.github/workflows/remove_st_after_pr.yml
name: remove-staging-after-pull-request
on:
pull_request:
types: [closed, converted_to_draft, locked]
paths-ignore:
- 'CHANGELOG.md'
- 'README.md'
- 'yarn.lock'
jobs:
delete:
runs-on: ubuntu-20.04
steps:
- uses: actions/checkout@v2
- name: Get pull request reference number
run: |
echo "$GITHUB_REF"
echo "PR_REF=$(cat /home/runner/work/_temp/_github_workflow/event.json | jq -r '.number')" >> $GITHUB_ENV
echo $(cat /home/runner/work/_temp/_github_workflow/event.json | jq -r '.number')
- name: Get repo name
run: |
OIFS=$IFS
IFS='/'
read -a parts <<< "$GITHUB_REPOSITORY"
IFS=OIFS
echo "REPO=${parts[1]}" >> $GITHUB_ENV
- name: Set vpn config
env:
OVPN: ${{ secrets.OVPN }}
VPN_PWD: ${{ secrets.VPN_PWD }}
P12: ${{ secrets.P12 }}
K_CONFIG: ${{ secrets.KUBE_CONFIG }}
SSH_KEY: ${{ secrets.EISBOT_SSH_KEY }}
run: |
echo $VPN_PWD | base64 -di > client.pwd
chmod 0600 client.pwd
echo $OVPN | base64 -di > config.ovpn
echo $P12 | base64 -di > cert.p12
mkdir -p ~/.ssh
echo $SSH_KEY | base64 -di > ~/.ssh/key
chmod 0600 ~/.ssh/key
mkdir -p $REPO/$PR_REF
cd $REPO/$PR_REF
echo "$SHORT_SHA" > TAG
echo $K_CONFIG | base64 -di > kubeconfig
chmod 0600 kubeconfig
- name: Install Open VPN
run: sudo apt-get install openvpn
- name: Delete k8s
timeout-minutes: 2
run: |
sudo openvpn --config config.ovpn --askpass client.pwd --auth-nocache --daemon&
sleep 25
ping -c 2 192.168.99.12
eval `ssh-agent`
touch ~/.ssh/known_hosts
ssh-add ~/.ssh/key
ssh-keyscan 192.168.99.12 > ~/.ssh/known_hosts
rsync -av "$REPO" runner@192.168.99.12:/home/runner/
ssh -T runner@192.168.99.12 << EOSSH
bash
cd "$REPO"/"$PR_REF"
export KUBECONFIG=./kubeconfig
helm delete reg-admin-"$PR_REF" -n reg-admin
helm delete epp-"$PR_REF" -n epp
helm delete reg-api-"$PR_REF" -n reg-api
TOKEN=${{ secrets.CLOUD_TOKEN }} python3 ../../portOpener.py "$PR_REF" remove
rm kubeconfig
echo "server obs.tld.ee
zone pilv.tld.ee
update delete reg-admin-"$PR_REF".pilv.tld.ee.
update delete repp-"$PR_REF".pilv.tld.ee.
update delete reg-api-"$PR_REF".pilv.tld.ee.
send
" | nsupdate -k ~/Kgh-runner.infra.tld.ee.+165+27011.key
if [ "$?" -eq "0" ]; then
echo "CNAME updates were successful"
else
echo "CNAME updates failed"
fi
EOSSH
- name: Notify developers
timeout-minutes: 1
env:
NOTIFICATION_URL: ${{ secrets.NOTIFICATION_URL}}
run: |
curl -i -X POST --data-urlencode 'payload={
"text": "##### [Pull request](https://github.com/internetee/registry/pull/'$PR_REF') was succesful, it has been merged :bowtie:\n
| Registry | '${{ github.head_ref }}' |
|:-----------|:-------------------------------------------:|
| **Admin** | ~~https://reg-admin-'$PR_REF'.pilv.tld.ee~~ |
| **API** | ~~https://reg-api-'$PR_REF'.pilv.tld.ee~~ |
| **REPP** | ~~https://repp-'$PR_REF'.pilv.tld.ee~~ |
"
}' $NOTIFICATION_URL