github
diff --git a/‎.github/workflows/backup.yml
Lines changed: 118 additions & 0 deletions b/‎.github/workflows/backup.yml
Lines changed: 118 additions & 0 deletions
diff --git a/‎.github/workflows/backuprestore.yml
Lines changed: 87 additions & 0 deletions b/‎.github/workflows/backuprestore.yml
Lines changed: 87 additions & 0 deletions
diff --git a/‎.github/workflows/docker-image.yml
Lines changed: 8 additions & 5 deletions b/‎.github/workflows/docker-image.yml
Lines changed: 8 additions & 5 deletions
diff --git a/‎.github/workflows/main.yml
Lines changed: 1 addition & 1 deletion b/‎.github/workflows/main.yml
Lines changed: 1 addition & 1 deletion
diff --git a/‎.github/workflows/restore.yml
Lines changed: 152 additions & 0 deletions b/‎.github/workflows/restore.yml
Lines changed: 152 additions & 0 deletions
@@ -0,0 +1,118 @@
+name: Backup GHES instance and save to Azure
+run-name: "${{ github.actor }} - Backup GHES instance and save to Azure"
+
+on:
+  workflow_call:
+    inputs:
+      github-hostname:
+        description: GitHub Hostname to backup
+        required: true
+        type: string
+      backup-name:
+        description: The name of the backup to be saved in Azure storage
+        required: false
+        default: ""
+        type: string
+    secrets:
+      BACKUP_SSH_KEY:
+        description: SSH key to access the GitHub Enterprise instance
+        required: true
+      INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN:
+        description: Token for the internal actions dx bot account
+        required: true
+      AZURE_USERNAME:
+        description: Azure service principal username
+        required: false
+      AZURE_PASSWORD:
+        description: Azure service principal password
+        required: false
+      AZURE_TENANT_ID:
+        description: Azure tenant ID
+        required: false
+      AZURE_SUBSCRIPTION_ID:
+        description: Azure subscription ID
+        required: false
+      AZURE_ACCOUNT_NAME:
+        description: Azure storage account name
+        required: false
+      AZURE_CONTAINER_NAME:
+        description: Azure storage container name
+        required: false
+      CONNECTIONSTRING:
+        description: Azure storage connection string
+        required: false
+
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        repository: github/backup-utils-private
+        token: "${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }}"
+    - run: docker build . --file Dockerfile --tag backup-utils
+    - run: docker save backup-utils -o backup-utils.tar
+    - uses: actions/upload-artifact@v3
+      with:
+        name: backup-utils
+        path: backup-utils.tar
+
+  backup-utils-backup:
+    needs: build
+    runs-on:
+      group: larger-hosted-public-runners
+      labels: ubuntu-latest-xl
+    env:
+        SSH_KEY: ${{ secrets.BACKUP_SSH_KEY }}
+    steps:
+    - uses: actions/download-artifact@v3
+      with:
+        name: backup-utils
+    - name: Load docker container
+      run: docker load -i backup-utils.tar
+    - uses: actions/checkout@v3
+    - name: Create backup directory
+      run: mkdir "$HOME/ghe-backup-data"
+    - name: set up ssh SSH_KEY
+      run: echo -e "${SSH_KEY}\n" > "$HOME/backup"
+    - name: set up ssh key permissions
+      run: chmod 0600 "$HOME/backup"
+    - name: change version
+      run: echo "3.8.0" > "$HOME/version"
+
+    - name: Perform backup
+      run: |
+        docker run -e "GHE_HOSTNAME=${{ inputs.github-hostname }}" \
+        -e "GHE_DATA_DIR=/data" \
+        -e "GHE_EXTRA_SSH_OPTS=-p 122 -i /ghe-ssh/id_rsa -o ServerAliveInterval=30 -o ServerAliveCountMax=12000 -o StrictHostKeyChecking=no" \
+        -e "GHE_NUM_SNAPSHOTS=15" \
+        -v "$HOME/ghe-backup-data:/data" \
+        -v "$HOME/backup:/ghe-ssh/id_rsa" \
+        -v "$HOME/version:/backup-utils/share/github-backup-utils/version" \
+        --rm \
+        backup-utils ghe-backup
+    - name: Check the backup file
+      run: |
+        current=$(readlink "$HOME/ghe-backup-data/current")
+        sudo tar -czvf "${{ inputs.backup-name }}.tar.gz" -C "$HOME/ghe-backup-data/$current" .
