Use info log level instead of debug for cleaner CI logs #5
Workflow file for this run
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Scheduled Nuke | |
| on: | |
| # Temporary: trigger on push to test branch | |
| push: | |
| branches: | |
| - migrate-nuke-to-gha | |
| schedule: | |
| # Every 3 hours for phx_devops | |
| - cron: '0 */3 * * *' | |
| workflow_dispatch: | |
| # Required for OIDC authentication | |
| permissions: | |
| id-token: write | |
| contents: read | |
| jobs: | |
| nuke_global: | |
| name: "Global Resources" | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 30 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Configure AWS credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::087285199408:role/cloud-nuke-gha | |
| aws-region: us-east-1 | |
| - name: Install mise | |
| uses: jdx/mise-action@v3 | |
| with: | |
| version: 2025.12.10 | |
| experimental: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Go module cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/go/pkg/mod | |
| ~/.cache/go-build | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Download Go modules | |
| run: go mod download | |
| - name: Run cloud-nuke (Global) | |
| run: | | |
| go run -ldflags="-X 'main.VERSION=${{ github.sha }}'" main.go aws \ | |
| --older-than 2h \ | |
| --force \ | |
| --config ./.github/nuke_config.yml \ | |
| --region global \ | |
| --exclude-resource-type iam \ | |
| --exclude-resource-type iam-group \ | |
| --exclude-resource-type iam-policy \ | |
| --exclude-resource-type iam-role \ | |
| --exclude-resource-type iam-service-linked-role \ | |
| --exclude-resource-type oidcprovider \ | |
| --exclude-resource-type route53-hosted-zone \ | |
| --exclude-resource-type route53-cidr-collection \ | |
| --exclude-resource-type route53-traffic-policy \ | |
| --exclude-resource-type ecr \ | |
| --exclude-resource-type config-rules \ | |
| --exclude-resource-type nat-gateway \ | |
| --exclude-resource-type ec2-subnet \ | |
| --delete-unaliased-kms-keys \ | |
| --log-level info | |
| nuke_regional: | |
| name: "Region: ${{ matrix.region }}" | |
| runs-on: ubuntu-latest | |
| timeout-minutes: 20 | |
| strategy: | |
| fail-fast: false | |
| matrix: | |
| region: | |
| - ap-northeast-1 | |
| - ap-northeast-2 | |
| - ap-northeast-3 | |
| - ap-south-1 | |
| - ap-southeast-1 | |
| - ap-southeast-2 | |
| - ca-central-1 | |
| - eu-central-1 | |
| - eu-north-1 | |
| - eu-west-1 | |
| - eu-west-2 | |
| - eu-west-3 | |
| - me-central-1 | |
| - sa-east-1 | |
| - us-east-1 | |
| - us-east-2 | |
| - us-west-1 | |
| - us-west-2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - name: Configure AWS credentials (OIDC) | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| role-to-assume: arn:aws:iam::087285199408:role/cloud-nuke-gha | |
| aws-region: ${{ matrix.region }} | |
| - name: Install mise | |
| uses: jdx/mise-action@v3 | |
| with: | |
| version: 2025.12.10 | |
| experimental: true | |
| env: | |
| GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| - name: Go module cache | |
| uses: actions/cache@v4 | |
| with: | |
| path: | | |
| ~/go/pkg/mod | |
| ~/.cache/go-build | |
| key: ${{ runner.os }}-go-${{ hashFiles('**/go.sum') }} | |
| restore-keys: | | |
| ${{ runner.os }}-go- | |
| - name: Download Go modules | |
| run: go mod download | |
| - name: Run cloud-nuke (${{ matrix.region }}) | |
| run: | | |
| go run -ldflags="-X 'main.VERSION=${{ github.sha }}'" main.go aws \ | |
| --older-than 2h \ | |
| --force \ | |
| --config ./.github/nuke_config.yml \ | |
| --region ${{ matrix.region }} \ | |
| --exclude-resource-type iam \ | |
| --exclude-resource-type iam-group \ | |
| --exclude-resource-type iam-policy \ | |
| --exclude-resource-type iam-role \ | |
| --exclude-resource-type iam-service-linked-role \ | |
| --exclude-resource-type oidcprovider \ | |
| --exclude-resource-type route53-hosted-zone \ | |
| --exclude-resource-type route53-cidr-collection \ | |
| --exclude-resource-type route53-traffic-policy \ | |
| --exclude-resource-type ecr \ | |
| --exclude-resource-type config-rules \ | |
| --exclude-resource-type nat-gateway \ | |
| --exclude-resource-type ec2-subnet \ | |
| --delete-unaliased-kms-keys \ | |
| --log-level info |