name: Constellation destroy description: "Destroy a running Constellation cluster." inputs: kubeconfig: description: "The kubeconfig for the cluster." required: true clusterCreation: description: "How the infrastructure for the e2e test was created. One of [cli, terraform]." default: "cli" gcpClusterDeleteServiceAccount: description: "Service account with permissions to delete a Constellation cluster on GCP." required: true azureClusterDeleteCredentials: description: "Azure credentials authorized to delete a Constellation cluster." required: true cloudProvider: description: "Either 'aws', 'azure' or 'gcp'." required: true runs: using: "composite" steps: - name: Delete persistent volumes if: inputs.kubeconfig != '' shell: bash continue-on-error: true env: KUBECONFIG: ${{ inputs.kubeconfig }} PV_DELETION_TIMEOUT: "120" # 2 minutes timeout for pv deletion run: | ELAPSED=0 echo "::group::Wait for PV deletion" # Scrap namespaces that contain PVCs for namespace in `kubectl get namespace --no-headers=true -o custom-columns=":metadata.name"`; do if [[ `kubectl get pvc -n $namespace --no-headers=true -o custom-columns=":metadata.name" | wc -l` -gt 0 ]]; then if [[ "${namespace}" == "default" ]]; then kubectl delete all --all --namespace "default" --wait continue fi if [[ "${namespace}" == "kube-system" ]]; then kubectl delete pvc --all --namespace "kube-system" --wait continue fi kubectl delete namespace $namespace --wait fi done until [[ "$(kubectl get pv -o json | jq '.items | length')" == "0" ]] || [[ $ELAPSED -gt $PV_DELETION_TIMEOUT ]]; do echo $(kubectl get pv -o json | jq '.items | length') PV remaining.. sleep 1 ELAPSED=$((ELAPSED+1)) done if [[ $ELAPSED -gt $PV_DELETION_TIMEOUT ]]; then echo "Timed out waiting for PV deletion.." exit 1 fi echo "::endgroup::" - name: Login to GCP (Cluster service account) if: inputs.cloudProvider == 'gcp' uses: ./.github/actions/login_gcp with: service_account: ${{ inputs.gcpClusterDeleteServiceAccount }} - name: Login to AWS (Cluster role) if: inputs.cloudProvider == 'aws' uses: aws-actions/configure-aws-credentials@e3dd6a429d7300a6a4c196c26e071d42e0343502 # v4.0.2 with: role-to-assume: arn:aws:iam::795746500882:role/GithubActionsE2ECluster aws-region: eu-central-1 # extend token expiry to 6 hours to ensure constellation can terminate role-duration-seconds: 21600 - name: Login to Azure (Cluster service principal) if: inputs.cloudProvider == 'azure' uses: ./.github/actions/login_azure with: azure_credentials: ${{ inputs.azureClusterDeleteCredentials }} - name: Constellation terminate shell: bash run: | constellation terminate --yes --tf-log=DEBUG