From c8f6ebb2bee3972939e7e0016808afb1b6ca0c5d Mon Sep 17 00:00:00 2001 From: Michael Allen Date: Thu, 19 Jan 2017 21:13:59 +0000 Subject: [PATCH 1/5] Backup job to rsync db backups to jenkins from lighthouse --- .../templates/jobs/management.yml.j2 | 55 +++++++++++++++++++ 1 file changed, 55 insertions(+) diff --git a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 index 6487b8f..aadf2d8 100644 --- a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 +++ b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 @@ -37,6 +37,61 @@ wrappers: - ansicolor +- job: + name: 'backup-db' + description: 'Backup the lighthouse DB to jenkins' + display-name: 'Backup DB' + properties: + - build-discarder: + num-to-keep: 5 + artifact-num-to-keep: 5 +{% if distribute_dependencies %} + workspace: /opt/dist/workspaces/update-jenkins +{% else %} + scm: + - git: + url: {{ builder_repo }} + branches: + - "origin/master" + submodule: + recursive: true +{% endif %} + builders: + - shell: | + export SSH_USER="{{ lighthouse_ssh_user }}" + export SSH_PRIVATE_KEY_PATH="{{ lighthouse_ssh_key_path }}" + export LIGHTHOUSE_IP="{{ lighthouse_ip }}" + cd ansible + + chmod 'u=rw,g=,o=' $SSH_PRIVATE_KEY_PATH + + ssh -tt -i $SSH_PRIVATE_KEY_PATH \ + $SSH_USER@$LIGHTHOUSE_IP \ + -o IdentitiesOnly=yes << EOF + + sudo su - lighthouse + source virtualenv/bin/activate + cd app + python manage.py dumpdata > /tmp/db.json + + exit $? + + sudo chown {{ lighthouse_ssh_user }} /tmp/db.json + exit $? + EOF + + rsync -avz \ + -e "ssh -i $SSH_PRIVATE_KEY_PATH -o IdentitiesOnly=yes" \ + $SSH_USER@$LIGHTHOUSE_IP:/tmp/db.json \ + ./db.json + wrappers: + - ansicolor + publishers: + - archive: + artifacts: 'db.json' + allow-empty: false + only-if-success: true + - project: name: management jobs: From 30d78793dfae1890aed739a51f7cdf8511f79b15 Mon Sep 17 00:00:00 2001 From: Michael Allen Date: Thu, 19 Jan 2017 21:28:39 +0000 Subject: [PATCH 2/5] Explicitly ignore hostkey checking --- .../digi2al.jenkins/templates/jobs/management.yml.j2 | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 index aadf2d8..2eeec14 100644 --- a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 +++ b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 @@ -24,6 +24,7 @@ ssh -tt -i $SSH_PRIVATE_KEY_PATH \ $SSH_USER@$LIGHTHOUSE_IP \ + -o StrictHostKeyChecking=no \ -o IdentitiesOnly=yes << EOF sudo su - lighthouse @@ -61,13 +62,13 @@ export SSH_USER="{{ lighthouse_ssh_user }}" export SSH_PRIVATE_KEY_PATH="{{ lighthouse_ssh_key_path }}" export LIGHTHOUSE_IP="{{ lighthouse_ip }}" + SSH_CMD="ssh -i $SSH_PRIVATE_KEY_PATH -o IdentitiesOnly=yes -o StrictHostKeyChecking=no" cd ansible chmod 'u=rw,g=,o=' $SSH_PRIVATE_KEY_PATH - ssh -tt -i $SSH_PRIVATE_KEY_PATH \ - $SSH_USER@$LIGHTHOUSE_IP \ - -o IdentitiesOnly=yes << EOF + $SSH_CMD -tt \ + $SSH_USER@$LIGHTHOUSE_IP << EOF sudo su - lighthouse source virtualenv/bin/activate @@ -81,7 +82,7 @@ EOF rsync -avz \ - -e "ssh -i $SSH_PRIVATE_KEY_PATH -o IdentitiesOnly=yes" \ + -e "$SSH_CMD" \ $SSH_USER@$LIGHTHOUSE_IP:/tmp/db.json \ ./db.json wrappers: From e87d15136ea70017315abceb778f7bb921bea086 Mon Sep 17 00:00:00 2001 From: Michael Allen Date: Thu, 19 Jan 2017 21:39:26 +0000 Subject: [PATCH 3/5] Ensure lighthouse can create the backup --- .../templates/jobs/management.yml.j2 | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 index 2eeec14..7e8166c 