Cloud infrastructure Cleanup #1039
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Destroys any cloud infrastructure that was deployed for the purpose of E2E testing. | |
name: Cloud infrastructure Cleanup | |
on: | |
workflow_dispatch: | |
repository_dispatch: | |
types: [cleanup-infrastructure] | |
schedule: | |
- cron: "0 2 * * *" # Every day at 2AM. | |
jobs: | |
aws-nuke: | |
runs-on: ubuntu-latest | |
permissions: | |
id-token: write | |
container: | |
image: rebuy/aws-nuke | |
options: --user root -v ${{ github.workspace }}:/workspace | |
steps: | |
- name: Configure AWS Credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
role-to-assume: arn:aws:iam::726952677045:role/GitHubActionsWebinyJs | |
aws-region: eu-central-1 | |
# We need this step because of the `aws-nuke.yml` config which is stored in our repo. | |
- uses: actions/checkout@v4 | |
- name: Run AWS Nuke | |
run: > | |
aws-nuke | |
--config ./.github/workflows/cleanup/aws-nuke.yml | |
--no-dry-run | |
--force | |
--force-sleep 3 | |
--max-wait-retries 100 | |
--access-key-id ${{ env.AWS_ACCESS_KEY_ID }} | |
--secret-access-key ${{ env.AWS_SECRET_ACCESS_KEY }} | |
--session-token ${{ env.AWS_SESSION_TOKEN }} | |
aws-cloudfront-functions-cleanup: | |
runs-on: ubuntu-latest | |
needs: [aws-nuke] | |
env: | |
AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
steps: | |
- uses: actions/setup-node@v4 | |
with: | |
node-version: 18 | |
- uses: actions/checkout@v4 | |
- name: Install dependencies | |
run: yarn --immutable | |
- name: Run Cloudfront Functions Cleanup | |
run: node ./.github/workflows/cleanup/cleanupCloudfrontFunctions.js |