1 [on_pull_request] Delete PR deployment

(PC-33480)[API] ci: reenable delete PR deployment on pr closed #715

Workflow file for this run

.github/workflows/dev_on_pull_request_closed.yml at 0196ab4

	name: "1 [on_pull_request] Delete PR deployment"

	on:
	pull_request:
	types:
	- closed

	jobs:
	# Delete pcapi preview deployment
	delete-pcapi-preview-deployment:
	name: "Delete pcapi preview deployment"
	runs-on: ubuntu-22.04
	permissions:
	id-token: write
	contents: read
	steps:
	- uses: actions/[email protected]
	- name: "Authentification to Google"
	uses: "google-github-actions/auth@v2"
	with:
	workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }}
	service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }}

	- name: "Get secrets"
	id: "secrets"
	uses: "google-github-actions/get-secretmanager-secrets@v2"
	with:
	secrets: \|-
	API_TOKEN_GITHUB:passculture-metier-ehp/passculture-main-sa-access-token
	FIREBASE_SERVICE_ACCOUNT_TESTING:passculture-metier-ehp/pc_pro_testing_firebase_json
	DEPLOYMENT_SA:passculture-metier-ehp/pcapi-testing_deploy-service-account
	DEPLOYMENT_WORKLOAD_IDENTITY_PROVIDER:passculture-metier-ehp/gcp_metier_ehp_workload_identity_provider

	# Set up Cloud SDK
	- name: "Set up Cloud SDK"
	uses: "google-github-actions/setup-gcloud@v2"
	with:
	version: ">= 363.0.0"

	# Checkout rendered-manifests repository
	- uses: actions/[email protected]
	with:
	repository: pass-culture/rendered-manifests
	token: ${{ steps.secrets.outputs.API_TOKEN_GITHUB }}
	path: ./rendered-manifests
	ref: "pcapi/pullrequests"

	- name: "Delete PR deployment"
	run: \|
	git config --global user.email "[email protected]"
	git config --global user.name "PassCulture-SA"
	cd ./rendered-manifests
	files_modified=false
	[[ -d "pcapi-pr-${{ github.event.pull_request.number }}" ]] && { git rm -r pcapi-pr-${{ github.event.pull_request.number }}; files_modified=true; } \|\| echo "path pcapi-pr-${{ github.event.pull_request.number }} does not exist"
	[[ -d "postgresql-pr-${{ github.event.pull_request.number }}" ]] && { git rm -r postgresql-pr-${{ github.event.pull_request.number }}; files_modified=true; } \|\| echo "path postgresql-pr-${{ github.event.pull_request.number }} does not exist"
	[[ -d "redis-pr-${{ github.event.pull_request.number }}" ]] && { git rm -r redis-pr-${{ github.event.pull_request.number }}; files_modified=true; } \|\| echo "path redis-pr-${{ github.event.pull_request.number }} does not exist"
	if [ "$files_modified" = true ]; then
	git add .
	git commit -m "[PR-${{ github.event.pull_request.number }}] Delete deployment"
	git push
	fi

	- name: "Authentification to Google"
	uses: "google-github-actions/auth@v2"
	with:
	service_account: ${{ steps.secrets.outputs.DEPLOYMENT_SA }}
	workload_identity_provider: ${{ steps.secrets.outputs.DEPLOYMENT_WORKLOAD_IDENTITY_PROVIDER }}

	- name: "Connect to cluster"
	uses: pass-culture/common-workflows/actions/pc-k8s-connect@pc-k8s-connect/v0.1.0
	with:
	cluster_scope: metier
	cluster_environment: ehp
	api_token_github: ${{ steps.secrets.outputs.API_TOKEN_GITHUB }}

	- name: "Wait for argocd applications to be deleted; delete namespace"
	continue-on-error: true
	run: \|
	set +e
	while true; do
	kubectl get application -n argocd \| grep ${{ github.event.pull_request.number }}
	[[ $? -eq 0 ]] && sleep 5 \|\| break
	done
	# Check for PR namespace and delete it
	kubectl get ns pcapi-pr-${{ github.event.pull_request.number }}
	[[ $? -eq 0 ]] && kubectl delete ns pcapi-pr-${{ github.event.pull_request.number }} \|\| echo "namespace pcapi-pr-${{ github.event.pull_request.number }} does not exist"
	# Set active project for DNS entry deletion
	gcloud config set project passculture-metier-ehp
	# Delete DNS entry
	gcloud dns record-sets delete a-backend-${{ github.event.pull_request.number }}.testing.passculture.team. --type=TXT --zone=testing-passculture-team

	# Delete pro preview deployment
	delete-pro-firebase-preview-deployment:
	name: "Delete pro preview deployment"
	runs-on: ubuntu-22.04
	permissions:
	id-token: write
	contents: read
	steps:
	- uses: actions/[email protected]
	- name: "Authentification to Google"
	uses: "google-github-actions/auth@v2"
	with:
	workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }}
	service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }}

	- name: "Get secrets"
	id: "secrets"
	uses: "google-github-actions/get-secretmanager-secrets@v2"
	with:
	secrets: \|-
	FIREBASE_SERVICE_ACCOUNT_TESTING:passculture-metier-ehp/pc_pro_testing_firebase_json

	- name: "Get pro channel name"
	id: pro-channel-name
	run: \|
	shortname=$(echo "${{ github.head_ref }}" \| cut -c1-20)
	echo "channel-name=pr${{ github.event.pull_request.number }}-$shortname" >> $GITHUB_OUTPUT

	# Delete pro firebase deployment
	- uses: w9jds/[email protected]
	with:
	args: hosting:channel:delete ${{ steps.pro-channel-name.outputs.channel-name }} --force
	env:
	GCP_SA_KEY: ${{ steps.secrets.outputs.FIREBASE_SERVICE_ACCOUNT_TESTING }}
	PROJECT_ID: pc-pro-testing
	PROJECT_PATH: ./pro

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

(PC-33480)[API] ci: reenable delete PR deployment on pr closed #715

Workflow file

(PC-33480)[API] ci: reenable delete PR deployment on pr closed #715

Jobs

Run details

Workflow file for this run