Incrementally testing GH action.

Author: jcpitre

.github/workflows/duplicate-prod-db.yml

@@ -20,6 +20,7 @@ jobs:
       SOURCE_DATABASE_NAME: ${{ vars.PROD_POSTGRE_SQL_DB_NAME }}
       DEST_DATABASE_NAME: "testDB"
       DEST_DATABASE_USER: ${{ secrets.QA_POSTGRE_USER_NAME }}
+      GCP_FEED_BASTION_SSH_KEY: ${{ secrets.GCP_FEED_BASTION_SSH_KEY }}
 
 
     steps:
@@ -110,3 +111,25 @@ jobs:
 
           export PGPASSWORD=$DEST_DATABASE_PASSWORD
           gcloud sql import sql $DB_INSTANCE_NAME gs://$DUMP_BUCKET_NAME/$DUMP_FILE_NAME --database=$DEST_DATABASE_NAME --user=$DEST_DATABASE_USER --quiet
+
+      - name: Load secrets from 1Password
+        uses: 1password/load-secrets-action@v2.0.0
+        with:
+          export-env: true # Export loaded secrets as environment variables
+        env:
+          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
+          GCP_FEED_SSH_USER: "op://rbiv7rvkkrsdlpcrz3bmv7nmcu/GCP_FEED_SSH_USER/username"
+          GCP_FEED_BASTION_NAME: "op://rbiv7rvkkrsdlpcrz3bmv7nmcu/GCP_FEED_BASTION_NAME/username"
+          GCP_FEED_BASTION_SSH_KEY: "op://rbiv7rvkkrsdlpcrz3bmv7nmcu/GCP_FEED_BASTION_SSH_KEY/private key"
+
+      - name: Tunnel
+        run: |
+          mkdir -p ~/.ssh
+          echo "${{ env.GCP_FEED_BASTION_SSH_KEY }}" > ~/.ssh/id_rsa
+          chmod 600 ~/.ssh/id_rsa             
+          ./scripts/tunnel-create.sh -project_id $DEST_PROJECT_ID -zone ${GCP_REGION}-a -instance ${GCP_FEED_BASTION_NAME}-qa -target_account ${GCP_FEED_SSH_USER} -db_instance ${DB_INSTANCE_NAME} -port 5454
+          sleep 10 # Wait for the tunnel to establish
+          
+          export PGPASSWORD=$DEST_DATABASE_PASSWORD
+          psql -h localhost -p 5454 -U data_feeds_user -d $DEST_DATABASE_NAME -c "select count(*) from feed;"
+