Add GHA workflow for operation

justinyoo · justinyoo · commit dd7ba11d4d08 · 2024-07-30T16:01:28.000+09:00
diff --git a/.github/workflows/clear-deployment-history.yml b/.github/workflows/clear-deployment-history.yml
@@ -0,0 +1,42 @@
+name: Clear Deployment History
+
+on:
+  workflow_dispatch:
+  schedule:
+    - cron: "0 0/4 * * *"
+
+permissions:
+  contents: read
+  id-token: write
+  issues: write
+  pull-requests: write
+
+jobs:
+  delete-deployment-history:
+    name: "Deleting Deployment History"
+
+    runs-on: ubuntu-latest
+
+    env:
+      AZURE_CLIENT_ID: ${{ vars.AZM_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ vars.AZM_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ vars.AZM_SUBSCRIPTION_ID }}
+
+    steps:
+      - name: Azure login (Federated Credentials)
+        if: env.AZURE_CLIENT_ID != ''
+        uses: azure/login@v2
+        with:
+          client-id: ${{ env.AZURE_CLIENT_ID }}
+          tenant-id: ${{ env.AZURE_TENANT_ID }}
+          subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }}
+          enable-AzPSSession: true
+
+      - name: Delete all deployment history
+        shell: pwsh
+        run: |
+          $history = az deployment sub list --query "[].name" | ConvertFrom-Json
+          $history | ForEach-Object {
+            $name = $_
+            az deployment sub delete --name $name --no-wait
+          }
diff --git a/.github/workflows/clear-resource-group.yml b/.github/workflows/clear-resource-group.yml
@@ -0,0 +1,57 @@
+name: Clear Resource Group
+
+on:
+  workflow_dispatch:
+  # schedule:
+  #   # Run every day at 5:30 AM (KST)
+  #   - cron: "30 20 * * *"
+
+permissions:
+  contents: read
+  id-token: write
+  issues: write
+  pull-requests: write
+
+jobs:
+  reset-resource-group:
+    name: "Resetting Resource Groups"
+
+    runs-on: ubuntu-latest
+
+    env:
+      AZURE_CLIENT_ID: ${{ vars.AZM_CLIENT_ID }}
+      AZURE_TENANT_ID: ${{ vars.AZM_TENANT_ID }}
+      AZURE_SUBSCRIPTION_ID: ${{ vars.AZM_SUBSCRIPTION_ID }}
+      AZURE_RESOURCE_GROUPS: ${{ vars.AZM_RESOURCE_GROUPS }}
+      AZURE_APP_NAME: ${{ vars.AZM_APP_NAME }}
+
+    steps:
+      - name: Azure login (Federated Credentials)
+        if: env.AZURE_CLIENT_ID != ''
+        uses: azure/login@v2
+        with:
+          client-id: ${{ env.AZURE_CLIENT_ID }}
+          tenant-id: ${{ env.AZURE_TENANT_ID }}
+          subscription-id: ${{ env.AZURE_SUBSCRIPTION_ID }}
+          enable-AzPSSession: true
+
+      - name: Delete all resource groups
+        shell: pwsh
+        run: |
+          $excludes = "${{ env.AZURE_RESOURCE_GROUPS }}" -split ','
+          $groups = az group list --query "[].name" | ConvertFrom-Json
+          $groups | ForEach-Object {
+            $name = $_
+            if ($excludes -notcontains $name) {
+              az group delete -g $name -y --no-wait
+            }
+          }
+
+      - name: Delete all apps
+        shell: pwsh
+        run: |
+          $apps = az ad app list --query "[?displayName != '${{ env.AZURE_APP_NAME }}'].{id: id, displayName:displayName, appId: appId}" | ConvertFrom-Json
+          $apps | ForEach-Object {
+            $id = $_.id
+            az ad app delete --id $id
+          }
