-
Notifications
You must be signed in to change notification settings - Fork 383
Fix Review App Deletion Workflows #639
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
409365f
f70de80
3352e90
3100c84
3b8ab76
3d45555
8487edc
7de811b
2ad243c
7440108
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,20 @@ | ||
name: Delete Control Plane App | ||
description: 'Deletes a Control Plane application and all its resources' | ||
|
||
inputs: | ||
app_name: | ||
description: 'Name of the application to delete' | ||
required: true | ||
cpln_org: | ||
description: 'Organization name' | ||
required: true | ||
|
||
runs: | ||
using: "composite" | ||
steps: | ||
- name: Delete Application | ||
shell: bash | ||
run: ${{ github.action_path }}/delete-app.sh | ||
env: | ||
APP_NAME: ${{ inputs.app_name }} | ||
CPLN_ORG: ${{ inputs.cpln_org }} |
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
#!/bin/bash | ||
|
||
# Script to delete a Control Plane application | ||
# Required environment variables: | ||
# - APP_NAME: Name of the application to delete | ||
# - CPLN_ORG: Organization name | ||
|
||
set -e | ||
|
||
# Validate required environment variables | ||
: "${APP_NAME:?APP_NAME environment variable is required}" | ||
: "${CPLN_ORG:?CPLN_ORG environment variable is required}" | ||
|
||
# Safety check: prevent deletion of production or staging apps | ||
if echo "$APP_NAME" | grep -iqE '(production|staging)'; then | ||
echo "❌ ERROR: Cannot delete apps containing 'production' or 'staging' in their name" >&2 | ||
echo "🛑 This is a safety measure to prevent accidental deletion of production or staging environments" >&2 | ||
echo " App name: $APP_NAME" >&2 | ||
exit 1 | ||
fi | ||
|
||
# Check if app exists before attempting to delete | ||
echo "🔍 Checking if application exists: $APP_NAME" | ||
if ! cpflow exists -a "$APP_NAME" --org "$CPLN_ORG"; then | ||
echo "⚠️ Application does not exist: $APP_NAME" | ||
exit 0 | ||
fi | ||
|
||
# Delete the application | ||
echo "🗑️ Deleting application: $APP_NAME" | ||
if ! cpflow delete -a "$APP_NAME" --org "$CPLN_ORG" --yes; then | ||
echo "❌ Failed to delete application: $APP_NAME" >&2 | ||
exit 1 | ||
fi | ||
|
||
echo "✅ Successfully deleted application: $APP_NAME" |
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -21,7 +21,7 @@ concurrency: | |
|
||
env: | ||
PREFIX: ${{ vars.REVIEW_APP_PREFIX }} | ||
APP_NAME: ${{ vars.REVIEW_APP_PREFIX }}-pr-${{ github.event.pull_request.number || github.event.issue.number || github.event.inputs.pr_number }} | ||
APP_NAME: ${{ vars.REVIEW_APP_PREFIX }}-${{ github.event.pull_request.number || github.event.issue.number || github.event.inputs.pr_number }} | ||
CPLN_TOKEN: ${{ secrets.CPLN_TOKEN_STAGING }} | ||
CPLN_ORG: ${{ vars.CPLN_ORG_STAGING }} | ||
PR_NUMBER: ${{ github.event.pull_request.number || github.event.issue.number || github.event.inputs.pr_number }} | ||
|
@@ -181,17 +181,19 @@ jobs: | |
echo "Skipping deployment for non-PR comment" | ||
fi | ||
fi | ||
if [[ "${{ env.DO_DEPLOY }}" == "false" ]]; then | ||
exit 0 | ||
fi | ||
|
||
- name: Setup Control Plane App if Not Existing | ||
if: env.DO_DEPLOY == 'true' && env.APP_EXISTS == 'false' | ||
if: env.APP_EXISTS == 'false' | ||
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. 🛠️ Refactor suggestion Include if: env.APP_EXISTS == 'false' && env.DO_DEPLOY != 'false' This ensures that a new app is only provisioned when we explicitly want to deploy. |
||
env: | ||
CPLN_TOKEN: ${{ secrets.CPLN_TOKEN_STAGING }} | ||
run: | | ||
echo "🔧 Setting up new Control Plane app..." | ||
cpflow setup-app -a ${{ env.APP_NAME }} --org ${{ vars.CPLN_ORG_STAGING }} | ||
|
||
- name: Create Initial Comment | ||
if: env.DO_DEPLOY != 'false' | ||
uses: actions/github-script@v7 | ||
id: create-comment | ||
with: | ||
|
@@ -200,13 +202,12 @@ jobs: | |
owner: context.repo.owner, | ||
repo: context.repo.repo, | ||
issue_number: process.env.PR_NUMBER, | ||
body: '🚀 Starting deployment process...\n\n' + process.env.CONSOLE_LINK | ||
body: '🚀 Starting deployment process...\n\n' | ||
}); | ||
core.setOutput('comment-id', result.data.id); | ||
|
||
- name: Set Deployment URLs | ||
id: set-urls | ||
if: env.DO_DEPLOY != 'false' | ||
uses: actions/github-script@v7 | ||
with: | ||
script: | | ||
|
@@ -237,7 +238,6 @@ jobs: | |
); | ||
|
||
- name: Initialize GitHub Deployment | ||
if: env.DO_DEPLOY != 'false' | ||
uses: actions/github-script@v7 | ||
id: init-deployment | ||
with: | ||
|
@@ -316,15 +316,13 @@ jobs: | |
}); | ||
|
||
- name: Deploy to Control Plane | ||
if: env.DO_DEPLOY != 'false' | ||
run: cpflow deploy-image -a ${{ env.APP_NAME }} --run-release-phase --org ${{ vars.CPLN_ORG_STAGING }} --verbose | ||
|
||
- name: Retrieve App URL | ||
id: workload | ||
run: echo "WORKLOAD_URL=$(cpln workload get rails --gvc ${{ env.APP_NAME }} | tee | grep -oP 'https://[^[:space:]]*\.cpln\.app(?=\s|$)' | head -n1)" >> "$GITHUB_OUTPUT" | ||
|
||
- name: Update Status - Deployment Complete | ||
if: env.DO_DEPLOY != 'false' | ||
uses: actions/github-script@v7 | ||
with: | ||
script: | | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Early-exit logic does not skip subsequent steps as intended
The
exit 0
inside the Validate Deployment Request step only terminates that shell script—it does not prevent the rest of the job from executing. As a result, even whenDO_DEPLOY
is"false"
, all downstream steps will still run.To properly gate the workflow, consider emitting a step output (e.g.,
echo "do_deploy=${DO_DEPLOY}" >> $GITHUB_OUTPUT
in the validate script) and then adding:to every subsequent step. This ensures that all deployment steps are truly skipped when
DO_DEPLOY
is disabled.