-
Notifications
You must be signed in to change notification settings - Fork 1
53 lines (46 loc) · 1.92 KB
/
scheduled-destroy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
name: "[Workflow] Cleanup PR Workspaces"
on:
schedule:
# 4am every day except Sundays
- cron: '0 4 * * 0-6'
permissions:
contents: read
security-events: none
pull-requests: none
actions: none
checks: none
deployments: none
issues: none
packages: none
repository-projects: none
statuses: none
jobs:
terraform_environment_cleanup:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332
- uses: unfor19/install-aws-cli-action@27d6061dae5d39e89be4d2246824f15e111a7e06
- uses: hashicorp/setup-terraform@3235006f3a5bc0e29fb49e41401c5bff62c4d885
with:
terraform_version: 1.7.2
terraform_wrapper: false
- name: Configure AWS Credentials For Terraform
uses: aws-actions/configure-aws-credentials@96589f5dfc2a132a761760e07b80ee57ce45b200
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }}
aws-region: eu-west-1
role-duration-seconds: 3600
role-session-name: OPGLPACodesClearupEnvs
- name: Install Terraform Workspace Manager
run: |
wget https://github.com/ministryofjustice/opg-terraform-workspace-manager/releases/download/v0.3.2/opg-terraform-workspace-manager_Linux_x86_64.tar.gz -O $HOME/terraform-workspace-manager.tar.gz
sudo tar -xvf $HOME/terraform-workspace-manager.tar.gz -C /usr/local/bin
sudo chmod +x /usr/local/bin/terraform-workspace-manager
- name: Terraform Init
working-directory: terraform/environment
run: terraform init -input=false
- name: Destroy PR Terraform Workspaces
working-directory: terraform/environment
run: |
./scripts/workspace_cleanup.sh $(terraform-workspace-manager -protected-workspaces=true -aws-account-id=288342028542 -aws-iam-role=integrations-ci)