Merge branch 'main' into cleanup #38
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This workflow allows you to destroy the deployed resources using azd down command. | ||
| # It is triggered manually via the GitHub UI. | ||
| name: "CI Destroy Resources" | ||
| on: | ||
| workflow_dispatch: | ||
| inputs: | ||
| azd_environment_name: | ||
| description: "Name of the AZD Environment" | ||
| required: true | ||
| default: "CICD" | ||
| azure_location: | ||
| description: "Azure location for the environment" | ||
| required: true | ||
| default: "eastus" | ||
| permissions: | ||
| id-token: write # Needed for OIDC Authentication | ||
| contents: read | ||
| jobs: | ||
| build: | ||
| runs-on: ${{ fromJson(vars.ACTIONS_RUNNER_NAME || '["ubuntu-latest"]') }} | ||
| env: | ||
| AZURE_ENV_NAME: ${{ github.event.inputs.azd_environment_name || 'CICD' }} | ||
| AZURE_LOCATION: ${{ github.event.inputs.azure_location || 'eastus' }} | ||
| steps: | ||
| - name: Checkout the branch ${{ github.ref_name }} | ||
| uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 | ||
| with: | ||
| ref: ${{ github.ref_name }} | ||
| - name: Install azd | ||
| uses: Azure/setup-azd@cf638ffd167fc81e1851241a478a723c05fa9cb3 # v2.2.0 | ||
| with: | ||
| version: '1.20.0' # Specify your desired azd version here | ||
| - name: Setup Node.js | ||
| uses: actions/setup-node@2028fbc5c25fe9cf00d9f06a71cc4710d4507903 # v6.0.0 | ||
| with: | ||
| node-version: '18.x' | ||
| - name: Install Terraform | ||
| uses: hashicorp/setup-terraform@b9cd54a3c349d3f38e8881555d616ced269862dd # v3.1.2 | ||
| with: | ||
| terraform_version: 1.13.3 | ||
| - name: Login to Azure with Federated Identity | ||
| uses: azure/login@a457da9ea143d694b1b9c7c869ebb04ebe844ef5 # v2.3.0 | ||
| with: | ||
| client-id: ${{ vars.AZURE_CLIENT_ID }} | ||
| tenant-id: ${{ vars.AZURE_TENANT_ID }} | ||
| subscription-id: ${{ vars.AZURE_SUBSCRIPTION_ID }} | ||
| - name: Azd down | ||
| env: | ||
| POWER_PLATFORM_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }} | ||
| POWER_PLATFORM_TENANT_ID: ${{ vars.AZURE_TENANT_ID }} | ||
| POWER_PLATFORM_USE_OIDC: "true" | ||
| RESOURCE_TAGS: ${{ vars.RESOURCE_TAGS }} | ||
| ARM_USE_AZUREAD: "true" | ||
| ARM_STORAGE_USE_AZUREAD: "true" | ||
| ARM_USE_OIDC: "true" | ||
| ARM_CLIENT_ID: ${{ vars.AZURE_CLIENT_ID }} | ||
| ARM_TENANT_ID: ${{ vars.AZURE_TENANT_ID }} | ||
| ARM_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} | ||
| AZURE_SUBSCRIPTION_ID: ${{ vars.AZURE_SUBSCRIPTION_ID }} | ||
| RS_STORAGE_ACCOUNT: ${{ vars.RS_STORAGE_ACCOUNT }} | ||
| RS_CONTAINER_NAME: ${{ vars.RS_CONTAINER_NAME }} | ||
| RS_RESOURCE_GROUP: ${{ vars.RS_RESOURCE_GROUP }} | ||
| RESOURCE_SHARE_USER: ${{ vars.RESOURCE_SHARE_USER }} | ||
| RESOURCE_TAGS: ${{ vars.RESOURCE_TAGS }} | ||
| shell: bash | ||
| run: | | ||
| azd config set auth.useAzCliAuth "true" | ||
| azd env new "$AZURE_ENV_NAME" --location "$AZURE_LOCATION" --no-prompt | ||
| azd env set RS_STORAGE_ACCOUNT "$RS_STORAGE_ACCOUNT" | ||
| azd env set RS_CONTAINER_NAME "$RS_CONTAINER_NAME" | ||
| azd env set RS_RESOURCE_GROUP "$RS_RESOURCE_GROUP" | ||
| azd env set RESOURCE_SHARE_USER "$RESOURCE_SHARE_USER" | ||
| azd env set RESOURCE_TAGS "$RESOURCE_TAGS" | ||
| azd package # trigger prepackage hook to setup terraform provider | ||
| azd provision --preview # https://github.com/Azure/azure-dev/issues/4317 | ||
| azd down --no-prompt --force --purge | ||
| - name: Purge Soft-Deleted Azure OpenAI Resources | ||
| shell: bash | ||
| run: | | ||
| # Get the OpenAI resource name and location from environment outputs | ||
| OPENAI_RESOURCE_NAME=$(azd env get-values --output json | jq -r '.openai_resource_name // empty') | ||
| AZURE_REGION=$(azd env get-values --output json | jq -r '.primary_azure_region // empty') | ||
| RESOURCE_GROUP=$(azd env get-values --output json | jq -r '.resource_group_name // empty') | ||
| # Only attempt to purge if we have the required information | ||
| if [[ -n "$OPENAI_RESOURCE_NAME" && -n "$AZURE_REGION" ]]; then | ||
| echo "Attempting to purge soft-deleted Azure OpenAI resource: $OPENAI_RESOURCE_NAME in $AZURE_REGION" | ||
| # Purge the soft-deleted Cognitive Services account (continue on error if resource not found) | ||
| az cognitiveservices account purge \ | ||
| --location "$AZURE_REGION" \ | ||
| --resource-group "$RESOURCE_GROUP" \ | ||
| --name "$OPENAI_RESOURCE_NAME" || echo "Resource may not be in soft-delete state or already purged" | ||
| else | ||
| echo "OpenAI resource information not found in environment outputs. Skipping purge." | ||
| fi | ||