+
+    - name: Login to Azure
+      if: ${{ inputs.backup-name }} != ""
+      run: |
+        az login \
+          --service-principal \
+          -u "${{ secrets.AZURE_USERNAME }}" \
+          -p "${{ secrets.AZURE_PASSWORD }}" \
+          --tenant "${{ secrets.AZURE_TENANT_ID }}"
+        az account set --subscription "${{ secrets.AZURE_SUBSCRIPTION_ID }}"
+
+    - name: Upload backup to Azure
+      if: ${{ inputs.backup-name }} != ""
+      run: |
+        az storage blob upload \
+        --account-name "${{ secrets.AZURE_ACCOUNT_NAME }}" \
+        --container-name "${{ secrets.AZURE_CONTAINER_NAME }}" \
+        --name "${{ inputs.backup-name }}.tar.gz" \
+        --file "${{ inputs.backup-name }}.tar.gz" \
+        --connection-string "${{ secrets.CONNECTIONSTRING }}"
@@ -0,0 +1,87 @@
+name: Backup and Restore
+run-name: ${{ github.actor }} running backup and restore operation
+on: 
+  workflow_dispatch:
+    inputs:
+      hostname:
+        description: 'Hostname'
+        required: true
+        type: string
+      ref:
+        description: 'Ref'
+        required: false
+        type: string
+        default: 'master'
+  workflow_call:
+    inputs:
+      hostname:
+        description: 'Hostname'
+        required: true
+        type: string
+      ref:
+        description: 'Ref'
+        required: false
+        type: string
+        default: 'master'
+    
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        repository: github/backup-utils-private
+        ref: ${{ inputs.ref }}
+    - run: docker build . --file Dockerfile --tag backup-utils 
+    - run: docker save backup-utils -o backup-utils.tar
+    - uses: actions/upload-artifact@v3
+      with:
+        name: backup-utils
+        path: backup-utils.tar
+  backup-utils-backup-and-restore:
+    needs: build
+    runs-on: ubuntu-latest
+    env:
+        SSH_KEY: ${{ secrets.BACKUP_SSH_KEY }}
+    steps:
+    - uses: actions/download-artifact@v3
+      with:
+        name: backup-utils
+    - name: Load docker container 
+      run: docker load -i backup-utils.tar
+    - uses: actions/checkout@v3
+    - name: Create backup directory
+      run: mkdir $HOME/ghe-backup-data
+    - name: set up ssh SSH_KEY
+      run: echo -e "${SSH_KEY}\n" > $HOME/backup
+    - name: set up ssh key permissions
+      run: chmod 0600 $HOME/backup
+    - name: change version
+      run: echo "3.8.0" > $HOME/version
+    - name: Perform backup
+      run: |
+        docker run -e "GHE_HOSTNAME=${{ inputs.hostname }}" \
+        -e "GHE_DATA_DIR=/data" \
+        -e "GHE_EXTRA_SSH_OPTS=-p 122 -i /ghe-ssh/id_rsa -o ServerAliveInterval=30 -o ServerAliveCountMax=12000 -o StrictHostKeyChecking=no" \
+        -e "GHE_NUM_SNAPSHOTS=15" \
+        -v "$HOME/ghe-backup-data:/data" \
+        -v "$HOME/backup:/ghe-ssh/id_rsa" \
+        -v "$HOME/version:/backup-utils/share/github-backup-utils/version" \
+        --rm \
+        backup-utils ghe-backup
+    - name: Prepare for restore
+      run: ssh -p122 -i $HOME/backup -o StrictHostKeyChecking=no admin@${{ inputs.hostname }} "ghe-maintenance -s"
+    - name: Restore data to instance
+      run: |
+        docker run -e "GHE_HOSTNAME=${{ inputs.hostname }}" \
+        -e "GHE_DATA_DIR=/data" \
+        -e "GHE_EXTRA_SSH_OPTS=-p 122 -i /ghe-ssh/id_rsa -o ServerAliveInterval=30 -o ServerAliveCountMax=12000 -o StrictHostKeyChecking=no" \
