Cluster Resource Cleanup #277
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: "Cluster Resource Cleanup" | |
| on: | |
| # On workflow call (by another workflow) - require all inputs and secrets | |
| workflow_call: | |
| inputs: | |
| cluster_prefix: | |
| type: string | |
| description: "Prefix of cluster/resources to cleanup" | |
| required: true | |
| resource_group: | |
| type: string | |
| description: "Resource group to clean up" | |
| required: true | |
| custom_prefix: | |
| type: string | |
| description: "Your custom prefix for things to delete" | |
| secrets: | |
| AZURE_CLIENT_ID: | |
| required: true | |
| AZURE_TENANT_ID: | |
| required: true | |
| AZURE_SUBSCRIPTION_ID: | |
| required: true | |
| # On manual dispatch from repo - only RG is required | |
| workflow_dispatch: | |
| inputs: | |
| resource_group: | |
| type: string | |
| description: "Resource group to clean up" | |
| required: true | |
| default: ops-cli-int-test-rg | |
| keyvault_prefix: | |
| type: string | |
| description: "Prefix of keyvault to delete" | |
| default: "opskv" | |
| required: false | |
| # Run every night at midnight (Pacific) to cleanup resources | |
| schedule: | |
| - cron: '0 8 * * *' | |
| env: | |
| RESOURCE_GROUP: ${{ inputs.resource_group || 'ops-cli-int-test-rg' }} | |
| CLUSTER_PREFIX: ${{ inputs.cluster_prefix || 'opt' }} | |
| # Note these are just for the init tests since we dont delete them then | |
| REGISTRY_PREFIX: 'init-registry' | |
| STORAGE_PREFIX: 'initstore' | |
| CUSTOM_PREFIX: ${{ inputs.custom_prefix }} | |
| permissions: | |
| # required for OpenID federation | |
| contents: 'read' | |
| id-token: 'write' | |
| jobs: | |
| arc-cleanup: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Az CLI login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Delete ARC instances | |
| run: | | |
| cluster_type="Microsoft.Kubernetes/connectedClusters" | |
| for cluster in $(az resource list -g ${{ env.RESOURCE_GROUP }} --resource-type $cluster_type --query "[?starts_with(name, '${{ env.CLUSTER_PREFIX }}')].id" -o tsv); do | |
| az resource delete -v --id $cluster --verbose | |
| done | |
| resource-cleanup: | |
| needs: [arc-cleanup] | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Az CLI login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Delete linked AIO resources | |
| run: | | |
| for resource in $(az resource list -g ${{ env.RESOURCE_GROUP }} --query "[?starts_with(name, '${{ env.CLUSTER_PREFIX }}')].id" -o tsv); do | |
| az resource delete -v --id $resource --verbose | |
| done | |
| - name: Delete schema registries | |
| run: | | |
| for resource in $(az resource list -g ${{ env.RESOURCE_GROUP }} --query "[?starts_with(name, '${{ env.REGISTRY_PREFIX }}')].id" -o tsv); do | |
| az resource delete -v --id $resource --verbose | |
| done | |
| - name: Delete storage accounts | |
| run: | | |
| for resource in $(az resource list -g ${{ env.RESOURCE_GROUP }} --query "[?starts_with(name, '${{ env.STORAGE_PREFIX }}')].id" -o tsv); do | |
| az resource delete -v --id $resource --verbose | |
| done | |
| - name: Delete your custom stuff | |
| if: ${{ env.CUSTOM_PREFIX }} | |
| run: | | |
| for resource in $(az resource list -g ${{ env.RESOURCE_GROUP }} --query "[?starts_with(name, '${{ env.CUSTOM_PREFIX }}')].id" -o tsv); do | |
| az resource delete -v --id $resource --verbose | |
| done | |
| mq-cleanup: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Az CLI login | |
| uses: azure/login@v2 | |
| with: | |
| client-id: ${{ secrets.AZURE_CLIENT_ID }} | |
| tenant-id: ${{ secrets.AZURE_TENANT_ID }} | |
| subscription-id: ${{ secrets.AZURE_SUBSCRIPTION_ID }} | |
| - name: Delete MQ child resources | |
| run: | | |
| is_mq_child_resource="contains(to_string(type), 'Microsoft.IoTOperationsMQ/mq/')" | |
| in_cluster_ext_loc="contains(to_string(extendedLocation.name), '${{ env.CLUSTER_PREFIX }}')" | |
| for mq_resource in $(az resource list -g ${{ env.RESOURCE_GROUP }} --query "[?$in_cluster_ext_loc && $is_mq_child_resource].id" -o tsv); do | |
| az resource delete -v --id $mq_resource --verbose | |
| done | |
| - name: Delete MQ instances | |
| run: | | |
| mq_type="Microsoft.IoTOperationsMQ/mq" | |
| in_cluster_ext_loc="contains(to_string(extendedLocation.name), '${{ env.CLUSTER_PREFIX }}')" | |
| # MQ instance cannot be deleted until all child resources have successfully deleted | |
| sleep 15s | |
| for mq in $(az resource list -g ${{ env.RESOURCE_GROUP }} --resource-type $mq_type --query "[?$in_cluster_ext_loc].id" -o tsv); do | |
| az resource delete -v --id $mq --verbose | |
| done |