Destroy Ephemeral Environments #16238
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Destroy Ephemeral Environments | |
on: | |
schedule: | |
- cron: '30 * * * 1-6' | |
defaults: | |
run: | |
shell: bash | |
working-directory: ./terraform/environment | |
jobs: | |
destroy_workspace: | |
name: Destroy | |
runs-on: "ubuntu-latest" | |
steps: | |
- uses: actions/checkout@v4 | |
- name: Set terraform version - environment | |
id: terraform_version_environment | |
uses: ministryofjustice/opg-github-actions/.github/actions/[email protected] | |
with: | |
terraform_directory: "./terraform/environment" | |
- uses: hashicorp/setup-terraform@v3 | |
with: | |
terraform_version: ${{ steps.terraform_version_environment.outputs.version }} | |
terraform_wrapper: false | |
- name: Install workspace manager | |
run: | | |
wget https://github.com/ministryofjustice/opg-terraform-workspace-manager/releases/download/v0.3.2/opg-terraform-workspace-manager_Linux_x86_64.tar.gz -O $HOME/terraform-workspace-manager.tar.gz | |
sudo tar -xvf $HOME/terraform-workspace-manager.tar.gz -C /usr/local/bin | |
sudo chmod +x /usr/local/bin/terraform-workspace-manager | |
- name: Configure AWS Credentials For Terraform | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID_ACTIONS }} | |
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY_ACTIONS }} | |
aws-region: eu-west-1 | |
role-session-name: GitHubActionsTerraform | |
- name: Terraform init | |
run: | | |
terraform init | |
- name: Destroy Protected Workspaces | |
run: | | |
unset TF_WORKSPACE | |
# Set the image URI to allow the workspace cleanup script to run without errors (it expects a value) | |
export TF_VAR_lambda_image_uri=destroy | |
./scripts/workspace_cleanup.sh $(terraform-workspace-manager -protected-workspaces=true -aws-account-id=288342028542 -aws-iam-role=integrations-ci) |