main | wam | development #821

Workflow file for this run

.github/workflows/tear-down-sandbox.yml at 67c7fec

	name: "Tear down - Sandbox/Test"

	run-name: "${{ github.event.inputs.git_ref }} \| ${{ github.event.inputs.sandbox_name }} \| ${{ github.event.inputs.environment }}"

	on:
	workflow_dispatch:
	inputs:
	git_ref:
	default: "main"
	description: "Branch, tag or SHA for the destroy action"
	required: true
	type: "string"
	sandbox_name:
	description: "Sandbox to destroy"
	required: true
	type: "string"
	environment:
	default: "development"
	description: "GitHub Environment name"
	required: true
	type: choice
	options:
	- "development"
	- "test"

	workflow_call:
	inputs:
	git_ref:
	default: "main"
	description: "Branch, tag or SHA for the destroy action"
	required: true
	type: "string"
	sandbox_name:
	description: "Sandbox to destroy"
	required: true
	type: "string"
	environment:
	default: "development"
	description: "GitHub Environment name"
	required: true
	type: "string"

	permissions:
	pull-requests: write
	id-token: write
	contents: read

	jobs:
	remove_edge_associations:
	name: Remove Lambda@Edge Associations
	uses: ./.github/workflows/base-cleanup-lambda-edge.yml
	with:
	git_ref: ${{ inputs.git_ref }}
	sandbox_name: ${{ inputs.sandbox_name }}
	environment: ${{ inputs.environment }}
	secrets:
	AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }}

	cleanup_versions:
	name: Cleanup Versions
	uses: ./.github/workflows/base-cleanup-workspace.yml
	with:
	git_ref: ${{ inputs.git_ref }}
	sandbox_name: ${{ inputs.sandbox_name }}
	environment: ${{ inputs.environment }}
	secrets:
	AWS_ASSUME_ROLE: ${{ secrets.AWS_ASSUME_ROLE }}

	terraform_destroy:
	name: Terraform Destroy
	runs-on: ubuntu-latest
	needs: [remove_edge_associations] # Ensure this runs after Lambda@Edge removal
	environment: ${{ inputs.environment }}
	steps:
	- name: Checkout
	uses: actions/checkout@v5
	with:
	ref: ${{ inputs.git_ref }}

	- name: Setup Python 3.11
	uses: actions/setup-python@v6
	with:
	python-version: 3.11

	- name: Install Python Dependencies
	run: \|
	python3 -m venv ./venv
	./venv/bin/pip3 install --upgrade pip boto3

	- name: Configure AWS Credentials
	uses: aws-actions/configure-aws-credentials@v5
	with:
	role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
	aws-region: ${{ vars.AWS_REGION }}
	mask-aws-account-id: true

	- name: Setup Terraform
	uses: hashicorp/setup-terraform@v3
	with:
	terraform_version: 1.13.3

	- name: Initialise Terraform
	run: terraform init -backend-config=${{ vars.TF_BACKEND_FILE }}
	working-directory: ./infrastructure

	- name: Select Terraform Workspace
	run: terraform workspace select ${{ inputs.sandbox_name }}
	working-directory: ./infrastructure

	- name: Run Terraform Destroy
	run: terraform destroy -auto-approve -var-file="${{ vars.TF_VARS_FILE }}"
	working-directory: ./infrastructure

	- name: Run Cleanup Script (Terraform Workspace)
	run: ./venv/bin/python3 -u scripts/cleanup_terraform_states.py ${{ inputs.sandbox_name }}

	- name: Run Cleanup Script (Log Group)
	run: ./venv/bin/python3 -u scripts/cleanup_log_groups.py ${{ inputs.sandbox_name }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

main | wam | development #821

Workflow file

main | wam | development #821

Uh oh!

Workflow file for this run