Skip to content

Auto - Fetch People Profiles #1970

Auto - Fetch People Profiles

Auto - Fetch People Profiles #1970

name: PR - Delete Environment when PR is closed
on:
pull_request:
types: [closed]
workflow_dispatch:
inputs:
slotID:
description: "Pull request number"
required: true
default: ""
workflow_call:
inputs:
slotIDs:
type: string
description: "Slot IDs"
required: true
defaults:
run:
shell: pwsh
env:
SLOT_NAME: ${{ inputs.slotIDs || inputs.slotID || github.event.number }}
SLOT_PREFIX: pr-
permissions:
id-token: write
contents: read
jobs:
setting-up-slot-ids:
runs-on: ubuntu-latest
outputs:
matrix: ${{ steps.set-matrix.outputs.matrix }}
steps:
- name: Get slot ids from input
id: set-matrix
run: |
$slotIDs = '${{ env.SLOT_NAME }}'
if($slotIDs -notlike '`[*')
{
$array = $slotIDs -split " "
$slotIDs = ConvertTo-Json -Compress @($array)
}
echo "matrix=$slotIDs" >> $env:GITHUB_OUTPUT
delete-slot-and-acr-cleanup:
runs-on: ubuntu-latest
needs: setting-up-slot-ids
strategy:
matrix:
SLOT_NAME: ${{ fromJson(needs.setting-up-slot-ids.outputs.matrix) }}
steps:
- uses: actions/checkout@v4
- name: Load .env file
uses: xom9ikk/dotenv@v2
with:
path: ./.github
- name: Azure CLI - Login
uses: azure/login@v2
with:
client-id: ${{ secrets.AZURE_CLIENT_ID }}
tenant-id: ${{ secrets.AZURE_TENANT_ID }}
subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }}
- name: Cleanup ACR and Key Vault Permissions
run: |
$acrId = az acr show `
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} `
--name ${{ env.ACR_LOGIN_SERVER }} `
--query id `
--output tsv
Write-Host '✅ acr found'
# get slot identity
$identityId = az webapp identity show `
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} `
--name ${{ env.APP_SERVICE_NAME }} `
--slot ${{ env.SLOT_PREFIX }}${{ matrix.SLOT_NAME }} `
--query principalId `
--output tsv
Write-Host '✅ slot identity found'
# Check if the role assignment exists before deleting it
$acrRoleAssignment = az role assignment list `
--assignee $identityId `
--scope $acrId `
--role acrpull `
--query "[].roleDefinitionName" `
--output tsv
if ($acrRoleAssignment) {
# Delete the role assignment if it exists
az role assignment delete `
--assignee $identityId `
--scope $acrId `
--role acrpull `
--output none
Write-Host '✅ acrpull role deleted'
} else {
Write-Host '❌ acrpull role assignment not found'
}
$kvId = az keyvault show `
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} `
--name ${{ env.KEY_VAULT }} `
--query id `
--output tsv
if($kvId){
Write-Host '✅ KeyVault found'
# Check if the Key Vault role assignment exists
$kvRoleAssignment = az role assignment list `
--assignee $identityId `
--scope $kvId `
--role "Key Vault Secrets User" `
--query "[].roleDefinitionName" `
--output tsv
if ($kvRoleAssignment) {
# Delete the Key Vault role assignment if it exists
az role assignment delete `
--assignee $identityId `
--scope $kvId `
--role "Key Vault Secrets User" `
--output none
Write-Host '✅ Key Vault Secrets User role deleted'
} else {
Write-Host '❌ Key Vault Secrets User role assignment not found'
}
} else {
Write-Host '❌ Key Vault not found'
}
- name: Delete all untagged images
run: |
az acr manifest list-metadata `
-r ${{ env.ACR_NAME }} `
-n ${{ env.IMAGE_NAME }} `
--query "[?tags==null].digest" `
-o tsv | `
%{ `
az acr repository delete `
-n ${{ env.ACR_NAME }} `
-t ${{ env.IMAGE_NAME }}@$_ `
--yes `
}
Write-Host "✅ All untagged images have been deleted"
- name: ACR - Delete image
run: |
$imageTagWithPrefix = '${{ env.SLOT_PREFIX }}${{ matrix.SLOT_NAME}}'
$imageName = "${{ env.IMAGE_NAME }}:$imageTagWithPrefix"
# Check if the image exists in the ACR
$imageExists = az acr repository show-manifests `
--name ${{ env.ACR_NAME }} `
--repository ${{ env.IMAGE_NAME }} `
--query "[?tags[?contains(@, '$imageTagWithPrefix')]].tags[]" `
--output tsv
if ($imageExists) {
# If the image exists, delete it
az acr repository delete --name ${{ env.ACR_NAME }} `
--image $imageName --yes
Write-Output "✅ ACR - $imageName image deleted successfully."
} else {
Write-Output "❌ ACR - $imageName image not found, skipping deletion."
}
- name: Delete slot
run: |
az webapp deployment slot delete `
--resource-group ${{ env.AZURE_RESOURCE_GROUP }} `
--name ${{ env.APP_SERVICE_NAME }} `
--slot ${{ env.SLOT_PREFIX }}${{ matrix.SLOT_NAME }} `
--output none