Skip to content

[Snyk] Security upgrade node from 18.17.1-alpine to 18.18.1-alpine #70

[Snyk] Security upgrade node from 18.17.1-alpine to 18.18.1-alpine

[Snyk] Security upgrade node from 18.17.1-alpine to 18.18.1-alpine #70

name: Azure - Destroy Preview Env
# **What it does**: Destroys resources associated with a PRs Azure preview environment
# **Why we have it**: Closed PRs don't need apps
# **Who does it impact**: All contributors.
on:
pull_request_target:
types:
- closed
- locked
workflow_dispatch:
inputs:
PR_NUMBER:
description: 'PR Number'
type: string
required: true
permissions:
contents: read
# This allows one deploy workflow to interrupt another
concurrency:
group: 'preview-env @ ${{ github.head_ref || github.run_id }} for ${{ github.event.number || github.event.inputs.PR_NUMBER }}'
cancel-in-progress: true
jobs:
destory-azure-preview-env:
name: Destroy
runs-on: ubuntu-latest
if: github.repository == 'github/docs-internal' || github.repository == 'github/docs'
timeout-minutes: 5
env:
PR_NUMBER: ${{ github.event.number || github.event.inputs.PR_NUMBER }}
steps:
- name: 'Az CLI login'
uses: azure/login@1f63701bf3e6892515f1b7ce2d2bf1708b46beaf
with:
creds: ${{ secrets.NONPROD_AZURE_CREDENTIALS }}
- name: Check out repo
uses: actions/checkout@93ea575cb5d8a053eaa0ac8fa3b40d7e05a33cc8
- name: Get preview app info
env:
APP_NAME_SEED: ${{ secrets.PREVIEW_ENV_NAME_SEED }}
run: .github/actions-scripts/get-preview-app-info.sh
# Succeed despite any non-zero exit code (e.g. if there is no deployment to cancel)
- name: 'Cancel any in progress deployments'
run: |
az deployment group cancel --name ${{ env.DEPLOYMENT_NAME }} -g ${{ secrets.PREVIEW_ENV_RESOURCE_GROUP }} || true
# Delete web app (which will also delete the App Service plan)
# This will succeed even if the app doesn't exist / has already been deleted
- name: 'Delete App Service App (which will also delete the App Service plan)'
run: |
az container delete -n ${{ env.APP_NAME }} -g ${{ secrets.PREVIEW_ENV_RESOURCE_GROUP }} -y
# Untag all images under this PR's container registry repo - the container registry will automatically remove untagged images.
# This will fail if the IMAGE_REPO doesn't exist, but we don't care
- name: 'Untag all docker images for this PR'
run: |
az acr repository delete -n ${{ secrets.NONPROD_REGISTRY_SERVER }} --repository ${{ env.IMAGE_REPO }} -y || true
# Remove all GitHub deployments from this environment and remove the environment
- uses: strumwolf/delete-deployment-environment@3cb547f8ec03ee6c0473d90cce57c74c688c2510
with:
# The token provided by the workflow does not have the permissions to delete created environments
token: ${{ secrets.DOCUBOT_REPO_PAT }}
environment: preview-env-${{ env.PR_NUMBER }}