--- - name: Get PostgreSQL configuration k8s_info: kind: Secret namespace: '{{ ansible_operator_meta.namespace }}' name: "{{ this_awx['resources'][0]['status']['postgresConfigurationSecret'] }}" register: pg_config no_log: true - name: Fail if postgres configuration secret status does not exist fail: msg: "The postgresConfigurationSecret status is not set on the AWX object yet or the secret has been deleted." when: not pg_config | default([]) | length - name: Store Database Configuration set_fact: awx_postgres_user: "{{ pg_config['resources'][0]['data']['username'] | b64decode }}" awx_postgres_pass: "{{ pg_config['resources'][0]['data']['password'] | b64decode }}" awx_postgres_database: "{{ pg_config['resources'][0]['data']['database'] | b64decode }}" awx_postgres_port: "{{ pg_config['resources'][0]['data']['port'] | b64decode }}" awx_postgres_host: "{{ pg_config['resources'][0]['data']['host'] | b64decode }}" awx_postgres_type: "{{ pg_config['resources'][0]['data']['type'] | default('unmanaged'|b64encode) | b64decode }}" no_log: true - block: - name: Delete pod to reload a resource configuration set_fact: postgres_label_selector: "app.kubernetes.io/instance=postgres-{{ deployment_name }}" when: postgres_label_selector is not defined - name: Get the postgres pod information k8s_info: kind: Pod namespace: '{{ ansible_operator_meta.namespace }}' label_selectors: - "{{ postgres_label_selector }}" register: postgres_pod until: - "postgres_pod['resources'] | length" - "postgres_pod['resources'][0]['status']['phase'] == 'Running'" - "postgres_pod['resources'][0]['status']['containerStatuses'][0]['ready'] == true" delay: 5 retries: 60 - name: Set the resource pod name as a variable. set_fact: postgres_pod_name: "{{ postgres_pod['resources'][0]['metadata']['name'] }}" when: awx_postgres_type == 'managed' - name: Determine the timestamp for the backup once for all nodes set_fact: now: '{{ lookup("pipe", "date +%F-%T") }}' - name: Set backup directory name set_fact: backup_dir: "/backups/tower-openshift-backup-{{ now }}" - name: Create directory for backup k8s_exec: namespace: "{{ backup_pvc_namespace }}" pod: "{{ ansible_operator_meta.name }}-db-management" command: >- mkdir -p {{ backup_dir }} - name: Precreate file for database dump k8s_exec: namespace: "{{ backup_pvc_namespace }}" pod: "{{ ansible_operator_meta.name }}-db-management" command: >- touch {{ backup_dir }}/tower.db - name: Set permissions on file for database dump k8s_exec: namespace: "{{ backup_pvc_namespace }}" pod: "{{ ansible_operator_meta.name }}-db-management" command: >- bash -c "chmod 0600 {{ backup_dir }}/tower.db && chown postgres:root {{ backup_dir }}/tower.db" - name: Set full resolvable host name for postgres pod set_fact: resolvable_db_host: '{{ (awx_postgres_type == "managed") | ternary(awx_postgres_host + "." + ansible_operator_meta.namespace + ".svc.cluster.local", awx_postgres_host) }}' # yamllint disable-line rule:line-length no_log: true - name: Set pg_dump command set_fact: pgdump: >- pg_dump --clean --create -h {{ resolvable_db_host }} -U {{ awx_postgres_user }} -d {{ awx_postgres_database }} -p {{ awx_postgres_port }} -F custom no_log: true - name: Write pg_dump to backup on PVC k8s_exec: namespace: "{{ backup_pvc_namespace }}" pod: "{{ ansible_operator_meta.name }}-db-management" command: | bash -c """ set -e -o pipefail PGPASSWORD='{{ awx_postgres_pass }}' {{ pgdump }} > {{ backup_dir }}/tower.db echo 'Successful' """ register: data_migration no_log: true failed_when: "'Successful' not in data_migration.stdout"