100644 --- a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 +++ b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 @@ -70,21 +70,28 @@ $SSH_CMD -tt \ $SSH_USER@$LIGHTHOUSE_IP << EOF + # Create Backup directory, writeable by lighthouse + sudo mkdir -p /tmp/backups + sudo chmod o+w /tmp/backups + sudo rm /tmp/backups/db.json + + # Become lighthouse and prepare environment sudo su - lighthouse source virtualenv/bin/activate cd app - python manage.py dumpdata > /tmp/db.json - exit $? + # Backup database + python manage.py dumpdata > /tmp/backups/db.json - sudo chown {{ lighthouse_ssh_user }} /tmp/db.json + exit $? exit $? EOF + # Rsync backup to jenkins rsync -avz \ -e "$SSH_CMD" \ - $SSH_USER@$LIGHTHOUSE_IP:/tmp/db.json \ - ./db.json + $SSH_USER@$LIGHTHOUSE_IP:/tmp/backups/db.json \ + ../db.json wrappers: - ansicolor publishers: From 54a3d85554a910da9f04a79651be0afb6891b46a Mon Sep 17 00:00:00 2001 From: Michael Allen Date: Thu, 19 Jan 2017 22:10:07 +0000 Subject: [PATCH 4/5] Add backup to management project --- ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 | 1 + 1 file changed, 1 insertion(+) diff --git a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 index 7e8166c..fdc98f3 100644 --- a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 +++ b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 @@ -104,3 +104,4 @@ name: management jobs: - 'rebuild-index' + - 'backup-db' From cc3e3ef4c49f7d393a16c8a6cca606f620245bd9 Mon Sep 17 00:00:00 2001 From: Michael Allen Date: Thu, 19 Jan 2017 22:17:28 +0000 Subject: [PATCH 5/5] Create a restore db job --- .../templates/jobs/management.yml.j2 | 65 +++++++++++++++++++ 1 file changed, 65 insertions(+) diff --git a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 index fdc98f3..1565375 100644 --- a/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 +++ b/ansible/roles/digi2al.jenkins/templates/jobs/management.yml.j2 @@ -100,6 +100,71 @@ allow-empty: false only-if-success: true +- job: + name: 'restore-db' + description: 'Restore the lighthouse DB from a backup' + display-name: 'Restore DB' + parameters: + - file: + name: db.json + description: "Upload DB backup" +{% if distribute_dependencies %} + workspace: /opt/dist/workspaces/update-jenkins +{% else %} + scm: + - git: + url: {{ builder_repo }} + branches: + - "origin/master" + submodule: + recursive: true +{% endif %} + builders: + - shell: | + export SSH_USER="{{ lighthouse_ssh_user }}" + export SSH_PRIVATE_KEY_PATH="{{ lighthouse_ssh_key_path }}" + export LIGHTHOUSE_IP="{{ lighthouse_ip }}" + SSH_CMD="ssh -i $SSH_PRIVATE_KEY_PATH -o IdentitiesOnly=yes -o StrictHostKeyChecking=no" + cd ansible + + chmod 'u=rw,g=,o=' $SSH_PRIVATE_KEY_PATH + + + $SSH_CMD -tt \ + $SSH_USER@$LIGHTHOUSE_IP << EOF + + # Create Backup directory, writeable by lighthouse + sudo mkdir -p /tmp/backups + sudo chmod o+w /tmp/backups + sudo rm /tmp/backups/db.json + + exit $? + EOF + + # Rsync backup to jenkins + rsync -avz \ + -e "$SSH_CMD" \ + ../db.json \ + $SSH_USER@$LIGHTHOUSE_IP:/tmp/backups/db.json + + $SSH_CMD -tt \ + $SSH_USER@$LIGHTHOUSE_IP << EOF + + # Become lighthouse and prepare environment + sudo su - lighthouse + source virtualenv/bin/activate + cd app + + # Restore database + python manage.py loaddata /tmp/backups/db.json + + exit $? + exit $? + EOF + + wrappers: + - ansicolor + - project: name: management jobs: