android13/external/cldr/tools/scripts/ansible/redact-db-playbook.yml

- hosts: redactdb
  vars_files:
    - vars/main.yml
    - local-vars/local.yml
  tasks:
    - name: set up /home/cldradmin/.ssh/config to fetch db backup
      template:
        src: templates/cldrbackup/config.j2
        dest: /home/cldradmin/.ssh/config
        owner: cldradmin
        group: cldradmin
        mode: '0640'
    - name: set up /home/cldradmin/.ssh/id_rsa
      no_log: true
      copy:
        src: local-vars/cldrbackup/id_rsa
        dest: /home/cldradmin/.ssh/id_rsa
        owner: cldradmin
        group: cldradmin
        mode: '0600'
    - name: set up /home/cldradmin/.ssh/id_rsa.pub
      copy:
        src: local-vars/cldrbackup/id_rsa.pub
        dest: /home/cldradmin/.ssh/id_rsa.pub
        owner: cldradmin
        group: cldradmin
        mode: '0640'
    - name: set up /home/cldradmin/.ssh/known_hosts
      copy:
        src: local-vars/cldrbackup/known_hosts
        dest: /home/cldradmin/.ssh/known_hosts
        owner: cldradmin
        group: cldradmin
        mode: '0640'
    - name: set up /home/cldradmin/redact-db.sql
      copy:
        src: templates/cldrbackup/redact-db.sql
        dest: /home/cldradmin/redact-db.sql
        owner: cldradmin
        group: cldradmin
        mode: '0640'
    - name: set up /home/cldradmin/fetch-db.sh
      template:
        src: templates/cldrbackup/fetch_db_sh.j2
        dest: /home/cldradmin/fetch-db.sh
        owner: cldradmin
        group: cldradmin
        mode: '0640'
    - name: set up /home/cldradmin/redact-db.sh
      template:
        src: templates/cldrbackup/redact_db_sh.j2
        dest: /home/cldradmin/redact-db.sh
        owner: cldradmin
        group: cldradmin
        mode: '0640'
    - name: fetch and unzip db
      # This playbook is intended to always make a change.
      command: bash /home/cldradmin/fetch-db.sh # noqa 301
      become: yes
      become_user: cldradmin
    - name: stop openliberty
      become: true
      service:
        name: "{{ cldr_openliberty_service }}"
        state: stopped
    - name: redact db
      # This playbook is intended to always make a change.
      command: bash /home/cldradmin/redact-db.sh # noqa 301
      become: yes
      become_user: cldradmin
    - name: restart openliberty
      become: true
      service:
        name: "{{ cldr_openliberty_service }}"
        state: restarted