Add rollback window and history settings #200
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
on: | |
pull_request: | |
types: [closed] | |
jobs: | |
cleanup: | |
name: Cleanup merged deploy | |
runs-on: ubuntu-latest | |
steps: | |
- uses: actions/github-script@v6 | |
id: permissions | |
with: | |
script: | | |
let member; | |
try { | |
const resp = await github.rest.repos.getCollaboratorPermissionLevel({ | |
username: context.actor, | |
owner: context.repo.owner, | |
repo: context.repo.repo, | |
}); | |
if (!resp || !resp.data || !resp.data.permission) { | |
member = false; | |
} else { | |
const permission = resp.data.permission; | |
member = permission == "admin" || permission == "write"; | |
} | |
} catch(error) { | |
member = false | |
} | |
return member | |
- name: Checkout | |
uses: actions/checkout@v3 # no way of getting the correct ref from the issue event, hence the below | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
- name: Declare variables that we can share across steps | |
id: vars | |
run: | | |
GIT_SHORT="$(git rev-parse --short HEAD)" | |
PR_NUM=${{ github.event.number }} | |
BRANCH_NAME=${GITHUB_REF#refs/heads/} | |
echo "git_short=${GIT_SHORT}" >> $GITHUB_OUTPUT | |
echo "fqdn_record=${PR_NUM}.pr.posthog.cc" >> $GITHUB_OUTPUT | |
echo "pr_number=${PR_NUM}" >> $GITHUB_OUTPUT | |
echo "branch_name=$BRANCH_NAME" >> $GITHUB_OUTPUT | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
- name: Install doctl to access k8s config | |
uses: digitalocean/action-doctl@v2 | |
with: | |
token: ${{ secrets.DIGITALOCEAN_ACCESS_TOKEN }} | |
- name: mark environment as deactivated | |
uses: bobheadxi/deployments@v1 | |
with: | |
step: deactivate-env | |
token: ${{ secrets.GITHUB_TOKEN }} | |
env: ${{ steps.vars.outputs.branch_name }} | |
desc: Environment was pruned | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
# Only ran if the correct comment is used! We should have automatic cleanup on merge, but this allows us to manually | |
# cleanup. For instance, you may restore a branch, deploy it, and keep it around for demo purposes. | |
- name: Delete preview namespace | |
id: delete_preview | |
run: | | |
doctl kubernetes cluster kubeconfig save $PR_CLUSTER_ID | |
kubectl patch chi posthog -n pr-${{ steps.vars.outputs.pr_number }} -p '{"metadata":{"finalizers":null}}' --type=merge || true # if the resource cannot be found, we still want to clean up | |
kubectl delete chi posthog -n pr-${{ steps.vars.outputs.pr_number }} --ignore-not-found | |
helm uninstall -n pr-${{ steps.vars.outputs.pr_number }} posthog | |
# delete all instances of all resources, in the specified namespace | |
# just in case someone has made a change to the chart that stops uninstall cleaning up correctly | |
kubectl delete all --all --namespace pr-${{ steps.vars.outputs.pr_number }} | |
kubectl delete namespace pr-${{ steps.vars.outputs.pr_number }} | |
if: ${{ steps.permissions.outputs.result == 'true' && contains(github.event.pull_request.labels.*.name, 'deploy') }} | |
env: | |
PR_CLUSTER_ID: ${{ secrets.PR_CLUSTER_ID }} # probably not _SECRET_, but best kept out of the YAML |