Skip to content

Destroying oren* by @oren-zohar #102

Destroying oren* by @oren-zohar

Destroying oren* by @oren-zohar #102

name: Destroy Environment
run-name: Destroying ${{ github.event.inputs.prefix }}* by @${{ github.actor }}
on:
# Ability to execute on demand
workflow_dispatch:
inputs:
prefix:
type: string
description: "Delete all environments starting with `prefix`"
required: true
ignore-prefix:
type: string
description: "Ignore all environments starting with `ignore-prefix`"
ec-api-key:
type: string
description: "**Optional** To delete env environments on your own organization, enter your Elastic Cloud API key."
required: false
env:
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
AWS_REGION: "eu-west-1"
ENV_PREFIX: ${{ github.event.inputs.prefix }}
ENV_IGNORE_PREFIX: ${{ github.event.inputs.ignore-prefix }}
TF_VAR_ec_api_key: ${{ secrets.EC_API_KEY }}
jobs:
Destroy:
runs-on: ubuntu-20.04
timeout-minutes: 120
# Add "id-token" with the intended permissions.
permissions:
contents: 'read'
id-token: 'write'
steps:
- name: Check out the repo
uses: actions/checkout@v4
- name: Init Hermit
run: ./bin/hermit env -r >> $GITHUB_ENV
working-directory: ./
- name: Mask API Key
if: ${{ github.event.inputs.ec-api-key != '' }}
run: |
ec_api_key=$(jq -r '.inputs["ec-api-key"]' $GITHUB_EVENT_PATH)
echo "::add-mask::$ec_api_key"
echo "TF_VAR_ec_api_key=$ec_api_key" >> $GITHUB_ENV
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ env.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ env.AWS_SECRET_ACCESS_KEY }}
aws-region: ${{ env.AWS_REGION }}
- id: google-auth
name: Authenticate to Google Cloud
uses: google-github-actions/auth@v1
with:
workload_identity_provider: ${{ secrets.GCP_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_SERVICE_ACCOUNT }}
- name: Destroy Environment
run: |
just delete-cloud-env ${{ env.ENV_PREFIX }} '${{ env.ENV_IGNORE_PREFIX }}' "false"