From 1f24ce7a81c1e5aa9fa072d5789a5aec29fe4e8a Mon Sep 17 00:00:00 2001
From: Greg Fodor <gfodor@gmail.com>
Date: Fri, 1 Feb 2019 07:36:05 +0000
Subject: [PATCH] Migration playbooks

---
 ansible/migrate_db.yml                        |  4 +-
 ansible/roles/migrate/tasks/main.yml          | 58 ++++++++++++++++++-
 .../roles/migrate/templates/flyway.conf.j2    |  6 ++
 ansible/roles/migrate/vars/dev.yml            |  2 +
 ansible/roles/migrate/vars/local.yml          |  4 ++
 ansible/roles/migrate/vars/main.yml           |  7 +++
 ansible/roles/migrate/vars/prod.yml           |  2 +
 7 files changed, 78 insertions(+), 5 deletions(-)
 create mode 100644 ansible/roles/migrate/templates/flyway.conf.j2
 create mode 100644 ansible/roles/migrate/vars/dev.yml
 create mode 100644 ansible/roles/migrate/vars/local.yml
 create mode 100644 ansible/roles/migrate/vars/prod.yml

diff --git a/ansible/migrate_db.yml b/ansible/migrate_db.yml
index b341c14..c942244 100644
--- a/ansible/migrate_db.yml
+++ b/ansible/migrate_db.yml
@@ -1,9 +1,9 @@
 ---
 
 - hosts: all
-  gather_facts: false
+  gather_facts: true
   become: true
-  become_user: "{{ false if connection == 'local' else 'root' }}"
+  become_user: "root"
   connection: "{{ connection }}"
   roles:
   - role: migrate
diff --git a/ansible/roles/migrate/tasks/main.yml b/ansible/roles/migrate/tasks/main.yml
index 19afe17..18a5d11 100644
--- a/ansible/roles/migrate/tasks/main.yml
+++ b/ansible/roles/migrate/tasks/main.yml
@@ -1,6 +1,58 @@
 ---
 
 - block:
-  - name: Ensure JRE
-    apt: name=default-jre
-    become_user: 'root'
+  - name: Include environment specific secrets
+    include_vars:
+      file: "{{ secrets_path }}/roles/migrate/vars/{{ env }}.yml"
+
+  - name: Include environment specific vars
+    include_vars:
+      file: "roles/migrate/vars/{{ env }}.yml"
+
+  - name: Add Docker GPG key
+    apt_key: url=https://download.docker.com/linux/ubuntu/gpg
+
+  - name: Add Docker APT repository
+    apt_repository:
+      repo: deb [arch=amd64] https://download.docker.com/linux/ubuntu {{ansible_distribution_release}} stable
+
+  - name: Install list of packages
+    apt:
+      name: ['apt-transport-https','ca-certificates','curl','software-properties-common','docker-ce']
+      state: present
+      update_cache: yes
+
+  - name: Create work directory
+    tempfile:
+      state: directory
+      suffix: deploy
+    register: work_dir
+
+  - name: Checkout hubs-ops
+    git:
+      repo: "{{ ops_repo }}"
+      dest: "{{ work_dir.path }}"
+
+  - name: "Write configs"
+    template:
+      src: "flyway.conf.j2"
+      dest: "{{ work_dir.path }}/db/{{ item }}/conf/flyway.conf"
+    loop: "{{ schemas }}"
+
+  - name: Baseline schemas
+    shell: "docker run --mount type=bind,source={{ work_dir.path }}/db/{{ item }}/conf,target=/conf --mount type=bind,source={{ work_dir.path }}/db/{{ item }}/sql,target=/sql --network=host --rm boxfuse/flyway -configFiles=/conf/flyway.conf baseline"
+    args:
+      chdir: "{{ work_dir.path }}/db/{{ item }}"
+    loop: "{{ schemas }}"
+
+  - name: Migrate schemas
+    shell: "docker run --mount type=bind,source={{ work_dir.path }}/db/{{ item }}/conf,target=/conf --mount type=bind,source={{ work_dir.path }}/db/{{ item }}/sql,target=/sql --network=host --rm boxfuse/flyway -configFiles=/conf/flyway.conf migrate"
+    args:
+      chdir: "{{ work_dir.path }}/db/{{ item }}"
+    loop: "{{ schemas }}"
+
+  always:
+  - name: Remove work directory
+    file:
+      path: "{{ work_dir.path }}"
+      state: absent
diff --git a/ansible/roles/migrate/templates/flyway.conf.j2 b/ansible/roles/migrate/templates/flyway.conf.j2
new file mode 100644
index 0000000..6c03be2
--- /dev/null
+++ b/ansible/roles/migrate/templates/flyway.conf.j2
@@ -0,0 +1,6 @@
+flyway.user={{ db_user }}
+flyway.password={{ db_password }}
+flyway.schemas={{ item }}
+flyway.locations=filesystem:/sql
+flyway.table=flyway_hubs_{{ item }}_schema_history
+flyway.url={{ db_url }}
diff --git a/ansible/roles/migrate/vars/dev.yml b/ansible/roles/migrate/vars/dev.yml
new file mode 100644
index 0000000..cd21505
--- /dev/null
+++ b/ansible/roles/migrate/vars/dev.yml
@@ -0,0 +1,2 @@
+---
+
diff --git a/ansible/roles/migrate/vars/local.yml b/ansible/roles/migrate/vars/local.yml
new file mode 100644
index 0000000..77999ce
--- /dev/null
+++ b/ansible/roles/migrate/vars/local.yml
@@ -0,0 +1,4 @@
+---
+
+db_url: jdbc:postgresql://localhost:5432/ret_dev
+db_password: postgres
diff --git a/ansible/roles/migrate/vars/main.yml b/ansible/roles/migrate/vars/main.yml
index cd21505..64c4b31 100644
--- a/ansible/roles/migrate/vars/main.yml
+++ b/ansible/roles/migrate/vars/main.yml
@@ -1,2 +1,9 @@
 ---
 
+db_user: postgres
+
+schemas:
+  - public
+  - ret_admin
+
+ops_repo: https://github.com/mozilla/hubs-ops.git
diff --git a/ansible/roles/migrate/vars/prod.yml b/ansible/roles/migrate/vars/prod.yml
new file mode 100644
index 0000000..cd21505
--- /dev/null
+++ b/ansible/roles/migrate/vars/prod.yml
@@ -0,0 +1,2 @@
+---
+