-
Notifications
You must be signed in to change notification settings - Fork 116
57 lines (49 loc) · 2.25 KB
/
demo-preview-destroy.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
name: Demo Preview Destroy
on:
pull_request:
types:
- closed
- locked
permissions:
id-token: write # This is required for requesting the OIDC JWT for authing with Azure
contents: read # This is required for actions/checkout
# This allows one deploy workflow to interrupt another
concurrency:
group: 'preview-env @ ${{ github.head_ref || github.run_id }} for ${{ github.event.number || github.event.inputs.PR_NUMBER }}'
cancel-in-progress: true
jobs:
destroy:
if: ${{ github.event.pull_request.head.repo.full_name == 'primer/view_components' && github.actor != 'dependabot[bot]' }}
name: Destroy
runs-on: ubuntu-latest
timeout-minutes: 5
environment:
name: preview
env:
PR_NUMBER: ${{ github.event.number || github.event.inputs.PR_NUMBER }}
steps:
- uses: Azure/login@v2
with:
# excluding a client secret here will cause a login via OpenID Connect (OIDC),
# which prevents us from having to rotate client credentials, etc
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Check out repo
uses: actions/checkout@v4
- name: Get preview app info
run: ./.github/workflows/demo-preview-app-info.sh
# Succeed despite any non-zero exit code (e.g. if there is no deployment to cancel)
- name: 'Cancel any in progress deployments'
run: |
az deployment group cancel --name ${{ env.DEPLOYMENT_NAME }} -g primer || true
# Delete web app (which will also delete the App Service plan)
# This will succeed even if the app doesn't exist / has already been deleted
- name: 'Delete App Service App (which will also delete the App Service plan)'
run: |
az container delete -n ${{ env.APP_NAME }} -g primer -y &> /dev/null
# Untag all images under this PR's container registry repo - the container registry will automatically remove untagged images.
# This will fail if the IMAGE_REPO doesn't exist, but we don't care
- name: 'Untag all docker images for this PR'
run: |
az acr repository delete -n primer.azurecr.io --repository ${{ env.IMAGE_REPO }} -y || true