walwarden
Reference

CI recipes

Generated CI recipes for backup, ephemeral restore, evidence checks, and teardown.

These recipes use only the current public CLI/SDK alpha surface. They assume your CI job can create and destroy its own ephemeral Postgres database.

Backup Before Migration

set -euo pipefail
backup_json="$(walwarden --json backup trigger --database "$WALWARDEN_DATABASE_ID" --wait)"
backup_id="$(printf %s "$backup_json" | jq -r '.data.completed.id // .data.triggered.backupJobId')"
walwarden --json backup status "$backup_id" > backup-status.json
jq -e '.data.state == "completed" and (.data.artifact.checksumSha256 | test("^[a-f0-9]{64}$"))' backup-status.json

Restore To Ephemeral Database

Public REST restore creation is available for CLI-local execution with API keys. The raw target DSN must stay on the CI runner; the API receives only a redacted target identity. restore execute is the proven end-to-end local execution bridge, verified against a live disposable target (E2E run e2e-20260607T1941-8beaa08, audit chain reaching restore.completed; evidence in #320).

createdb "$EPHEMERAL_DATABASE_NAME"
WALWARDEN_TOKEN="$WALWARDEN_RESTORE_TOKEN" walwarden restore \
  --manifest "$WALWARDEN_RESTORE_MANIFEST_SHA256" \
  --target "$EPHEMERAL_DATABASE_URL" \
  --mode new_database \
  --json

Verify Evidence Before Success

walwarden --json evidence list --database "$WALWARDEN_DATABASE_ID" > evidence.json
jq -e --arg backup_id "$backup_id" '
  .data.evidence[]
  | select(.backupJobId == $backup_id)
  | .integrityVerification.result == "passed"
' evidence.json

A completed backup job without passed integrity evidence is not a successful CI gate.

Teardown

dropdb --if-exists "$EPHEMERAL_DATABASE_NAME"
rm -f backup-status.json evidence.json