Jenkins MySQL - auto apply database changes from SCM

-

A database change apply step for Jenkins pipeline?

When designing for the fully automated deployment pipeline, databases tend to become the bottleneck more often than not. Starting with the complications of storing database changes in the SCM to applying the actual changes with availability and rollback in consideration can be challenging.

Given the uniqueness of each deployment coming up with a single solution for this type of requirement is practically impossible. Having this mind, we will try to come up with a simple set of process and a supporting bash script that can help to automate the database change apply process.

This particular solution was mainly proposed as an automation step for development environment where multiple dev teams are changing the same databases backend. This requires some discipline from the developers while committing the code to the SCM as well. The particular implementations is based on Jenkins MySQL and GitLab as SCM.

The Idea

In a step wise timeline,

  1. Dev teams commit the database changes along with code changes. Database changes must be kept at a different folder. (e.g when committing code changes of release 1.1.0, the related database changes should be kept inside a folder with agreed name such as "dbScript")
  2. When a change is committed (trigger can be changed as per requirements), the script will check for any changes in sql files (i.e changes to files in "dbScript" folder) and sparse checkout only those changed files to Jenkins workspace.
  3. SCM commit hash is captured from Jenkins and used as the unique identified for each of the deployments. This can be useful in any reconciliation as well.
  4. Script will initiate a database backup identifiable by commit hash and check backup log for any errors before applying the changes.
  5. Applied sql files under each commit which triggered the script run will be stored under Jenkins in an identifiable manner (based on commit hash)
  6. All the changes made by the script will be logged in file named under the commit hash.
Although simple these steps can provide the foundation to a Jenkins MySQL CI/CD step that can be flexible and safe even in production pipeline.

Scripted Solution - Jenkins MySQL and GitLab

 ############ Vars  
 workDir=/var/jenkins_home/scripts  
 repoDir=$workDir/lrd_"$GIT_COMMIT"  
 varFile=$workDir/var_"$GIT_COMMIT"  
 sqlFile=$workDir/sql_"$GIT_COMMIT"  
 logFile=$workDir/log_"$GIT_COMMIT"  
 chgFiles=`git diff-tree --no-commit-id --name-only -r "$GIT_COMMIT"`  
 strCheck=dbScript  
 dbHost=192.168.56.22  
 dbUser=mydce #Change to Backup only user  
 dbPasswd=abc123 #Change to File read  
 backLoc=/var/jenkins_home/dbBack  
 failBackLoc=/var/jenkins_home/dbBack/Failed  
 ########### Fun  
 # MySQL Backup Function  
 mysql_backup() {  
 mysqldump -u "$dbUser" -p"$dbPasswd" -h "$dbHost" --all-databases --master-data   
 --log-error=$backLoc/My_Back_$1.log --single-transaction > $backLoc/My_Back_$1_$(date +"%Y_%m_%d_%I_%M_%p").sql  
 #echo "Fail Test" > $backLoc/My_Back_$1.log  
 }  
 # MySQL Apply  
 mysql_apply() {  
 #SQL file changed  
 sed -i -e 's#^#'$repoDir/'#' $sqlFile  
 for i in $(cat $sqlFile)  
 do  
  echo "[Note] Applying to DB "$i"" >> $logFile  
  mysql -vv -u "$dbUser" -p"$dbPasswd" -h "$dbHost" < $i >> $logFile 2>&1  
 done   
 }  
 ############ Scr  
 # List changed Files  
 if [ ! -f $varFile ]  
 then  
   echo $chgFiles > $varFile  
 fi  
 # Send Mail If No Changed Files written  
 if [ -s $varFile ]  
 then  
   echo "[Note] Changed Files written to var_"$GIT_COMMIT"" >> $logFile  
 else  
   echo "[Error] No Changed files recorded by push in var_"$GIT_COMMIT"" >> $logFile  
   #Mail ??  
 fi  
 # List of Changed SQL Files  
 for i in $chgFiles  
 do  
  echo $i | grep $strCheck >> $sqlFile  
 done  
 # Check If DB changes exists  
 if [ -s $sqlFile ]  
 then  
   echo "[Note] Downloading Changed SQL files" >> $logFile  
 # Sparse Check Out Files  
   if [ ! -d $repoDir ]  
   then  
    mkdir $repoDir  
       cd $repoDir  
       git init  
    git remote add origin 'http://oauth2:M9aKD46yHBDcz9z974YU@192.168.56.88/root/mydce.git'  
       git config core.sparseCheckout true  
    git sparse-checkout init  
       cp $sqlFile .git/info/sparse-checkout  
       git --work-tree=$repoDir pull origin dev  
       cd $WORKSPACE  
       echo "[Note] Changed SQL Files downloaded to "$repoDir"" >> $logFile  
       mysql_backup $GIT_COMMIT  
       #Check Backup success  
       if [ -s $backLoc/My_Back_$GIT_COMMIT.log ]  
       then  
         echo "[Error] Issues in Backup, Please check Backup log" >> $logFile  
            mv $backLoc/My_Back_"$GIT_COMMIT"_*.sql $failBackLoc/  
       else  
         mysql_apply  
       fi  
   else  
    echo "[Error] Repo Directory "$repoDir" alredy exists" >> $logFile  
   #Mail Send ??  
   fi  
 else  
   echo "[Note] Commit Does not have DB changes, Exiting" >> $logFile  
 fi

