56 lines
1.6 KiB
YAML
56 lines
1.6 KiB
YAML
name: Destroy Infrastructure
|
|
|
|
# Manual trigger only - for safety
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
confirm:
|
|
description: 'Type "DESTROY" to confirm'
|
|
required: true
|
|
type: string
|
|
|
|
jobs:
|
|
destroy:
|
|
name: Destroy Infrastructure
|
|
runs-on: self-hosted
|
|
if: github.event.inputs.confirm == 'DESTROY'
|
|
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@v4
|
|
|
|
- name: Setup OpenTofu
|
|
run: |
|
|
if ! command -v tofu &> /dev/null; then
|
|
curl -fsSL https://get.opentofu.org/install-opentofu.sh | bash
|
|
fi
|
|
|
|
- name: Confirm Destruction
|
|
run: |
|
|
echo "⚠️ WARNING: This will destroy all infrastructure!"
|
|
echo "Proceeding in 10 seconds..."
|
|
sleep 10
|
|
|
|
- name: Terraform Destroy
|
|
run: |
|
|
cd terraform
|
|
|
|
# Create tfvars from secrets
|
|
cat > terraform.tfvars <<EOF
|
|
proxmox_token_id = "${{ secrets.PROXMOX_TOKEN_ID }}"
|
|
proxmox_token_secret = "${{ secrets.PROXMOX_TOKEN_SECRET }}"
|
|
ssh_public_key = "${{ secrets.SSH_PUBLIC_KEY }}"
|
|
forgejo_token = "${{ secrets.FORGEJO_TOKEN }}"
|
|
forgejo_repo_url = "${{ secrets.FORGEJO_REPO_URL }}"
|
|
EOF
|
|
|
|
tofu init
|
|
tofu destroy -auto-approve
|
|
env:
|
|
PM_API_URL: https://192.168.100.10:8006/api2/json
|
|
PM_API_TOKEN_ID: ${{ secrets.PROXMOX_TOKEN_ID }}
|
|
PM_API_TOKEN_SECRET: ${{ secrets.PROXMOX_TOKEN_SECRET }}
|
|
|
|
- name: Cleanup
|
|
run: |
|
|
echo "Infrastructure destroyed successfully"
|