Skip to content

.github/workflows/cleanup-auto-deploy.yml #106

.github/workflows/cleanup-auto-deploy.yml

.github/workflows/cleanup-auto-deploy.yml #106

name: Auto-Deploy Cleanup
on:
workflow_dispatch:
inputs:
ttl:
description: 'Hours a PR/issue has to be closed for before its deploys are cleaned up'
required: true
type: number
default: 24
schedule:
# run around midnight australia/nz time
- cron: '0 12 * * *'
concurrency:
group: ${{ github.workflow }}-${{ github.event_name }}
cancel-in-progress: false
permissions:
contents: write # to checkout the repo
pull-requests: write # to parse PRs for config and update them
issues: write # to parse special deploy issues and update them
jobs:
config:
name: Workflow config
runs-on: ubuntu-latest
outputs:
down: ${{ steps.config.outputs.down }}
go-down: ${{ steps.config.outputs.go-down == 'true' }}
steps:
- uses: actions/checkout@v4
- id: setup
uses: ./.github/actions/setup-cd
with:
ops-ssh-key: ${{ secrets.TAMANU_OPS_SSH }}
tailscale-oauth: ${{ secrets.TAILSCALE_DBPROXY_ACCESS_OAUTH }}
- name: List all controlled deploys from K8s
id: list
run: |
list=""
for core in $(tailscale status --json | jq '.Peer[].HostName | select(. | test("k8s-operator-.*"))' -r); do
tailscale configure kubeconfig $core || true
if kubectl get namespace/tamanu-system; then
for ns in $(kubectl get namespace -o json | jq '.items[].metadata.name | select(. | test("tamanu-.*")) | select(. | test("tamanu-(super|system)") | not)' -r); do
control=$(kubectl -n "$ns" get configmap auto-deploy -o json | jq '.data.control' -r)
list="$list $core=$ns=$control"
done
fi
done
echo "list=$list" | tee -a "$GITHUB_OUTPUT"
- name: Figure out which deploys to clean up
id: config
uses: actions/github-script@v7
with:
script: |
const cwd = '${{ github.workspace }}';
const { findDeploysToCleanUp } = await import(`${cwd}/packages/scripts/src/gha-cd-helpers.mjs`);
const controls = ${{ toJson(steps.list.outputs.list) }};
const down = await findDeploysToCleanUp(controls, ${{ github.event.inputs.ttl || 24 }}, context, github);
console.log(down);
core.setOutput('down', JSON.stringify(down));
core.setOutput('go-down', !!down.length);
deploy-down:
needs: config
if: needs.config.outputs.go-down == 'true'
strategy:
fail-fast: false
matrix:
include: ${{ fromJson(needs.config.outputs.down) }}
name: Undeploy ${{ matrix.name }}
uses: ./.github/workflows/cd-down.yml

Check failure on line 77 in .github/workflows/cleanup-auto-deploy.yml

View workflow run for this annotation

GitHub Actions / .github/workflows/cleanup-auto-deploy.yml

Invalid workflow file

error parsing called workflow ".github/workflows/cleanup-auto-deploy.yml" -> "./.github/workflows/cd-down.yml" : failed to fetch workflow: workflow was not found.
with:
deploy-name: ${{ matrix.name }}
options: ${{ matrix.options }}
check-branch: false
ref: not needed as check branch is false
secrets:
PULUMI_ACCESS_TOKEN: ${{ secrets.PULUMI_ACCESS_TOKEN }}
TAILSCALE_OAUTH: ${{ secrets.TAILSCALE_DBPROXY_ACCESS_OAUTH }}
TAMANU_OPS_SSH: ${{ secrets.TAMANU_OPS_SSH }}