-
Notifications
You must be signed in to change notification settings - Fork 7
134 lines (121 loc) · 4.35 KB
/
tpl-destroy-env.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
---
name: 🔒 Destroy Environment
on:
workflow_call:
inputs:
env-type:
required: true
type: string
pull-request-id:
required: false
type: string
workflow-id:
required: false
type: string
delete-env:
required: false
default: true
type: boolean
pull_request:
types: [ closed ]
issue_comment:
types: [ created ]
env:
# ----------------------------------------------------------------------------
# CI/CD
HOUSEKEEPER_NAME: "${{ vars.HOUSEKEEPER_NAME }}"
HOUSEKEEPER_EMAIL: "${{ secrets.HOUSEKEEPER_EMAIL }}"
HOUSEKEEPER_CI_TOKEN: "${{ secrets.HOUSEKEEPER_CI_TOKEN }}"
HOUSEKEEPER_GPG_KEY: "${{ secrets.HOUSEKEEPER_GPG_KEY }}"
HOUSEKEEPER_GPG_KEY_ID: "${{ secrets.HOUSEKEEPER_GPG_KEY_ID }}"
ARGOCD_URL: "${{ secrets.ARGOCD_URL }}"
ARGOCD_ACCESS_TOKEN: "${{ secrets.ARGOCD_ACCESS_TOKEN }}"
jobs:
destroy:
name: Destroy Environment
runs-on:
- metal
if: (github.event_name == 'issue_comment' && contains(github.event.comment.body, '/destroy')) || github.event_name != 'issue_comment'
container:
image: registry.gitlab.com/golemfoundation/devops/container-builder/gitops-builder:2ea6d57c
credentials:
username: "doesnt-matter"
password: "${{ secrets.GITLAB_PAT_CONTAINER_BUILDER_DOCKER_IMAGES_READ }}"
steps:
- name: Get PR branch
uses: xt0rted/pull-request-comment-branch@v2
if: github.event_name == 'issue_comment'
id: comment-branch
- uses: actions/github-script@v7
id: get-pr-number
if: github.event_name == 'issue_comment'
with:
result-encoding: string
script: |
return (
await github.rest.repos.listPullRequestsAssociatedWithCommit({
commit_sha: '${{ steps.comment-branch.outputs.head_sha }}',
owner: context.repo.owner,
repo: context.repo.repo,
})
).data[0].number;
- uses: actions/[email protected]
if: github.event_name == 'issue_comment'
with:
ref: ${{ steps.comment-branch.outputs.head_ref }}
- uses: actions/[email protected]
if: github.event_name != 'issue_comment'
- name: Set up Gitops mutex
uses: ben-z/[email protected]
with:
branch: gitops-mutex
- name: Destroy application
id: destroy-env
run: |
set -ex
export CI_PROJECT_DIR="${GITHUB_WORKSPACE}"
export ENV_TYPE=${{ inputs.env-type }}
if [[ "${{ github.event_name }}" == "pull_request" ]]; then
export CI_MERGE_REQUEST_IID=${{ github.event.number }}
export CI_PIPELINE_ID=${{ github.run_id }}
elif [[ "${{ github.event_name }}" == "issue_comment" ]]; then
export CI_MERGE_REQUEST_IID=${{ steps.get-pr-number.outputs.result }}
export CI_PIPELINE_ID=${{ github.run_id }}
else
export CI_MERGE_REQUEST_IID=${{ inputs.pull-request-id }}
export CI_PIPELINE_ID=${{ inputs.workflow-id }}
fi
source ${CI_PROJECT_DIR}/ci/argocd/resolve_env.sh $ENV_TYPE
bash ${CI_PROJECT_DIR}/ci/argocd/application.sh destroy
echo "DEPLOYMENT_ID=$DEPLOYMENT_ID" >> $GITHUB_OUTPUT
shell: bash
- uses: actions/github-script@v7
id: does-env-exist
if: always()
with:
result-encoding: string
script: |
try {
await github.rest.repos.getEnvironment({
owner: context.repo.owner,
repo: context.repo.repo,
environment_name: '${{ steps.destroy-env.outputs.DEPLOYMENT_ID }}',
});
return 'true';
} catch {
return 'false';
}
- name: Delete Environment
uses: bobheadxi/deployments@v1
if: ${{ (steps.does-env-exist.outputs.result == 'true') && (inputs.delete-env || github.event_name == 'pull_request' || github.event_name == 'issue_comment') }}
with:
step: delete-env
token: ${{ secrets.GH_BOT_TOKEN }}
env: ${{ steps.destroy-env.outputs.DEPLOYMENT_ID }}
- name: Deactivate Environment
uses: bobheadxi/deployments@v1
if: ${{ (steps.does-env-exist.outputs.result == 'true') && !inputs.delete-env }}
with:
step: deactivate-env
token: ${{ secrets.GH_BOT_TOKEN }}
env: ${{ steps.destroy-env.outputs.DEPLOYMENT_ID }}