sync

.github/workflows/backup.yml

@@ -1,4 +1,4 @@
-name: Nomad Backup
+name: Infrastructure Backup
 
 on:
   schedule:
@@ -34,10 +34,17 @@ jobs:
       run: |
         python backup.py --output nomad_backup
 
+    - name: Run Consul backup
+      env:
+        CONSUL_HTTP_ADDR: ${{ secrets.CONSUL_HTTP_ADDR }}
+        CONSUL_HTTP_TOKEN: ${{ secrets.CONSUL_HTTP_TOKEN }}
+      run: |
+        python consul_backup.py --output consul_backup
+
     - name: Check for changes
       id: check_changes
       run: |
-        git add nomad_backup/
+        git add nomad_backup/ consul_backup/
         if git diff --staged --quiet; then
           echo "changes=false" >> $GITHUB_OUTPUT
           echo "No changes to commit"
@@ -51,5 +58,5 @@ jobs:
       run: |
         git config --local user.email "github-actions[bot]@users.noreply.github.com"
         git config --local user.name "github-actions[bot]"
-        git commit -m "chore: backup Nomad jobs [skip ci]"
+        git commit -m "chore: backup infrastructure configurations [skip ci]"
         git push

README.md

@@ -1,13 +1,14 @@
-# Nomad Backup with GitHub Actions
+# Infrastructure Backup with GitHub Actions
 
-This project provides an automated backup solution for HashiCorp Nomad job specifications using GitHub Actions. Instead of creating timestamped backup folders, it uses Git's version control to track changes to your Nomad job configurations.
+This project provides automated backup solutions for HashiCorp Nomad job specifications and Consul KV store using GitHub Actions. Instead of creating timestamped backup folders, it uses Git's version control to track changes to your infrastructure configurations.
 
 ## Features
 
 - **Automated Backups**: Runs daily via GitHub Actions
-- **Git Version Control**: Uses Git commits to track job configuration changes
+- **Git Version Control**: Uses Git commits to track configuration changes
 - **Dual Format Support**: Backs up both HCL and JSON job specifications
-- **Secure**: Uses GitHub Secrets for Nomad API credentials
+- **Full Consul KV Backup**: Complete Consul key-value store backup and restore
+- **Secure**: Uses GitHub Secrets for API credentials
 - **Manual Trigger**: Can be run on-demand via GitHub UI
 
 ## Setup Instructions
@@ -25,6 +26,8 @@ Add the following secrets to your GitHub repository:
 2. Add these secrets:
    - `NOMAD_ADDR`: Your Nomad API address (e.g., `https://nomad.example.com:4646`)
    - `NOMAD_TOKEN`: Your Nomad ACL token (if authentication is enabled)
+   - `CONSUL_HTTP_ADDR`: Your Consul API address (e.g., `https://consul.example.com:8500`)
+   - `CONSUL_HTTP_TOKEN`: Your Consul ACL token (if authentication is enabled)
 
 ### 3. Schedule Configuration
 
@@ -38,16 +41,17 @@ schedule:
 ### 4. Manual Execution
 
 You can manually trigger the backup from the GitHub UI:
-1. Go to your repository → Actions → "Nomad Backup" workflow
+1. Go to your repository → Actions → "Infrastructure Backup" workflow
 2. Click "Run workflow" → "Run workflow"
 
 ## How It Works
 
 1. **Checkout**: The workflow checks out your repository
 2. **Setup**: Installs Python and required dependencies
-3. **Backup**: Runs the [`backup.py`](backup.py:1) script to fetch Nomad job specifications
+3. **Nomad Backup**: Runs the [`backup.py`](backup.py:1) script to fetch Nomad job specifications
-4. **Commit**: If changes are detected, commits them to the repository
+4. **Consul Backup**: Runs the [`consul_backup.py`](consul_backup.py:1) script to backup Consul KV store
-5. **Push**: Pushes the changes back to the remote repository
+5. **Commit**: If changes are detected, commits them to the repository
+6. **Push**: Pushes the changes back to the remote repository
 
 ## File Structure
 
@@ -55,17 +59,26 @@ You can manually trigger the backup from the GitHub UI:
 ├── .github/
 │   └── workflows/
 │       └── backup.yml          # GitHub Actions workflow
-├── backup.py                   # Main backup script
+├── backup.py                   # Nomad backup script
-├── nomad_backup/               # Backup directory (created by script)
+├── consul_backup.py            # Consul KV backup script
+├── consul_restore.py           # Consul KV restore script
+├── nomad_backup/               # Nomad backup directory
 │   ├── job1.hcl               # Job specifications in HCL format
 │   ├── job2.json              # Job specifications in JSON format
 │   └── ...
+├── consul_backup/              # Consul backup directory
+│   ├── kv/                    # Key-value store backups
+│   │   ├── key1.json
+│   │   ├── key2.json
+│   │   └── nested/
+│   │       └── key3.json
+│   └── metadata.json          # Backup metadata
 └── README.md                   # This file
 ```
 
 ## Local Usage
 
-You can also run the backup script locally:
+### Nomad Backup
 
 ```bash
 # Basic usage (connects to local Nomad)
@@ -78,12 +91,40 @@ python backup.py --addr https://nomad.example.com:4646 --token your-token
 python backup.py --output /path/to/backups
 ```
 
+### Consul Backup
+```bash
+# Basic usage (connects to local Consul)
+python consul_backup.py
+
+# Connect to remote Consul with token
+python consul_backup.py --addr https://consul.example.com:8500 --token your-token
+
+# Custom output directory
+python consul_backup.py --output /path/to/consul-backups
+```
+
+### Consul Restore
+```bash
+# Restore from backup (dry run first)
+python consul_restore.py --dry-run
+
+# Actual restore
+python consul_restore.py
+
+# Restore to remote Consul
+python consul_restore.py --addr https://consul.example.com:8500 --token your-token
+```
+
 ## Environment Variables
 
-The script supports these environment variables:
+### Nomad Backup
 - `NOMAD_ADDR`: Nomad API address (default: `http://localhost:4646`)
 - `NOMAD_TOKEN`: Nomad ACL token for authentication
 
+### Consul Backup/Restore
+- `CONSUL_HTTP_ADDR`: Consul API address (default: `http://localhost:8500`)
+- `CONSUL_HTTP_TOKEN`: Consul ACL token for authentication
+
 ## Security Notes
 
 - Never commit sensitive data or tokens to the repository
@@ -94,9 +135,10 @@ The script supports these environment variables:
 
 ### Common Issues
 
-1. **Connection Timeout**: Ensure `NOMAD_ADDR` is correct and accessible
+1. **Connection Timeout**: Ensure API addresses are correct and accessible
-2. **Authentication Failure**: Verify `NOMAD_TOKEN` is valid and has read permissions
+2. **Authentication Failure**: Verify tokens are valid and have read permissions
-3. **No Changes Committed**: This is normal when job configurations haven't changed
+3. **No Changes Committed**: This is normal when configurations haven't changed
+4. **Consul Backup Fails**: Check if Consul KV store is empty or inaccessible
 
 ### Debug Mode