Although above example is not meant for production use, same can be the starting point for any Jenkins MySQL pipeline deployment project with required changes

Comments

Post a Comment

Popular posts from this blog

ORA-16433: The database or pluggable database must be opened in read/write

-
Image
ORA-16433 is an error returned when a database cannot be opened. This can be a result of multiple conditions including, The inconsistency of the database Physical corruption Loss of dependent files or access issues etc.. More often than not the solution is to recover from available backups, but there can be situations where backups are not available, specially on UAT or Test setups. Although not the ideal scenario, in this type of situation you might want to open the databases even with inconsistency.  In Comes --> _ALLOW_RESETLOGS_CORRUPTION First, if you are in a position to use _ALLOW_RESETLOGS_CORRUPTION=TRUE, that means it has to be a critical moment, and when you come across more ora- errors while you are trying to reopen the databsae, that can be annoying. Note - _ALLOW_RESETLOGS_CORRUPTION=TRUE must only be used after Oracle support confirmation as a last resort. Also make sure to take cold backup before proceeding. Basic steps to be followed to resolve ORA 16433 after
Read more

Oracle Multitenant - Create new service for PDB using DBMS_SERVICE

-
Image
When an Oracle PDB is created it starts up a default service with the PDB name. For direct connections to    PDB this service can be used. But there are situations where new service name is required in PDB level, common example is after a PDB restoration/clone, in order to enable application connections without changes in connection string. Setting service_names parameter in PDB level is not possible hence it is not an option in multitenant setup. How to create a new PDB service on Oracle 12C Check the current services, here only the default service is running, SQL> show pdbs; CON_ID CON_NAME OPEN MODE RESTRICTED ---------- ------------------------------ ---------- ---------- 3 NFACTORPDB READ WRITE NO SQL> select service_id, name, pdb from dba_Services; SERVICE_ID NAME PDB ---------- ---------------------------------------- ---------- 7 nfactorpdb NFACTORPDB SQL> Create
Read more

Wait for unread message on broadcast channel - Blocking Sessions

-
Image
What is Wait for unread message on broadcast channel wait event? Wait for unread message on broadcast channel is a wait event where source destination communication is involved and the database is waiting for a reply from remote party. Mostly this wait is seen related to data pump export (expdp) or import (impdp) operations. Although categorized in idle wait class "Wait for unread message on broadcast channel" can become the blocking session for some other sessions. Common causes for stuck sessions waiting on this wait event includes, Broken databases links, where remote database is not responding. Abnormally killed remote processes causing the sessions to wait. When a session is waiting on "Wait for unread message on broadcast channel" it can become a blocking session for dependent sessions. Most probably these sessions will be waiting on "library cache pin" or related concurrency wait events. The blocking_session column of (g)v$session view
Read more