Destroy (Select Account) Environment #445
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # .github/workflows/destroy.yml | |
| name: 'Destroy (Select Account) Environment' | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| build_branch: | |
| default: 'main' | |
| description: 'Branch to use for the destroy action.' | |
| required: true | |
| sandbox_workspace: | |
| description: 'The sandbox workspace to destroy.' | |
| required: true | |
| terraform_vars: | |
| default: 'dev.tfvars' | |
| description: 'Terraform vars file to use.' | |
| required: true | |
| environment: | |
| default: 'development' | |
| description: 'Environment for destruction.' | |
| required: true | |
| backend: | |
| default: 'backend.conf' | |
| description: 'Terraform backend configuration.' | |
| required: true | |
| workflow_call: | |
| inputs: | |
| build_branch: | |
| default: 'main' | |
| description: 'Branch to use for the destroy action.' | |
| required: true | |
| type: "string" | |
| sandbox_workspace: | |
| description: 'The sandbox workspace to destroy.' | |
| required: true | |
| type: "string" | |
| terraform_vars: | |
| default: 'dev.tfvars' | |
| description: 'Terraform vars file to use.' | |
| required: true | |
| type: "string" | |
| environment: | |
| default: 'development' | |
| description: 'Environment for destruction.' | |
| required: true | |
| type: "string" | |
| backend: | |
| default: 'backend.conf' | |
| description: 'Terraform backend configuration.' | |
| required: true | |
| type: "string" | |
| permissions: | |
| pull-requests: write | |
| id-token: write | |
| contents: read | |
| jobs: | |
| remove_edge_associations: | |
| name: Remove Lambda@Edge Associations | |
| uses: ./.github/workflows/cleanup-cloudfront-edge-associations.yml | |
| with: | |
| sandbox_workspace: ${{ inputs.sandbox_workspace }} | |
| lambda_function_name: '${{ inputs.sandbox_workspace }}_EdgePresignLambda' | |
| python_version: 3.11 | |
| build_branch: ${{ inputs.build_branch }} | |
| environment: ${{ inputs.environment}} | |
| secrets: | |
| AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} | |
| cleanup_versions_process: | |
| name: Cleanup Versions Process | |
| uses: ./.github/workflows/cleanup-appconfig-and-lambda-layer-versions.yml | |
| with: | |
| build_branch: ${{ inputs.build_branch }} | |
| sandbox: ${{ inputs.sandbox_workspace }} | |
| environment: ${{ inputs.environment }} | |
| python_version: 3.11 | |
| secrets: | |
| AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }} | |
| terraform_destroy_process: | |
| name: Terraform Destroy Process | |
| runs-on: ubuntu-latest | |
| needs: [remove_edge_associations] # Ensure this runs after Lambda@Edge removal | |
| environment: ${{ inputs.environment }} | |
| steps: | |
| - name: Checkout Repository | |
| uses: actions/checkout@v3 | |
| with: | |
| ref: ${{ inputs.build_branch }} | |
| - name: Configure AWS Credentials | |
| uses: aws-actions/configure-aws-credentials@v2 | |
| with: | |
| role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }} | |
| aws-region: ${{ vars.AWS_REGION }} | |
| - name: View AWS Role | |
| run: aws sts get-caller-identity | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v2 | |
| with: | |
| terraform_version: 1.5.4 | |
| - name: Terraform Init | |
| run: terraform init -backend-config=${{ inputs.backend }} | |
| working-directory: ./infrastructure | |
| - name: Set Terraform Workspace | |
| run: terraform workspace select ${{ inputs.sandbox_workspace }} | |
| working-directory: ./infrastructure | |
| - name: Terraform Destroy | |
| run: terraform destroy -auto-approve -var-file="${{ inputs.terraform_vars }}" | |
| working-directory: ./infrastructure |