dBildungsplattform · aimee-889 · Nov 20, 2024 · Nov 20, 2024 · Nov 20, 2024 · Nov 20, 2024
diff --git a/.github/workflows/delete-namespace.yml b/.github/workflows/delete-namespace.yml
@@ -15,7 +15,7 @@ permissions:
 
 
 jobs:
-  create_dbildungs_iam_keycloak_db_name:
+  recreate_dbildungs_iam_keycloak_db_name:
     runs-on: ubuntu-latest
     outputs:
       db_name: ${{ steps.create_db_name.outputs.db_name }}
@@ -29,7 +29,7 @@ jobs:
           echo "before" ${{ inputs.namespace }} "after" $temp
           echo "db_name=$temp" >> $GITHUB_OUTPUT
 
-  create_dbildungs_iam_server_db_name:
+  recreate_dbildungs_iam_server_db_name:
     runs-on: ubuntu-latest
     outputs:
       db_name: ${{ steps.create_db_name.outputs.db_name }}
@@ -57,8 +57,8 @@ jobs:
 
   delete_databases_and_namespace:
     needs: 
-      - create_dbildungs_iam_keycloak_db_name
-      - create_dbildungs_iam_server_db_name
+      - recreate_dbildungs_iam_keycloak_db_name
+      - recreate_dbildungs_iam_server_db_name
       - create_ticket_nr_variable
     runs-on: ubuntu-latest
     steps:
@@ -109,7 +109,7 @@ jobs:
           --namespace ${{ inputs.namespace }} \
           --set auth.existingSecret="psql-config-secret" \
           --kubeconfig $(pwd)/kubeconfig \
-          --set database.name=${{ needs.create_dbildungs_iam_keycloak_db_name.outputs.db_name }} \
+          --set database.name=${{ needs.recreate_dbildungs_iam_keycloak_db_name.outputs.db_name }} \
           --wait
 
         # Wait for Job to be completed
@@ -135,7 +135,7 @@ jobs:
           --namespace ${{ inputs.namespace }} \
           --set auth.existingSecret="psql-config-secret" \
           --kubeconfig $(pwd)/kubeconfig \
-          --set database.name=${{ needs.create_dbildungs_iam_server_db_name.outputs.db_name }} \
+          --set database.name=${{ needs.recreate_dbildungs_iam_server_db_name.outputs.db_name }} \
           --wait
 
         # Wait for Job to be completed

diff --git a/.github/workflows/deploy-to-dev-manual.yml b/.github/workflows/deploy-to-dev-manual.yml
@@ -37,6 +37,14 @@ on:
         - "chart_value"
         - "true"
         - "false"
+      database_deletion:
+        required: true
+        description: "Delete Databases? Yes = true; No = false;"
+        default: "false"
+        type: choice
+        options:
+        - "true"
+        - "false"
 
 jobs:
   create_branch_identifier:
@@ -61,7 +69,7 @@ jobs:
     needs:
       - check_namespace_input
       - create_branch_identifier
-    uses: dBildungsplattform/spsh-app-deploy/.github/workflows/deploy.yml@5
+    uses: dBildungsplattform/spsh-app-deploy/.github/workflows/deploy.yml@DBP-1084-rollout-to-namespaces-do-not-delete-dbs
     with:
       dbildungs_iam_server_branch: ${{ github.event.inputs.dbildungs_iam_server_branch }}
       schulportal_client_branch: ${{ github.event.inputs.schulportal_client_branch }}
@@ -70,6 +78,7 @@ jobs:
       dbseeding: ${{ github.event.inputs.dbseeding }}
       namespace: ${{ needs.create_branch_identifier.outputs.namespace_from_branch }}
       user_name: spsh-bot
+      database_deletion: ${{ inputs.database_deletion }}
     secrets:
       SPSH_DEV_KUBECONFIG: ${{ secrets.SPSH_DEV_KUBECONFIG }}
 

diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -36,6 +36,11 @@ on:
         description: "Enable Seeding (true, false, chart_value)"
         default: chart_value
         type: string
+      database_deletion:
+        required: false
+        description: "Decide whether Databases should be deleted or not"
+        default: true
+        type: string
     secrets:
       SPSH_DEV_KUBECONFIG:
         required: true
@@ -82,7 +87,7 @@ jobs:
     with:
       branch: ${{ github.ref_name == 'main' && inputs.namespace || needs.create_ingress_prefix.outputs.ticket }}
 
