Skip to content

Commit

Permalink
T3 nomis release upgrade to db v11.2.1.1.230 (#363)
Browse files Browse the repository at this point in the history
* Added releases until DB_V11.2.1.1.230

* ssm fix

* fix

* remove debug

* fix

* fix

* fix

* fix

* fix

* revert

* fix

* fix

* fix

* fix

* fix

* revert test

---------

Co-authored-by: Dominic Robinson <dominic.robinson@digital.justice.gov.uk>
  • Loading branch information
Sandhya1874 and drobinson-moj authored Oct 13, 2023
1 parent 227ce01 commit 98188f7
Show file tree
Hide file tree
Showing 8 changed files with 74 additions and 58 deletions.
12 changes: 12 additions & 0 deletions ansible/roles/nomis-release-deployment/defaults/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,16 @@ oracle_install_user: oracle
oracle_install_group: oinstall
app_db_username: oms_owner

app_db_name: "{{ ec2.tags['oracle-db-name'] }}"
db_configs: {}
db_config: "{{ db_configs[app_db_name] }}"

app_ssm_passwords:
db:
parameter: "/oracle/database/{{ db_config.db_name }}/weblogic-passwords"
users:
- oms_owner:

nomis_releases:
# - { name: DB_V11.2.1.1.203.1, web_config_files: 0, db_patch_updated: 0 }
# - { name: DB_V11.2.1.1.204, web_config_files: 0, db_patch_updated: 1 }
Expand Down Expand Up @@ -38,3 +48,5 @@ nomis_releases:
- { name: DB_V11.2.1.1.226, web_config_files: 0, db_patch_updated: 1 }
- { name: DB_V11.2.1.1.227, web_config_files: 0, db_patch_updated: 1 }
- { name: DB_V11.2.1.1.228, web_config_files: 0, db_patch_updated: 1 }
- { name: DB_V11.2.1.1.229, web_config_files: 0, db_patch_updated: 1 }
- { name: DB_V11.2.1.1.230, web_config_files: 0, db_patch_updated: 1 }
46 changes: 19 additions & 27 deletions ansible/roles/nomis-release-deployment/tasks/get_facts.yml
Original file line number Diff line number Diff line change
Expand Up @@ -9,38 +9,30 @@
path: /u01/app/oracle/Middleware/user_projects/domains/NomisDomain
register: app_server_file

- name: If database server , get DB name from running process
ansible.builtin.shell: ps -ef | grep pmon | grep NOM| grep -v grep | awk -F_ '{ print $3 }'
register: db_name
- name: DB servers facts
block:
- name: If database server , get DB name from running process
ansible.builtin.shell: ps -ef | grep pmon | grep NOM| grep -v grep | awk -F_ '{ print $3 }'
changed_when: false
check_mode: false
register: db_name

- name: Set db name from ec2 oracle-db-name tag
set_fact:
app_db_name: "{{ db_name.stdout }}"

# block
when: db_server_file.stat.exists

- name: Set db name from ec2 oracle-db-name tag
set_fact:
app_db_name: "{{ db_name.stdout }}"
when: db_server_file.stat.exists

- name: Set db name from ec2 oracle-db-name tag
set_fact:
app_db_name: "{{ ec2.tags['oracle-db-name'] }}"
when: app_server_file.stat.exists

- name: Set SSM parameters path fact from ec2 ssm-parameters-prefix and Name tag
set_fact:
ssm_parameters_path: '/{{ ssm_parameters_prefix }}/{{ ec2.tags["oracle-db-name"] }}'
when: app_server_file.stat.exists

- name: Set SSM parameters path fact from ec2 ssm-parameters-prefix and Name tag
set_fact:
ssm_parameters_path: "/{{ ssm_parameters_prefix }}/{{ app_db_name }}"
when: db_server_file.stat.exists

- name: Set SSM parameters path facts
set_fact:
ssm_parameters_path_app_db_password: "{{ ssm_parameters_path }}/{{ app_db_username }}"
- name: Get SSM parameters
import_role:
name: ssm-passwords
vars:
ssm_passwords: "{{ app_ssm_passwords }}"

- name: Get SSM parameters
set_fact:
app_db_password: "{{ lookup('aws_ssm', ssm_parameters_path_app_db_password, region=ansible_ec2_placement_region) }}"
app_db_password: "{{ ssm_passwords_dict['db'].passwords[app_db_username] }}"

- name: Check all SSM parameters and tags are set
set_fact:
Expand Down
6 changes: 5 additions & 1 deletion ansible/roles/oracle-restore-point/defaults/main.yml
Original file line number Diff line number Diff line change
@@ -1,5 +1,9 @@
---
ssm_parameters_prefix: database
stage: /u02/stage
oracle_install_user: oracle
oracle_install_group: oinstall
db_ssm_passwords:
db:
parameter: "/oracle/database/{{ db_name }}/passwords"
users:
- sys:
26 changes: 14 additions & 12 deletions ansible/roles/oracle-restore-point/tasks/create_restore_point.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,15 @@
owner: "{{ oracle_install_user }}"
group: "{{ oracle_install_group }}"

- name: Set SSM parameters path fact from ec2 ssm-parameters-prefix and Name tag
ansible.builtin.set_fact:
ssm_parameters_path: "/{{ ssm_parameters_prefix }}/{{ item }}/sys"
- name: Get SSM parameters
import_role:
name: ssm-passwords
vars:
ssm_passwords: "{{ db_ssm_passwords }}"

