From d13ad80329585ed2b2ad02dcbc44f1bcffa8dab0 Mon Sep 17 00:00:00 2001
From: Victor Martinez <victor.martinez@elastic.co>
Date: Thu, 2 May 2024 15:52:14 +0200
Subject: [PATCH 1/3] github-action: undeploy serverless for closed PRs using
 ci:project-deploy-observability

---
 .github/CODEOWNERS                       |  1 +
 .github/workflows/undeploy-my-kibana.yml | 60 ++++++++++++++++++++++++
 2 files changed, 61 insertions(+)
 create mode 100644 .github/workflows/undeploy-my-kibana.yml

diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
index 3f5ad156031b9..028b7e1795d3c 100644
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1027,6 +1027,7 @@ packages/kbn-monaco/src/esql @elastic/kibana-esql
 
 # Observability robots
 /.github/workflows/deploy-my-kibana.yml @elastic/observablt-robots
+/.github/workflows/undeploy-my-kibana.yml @elastic/observablt-robots
 /.github/workflows/oblt-github-commands @elastic/observablt-robots
 
 # Infra Monitoring
diff --git a/.github/workflows/undeploy-my-kibana.yml b/.github/workflows/undeploy-my-kibana.yml
new file mode 100644
index 0000000000000..295a5049a8fc5
--- /dev/null
+++ b/.github/workflows/undeploy-my-kibana.yml
@@ -0,0 +1,60 @@
+---
+##
+## This the automation will undeploy an existing automated deployment
+## caused by a merged/closed event and if the GitHub label matches
+## the automated one.
+##
+## Owner: @elastic/observablt-robots
+## Further details: https://ela.st/oblt-deploy-my-kibana
+##
+name: undeploy-my-kibana
+
+on:
+  pull_request:
+    types: [closed]
+
+permissions:
+  contents: read
+
+jobs:
+  deploy-my-kibana:
+    if: contains(github.event.pull_request.labels.*.name, 'ci:project-deploy-observability')
+    runs-on: ubuntu-latest
+    steps:
+      - uses: elastic/apm-pipeline-library/.github/actions/github-token@current
+        with:
+          url: ${{ secrets.OBLT_VAULT_ADDR }}
+          roleId: ${{ secrets.OBLT_VAULT_ROLE_ID }}
+          secretId: ${{ secrets.OBLT_VAULT_SECRET_ID }}
+
+      - name: Is an Elastician's PR?
+        id: is_elastic_member
+        uses: elastic/apm-pipeline-library/.github/actions/is-member-elastic-org@current
+        with:
+          username: ${{ github.event.pull_request.head.repo.owner.login }}
+          token: ${{ env.GITHUB_TOKEN }}
+
+      - name: Create undeploy GitHub issue
+        if: contains(steps.is_elastic_member.outputs.result, 'true')
+        run: |-
+          GITHUB_ISSUE=$(mktemp --suffix ".md") 
+          cat <<EOF > "$GITHUB_ISSUE"
+          ### Kibana pull request
+
+          ${{ env.PR }}
+
+          ### Further details
+
+          Caused by @${{ env.PR_OWNER}} using the github label in https://github.com/elastic/kibana/pull/${{ env.PR }}
+          EOF
+
+          GH_TOKEN="$GITHUB_TOKEN" \
+          gh issue create \
+            --title "[Undeploy Serverless Kibana] for user ${{ env.PR_OWNER}} with PR kibana@pr-${{ env.PR }}" \
+            --body-file "${GITHUB_ISSUE}" \
+            --label 'destroy-custom-kibana-serverless' \
+            --repo 'elastic/observability-test-environments'
+        env:
+          GH_TOKEN: ${{ env.GITHUB_TOKEN }}
+          PR: ${{ github.event.pull_request.number }} 
+          PR_OWNER: ${{ github.event.pull_request.head.repo.owner.login }}

From 8db5886f36c180a5b6754f079119c3119e9d2cc2 Mon Sep 17 00:00:00 2001
From: Victor Martinez <victor.martinez@elastic.co>
Date: Thu, 2 May 2024 16:02:34 +0200
Subject: [PATCH 2/3] github-action: use composite action to undeploy

