Skip to content

Commit

Permalink
(PC-33480)[API] ci: reenable delete PR deployment on pr closed
Browse files Browse the repository at this point in the history
  • Loading branch information
@lgerard-pass
lgerard-pass committed Feb 10, 2025
1 parent 19e5f61 commit 0196ab4
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 16 deletions.
30 changes: 20 additions & 10 deletions .github/workflows/dev_on_pull_request_closed.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,36 +8,42 @@ on:
jobs:
# Delete pcapi preview deployment
delete-pcapi-preview-deployment:
name: "Delete pcapi preview deployment"
name: "Delete pcapi preview deployment"
runs-on: ubuntu-22.04
permissions:
id-token: write
contents: read
steps:
- uses: actions/[email protected]
- name: "Authentification to Google"
uses: 'google-github-actions/auth@v2'
uses: "google-github-actions/auth@v2"
with:
workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }}

- name: "Get secrets"
id: 'secrets'
uses: 'google-github-actions/get-secretmanager-secrets@v2'
id: "secrets"
uses: "google-github-actions/get-secretmanager-secrets@v2"
with:
secrets: |-
API_TOKEN_GITHUB:passculture-metier-ehp/passculture-main-sa-access-token
FIREBASE_SERVICE_ACCOUNT_TESTING:passculture-metier-ehp/pc_pro_testing_firebase_json
DEPLOYMENT_SA:passculture-metier-ehp/pcapi-testing_deploy-service-account
DEPLOYMENT_WORKLOAD_IDENTITY_PROVIDER:passculture-metier-ehp/gcp_metier_ehp_workload_identity_provider
# Set up Cloud SDK
- name: "Set up Cloud SDK"
uses: "google-github-actions/setup-gcloud@v2"
with:
version: ">= 363.0.0"

# Checkout rendered-manifests repository
- uses: actions/[email protected]
with:
repository: pass-culture/rendered-manifests
token: ${{ steps.secrets.outputs.API_TOKEN_GITHUB }}
path: ./rendered-manifests
ref: 'pcapi/pullrequests'
ref: "pcapi/pullrequests"

- name: "Delete PR deployment"
run: |
Expand All @@ -55,9 +61,9 @@ jobs:
fi
- name: "Authentification to Google"
uses: 'google-github-actions/auth@v2'
uses: "google-github-actions/auth@v2"
with:
service_account : ${{ steps.secrets.outputs.DEPLOYMENT_SA }}
service_account: ${{ steps.secrets.outputs.DEPLOYMENT_SA }}
workload_identity_provider: ${{ steps.secrets.outputs.DEPLOYMENT_WORKLOAD_IDENTITY_PROVIDER }}

- name: "Connect to cluster"
Expand All @@ -78,6 +84,10 @@ jobs:
# Check for PR namespace and delete it
kubectl get ns pcapi-pr-${{ github.event.pull_request.number }}
[[ $? -eq 0 ]] && kubectl delete ns pcapi-pr-${{ github.event.pull_request.number }} || echo "namespace pcapi-pr-${{ github.event.pull_request.number }} does not exist"
# Set active project for DNS entry deletion
gcloud config set project passculture-metier-ehp
# Delete DNS entry
gcloud dns record-sets delete a-backend-${{ github.event.pull_request.number }}.testing.passculture.team. --type=TXT --zone=testing-passculture-team
# Delete pro preview deployment
delete-pro-firebase-preview-deployment:
Expand All @@ -89,14 +99,14 @@ jobs:
steps:
- uses: actions/[email protected]
- name: "Authentification to Google"
uses: 'google-github-actions/auth@v2'
uses: "google-github-actions/auth@v2"
with:
workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }}

- name: "Get secrets"
id: 'secrets'
uses: 'google-github-actions/get-secretmanager-secrets@v2'
id: "secrets"
uses: "google-github-actions/get-secretmanager-secrets@v2"
with:
secrets: |-
FIREBASE_SERVICE_ACCOUNT_TESTING:passculture-metier-ehp/pc_pro_testing_firebase_json
Expand Down
22 changes: 16 additions & 6 deletions .github/workflows/dev_on_schedule_delete_pullrequest_deployments.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,15 @@ jobs:
steps:
- uses: actions/[email protected]
- name: "Authentification to Google"
uses: 'google-github-actions/auth@v2'
uses: "google-github-actions/auth@v2"
with:
workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }}

# Get github api token
- name: "Get secrets (github)"
id: 'secrets'
uses: 'google-github-actions/get-secretmanager-secrets@v2'
id: "secrets"
uses: "google-github-actions/get-secretmanager-secrets@v2"
with:
secrets: |-
API_TOKEN_GITHUB:passculture-metier-ehp/passculture-main-sa-access-token
Expand All @@ -37,14 +37,19 @@ jobs:
repository: pass-culture/rendered-manifests
token: ${{ steps.secrets.outputs.API_TOKEN_GITHUB }}
path: ./rendered-manifests
ref: 'pcapi/pullrequests'
ref: "pcapi/pullrequests"

- name: "Authentification to Google"
uses: 'google-github-actions/auth@v2'
uses: "google-github-actions/auth@v2"
with:
service_account : ${{ steps.secrets.outputs.DEPLOYMENT_SA }}
service_account: ${{ steps.secrets.outputs.DEPLOYMENT_SA }}
workload_identity_provider: ${{ steps.secrets.outputs.DEPLOYMENT_WORKLOAD_IDENTITY_PROVIDER }}

# Set up Cloud SDK
- name: "Set up Cloud SDK"
uses: "google-github-actions/setup-gcloud@v2"
with:
version: ">= 363.0.0"

- name: "Connect to cluster"
uses: pass-culture/common-workflows/actions/pc-k8s-connect@pc-k8s-connect/v0.1.0
Expand Down Expand Up @@ -74,6 +79,9 @@ jobs:
git push
fi
#Set active project for DNS entry deletion
gcloud config set project passculture-metier-ehp
for id in $pullrequests_ids; do
while true; do
kubectl get application -n argocd | grep $id
Expand All @@ -82,4 +90,6 @@ jobs:
# Check for PR namespace and delete it
kubectl get ns pcapi-pr-$id
[[ $? -eq 0 ]] && kubectl delete ns pcapi-pr-$id || echo "namespace pcapi-pr-$id does not exist"
# Delete DNS entry
gcloud dns record-sets delete a-backend-$id.testing.passculture.team. --type=TXT --zone=testing-passculture-team
done

0 comments on commit 0196ab4

Please sign in to comment.