12 2024 -0400 @@ -0,0 +1,51 @@ +#!/bin/bash + +source "${SSDT_SCRIPTS:-$(dirname "${BASH_SOURCE[0]}")}/.functions.sh" + +sourceFile=${1?must provide backup file to be restored} + +if [ -z "$1" ] +then + echo "Usage: `basename $0` {backup file to restore}" + echo " must specify the name of the file to restore. Assumed to be in format:" + echo " {entityId}-ess-db.{timestamp}.backup.gz " + exit $E_NOARGS +fi + +function prop { + grep "${1}" .env/ess-shared.properties|cut -d'=' -f2 +} + +entityId=$(prop 'entityId' | tr -d '"') +dbContainerName="$entityId-ess-db" +appContainerName="$entityId-ess-app" +target="essdb" + +echo +echo "Preparing to restore" +echo "--------------------" +echo " file: $sourceFile" +echo " to $dbContainerName database: $target" +echo " " +echo "WARNING: This operation will DELETE and replace any exising database" +echo " " + +read -e -p "Continue? " answer +case $answer in + y | Y | yes | YES ) answer="y";; + n | N | no | NO ) answer="n";; + *) answer="n" +esac + +if [ "$answer" == "y" ] +then + echo "stopping application service $appContainerName" + docker stop $appContainerName + + echo "copy backup file to database container" + docker cp ${sourceFile} ${dbContainerName}:/tmp/restore.backup.gz + + echo "starting database restore" + docker exec -t -u postgres $dbContainerName sh -c "gunzip -f /tmp/restore.backup.gz -c | psql" + +fi