+        -e "GHE_NUM_SNAPSHOTS=15" \
+        -v "$HOME/ghe-backup-data:/data" \
+        -v "$HOME/backup:/ghe-ssh/id_rsa" \
+        -v "$HOME/version:/backup-utils/share/github-backup-utils/version" \
+        --rm \
+        backup-utils ghe-restore ${{ inputs.hostname }}
+    - name: Reset maintenance mode after restore
+      run: ssh -p122 -i $HOME/backup -o StrictHostKeyChecking=no admin@${{ inputs.hostname }} "ghe-maintenance -u"
+  
@@ -14,12 +14,15 @@ jobs:
 
     steps:
     - uses: actions/checkout@v3
-    - name: Build the Debian Docker image
+    - name: Build the Ubuntu Docker image
       run: docker build . --file Dockerfile --tag backup-utils:${GITHUB_RUN_ID}
     - name: Build the Alpine Docker image
       run: docker build . --file Dockerfile.alpine --tag backup-utils-alpine:${GITHUB_RUN_ID}
-    - name: Run tests in Debian Docker image
-      run: docker run backup-utils:${GITHUB_RUN_ID} ghe-backup --version
+    - name: Run tests in Ubuntu Docker image
+      run: |
+        docker run backup-utils:${GITHUB_RUN_ID} ghe-backup --version
+        docker run backup-utils:${GITHUB_RUN_ID} rsync --version
     - name: Run tests in Alpine Docker image
-      run: docker run backup-utils-alpine:${GITHUB_RUN_ID} ghe-backup --version
-      
+      run: |
+        docker run backup-utils-alpine:${GITHUB_RUN_ID} ghe-backup --version
+        docker run backup-utils-alpine:${GITHUB_RUN_ID} rsync --version
@@ -10,7 +10,7 @@ jobs:
         # macos-latest references are kept here for historical purposes. removed macos-latest from the 
         #matrix as it is not a typical case for users and causes a lot of friction with other linux-based 
         # installs. Recommend developing on codespaces or using an ubuntu container. 
-        os: ['ubuntu-22.04', 'ubuntu-20.04', 'ubuntu-18.04']
+        os: ['ubuntu-22.04', 'ubuntu-20.04']
       fail-fast: false
     runs-on: ${{ matrix.os }}
     steps:
 
@@ -0,0 +1,152 @@
+name: Restore Dataset
+run-name: ${{ github.actor }} retrieving data-sets
+on:
+  workflow_dispatch:
+    inputs:
+      size:
+        description: 'Size of the dataset to restore'
+        required: true
+        type: choice
+        options:
+        - 'small'
+        - 'medium'
+      hostname:
+        description: 'Hostname of the server'
+        required: true
+        type: string
+      ref:
+        description: 'Branch ref to use'
+        required: false
+        type: string
+        default: 'master'
+      version:
+        description: 'Version of the dataset to restore (3.8/3.9)'
+        required: false
+        default: '3.8'
+        type: string
+
+  workflow_call:
+    inputs:
+      hostname:
+        description: 'Hostname of the server'
+        required: true
+        type: string
+      size:
+        description: 'Size of the dataset to restore (small/medium)'
+        required: false
+        default: 'small'
+        type: string
+      version:
+        description: 'Version of the dataset to restore (3.8/3.9)'
+        required: false
+        default: '3.8'
+        type: string
+      ref:
+        description: 'Branch ref to use'
+        required: false
+        type: string
+        default: 'master'
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v3
+      with:
+        repository: github/backup-utils-private
