Skip to content

Clean up Flexion Azure Resources #371

Clean up Flexion Azure Resources

Clean up Flexion Azure Resources #371

name: Clean up Flexion Azure Resources
on:
delete:
workflow_dispatch:
inputs:
hashId:
description: "Hash id of target branch deployment"
default: ""
type: string
jobs:
list:
runs-on: ubuntu-latest
steps:
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
environment: ${{ vars.AZURE_ENVIRONMENT }}
- name: List existing branch deployments
run: |
echo "List Azure resource groups of current branch deployment"
az group list --query "[?tags.branchName].{ Name:name Branch:tags.branchName HashId:tags.branchHashId }" -o table
check:
runs-on: ubuntu-latest
if: ${{ inputs.hashId != '' || github.event.ref_type == 'branch' }}
environment: "Develop"
outputs:
executeCleanup: ${{ steps.check.outputs.executeCleanup }}
targetBranchHashId: ${{ steps.check.outputs.targetBranchHashId }}
steps:
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
environment: ${{ vars.AZURE_ENVIRONMENT }}
- name: Generate Target Branch Hash
id: hash
if: ${{ github.event.ref_type == 'branch' }}
run: |
branchRef="${{ github.event.ref}}"
hash=$(echo -n "${branchRef}" | openssl sha256 | awk '{print $2}')
shortHash="${hash:0:6}"
echo "hashId=$shortHash" >> $GITHUB_OUTPUT
- name: Validate resources
id: check
run: |
target=${{ inputs.hashId == '' && steps.hash.outputs.hashId || inputs.hashId }}
echo "targetBranchHashId=$target" >> $GITHUB_OUTPUT
echo "Do resources with $target exist?"
count=$(az group list --query "length([?id.contains(@,'$target')])")
if [[ $count -eq 2 ]]; then
echo 'Expected resources found.'
echo "executeCleanup=true" >> $GITHUB_OUTPUT
else
echo 'Did not find existing Azure resources with matching hash id.'
echo "executeCleanup=false" >> $GITHUB_OUTPUT
fi
clean-up:
runs-on: ubuntu-latest
needs: [check]
if: needs.check.outputs.executeCleanup == 'true'
environment: "Develop"
env:
environment: "Develop"
steps:
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
environment: ${{ vars.AZURE_ENVIRONMENT }}
- uses: actions/checkout@v3
- run: |
./ops/scripts/utility/az-delete-branch-resources.sh \
--app-resource-group=${{ secrets.AZ_APP_RG }} \
--db-account=${{ secrets.AZ_COSMOS_MONGO_ACCOUNT_NAME }} \
--db-resource-group=${{ secrets.AZURE_RG }} \
--network-resource-group=${{ secrets.AZ_NETWORK_RG }} \
--short-hash=${{ needs.check.outputs.targetBranchHashId }}