forked from livecycle/preevy-gha-gce-demo
-
Notifications
You must be signed in to change notification settings - Fork 2
82 lines (72 loc) · 2.96 KB
/
preevy-down.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
name: Teardown Preevy environment
on:
pull_request:
types:
- closed
permissions:
id-token: write
contents: read
concurrency: preevy-${{ github.event.number }}
jobs:
teardown:
permissions: write-all
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: 'Authenticate to Google Cloud'
id: gcloud_auth
uses: 'google-github-actions/auth@v1'
with:
token_format: access_token
credentials_json: '${{ secrets.PREEVY_SA_KEY }}'
# required by imjasonh/gke-auth
- uses: actions/setup-go@v4
with:
go-version: 1.18
# this is a lot faster than installing gcloud and gke-gcloud-auth-plugin
- uses: imjasonh/gke-auth@v0.2.0
with:
project: ${{ vars.GOOGLE_CLOUD_PROJECT }}
location: ${{ vars.GOOGLE_CLOUD_KUBE_CLUSTER_LOCATION }}
cluster: ${{ vars.GOOGLE_CLOUD_KUBE_CLUSTER_NAME }}
# use a preexisting kubernetes builder which already has cached layers
- name: Find pod of existing kubernetes builder
id: find_pod
run: |
pod=$(kubectl get pod --selector=app='${{ vars.GOOGLE_CLOUD_KUBE_CLUSTER_BUILDER }}' -o jsonpath='{.items[0].metadata.name}')
echo "pod=${pod}" >> $GITHUB_OUTPUT
- name: Configure buildx to use the existing kubernetes builder
id: buildx_setup
uses: docker/setup-buildx-action@v3
with:
driver: remote
# https://github.com/moby/buildkit/tree/master/examples/kubernetes#pod
# uses the kube-pod connection helper: https://github.com/moby/buildkit/pull/951
endpoint: kube-pod://${{ steps.find_pod.outputs.pod }}
- uses: livecycle/preevy-down-action@f94196c17c7d53dcde0f0bb158be20fd3e08a62f
with:
profile-url: ${{ vars.PREEVY_PROFILE_URL }}
install: 'gh-release'
args: "--wait --force --driver kube-pod"
env:
GITHUB_TOKEN: ${{ github.token }}
#
# OPTIONAL: delete GH deployments and environments
# Requires a custom GH app installed on this repo.
# See https://github.com/marketplace/actions/delete-deployment-environment#how-to-obtain-the-proper-token
# To disable this feature, remove the rest of the steps starting here
#
# Points to a recent commit instead of `main` to avoid supply chain attacks. (The latest tag is very old.)
- name: 🎟 Get GitHub App token
uses: navikt/github-app-token-generator@a3831f44404199df32d8f39f7c0ad9bb8fa18b1c
id: get-token
with:
app-id: ${{ vars.GH_APP_ID }}
private-key: ${{ secrets.GH_APP_PRIVATE_KEY }}
- name: 🗑 Delete deployment environment
uses: strumwolf/delete-deployment-environment@v2.2.3
with:
# Use a JWT created with your GitHub App's private key
token: ${{ steps.get-token.outputs.token }}
environment: pr-${{ github.event.number }}
ref: ${{ github.ref_name }}