UAT — Close Preview Environments #264
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: UAT — Close Preview Environments | |
| on: | |
| # Always runs when a PR targeting main is closed, regardless of which files changed. | |
| # Intentionally has no paths-ignore — environment cleanup must happen unconditionally. | |
| pull_request: | |
| branches: [main] | |
| types: [closed] | |
| # Weekly sweep: deletes any environments that slipped through (e.g. the PR close | |
| # workflow failed, or the UAT deploy was skipped due to paths-ignore). | |
| schedule: | |
| - cron: '0 3 * * 0' # 03:00 UTC every Sunday | |
| # Manual trigger for on-demand cleanup (e.g. when the staging-environment limit is hit). | |
| workflow_dispatch: | |
| jobs: | |
| # ── Delete the environment for the PR that just closed ─────────────────────── | |
| close_pr_staging: | |
| name: Close UAT for PR ${{ github.event.pull_request.number }} | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'pull_request' | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Azure Login | |
| uses: azure/login@v3 | |
| with: | |
| client-id: ${{ secrets.UAT_CLEANUP_CLIENT_ID }} | |
| tenant-id: ${{ secrets.UAT_CLEANUP_TENANT_ID }} | |
| subscription-id: ${{ secrets.UAT_CLEANUP_SUBSCRIPTION_ID }} | |
| - name: Delete staging environment | |
| run: | | |
| az staticwebapp environment delete \ | |
| --name pkmds-blazor-uat \ | |
| --resource-group PKMDS-Blazor \ | |
| --environment-name ${{ github.event.pull_request.number }} \ | |
| --yes | |
| continue-on-error: true # no-op if the UAT deploy was skipped for this PR | |
| # ── Sweep: delete any environments not belonging to an open PR ─────────────── | |
| sweep_stale: | |
| name: Delete stale staging environments | |
| runs-on: ubuntu-latest | |
| if: github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' | |
| permissions: | |
| id-token: write | |
| contents: read | |
| steps: | |
| - name: Azure Login | |
| uses: azure/login@v3 | |
| with: | |
| client-id: ${{ secrets.UAT_CLEANUP_CLIENT_ID }} | |
| tenant-id: ${{ secrets.UAT_CLEANUP_TENANT_ID }} | |
| subscription-id: ${{ secrets.UAT_CLEANUP_SUBSCRIPTION_ID }} | |
| - name: Delete stale environments | |
| env: | |
| GH_TOKEN: ${{ secrets.GITHUB_TOKEN }} | |
| run: | | |
| # Get the PR numbers of all currently open PRs targeting main. | |
| open_prs=$(gh pr list --repo "$GITHUB_REPOSITORY" --state open --base main --json number --jq '.[].number' | tr '\n' ' ') | |
| echo "Open PRs: ${open_prs:-none}" | |
| # List all staging environments (everything except 'default'). | |
| environments=$(az staticwebapp environment list \ | |
| --name pkmds-blazor-uat \ | |
| --resource-group PKMDS-Blazor \ | |
| --query "[?name!='default'].name" \ | |
| --output tsv) | |
| if [ -z "$environments" ]; then | |
| echo "No staging environments found." | |
| exit 0 | |
| fi | |
| for env in $environments; do | |
| if echo "$open_prs" | grep -qw "$env"; then | |
| echo "Keeping environment $env — PR #$env is still open." | |
| else | |
| echo "Deleting stale environment: $env" | |
| az staticwebapp environment delete \ | |
| --name pkmds-blazor-uat \ | |
| --resource-group PKMDS-Blazor \ | |
| --environment-name "$env" \ | |
| --yes | |
| fi | |
| done |