Use the composite workflow to restore modules #114
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
name: Cleanup Merged PR | |
on: | |
pull_request: | |
types: | |
- closed | |
branches: | |
- main | |
workflow_dispatch: | |
# Limit concurrency to 1, with queueing, per workflow | |
# Limit concurrency to 1, with queueing, per workflow per PR | |
concurrency: | |
group: build-${{ github.workflow }}-${{ github.event.pull_request.number }} | |
cancel-in-progress: false | |
env: | |
PR_NUMBER: ${{ github.event.pull_request.number }} | |
NODE_ENV: prod | |
AWS_REGION: us-east-2 | |
jobs: | |
cleanup-pr: | |
if: github.actor != 'dependabot[bot]' | |
environment: | |
name: ghpublic | |
strategy: | |
matrix: | |
deployName: | |
- microapps-core | |
- microapps-basic | |
- microapps-basic-prefix | |
name: deploy-${{ matrix.deployName }} | |
permissions: | |
contents: read | |
id-token: write | |
runs-on: ubuntu-latest | |
steps: | |
# | |
# Cleanup the Lambda Resource Policy allowing Child Deployer | |
# to invoke the Parent Deployer, when applicable | |
# | |
- name: Change to Parent Account | |
if: ${{ matrix.deployName == 'microapps-core' }} | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-session-name: microapps-ghpublic-build | |
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/builder-writeRole | |
aws-region: ${{ env.AWS_REGION }} | |
- name: Destroy Parent Privilege CDK Stack for Child Deploy | |
if: ${{ matrix.deployName == 'microapps-core' }} | |
run: | | |
aws cloudformation delete-stack --stack-name "${{ matrix.deployName }}-ghchild-priv-${NODE_ENV}-pr-${PR_NUMBER}" | |
aws cloudformation wait stack-delete-complete --output text --stack-name "${{ matrix.deployName }}-ghchild-priv-${NODE_ENV}-pr-${PR_NUMBER}" | |
# | |
# Cleanup the Child Deployer, when applicable | |
# | |
- name: Change to Child Account | |
if: ${{ matrix.deployName == 'microapps-core' }} | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-session-name: microapps-ghpublic-build | |
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID_CHILD }}:role/builder-writeRole | |
aws-region: ${{ env.AWS_REGION }} | |
- name: Destroy Child CDK Stack | |
if: ${{ matrix.deployName == 'microapps-core' }} | |
run: | | |
aws cloudformation delete-stack --stack-name "${{ matrix.deployName }}-ghchild-${NODE_ENV}-pr-${PR_NUMBER}" | |
aws cloudformation wait stack-delete-complete --output text --stack-name "${{ matrix.deployName }}-ghchild-${NODE_ENV}-pr-${PR_NUMBER}" | |
# | |
# Cleanup the Lambda Resource Policy allowing Child Deployer | |
# to invoke the Parent Deployer, when applicable | |
# | |
- name: Change to Parent Account | |
uses: aws-actions/configure-aws-credentials@v2 | |
with: | |
role-session-name: microapps-ghpublic-build | |
role-to-assume: arn:aws:iam::${{ secrets.AWS_ACCOUNT_ID }}:role/builder-writeRole | |
aws-region: ${{ env.AWS_REGION }} | |
- name: Destroy Parent CDK Stack | |
run: | | |
aws cloudformation delete-stack --stack-name "${{ matrix.deployName }}-ghpublic-${NODE_ENV}-pr-${PR_NUMBER}" | |
aws cloudformation wait stack-delete-complete --output text --stack-name "${{ matrix.deployName }}-ghpublic-${NODE_ENV}-pr-${PR_NUMBER}" | |
# TODO - Need to get the stack name from the parent stack export | |
# - name: Destroy Parent Edge to Origin Stack | |
# run: | | |
# aws cloudformation delete-stack --stack-name "${{ matrix.deployName }}-ghpublic-${NODE_ENV}-pr-${PR_NUMBER}" | |
# aws cloudformation wait stack-delete-complete --output text --stack-name "${{ matrix.deployName }}-ghpublic-${NODE_ENV}-pr-${PR_NUMBER}" | |
# Example: | |
# microapps-core-ghpublic-prod-pr-303-edge-role | |
# - name: Destroy Parent Edge to Origin Stack | |
# run: | | |
# aws cloudformation delete-stack --stack-name "${{ matrix.deployName }}-ghpublic-${NODE_ENV}-pr-${PR_NUMBER}-edge-role" | |
# aws cloudformation wait stack-delete-complete --output text --stack-name "${{ matrix.deployName }}-ghpublic-${NODE_ENV}-pr-${PR_NUMBER}-edge-role" |