+        ref: ${{ inputs.ref }}
+        token: "${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }}"
+
+    - run: docker build . --file Dockerfile --tag backup-utils
+    - run: docker save backup-utils -o backup-utils.tar
+
+    - uses: actions/upload-artifact@v3
+      with:
+        name: backup-utils
+        path: backup-utils.tar
+
+  restore:
+    needs: build
+    runs-on:
+      group: larger-hosted-public-runners
+      labels: ubuntu-latest-xl
+    env:
+        SSH_KEY: ${{ secrets.BACKUP_SSH_KEY }}
+    steps:
+    - uses: actions/download-artifact@v3
+      with:
+        name: backup-utils
+
+    - name: Load docker container
+      run: docker load -i backup-utils.tar
+
+    - name: Find backup file version
+      id: file
+      run: |
+        version="${{ inputs.version }}"
+        size="${{ inputs.size }}"
+        V3_6_COMPATIBLE="3.6 3.7"
+        V3_8_COMPATIBLE="3.8 3.9 3.10"
+        if echo "$V3_8_COMPATIBLE" | grep -q -w "$version"; then
+            echo "Version $version is acceptable by 3.8 backup"
+            file_version=3.8
+        elif echo "$V3_6_COMPATIBLE" | grep -q -w "$version"; then
+            echo "Version $version is acceptable by 3.6 backup"
+            file_version=3.6
+        else
+            echo "Version $version is not acceptable"
+            exit 1
+        fi
+
+        echo "version=$file_version" >> "$GITHUB_OUTPUT"
+        echo "name=v$file_version-$size.tar.gz" >> "$GITHUB_OUTPUT"
+
+    - name: Download from blob storage
+      run: |
+        mkdir ghes-data
+        az storage blob download \
+        --account-name ghesresults \
+        --container-name ghes-data \
+        --name "${{ steps.file.outputs.name }}" \
+        --file "ghes-data/${{ steps.file.outputs.name }}" \
+        --connection-string "${{ secrets.CONNECTIONSTRING }}"
+
+    - name: Unzip backup and setup symlink
+      run: |
+          mkdir "$HOME/ghe-backup-data"
+          dir_name=$(date +%s)
+          mkdir "$HOME/ghe-backup-data/$dir_name"
+
+          tar -xvf "ghes-data/${{ steps.file.outputs.name }}" -C "$HOME/ghe-backup-data/$dir_name"
+
+          ln -s "$dir_name" "$HOME/ghe-backup-data/current"
+
+    - name: set up ssh SSH_KEY
+      run: echo -e "${SSH_KEY}\n" > "$HOME/backup"
+
+    - name: set up ssh key permissions
+      run: chmod 0600 "$HOME/backup"
+
+    - name: change version
+      run: echo "${{ inputs.version }}.0" > "$HOME/version"
+
+    - name: Prepare for restore
+      run: ssh -p122 -i "$HOME/backup" -o StrictHostKeyChecking=no admin@${{ inputs.hostname }} "ghe-maintenance -s"
+
+    - name: Restore data to instance
+      run: |
+        docker run -e "GHE_HOSTNAME=${{ inputs.hostname }}" \
+        -e "GHE_DATA_DIR=/data" \
+        -e "GHE_EXTRA_SSH_OPTS=-p 122 -i /ghe-ssh/id_rsa -o ServerAliveInterval=30 -o ServerAliveCountMax=12000 -o StrictHostKeyChecking=no" \
+        -e "GHE_NUM_SNAPSHOTS=15" \
+        -v "$HOME/ghe-backup-data:/data" \
+        -v "$HOME/backup:/ghe-ssh/id_rsa" \
+        -v "$HOME/version:/backup-utils/share/github-backup-utils/version" \
+        --rm \
+        backup-utils ghe-restore ${{ inputs.hostname }}
+
+    - name: Reset maintenance mode after restore
+      run: ssh -p122 -i "$HOME/backup" -o StrictHostKeyChecking=no admin@${{ inputs.hostname }} "ghe-maintenance -u"
+
+
+