name: Constellation destroy description: "Destroy a running Constellation cluster." inputs: kubeconfig: description: "The kubeconfig for the cluster." required: true selfManagedInfra: description: "Use self-managed infrastructure instead of infrastructure created by the Constellation CLI." required: true gcpClusterDeleteServiceAccount: description: "Service account with permissions to delete a Constellation cluster on GCP." required: true azureClusterDeleteCredentials: description: "Azure credentials authorized to delete a Constellation cluster." required: true cloudProvider: description: "Either 'aws', 'azure' or 'gcp'." required: true runs: using: "composite" steps: - name: Delete persistent volumes if: inputs.kubeconfig != '' shell: bash env: KUBECONFIG: ${{ inputs.kubeconfig }} PV_DELETION_TIMEOUT: "120" # 2 minutes timeout for pv deletion run: | ELAPSED=0 echo "::group::Wait for PV deletion" # Scrap namespaces that contain PVCs for namespace in `kubectl get namespace --no-headers=true -o custom-columns=":metadata.name"`; do if [[ `kubectl get pvc -n $namespace --no-headers=true -o custom-columns=":metadata.name" | wc -l` -gt 0 ]]; then kubectl delete namespace $namespace --wait fi done until [[ "$(kubectl get pv -o json | jq '.items | length')" == "0" ]] || [[ $ELAPSED -gt $PV_DELETION_TIMEOUT ]]; do echo $(kubectl get pv -o json | jq '.items | length') PV remaining.. sleep 1 ELAPSED=$((ELAPSED+1)) done if [[ $ELAPSED -gt $PV_DELETION_TIMEOUT ]]; then echo "Timed out waiting for PV deletion.." exit 1 fi echo "::endgroup::" - name: Login to GCP (Cluster service account) if: inputs.cloudProvider == 'gcp' uses: ./.github/actions/login_gcp with: service_account: ${{ inputs.gcpClusterDeleteServiceAccount }} - name: Login to AWS (Cluster role) if: inputs.cloudProvider == 'aws' uses: aws-actions/configure-aws-credentials@010d0da01d0b5a38af31e9c3470dbfdabdecca3a # v4.0.1 with: role-to-assume: arn:aws:iam::795746500882:role/GithubActionsE2ECluster aws-region: eu-central-1 # extend token expiry to 6 hours to ensure constellation can terminate role-duration-seconds: 21600 - name: Login to Azure (Cluster service principal) if: inputs.cloudProvider == 'azure' uses: ./.github/actions/login_azure with: azure_credentials: ${{ inputs.azureClusterDeleteCredentials }} - name: Constellation terminate if: inputs.selfManagedInfra != 'true' shell: bash run: | constellation terminate --yes --tf-log=DEBUG - name: Constellation terminate (self-managed) if: inputs.selfManagedInfra == 'true' shell: bash working-directory: ${{ github.workspace }}/e2e-infra run: | terraform init terraform destroy -auto-approve rm -f ${{ github.workspace }}/constellation-state.yaml rm -f ${{ github.workspace }}/constellation-admin.conf