-
Notifications
You must be signed in to change notification settings - Fork 40
75 lines (66 loc) · 3.09 KB
/
dev_on_schedule_delete_pullrequest_deployments.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
name: "2 [on_schedule] Delete pullrequest deployments"
on:
schedule:
- cron: "0 */1 * * *"
permissions: write-all
jobs:
delete-pullrequest-deployment:
name: "Delete PR deployment"
runs-on: ubuntu-22.04
permissions:
id-token: write
contents: read
steps:
- uses: actions/[email protected]
- name: "Authentification to Google"
uses: 'google-github-actions/auth@v2'
with:
workload_identity_provider: ${{ secrets.GCP_EHP_WORKLOAD_IDENTITY_PROVIDER }}
service_account: ${{ secrets.GCP_EHP_SERVICE_ACCOUNT }}
# Get github api token
- name: "Get secrets (github)"
id: 'get-github-token'
uses: 'google-github-actions/get-secretmanager-secrets@v2'
with:
secrets: |-
API_TOKEN_GITHUB:passculture-metier-ehp/passculture-main-sa-access-token
# Checkout rendered-manifests repository
- uses: actions/[email protected]
with:
repository: pass-culture/rendered-manifests
token: ${{ steps.get-github-token.outputs.API_TOKEN_GITHUB }}
path: ./rendered-manifests
ref: 'pcapi/pullrequests'
- name: "Connect to cluster"
uses: pass-culture/common-workflows/actions/teleport-connect@teleport-connect/v0.1.0
with:
teleport_proxy: teleport.ehp.passculture.team:443
teleport_kubernetes_cluster: passculture-metier-ehp
- name: "Delete PR deployments"
run: |
set +e
git config --global user.email "[email protected]"
git config --global user.name "PassCulture-SA"
cd ./rendered-manifests
# Look for deployments older than 4 hours by looking at pcapi-pr namespaces created prior that delay
pullrequests_ids=$(kubectl get ns -o go-template --template '{{range .items}}{{.metadata.name}} {{.metadata.creationTimestamp}}{{"\n"}}{{end}}' | awk '{if ($1 ~ "pcapi-pr") print $0}' | awk '$2 <= "'$(date -d'now-4 hours' -Ins --utc | sed 's/+0000/Z/')'" { print $1 }' | cut -d "-" -f3)
files_modified=false
for id in $pullrequests_ids; do
[[ -d "pcapi-pr-$id" ]] && { git rm -r pcapi-pr-$id; files_modified=true; } || echo "path pcapi-pr-$id does not exist"
[[ -d "postgresql-pr-$id" ]] && { git rm -r postgresql-pr-$id; files_modified=true; } || echo "path postgresql-pr-$id does not exist"
[[ -d "redis-pr-$id" ]] && { git rm -r redis-pr-$id; files_modified=true; } || echo "path redis-pr-$id does not exist"
done
if [ "$files_modified" = true ]; then
git add .
git commit -m "Scheduled delete of pullrequests deployments"
git push
fi
for id in $pullrequests_ids; do
while true; do
kubectl get application -n argocd | grep $id
[[ $? -eq 0 ]] && sleep 5 || break
done
# Check for PR namespace and delete it
kubectl get ns pcapi-pr-$id
[[ $? -eq 0 ]] && kubectl delete ns pcapi-pr-$id || echo "namespace pcapi-pr-$id does not exist"
done