Purge test resources #307
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# ------------------------------------------------------------ | |
# Copyright 2023 The Radius Authors. | |
# | |
# Licensed under the Apache License, Version 2.0 (the "License"); | |
# you may not use this file except in compliance with the License. | |
# You may obtain a copy of the License at | |
# | |
# http://www.apache.org/licenses/LICENSE-2.0 | |
# | |
# Unless required by applicable law or agreed to in writing, software | |
# distributed under the License is distributed on an "AS IS" BASIS, | |
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | |
# See the License for the specific language governing permissions and | |
# limitations under the License. | |
# ------------------------------------------------------------ | |
name: Purge test resources | |
permissions: | |
id-token: write # Required for requesting the JWT | |
contents: read # Required for actions/checkout | |
on: | |
schedule: | |
# Run twice a day | |
- cron: "30 0,12 * * *" | |
env: | |
AZURE_RG_DELETE_LIST_FILE: "az_rg_list.txt" | |
# The valid resource time window in seconds to delete the test resources. 6 hours | |
VALID_RESOURCE_WINDOW: 6*60*60 | |
# The current GitHub action link | |
ACTION_LINK: "${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}" | |
jobs: | |
purge_gchr_dev: | |
name: Delete old unused container images | |
runs-on: ubuntu-latest | |
if: github.repository == 'radius-project/radius' | |
steps: | |
- name: Delete 'dev' containers older than a week | |
uses: snok/container-retention-policy@v2 | |
with: | |
image-names: dev/* | |
cut-off: 3 days ago UTC | |
account-type: org | |
org-name: radius-project | |
token: ${{ secrets.GH_RAD_CI_BOT_PAT }} | |
purge_azure_resources: | |
name: Azure resources clean-ups | |
runs-on: ubuntu-latest | |
if: github.repository == 'radius-project/radius' | |
steps: | |
- name: Setup Azure CLI | |
run: curl -sL https://aka.ms/InstallAzureCLIDeb | sudo bash | |
- name: Login to Azure | |
uses: azure/login@v2 | |
with: | |
client-id: ${{ secrets.AZURE_SP_TESTS_APPID }} | |
tenant-id: ${{ secrets.AZURE_SP_TESTS_TENANTID }} | |
subscription-id: ${{ secrets.AZURE_SUBSCRIPTIONID_TESTS }} | |
- name: Find old test resource groups | |
run: | | |
echo "## Test resource group list" >> $GITHUB_STEP_SUMMARY | |
# Create the file to store the resource group list | |
touch ${{ env.AZURE_RG_DELETE_LIST_FILE}} | |
az account set -s ${{ secrets.AZURE_SUBSCRIPTIONID_TESTS }} | |
resource_groups=$(az group list --query "[].{Name:name, creationTime:tags.creationTime}" -o tsv) | |
current_time=$(date +%s) | |
hours_ago=$((current_time - ${{ env.VALID_RESOURCE_WINDOW }})) | |
while IFS=$'\t' read -r name creation_time; do | |
if [[ ! "$name" =~ ^"samplestest-" ]] && [[ ! "$name" =~ ^"radtest-" ]]; then | |
continue | |
fi | |
if [ "$creation_time" = "None" ]; then | |
echo " * :wastebasket: $name - old resource" >> $GITHUB_STEP_SUMMARY | |
echo $name >> ${{ env.AZURE_RG_DELETE_LIST_FILE}} | |
continue | |
fi | |
# Check if the resource group was created more than 6 hours ago | |
if [ "$creation_time" -lt "$hours_ago" ]; then | |
echo " * :wastebasket: $name - creationTime: $creation_time" >> $GITHUB_STEP_SUMMARY | |
echo $name >> ${{ env.AZURE_RG_DELETE_LIST_FILE}} | |
else | |
echo " * :white_check_mark: $name - creationTime: $creation_time" >> $GITHUB_STEP_SUMMARY | |
fi | |
done <<< "$resource_groups" | |
- name: Delete Azure resource groups | |
run: | | |
echo "## Deleting resource group list" >> $GITHUB_STEP_SUMMARY | |
cat ${{ env.AZURE_RG_DELETE_LIST_FILE}} | while read line | |
do | |
echo " * $line" >> $GITHUB_STEP_SUMMARY | |
az group delete --resource-group $line --yes --verbose --no-wait | |
done | |
create_issue_on_failure: | |
name: Create issue for failing purge test resources run | |
needs: [purge_gchr_dev, purge_azure_resources] | |
runs-on: ubuntu-latest | |
if: always() && (needs.purge_gchr_dev.result == 'failure' || needs.purge_azure_resources.result == 'failure') | |
steps: | |
- uses: actions/github-script@v7 | |
with: | |
github-token: ${{ secrets.GH_RAD_CI_BOT_PAT }} | |
script: | | |
github.rest.issues.create({ | |
...context.repo, | |
title: `Purge test resources failed - Run ID: ${context.runId}`, | |
labels: ['bug', 'test-failure'], | |
body: `## Bug information \n\nThis bug is generated automatically if the purge test resources workflow fails. For the further investigation, please visit [here](${process.env.ACTION_LINK}).` | |
}) |