- name: Get sys password for oracle database .
ansible.builtin.set_fact:
db_sys_password: "{{ lookup('aws_ssm', ssm_parameters_path, region=ansible_ec2_placement_region) }}"
- name: Get SSM parameters
set_fact:
db_sys_password: "{{ ssm_passwords_dict['db'].passwords['sys'] }}"

- name: Check password is extracted from SSM
ansible.builtin.set_fact:
Expand All @@ -23,25 +25,25 @@

- name: Fail if missing SSM parameters
ansible.builtin.fail:
msg: Ensure SYS password is in SSM for {{ item }} database
msg: Ensure SYS password is in SSM for {{ db_name }} database
when: not db_sys_password_set |default(false)

- name: Create restore point in database {{ item }}
- name: Create restore point in database {{ db_name }}
become_user: "{{ oracle_install_user }}"
ansible.builtin.shell: |
set -eo pipefail
main() {
. ~/.bash_profile
. oraenv <<< {{ db_sid }}
sqlplus sys/{{ db_sys_password }}@{{ item }} as sysdba @{{ stage }}/create_restore_point.sql
sqlplus sys/{{ db_sys_password }}@{{ db_name }} as sysdba @{{ stage }}/create_restore_point.sql
}
main 2>&1 | logger -p local3.info -t ansible-oracle-restore-point
- name: Check restore point created successfully or not in {{ item }}
ansible.builtin.shell: grep "Restore point created." {{ stage }}/{{ item }}_restore_point.log | wc -l
- name: Check restore point created successfully or not in {{ db_name }}
ansible.builtin.shell: grep "Restore point created." {{ stage }}/{{ db_name }}_restore_point.log | wc -l
register: restore_point_check

- name: Fail if missing SSM parameters
ansible.builtin.fail:
msg: Restore point creation failed for {{ item }}
msg: Restore point creation failed for {{ db_name }}
when: restore_point_check.stdout == "0"
26 changes: 14 additions & 12 deletions ansible/roles/oracle-restore-point/tasks/drop_restore_point.yml
Original file line number Diff line number Diff line change
Expand Up @@ -7,13 +7,15 @@
owner: "{{ oracle_install_user }}"
group: "{{ oracle_install_group }}"

- name: Set SSM parameters path fact from ec2 ssm-parameters-prefix and Name tag
ansible.builtin.set_fact:
ssm_parameters_path: "/{{ ssm_parameters_prefix }}/{{ item }}/sys"
- name: Get SSM parameters
import_role:
name: ssm-passwords
vars:
ssm_passwords: "{{ db_ssm_passwords }}"

- name: Get sys password for oracle database .
ansible.builtin.set_fact:
db_sys_password: "{{ lookup('aws_ssm', ssm_parameters_path, region=ansible_ec2_placement_region) }}"
- name: Get SSM parameters
set_fact:
db_sys_password: "{{ ssm_passwords_dict['db'].passwords['sys'] }}"

- name: Check password is extracted from SSM
ansible.builtin.set_fact:
Expand All @@ -23,25 +25,25 @@

- name: Fail if missing SSM parameters
ansible.builtin.fail:
msg: Ensure SYS password is in SSM for {{ item }} database
msg: Ensure SYS password is in SSM for {{ db_name }} database
when: not db_sys_password_set |default(false)

- name: Drop restore point in database {{ item }}
- name: Drop restore point in database {{ db_name }}
become_user: "{{ oracle_install_user }}"
ansible.builtin.shell: |
set -eo pipefail
main() {
. ~/.bash_profile
. oraenv <<< {{ db_sid }}
sqlplus sys/{{ db_sys_password }}@{{ item }} as sysdba @{{ stage }}/drop_restore_point.sql
sqlplus sys/{{ db_sys_password }}@{{ db_name }} as sysdba @{{ stage }}/drop_restore_point.sql
}
main 2>&1 | logger -p local3.info -t ansible-oracle-restore-point
- name: Check restore point dropped successfully or not from {{ item }}
ansible.builtin.shell: grep "Restore point dropped." {{ stage }}/{{ item }}_restore_point.log | wc -l
- name: Check restore point dropped successfully or not from {{ db_name }}
ansible.builtin.shell: grep "Restore point dropped." {{ stage }}/{{ db_name }}_restore_point.log | wc -l
register: restore_point_check

- name: Fail if missing SSM parameters
ansible.builtin.fail:
msg: Drop restore point failed for {{ item }}
msg: Drop restore point failed for {{ db_name }}
when: restore_point_check.stdout == "0"
8 changes: 6 additions & 2 deletions ansible/roles/oracle-restore-point/tasks/main.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,7 +10,9 @@
apply:
tags:
- create_restore_point
with_items: "{{ db_tns_list.split(',') }}"
loop_control:
loop_var: db_name
loop: "{{ db_tns_list.split(',') }}"
when: db_server_file.stat.exists and db_tns_list is defined and restore_point_name is defined and action == "create"

- name: Drop restore point from databases specified by TNS
Expand All @@ -19,5 +21,7 @@
apply:
tags:
- drop_restore_point
with_items: "{{ db_tns_list.split(',') }}"
loop_control:
loop_var: db_name
loop: "{{ db_tns_list.split(',') }}"
when: db_server_file.stat.exists and db_tns_list is defined and restore_point_name is defined and action == "drop"
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
spool {{ stage }}/{{ item }}_restore_point.log
spool {{ stage }}/{{ db_name }}_restore_point.log
create restore point {{ restore_point_name }} guarantee flashback database;
exit
exit
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
spool {{ stage }}/{{ item }}_restore_point.log
spool {{ stage }}/{{ db_name }}_restore_point.log
drop restore point {{ restore_point_name }};
exit
exit

0 comments on commit 98188f7

Please sign in to comment.