.github/workflows/destroy.yml
name: Destroy
on:
delete:
workflow_dispatch:
inputs:
environment:
description: "Name of the environment to destroy:"
required: true
jobs:
destroy:
if: |
(
github.event.ref_type == 'branch' &&
(!startsWith(github.event.ref, 'skipci')) &&
(!contains(fromJson('["main", "staging", "production"]'), github.event.ref))
) ||
(
inputs.environment != '' &&
(!contains(fromJson('["main", "staging", "production"]'), inputs.environment))
)
runs-on: ubuntu-20.04
environment:
name: ${{ inputs.environment || (startsWith(github.event.ref, 'snyk-') && 'snyk' || github.event.ref) }}
env:
STAGE_NAME: ${{ inputs.environment || (startsWith(github.event.ref, 'snyk-') && 'snyk' || github.event.ref) }}
permissions:
id-token: write
contents: write
steps:
- name: Checkout
uses: actions/checkout@v3
- uses: ./.github/actions/setup
- name: Configure AWS credentials
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_OIDC_ROLE_TO_ASSUME }}
aws-region: us-east-1
role-duration-seconds: 10800
- name: Destroy
run: run destroy --stage $STAGE_NAME --verify false