-
Notifications
You must be signed in to change notification settings - Fork 56
68 lines (59 loc) · 1.81 KB
/
delete-review.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
name: Delete Review App
on:
pull_request:
types: [closed]
permissions:
id-token: write
contents: read
concurrency:
group: ${{ github.event.pull_request.number }}
jobs:
check-secret-access:
runs-on: ubuntu-latest
outputs:
allowed: ${{ steps.check-secret.outputs.allowed }}
steps:
- name: Test for secrets access
id: check-secret
shell: bash
run: |
unset allowed
if [ "${{ secrets.TEST_SECRETS_ACCESS }}" != '' ]; then
echo "allowed=true" >> $GITHUB_OUTPUT;
else
echo "allowed=false" >> $GITHUB_OUTPUT;
fi
delete:
runs-on: [k8s-public-fmt]
container:
image: registry.gitlab.com/cmmarslender/kubectl-helm:v3
needs:
- check-secret-access
if: needs.check-secret-access.outputs.allowed == 'true'
steps:
- uses: actions/checkout@v4
- name: Vault Login
uses: Chia-Network/actions/vault/login@main
with:
vault_url: ${{ secrets.VAULT_URL }}
role_name: github-chialisp-web
- name: Get secrets from vault
uses: hashicorp/vault-action@v3
with:
url: ${{ secrets.VAULT_URL }}
token: ${{ env.VAULT_TOKEN }}
secrets: |
secret/data/fmt/k8s/k8s-fmt api_server_url | K8S_API_SERVER_URL;
- name: Login to k8s cluster
uses: Chia-Network/actions/vault/k8s-login@main
with:
vault_url: ${{ secrets.VAULT_URL }}
vault_token: ${{ env.VAULT_TOKEN }}
backend_name: k8s-fmt
role_name: github-actions
cluster_url: ${{ env.K8S_API_SERVER_URL }}
- name: Helm Uninstall
env:
REVIEW_SLUG: ${{ github.event.pull_request.number }}
run: |
helm uninstall -n "chialisp-web" "chialisp-web-$REVIEW_SLUG"