1+ name : Backup GHES instance and save to Azure
2+ run-name : " ${{ github.actor }} - Backup GHES instance and save to Azure"
3+
4+ on :
5+ workflow_call :
6+ inputs :
7+ github-hostname :
8+ description : GitHub Hostname to backup
9+ required : true
10+ type : string
11+ backup-name :
12+ description : The name of the backup to be saved in Azure storage
13+ required : false
14+ default : " "
15+ type : string
16+ secrets :
17+ BACKUP_SSH_KEY :
18+ description : SSH key to access the GitHub Enterprise instance
19+ required : true
20+ INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN :
21+ description : Token for the internal actions dx bot account
22+ required : true
23+ AZURE_USERNAME :
24+ description : Azure service principal username
25+ required : false
26+ AZURE_PASSWORD :
27+ description : Azure service principal password
28+ required : false
29+ AZURE_TENANT_ID :
30+ description : Azure tenant ID
31+ required : false
32+ AZURE_SUBSCRIPTION_ID :
33+ description : Azure subscription ID
34+ required : false
35+ AZURE_ACCOUNT_NAME :
36+ description : Azure storage account name
37+ required : false
38+ AZURE_CONTAINER_NAME :
39+ description : Azure storage container name
40+ required : false
41+ CONNECTIONSTRING :
42+ description : Azure storage connection string
43+ required : false
44+
45+
46+ jobs :
47+ build :
48+ runs-on : ubuntu-latest
49+ steps :
50+ - uses : actions/checkout@v3
51+ with :
52+ repository : github/backup-utils-private
53+ token : " ${{ secrets.INTERNAL_ACTIONS_DX_BOT_ACCOUNT_TOKEN }}"
54+ - run : docker build . --file Dockerfile --tag backup-utils
55+ - run : docker save backup-utils -o backup-utils.tar
56+ - uses : actions/upload-artifact@v3
57+ with :
58+ name : backup-utils
59+ path : backup-utils.tar
60+
61+ backup-utils-backup :
62+ needs : build
63+ runs-on :
64+ group : larger-hosted-public-runners
65+ labels : ubuntu-latest-xl
66+ env :
67+ SSH_KEY : ${{ secrets.BACKUP_SSH_KEY }}
68+ steps :
69+ - uses : actions/download-artifact@v3
70+ with :
71+ name : backup-utils
72+ - name : Load docker container
73+ run : docker load -i backup-utils.tar
74+ - uses : actions/checkout@v3
75+ - name : Create backup directory
76+ run : mkdir "$HOME/ghe-backup-data"
77+ - name : set up ssh SSH_KEY
78+ run : echo -e "${SSH_KEY}\n" > "$HOME/backup"
79+ - name : set up ssh key permissions
80+ run : chmod 0600 "$HOME/backup"
81+ - name : change version
82+ run : echo "3.8.0" > "$HOME/version"
83+
84+ - name : Perform backup
85+ run : |
86+ docker run -e "GHE_HOSTNAME=${{ inputs.github-hostname }}" \
87+ -e "GHE_DATA_DIR=/data" \
88+ -e "GHE_EXTRA_SSH_OPTS=-p 122 -i /ghe-ssh/id_rsa -o ServerAliveInterval=30 -o ServerAliveCountMax=12000 -o StrictHostKeyChecking=no" \
89+ -e "GHE_NUM_SNAPSHOTS=15" \
90+ -v "$HOME/ghe-backup-data:/data" \
91+ -v "$HOME/backup:/ghe-ssh/id_rsa" \
92+ -v "$HOME/version:/backup-utils/share/github-backup-utils/version" \
93+ --rm \
94+ backup-utils ghe-backup
95+ name : Check the backup file
96+ run : |
97+ current=$(readlink "$HOME/ghe-backup-data/current")
98+ sudo tar -czvf "${{ inputs.backup-name }}.tar.gz" -C "$HOME/ghe-backup-data/$current" .
99+
100+ name : Login to Azure
101+ if : ${{ inputs.backup-name }} != ""
102+ run : |
103+ az login \
104+ --service-principal \
105+ -u "${{ secrets.AZURE_USERNAME }}" \
106+ -p "${{ secrets.AZURE_PASSWORD }}" \
107+ --tenant "${{ secrets.AZURE_TENANT_ID }}"
108+ az account set --subscription "${{ secrets.AZURE_SUBSCRIPTION_ID }}"
109+
110+ name : Upload backup to Azure
111+ if : ${{ inputs.backup-name }} != ""
112+ run : |
113+ az storage blob upload \
114+ --account-name "${{ secrets.AZURE_ACCOUNT_NAME }}" \
115+ --container-name "${{ secrets.AZURE_CONTAINER_NAME }}" \
116+ --name "${{ inputs.backup-name }}.tar.gz" \
117+ --file "${{ inputs.backup-name }}.tar.gz" \
118+ --connection-string "${{ secrets.CONNECTIONSTRING }}"
0 commit comments