---
 .github/workflows/undeploy-my-kibana.yml | 42 +++---------------------
 1 file changed, 5 insertions(+), 37 deletions(-)

diff --git a/.github/workflows/undeploy-my-kibana.yml b/.github/workflows/undeploy-my-kibana.yml
index 295a5049a8fc5..352968fe482f6 100644
--- a/.github/workflows/undeploy-my-kibana.yml
+++ b/.github/workflows/undeploy-my-kibana.yml
@@ -17,44 +17,12 @@ permissions:
   contents: read
 
 jobs:
-  deploy-my-kibana:
+  undeploy-my-kibana:
     if: contains(github.event.pull_request.labels.*.name, 'ci:project-deploy-observability')
     runs-on: ubuntu-latest
     steps:
-      - uses: elastic/apm-pipeline-library/.github/actions/github-token@current
+      - uses: elastic/apm-pipeline-library/.github/actions/undeploy-my-kibana@current
         with:
-          url: ${{ secrets.OBLT_VAULT_ADDR }}
-          roleId: ${{ secrets.OBLT_VAULT_ROLE_ID }}
-          secretId: ${{ secrets.OBLT_VAULT_SECRET_ID }}
-
-      - name: Is an Elastician's PR?
-        id: is_elastic_member
-        uses: elastic/apm-pipeline-library/.github/actions/is-member-elastic-org@current
-        with:
-          username: ${{ github.event.pull_request.head.repo.owner.login }}
-          token: ${{ env.GITHUB_TOKEN }}
-
-      - name: Create undeploy GitHub issue
-        if: contains(steps.is_elastic_member.outputs.result, 'true')
-        run: |-
-          GITHUB_ISSUE=$(mktemp --suffix ".md") 
-          cat <<EOF > "$GITHUB_ISSUE"
-          ### Kibana pull request
-
-          ${{ env.PR }}
-
-          ### Further details
-
-          Caused by @${{ env.PR_OWNER}} using the github label in https://github.com/elastic/kibana/pull/${{ env.PR }}
-          EOF
-
-          GH_TOKEN="$GITHUB_TOKEN" \
-          gh issue create \
-            --title "[Undeploy Serverless Kibana] for user ${{ env.PR_OWNER}} with PR kibana@pr-${{ env.PR }}" \
-            --body-file "${GITHUB_ISSUE}" \
-            --label 'destroy-custom-kibana-serverless' \
-            --repo 'elastic/observability-test-environments'
-        env:
-          GH_TOKEN: ${{ env.GITHUB_TOKEN }}
-          PR: ${{ github.event.pull_request.number }} 
-          PR_OWNER: ${{ github.event.pull_request.head.repo.owner.login }}
+          vaultUrl: ${{ secrets.OBLT_VAULT_ADDR }}
+          vaultRoleId: ${{ secrets.OBLT_VAULT_ROLE_ID }}
+          vaultSecretId: ${{ secrets.OBLT_VAULT_SECRET_ID }}

From c3c8a6a9fd12decd4d85880c89f219702c9341da Mon Sep 17 00:00:00 2001
From: Victor Martinez <victor.martinez@elastic.co>
Date: Mon, 6 May 2024 14:26:43 +0200
Subject: [PATCH 3/3] github-action: use .github/actions/github-token

---
 .github/workflows/undeploy-my-kibana.yml | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/undeploy-my-kibana.yml b/.github/workflows/undeploy-my-kibana.yml
index 352968fe482f6..a288702cbb537 100644
--- a/.github/workflows/undeploy-my-kibana.yml
+++ b/.github/workflows/undeploy-my-kibana.yml
@@ -21,8 +21,12 @@ jobs:
     if: contains(github.event.pull_request.labels.*.name, 'ci:project-deploy-observability')
     runs-on: ubuntu-latest
     steps:
+      - uses: elastic/apm-pipeline-library/.github/actions/github-token@current
+        with:
+          url: ${{ secrets.OBLT_VAULT_ADDR }}
+          roleId: ${{ secrets.OBLT_VAULT_ROLE_ID }}
+          secretId: ${{ secrets.OBLT_VAULT_SECRET_ID }}
+
       - uses: elastic/apm-pipeline-library/.github/actions/undeploy-my-kibana@current
         with:
-          vaultUrl: ${{ secrets.OBLT_VAULT_ADDR }}
-          vaultRoleId: ${{ secrets.OBLT_VAULT_ROLE_ID }}
-          vaultSecretId: ${{ secrets.OBLT_VAULT_SECRET_ID }}
+          token: ${{ env.GITHUB_TOKEN }}