-
Notifications
You must be signed in to change notification settings - Fork 21
111 lines (94 loc) · 3.83 KB
/
delete_review_app.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
name: Delete review app
on:
pull_request:
types: [closed]
paths-ignore:
- 'bigquery/**'
- 'documentation/**'
- 'terraform/common/**'
- '**.md'
workflow_dispatch:
inputs:
pr_number:
description: 'Pull Request number to delete (EG: 1234 for review-pr-1234)'
required: true
concurrency: workflow-Build-and-deploy-${{ github.event.pull_request.number }}
env:
DOCKER_REPOSITORY: ghcr.io/dfe-digital/teaching-vacancies
jobs:
delete-review-app:
if: contains(github.event.pull_request.labels.*.name, 'deploy') || github.event_name == 'workflow_dispatch'
name: Delete review app
runs-on: ubuntu-20.04
environment: review
steps:
- name: Set environment variables
run: |
PR_NUMBER=${{ github.event.inputs.pr_number || github.event.number }}
ENVIRONMENT=review-pr-${PR_NUMBER}
echo "PR_NUMBER=${PR_NUMBER}" >> $GITHUB_ENV
echo "ENVIRONMENT=${ENVIRONMENT}" >> $GITHUB_ENV
echo "LINK_TO_RUN=https://github.com/${GITHUB_REPOSITORY}/actions/runs/${GITHUB_RUN_ID}" >> $GITHUB_ENV
echo "LINK_TO_PR=https://github.com/${GITHUB_REPOSITORY}/pull/${PR_NUMBER}" >> $GITHUB_ENV
echo "LINK_TO_APP=https://teaching-vacancies-${ENVIRONMENT}.test.teacherservices.cloud" >> $GITHUB_ENV
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: eu-west-2
role-to-assume: Deployments
role-duration-seconds: 3600
role-skip-session-tagging: true
- name: Get secrets from AWS ParameterStore
uses: dkershner6/aws-ssm-getparameters-action@v2
with:
parameterPairs: "/teaching-vacancies/github_action/infra/slack_webhook = SLACK_WEBHOOK"
- uses: actions/checkout@v4
name: Checkout Code
- name: Set up Ruby
uses: ruby/setup-ruby@v1
- name: Download fetch_config.rb
shell: bash
run: |
echo "::group:: Download fetch_config.rb script"
curl -s https://raw.githubusercontent.com/DFE-Digital/bat-platform-building-blocks/master/scripts/fetch_config/fetch_config.rb -o bin/fetch_config.rb
chmod +x bin/fetch_config.rb
echo "::endgroup::"
- name: Validate secrets
shell: bash
run: |
gem install aws-sdk-ssm --no-document
bin/fetch_config.rb -s aws-ssm-parameter-path:/teaching-vacancies/dev/app -d quiet \
&& echo Data in /teaching-vacancies/dev looks valid
- name: Terraform pin version
uses: hashicorp/setup-terraform@v3
with:
terraform_version: 1.5.1
- uses: DFE-Digital/github-actions/set-kubelogin-environment@master
with:
azure-credentials: ${{ secrets.AZURE_CREDENTIALS }}
- name: Terraform destroy (on PR closed)
run: |
make review ci terraform-app-destroy pr_id=${{env.PR_NUMBER}}
- name: Delete Terraform Statefile
run: ./bin/delete-state-file ${{env.PR_NUMBER}}
- name: Post sticky pull request comment
uses: marocchino/sticky-pull-request-comment@v2
with:
message: |
Review app <${{ env.LINK_TO_APP }}> was successfully deleted
- name: Send failure message to twd_tv_dev channel
if: failure()
uses: rtCamp/[email protected]
env:
SLACK_CHANNEL: twd_tv_dev
SLACK_USERNAME: CI Deployment
SLACK_ICON_EMOJI: ':cry:'
SLACK_TITLE: Delete review app failure
SLACK_MESSAGE: |
Failed deletion of review app PR ${{env.PR_NUMBER}}
See: <${{ env.LINK_TO_RUN }}|Workflow run> - <${{ env.LINK_TO_PR }}|Pull request> - <${{ env.LINK_TO_APP }}|Review app>
<!channel>
SLACK_WEBHOOK: ${{env.SLACK_WEBHOOK}}
SLACK_COLOR: ${{ job.status }}