-  create_dbildungs_iam_keycloak_db_name:
+  recreate_dbildungs_iam_keycloak_db_name:
     runs-on: ubuntu-latest
     outputs:
       db_name: ${{ steps.create_db_name.outputs.db_name }}
@@ -96,7 +101,7 @@ jobs:
           echo "before" ${{ inputs.namespace }} "after" $temp
           echo "db_name=$temp" >> $GITHUB_OUTPUT
 
-  create_dbildungs_iam_server_db_name:
+  recreate_dbildungs_iam_server_db_name:
     runs-on: ubuntu-latest
     outputs:
      db_name: ${{ steps.create_db_name.outputs.db_name }}
@@ -117,8 +122,8 @@ jobs:
       - find_dbildungs_iam_keycloak_helm_chart_tag
       - find_dbildungs_iam_ldap_helm_chart_tag
       - create_lowercase_ingress_prefix
-      - create_dbildungs_iam_keycloak_db_name
-      - create_dbildungs_iam_server_db_name
+      - recreate_dbildungs_iam_keycloak_db_name
+      - recreate_dbildungs_iam_server_db_name
     runs-on: 'ubuntu-latest'
     env:
       GITHUB_TOKEN: ${{ github.token }}
@@ -136,7 +141,7 @@ jobs:
         with:
           repository: 'dBildungsplattform/spsh-app-deploy'
           # comment this in to test changes of a branch in repo
-          # ref: "<branch_name>"
+          ref: "DBP-1084-rollout-to-namespaces-do-not-delete-dbs"
 
       - name: Set up kubectl and Helm
         uses: azure/setup-kubectl@3e0aec4d80787158d308d7b364cb1b702e7feb7f #v4.0.0
@@ -216,38 +221,39 @@ jobs:
         run: |
           kubectl --namespace=${{ inputs.namespace }} apply -f ./dbildungs-iam-ldap-config-apply.yaml
 
-      - name: Create Database for dbildungs-iam-keycloak
+      - name: "Recreate Database for dbildungs-iam-keycloak - Deletion: ${{ inputs.database_deletion }}"
         run: |
           # Generate timestamp for job name uniqueness
           DATE=$(date +%Y%m%d%H%M%S)
 
           # Define job name for Keycloak database creation job
           HELM_KEYCLOAK_DB_JOB_NAME="psql-db-${DATE}-keycloak-${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}"
 
-          # Deploy Database for dbildungs-iam-keycloak
+          # Recreate Database for dbildungs-iam-keycloak
           helm upgrade --install \
             $HELM_KEYCLOAK_DB_JOB_NAME \
-            ./charts/postgres_config \
+            ./charts/postgres_recreate_databases \
             --namespace ${{ inputs.namespace }} \
             --set auth.existingSecret="psql-config-secret" \
-            --set database.name=${{ needs.create_dbildungs_iam_keycloak_db_name.outputs.db_name }}
-
+            --set database.name=${{ needs.recreate_dbildungs_iam_keycloak_db_name.outputs.db_name }} \
+            --set database.deletion=${{ inputs.database_deletion }}
 
-      - name: Create Database for dbildungs-iam-server
+      - name: "Recreate Database for dbildungs-iam-server - Deletion: ${{ inputs.database_deletion }}"
         run: |
           # Generate timestamp for job name uniqueness
           DATE=$(date +%Y%m%d%H%M%S)
 
           # Define job name for SPSH-App database creation job
           HELM_SERVER_DB_JOB_NAME="psql-db-${DATE}-database-${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}"
 
-          # Deploy Database for SPSH-App 
+          # Recreate Database for SPSH-App 
           helm upgrade --install \
             $HELM_SERVER_DB_JOB_NAME \
-            ./charts/postgres_config \
+            ./charts/postgres_recreate_databases \
             --namespace ${{ inputs.namespace }} \
             --set auth.existingSecret="psql-config-secret" \
-            --set database.name=${{ needs.create_dbildungs_iam_server_db_name.outputs.db_name }}
+            --set database.name=${{ needs.recreate_dbildungs_iam_server_db_name.outputs.db_name }} \
+            --set database.deletion=${{ inputs.database_deletion }}
 
