diff --git a/.github/workflows/dev_on_pull_request_closed.yml b/.github/workflows/dev_on_pull_request_closed.yml index 0a1babffcf8..6f2b7aab3f7 100644 --- a/.github/workflows/dev_on_pull_request_closed.yml +++ b/.github/workflows/dev_on_pull_request_closed.yml @@ -8,7 +8,7 @@ on: jobs: # Delete pcapi preview deployment delete-pcapi-preview-deployment: - name: "Delete pcapi preview deployment" + name: "Delete pcapi preview deployment" runs-on: ubuntu-22.04 permissions: id-token: write @@ -16,14 +16,14 @@ jobs: steps: - uses: actions/checkout@v4.2.1 - name: "Authentification to Google" - uses: 'google-github-actions/auth@v2' + uses: "google-github-actions/auth@v2" with: workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }} - name: "Get secrets" - id: 'secrets' - uses: 'google-github-actions/get-secretmanager-secrets@v2' + id: "secrets" + uses: "google-github-actions/get-secretmanager-secrets@v2" with: secrets: |- API_TOKEN_GITHUB:passculture-metier-ehp/passculture-main-sa-access-token @@ -31,13 +31,19 @@ jobs: DEPLOYMENT_SA:passculture-metier-ehp/pcapi-testing_deploy-service-account DEPLOYMENT_WORKLOAD_IDENTITY_PROVIDER:passculture-metier-ehp/gcp_metier_ehp_workload_identity_provider + # Set up Cloud SDK + - name: "Set up Cloud SDK" + uses: "google-github-actions/setup-gcloud@v2" + with: + version: ">= 363.0.0" + # Checkout rendered-manifests repository - uses: actions/checkout@v4.2.1 with: repository: pass-culture/rendered-manifests token: ${{ steps.secrets.outputs.API_TOKEN_GITHUB }} path: ./rendered-manifests - ref: 'pcapi/pullrequests' + ref: "pcapi/pullrequests" - name: "Delete PR deployment" run: | @@ -55,9 +61,9 @@ jobs: fi - name: "Authentification to Google" - uses: 'google-github-actions/auth@v2' + uses: "google-github-actions/auth@v2" with: - service_account : ${{ steps.secrets.outputs.DEPLOYMENT_SA }} + service_account: ${{ steps.secrets.outputs.DEPLOYMENT_SA }} workload_identity_provider: ${{ steps.secrets.outputs.DEPLOYMENT_WORKLOAD_IDENTITY_PROVIDER }} - name: "Connect to cluster" @@ -78,6 +84,10 @@ jobs: # Check for PR namespace and delete it kubectl get ns pcapi-pr-${{ github.event.pull_request.number }} [[ $? -eq 0 ]] && kubectl delete ns pcapi-pr-${{ github.event.pull_request.number }} || echo "namespace pcapi-pr-${{ github.event.pull_request.number }} does not exist" + # Set active project for DNS entry deletion + gcloud config set project passculture-metier-ehp + # Delete DNS entry + gcloud dns record-sets delete a-backend-${{ github.event.pull_request.number }}.testing.passculture.team. --type=TXT --zone=testing-passculture-team # Delete pro preview deployment delete-pro-firebase-preview-deployment: @@ -89,14 +99,14 @@ jobs: steps: - uses: actions/checkout@v4.2.1 - name: "Authentification to Google" - uses: 'google-github-actions/auth@v2' + uses: "google-github-actions/auth@v2" with: workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }} - name: "Get secrets" - id: 'secrets' - uses: 'google-github-actions/get-secretmanager-secrets@v2' + id: "secrets" + uses: "google-github-actions/get-secretmanager-secrets@v2" with: secrets: |- FIREBASE_SERVICE_ACCOUNT_TESTING:passculture-metier-ehp/pc_pro_testing_firebase_json diff --git a/.github/workflows/dev_on_schedule_delete_pullrequest_deployments.yml b/.github/workflows/dev_on_schedule_delete_pullrequest_deployments.yml index baed2b4bdb6..2f2b93b2444 100644 --- a/.github/workflows/dev_on_schedule_delete_pullrequest_deployments.yml +++ b/.github/workflows/dev_on_schedule_delete_pullrequest_deployments.yml @@ -16,15 +16,15 @@ jobs: steps: - uses: actions/checkout@v4.2.1 - name: "Authentification to Google" - uses: 'google-github-actions/auth@v2' + uses: "google-github-actions/auth@v2" with: workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }} service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }} # Get github api token - name: "Get secrets (github)" - id: 'secrets' - uses: 'google-github-actions/get-secretmanager-secrets@v2' + id: "secrets" + uses: "google-github-actions/get-secretmanager-secrets@v2" with: secrets: |- API_TOKEN_GITHUB:passculture-metier-ehp/passculture-main-sa-access-token @@ -37,14 +37,19 @@ jobs: repository: pass-culture/rendered-manifests token: ${{ steps.secrets.outputs.API_TOKEN_GITHUB }} path: ./rendered-manifests - ref: 'pcapi/pullrequests' + ref: "pcapi/pullrequests" - name: "Authentification to Google" - uses: 'google-github-actions/auth@v2' + uses: "google-github-actions/auth@v2" with: - service_account : ${{ steps.secrets.outputs.DEPLOYMENT_SA }} + service_account: ${{ steps.secrets.outputs.DEPLOYMENT_SA }} workload_identity_provider: ${{ steps.secrets.outputs.DEPLOYMENT_WORKLOAD_IDENTITY_PROVIDER }} + # Set up Cloud SDK + - name: "Set up Cloud SDK" + uses: "google-github-actions/setup-gcloud@v2" + with: + version: ">= 363.0.0" - name: "Connect to cluster" uses: pass-culture/common-workflows/actions/pc-k8s-connect@pc-k8s-connect/v0.1.0 @@ -74,6 +79,9 @@ jobs: git push fi + #Set active project for DNS entry deletion + gcloud config set project passculture-metier-ehp + for id in $pullrequests_ids; do while true; do kubectl get application -n argocd | grep $id @@ -82,4 +90,6 @@ jobs: # Check for PR namespace and delete it kubectl get ns pcapi-pr-$id [[ $? -eq 0 ]] && kubectl delete ns pcapi-pr-$id || echo "namespace pcapi-pr-$id does not exist" + # Delete DNS entry + gcloud dns record-sets delete a-backend-$id.testing.passculture.team. --type=TXT --zone=testing-passculture-team done