-
Notifications
You must be signed in to change notification settings - Fork 1
83 lines (75 loc) · 2.79 KB
/
azure-remove-branch.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
name: Clean up Flexion Azure Resources
on:
delete:
workflow_dispatch:
inputs:
hashId:
description: "Hash id of target branch deployment"
default: ""
type: string
jobs:
list:
runs-on: ubuntu-latest
steps:
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
environment: ${{ vars.AZURE_ENVIRONMENT }}
- name: List existing branch deployments
run: |
echo "List Azure resource groups of current branch deployment"
az group list --query "[?tags.branchName].{ Name:name Branch:tags.branchName HashId:tags.branchHashId }" -o table
check:
runs-on: ubuntu-latest
if: ${{ inputs.hashId != '' || github.event.ref_type == 'branch' }}
environment: "Develop"
outputs:
executeCleanup: ${{ steps.check.outputs.executeCleanup }}
targetBranchHashId: ${{ steps.check.outputs.targetBranchHashId }}
steps:
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
environment: ${{ vars.AZURE_ENVIRONMENT }}
- name: Generate Target Branch Hash
id: hash
if: ${{ github.event.ref_type == 'branch' }}
run: |
branchRef="${{ github.event.ref}}"
hash=$(echo -n "${branchRef}" | openssl sha256 | awk '{print $2}')
shortHash="${hash:0:6}"
echo "hashId=$shortHash" >> $GITHUB_OUTPUT
- name: Validate resources
id: check
run: |
target=${{ inputs.hashId == '' && steps.hash.outputs.hashId || inputs.hashId }}
echo "targetBranchHashId=$target" >> $GITHUB_OUTPUT
echo "Do resources with $target exist?"
count=$(az group list --query "length([?id.contains(@,'$target')])")
if [[ $count -eq 2 ]]; then
echo 'Expected resources found.'
echo "executeCleanup=true" >> $GITHUB_OUTPUT
else
echo 'Did not find existing Azure resources with matching hash id.'
echo "executeCleanup=false" >> $GITHUB_OUTPUT
fi
clean-up:
runs-on: ubuntu-latest
needs: [check]
if: needs.check.outputs.executeCleanup == 'true'
environment: "Develop"
env:
environment: "Develop"
steps:
- uses: azure/login@v1
with:
creds: ${{ secrets.AZURE_CREDENTIALS }}
environment: ${{ vars.AZURE_ENVIRONMENT }}
- uses: actions/checkout@v3
- run: |
./ops/scripts/utility/az-delete-branch-resources.sh \
--app-resource-group=${{ secrets.AZ_APP_RG }} \
--db-account=${{ secrets.AZ_COSMOS_MONGO_ACCOUNT_NAME }} \
--db-resource-group=${{ secrets.AZURE_RG }} \
--network-resource-group=${{ secrets.AZ_NETWORK_RG }} \
--short-hash=${{ needs.check.outputs.targetBranchHashId }}