       # Wait is needed, dbildungs_iam_server expects keycloak to be up!
       - name: Deploy dbildungs_iam_keycloak Helm chart
@@ -259,7 +265,7 @@ jobs:
             --set auth.existingSecret="dbildungs-iam-keycloak" \
             --set keycloakHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}-keycloak.dev.spsh.dbildungsplattform.de \
             --set frontendHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}.dev.spsh.dbildungsplattform.de \
-            --set database.name=${{ needs.create_dbildungs_iam_keycloak_db_name.outputs.db_name }} \
+            --set database.name=${{ needs.recreate_dbildungs_iam_keycloak_db_name.outputs.db_name }} \
             --set database.username=spshdeveloper \
             --wait \
             --timeout 210s
@@ -295,7 +301,7 @@ jobs:
             --set auth.existingSecret="dbildungs-iam-server" \
             --set backendHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}.dev.spsh.dbildungsplattform.de \
             --set keycloakHostname=${{ needs.create_lowercase_ingress_prefix.outputs.namespace_from_branch }}-keycloak.dev.spsh.dbildungsplattform.de \
-            --set database.name=${{ needs.create_dbildungs_iam_server_db_name.outputs.db_name }} \
+            --set database.name=${{ needs.recreate_dbildungs_iam_server_db_name.outputs.db_name }} \
             ${{ inputs.dbseeding != 'chart_value' && format('--set backend.dbseeding.enabled={0}', inputs.dbseeding) || '' }} \
             --wait \
             --timeout 360s

diff --git a/charts/postgres_config/Chart.yaml → ...ts/postgres_recreate_databases/Chart.yaml b/charts/postgres_config/Chart.yaml → ...ts/postgres_recreate_databases/Chart.yaml
diff --git a/.../postgres_config/templates/configmap.yaml → ...create_databases/templates/configmap.yaml b/.../postgres_config/templates/configmap.yaml → ...create_databases/templates/configmap.yaml
@@ -7,7 +7,11 @@ data:
   config-script: |-
     #!/bin/bash
     echo "SELECT pg_terminate_backend(pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = '$DB_NAME';" | psql -d postgres -w
-    echo "DROP DATABASE IF EXISTS $DB_NAME" | psql -d postgres -w
+    if [ "$DB_FORCE_DELETE" = "true" ]; then
+      echo "DROP DATABASE IF EXISTS $DB_NAME" | psql -d postgres -w
+    else
+      echo "DB_FORCE_DELETE is not true. Progresses with creation of Database and User if they do not already exist."
+    fi
     echo "Create owner of the DB"
     echo "SELECT 'CREATE USER spshdeveloper' WHERE NOT EXISTS (SELECT FROM pg_user WHERE usename = 'spshdeveloper')\gexec" | psql -d postgres -w
     echo "GRANT spshdeveloper TO $PGUSER" | psql -d postgres -w

diff --git a/charts/postgres_config/templates/job.yaml → ...res_recreate_databases/templates/job.yaml b/charts/postgres_config/templates/job.yaml → ...res_recreate_databases/templates/job.yaml
@@ -26,6 +26,8 @@ spec:
         env:
         - name: DB_NAME
           value: {{ .Values.database.name }}
+        - name: DB_FORCE_DELETE
+          value: "{{ .Values.database.deletion }}"
       volumes:
       - name: config-script-volume
         configMap:

diff --git a/charts/postgres_config/templates/secret.yaml → ..._recreate_databases/templates/secret.yaml b/charts/postgres_config/templates/secret.yaml → ..._recreate_databases/templates/secret.yaml
diff --git a/charts/postgres_config/values.yaml → ...s/postgres_recreate_databases/values.yaml b/charts/postgres_config/values.yaml → ...s/postgres_recreate_databases/values.yaml
@@ -12,6 +12,7 @@ configMap:
   defaultMode: 457
 database:
   name: ""
+  deletion: "true"
 auth:
   # existingSecret: Refers to a secret already present in the cluster, which is required for the authentication and configuration of the database setup tasks.
   existingSecret: ""