Terraform Destroy #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Terraform Destroy | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| delete_snapshots: | |
| description: "Delete Packer snapshots" | |
| required: false | |
| type: boolean | |
| default: false | |
| permissions: | |
| id-token: write | |
| contents: read | |
| env: | |
| TF_VAR_ssh_private_key: ${{ secrets.SSH_PVT }} | |
| TF_VAR_ssh_public_key: ${{ secrets.SSH_PUB }} | |
| TF_VAR_hcloud_token: ${{ secrets.HET_TOK }} | |
| jobs: | |
| terraform-destroy: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - name: Checkout code | |
| uses: actions/checkout@v4 | |
| - name: Authenticate to Google Cloud | |
| id: auth | |
| uses: "google-github-actions/auth@v2" | |
| with: | |
| create_credentials_file: "true" | |
| project_id: ${{ vars.GCP_PROJECT_ID }} | |
| workload_identity_provider: ${{ vars.GCP_WIF }} | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| with: | |
| terraform_version: latest | |
| terraform_wrapper: false | |
| - name: Terraform Init | |
| working-directory: ./infra | |
| run: | | |
| terraform init | |
| - name: Terraform Destroy | |
| working-directory: ./infra | |
| run: | | |
| echo "⚠️ WARNING: Destroying all Terraform-managed infrastructure" | |
| echo "🚨 This action cannot be undone!" | |
| terraform destroy -auto-approve | |
| echo "✅ Terraform Destroy completed successfully" | |
| - name: Install hcloud CLI | |
| if: inputs.delete_snapshots == true | |
| run: | | |
| curl -fsSL https://github.com/hetznercloud/cli/releases/latest/download/hcloud-linux-amd64.tar.gz | tar -xz | |
| sudo mv hcloud /usr/local/bin/hcloud | |
| sudo chmod +x /usr/local/bin/hcloud | |
| - name: Delete Packer Snapshots | |
| if: inputs.delete_snapshots == true | |
| env: | |
| HCLOUD_TOKEN: ${{ secrets.HET_TOK }} | |
| run: | | |
| for SNAPSHOT_ID in $(hcloud image list -t snapshot -l microos-snapshot=yes,creator=kube-hetzner -o columns=id -o noheader); do | |
| hcloud image delete $SNAPSHOT_ID | |
| done |