Skip to content

Commit

Permalink
test recovery
Browse files Browse the repository at this point in the history
  • Loading branch information
rubenruizdegauna committed Jan 9, 2025
1 parent 17cfd33 commit 2061fef
Showing 1 changed file with 59 additions and 28 deletions.
87 changes: 59 additions & 28 deletions .github/workflows/recover_s3_repository.yml
Original file line number Diff line number Diff line change
@@ -1,21 +1,18 @@
name: . ⚠️⚠️⚠️ Recover S3 Repository back in time ⚠️⚠️⚠️
name: . ⚠️⚠️⚠️ Recover S3 Repository back in time ⚠️⚠️⚠️

on:
workflow_dispatch:
inputs:
date_time:
description: 'UTC DateTime to recover the S3 repository back in time (MM-DD-YYYY HH:MM:SS +0)'
type: string
required: true
path:
description: 'Path under infrastructure_agent folder to recover (w/o leading slash, with trailing slash)'
type: string
required: true
push:
branches:
- 'NR-229418_disaster_recovery_action_TEST'

env:
BUCKET: 'nr-downloads-main'
MANDATORY_PREFIX: 'infrastructure_agent/'
MANDATORY_PREFIX: '20240108-test-disaster-recovery/'
IMAGE: 'ghcr.io/newrelic-forks/s3-pit-restore:latest'
DATETIME: '01-08-2025 13:22:00 +0000'
S3_PATH: 'test1/'
ENVIRONMENT: 'staging'
AWS_REGION: "us-east-1"
AWS_PROFILE: temp_staging

jobs:
recover-s3-repository:
Expand All @@ -24,26 +21,25 @@ jobs:
steps:
- name: Validate datetime
run: |
datetime="${{ github.event.inputs.date_time }}"
datetime="${{ env.DATETIME }}"
# Use Python's strptome (same as s3-pit-restore) to check if it's a valid datetime
python3 -c "from datetime import datetime; datetime.strptime('$datetime', '%m-%d-%Y %H:%M:%S %z')" 2> /dev/null
exit_code=$?
if [ $exit_code -ne 0 ]]; then
exit_code=$?
if [ $exit_code -ne 0 ]; then
exit 1
fi
- name: Validate path input does not have leading slash and has trailing slash
run: |
path="${{ github.event.inputs.path }}"
s3_path="${{ env.S3_PATH }}"
# Check if the path has a leading slash
if [[ "$path" == /* ]]; then
if [[ "$s3_path" == /* ]]; then
echo "Invalid path: should not have a leading slash."
return 1
fi
# Check if the path has a trailing slash
if [[ "$path" != */ ]]; then
if [[ "$s3_path" != */ ]]; then
echo "Invalid path: should have a trailing slash."
return 1
fi
Expand All @@ -52,13 +48,48 @@ jobs:
uses: actions/checkout@v4
with:
repository: newrelic-forks/s3-pit-restore
ref: master
ref: NR-229418_aws_credentials_from_env_vars

- name: Run S3 PIT restore
# - name: Run S3 PIT restore Production S3
# if: ${{ github.event.inputs.environment == 'production' }}
# run: |
# BUCKET="nr-downloads-main" \
# PREFIX="${{ env.MANDATORY_PREFIX }}${{ github.event.inputs.path }}" \
# TIME="${{ github.event.inputs.date_time }}" \
# IMAGE="${{ env.IMAGE }}" \
# make validate-input
# env:
# AWS_ACCESS_KEY_ID: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_PRODUCTION }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_PRODUCTION }}
# AWS_ROLE_ARN: ${{ secrets.OHAI_AWS_ROLE_ARN_PRODUCTION }}
# AWS_ROLE_SESSION_NAME: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_PRODUCTION }}

- name: test aws credentials
run: |
./setup_aws_credentials.sh
env:
AWS_ACCESS_KEY_ID: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_STAGING }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_STAGING }}
AWS_ROLE_ARN: ${{ secrets.OHAI_AWS_ROLE_ARN_STAGING }}
AWS_ROLE_SESSION_NAME: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_STAGING }}

- name: test aws credentials
run: |
AWS_PROFILE=primary/okta_onhostintegrations \
BUCKET="nr-downloads-main" \
PREFIX="${{ env.MANDATORY_PREFIX }}${{ github.event.inputs.path }}" \
TIME="${{ github.event.inputs.date_time }}" \
IMAGE="${{ env.IMAGE }}" \
make restore
aws --profile $AWS_PROFILE s3api list-object-versions --bucket nr-downloads-ohai-staging --prefix 20240108-test-disaster-recovery |grep "Key"|head -n 5
# - name: Run S3 PIT restore in Staging S3
# if: ${{ env.ENVIRONMENT == 'staging' }}
# run: |
# ./setup_aws_credentials.sh
#
# BUCKET="nr-downloads-ohai-staging" \
# PREFIX="${{ env.MANDATORY_PREFIX }}${{ env.S3_PATH }}" \
# TIME="${{ env.DATETIME }}" \
# IMAGE="${{ env.IMAGE }}" \
# make restore
# env:
# AWS_ACCESS_KEY_ID: ${{ secrets.OHAI_AWS_ACCESS_KEY_ID_STAGING }}
# AWS_SECRET_ACCESS_KEY: ${{ secrets.OHAI_AWS_SECRET_ACCESS_KEY_STAGING }}
# AWS_ROLE_ARN: ${{ secrets.OHAI_AWS_ROLE_ARN_STAGING }}
# AWS_ROLE_SESSION_NAME: ${{ secrets.OHAI_AWS_ROLE_SESSION_NAME_STAGING }}

0 comments on commit 2061fef

Please sign in to comment.