PANIC - destroy infrastructure #3
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ===================================================== | |
| # CI/CD Workflow: PANIC - Destroy Infrastructure | |
| # ===================================================== | |
| # Description: | |
| # This workflow is used to destroy all infrastructure for a given environment. | |
| # It is intended for emergency or complete teardown scenarios. | |
| # | |
| # Triggered via: | |
| # - workflow_dispatch: Manual trigger from GitHub UI | |
| # | |
| # Inputs: | |
| # - deployment_env (choice, required): The target environment to destroy. Options: stg, prd | |
| # - confirmation (string, required): Must be exactly "DESTROY" to confirm execution. | |
| # | |
| # Jobs: | |
| # - destroy-infrastructure: | |
| # Validates the confirmation input, initializes Terraform, selects the | |
| # appropriate workspace, and destroys all resources. | |
| # ===================================================== | |
| name: PANIC - destroy infrastructure | |
| on: | |
| workflow_dispatch: | |
| inputs: | |
| deployment_env: | |
| description: 'Environment to destroy' | |
| required: true | |
| type: choice | |
| options: | |
| - stg | |
| - prd | |
| confirmation: | |
| description: 'Type "DESTROY" to confirm' | |
| required: true | |
| type: string | |
| jobs: | |
| destroy-infrastructure: | |
| runs-on: ubuntu-latest | |
| environment: ${{ inputs.deployment_env }} | |
| steps: | |
| - name: Validate confirmation | |
| run: | | |
| if [ "${{ github.event.inputs.confirmation }}" != "DESTROY" ]; then | |
| exit 1 | |
| fi | |
| - uses: actions/checkout@v4 | |
| - name: Setup Terraform | |
| uses: hashicorp/setup-terraform@v3 | |
| - name: Auth GCP | |
| uses: google-github-actions/auth@v2 | |
| with: | |
| credentials_json: ${{ secrets.GCP_SA_KEY }} | |
| - name: Init Terraform | |
| working-directory: terraform | |
| run: terraform init | |
| - name: Use deployment env workspace | |
| working-directory: terraform | |
| run: terraform workspace select ${{ inputs.deployment_env }} | |
| - name: Destroy infrastructure | |
| working-directory: terraform | |
| run: terraform destroy -auto-approve -lock=false |