feat: CE-518-Prevent-user-from-editing-closed-complaints #899
Workflow file for this run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: PR Closed | |
| on: | |
| pull_request: | |
| types: [closed] | |
| concurrency: | |
| # PR open and close use the same group, allowing only one at a time | |
| group: ${{ github.event.number }} | |
| cancel-in-progress: true | |
| jobs: | |
| cleanup: | |
| name: Cleanup and Images | |
| uses: bcgov/quickstart-openshift-helpers/.github/workflows/[email protected] | |
| secrets: | |
| oc_namespace: ${{ secrets.OC_NAMESPACE }} | |
| oc_token: ${{ secrets.OC_TOKEN }} | |
| with: | |
| cleanup: helm | |
| packages: backend frontend migrations | |
| cleanup-labeled: | |
| name: Cleanup Labeled Resources | |
| uses: bcgov/quickstart-openshift-helpers/.github/workflows/[email protected] | |
| secrets: | |
| oc_namespace: ${{ secrets.OC_NAMESPACE }} | |
| oc_token: ${{ secrets.OC_TOKEN }} | |
| with: | |
| cleanup: label | |
| cleanup-pvcs: | |
| name: Cleanup Project PVCs | |
| runs-on: ubuntu-22.04 | |
| environment: | |
| timeout-minutes: 2 | |
| steps: | |
| - uses: actions/checkout@v4 | |
| - run: ./.github/scripts/cleanup_pvcs.sh | |
| env: | |
| OC_NAMESPACE: ${{ secrets.OC_NAMESPACE }} | |
| OC_SERVER: ${{ vars.OC_SERVER }} | |
| OC_TOKEN: ${{ secrets.OC_TOKEN }} | |
| PR_NUMBER: ${{ github.event.number }} | |
| cleanup-crunchy: | |
| name: Cleanup Ephemeral Crunchy Data | |
| runs-on: ubuntu-24.04 | |
| timeout-minutes: 10 | |
| steps: | |
| # OC setup | |
| - uses: redhat-actions/openshift-tools-installer@v1 | |
| with: | |
| oc: "4" | |
| # OC Login | |
| - run: | | |
| # OC Login | |
| oc login --token=${{ secrets.OC_TOKEN }} --server=${{ vars.OC_SERVER }} | |
| oc project ${{ secrets.OC_NAMESPACE }} # Safeguard! | |
| - run: | | |
| # check if postgres-crunchy exists or else exit | |
| oc get PostgresCluster/postgres-crunchy-dev || exit 0 | |
| # Remove the user from the crunchy cluster yaml and apply the changes | |
| USER_TO_REMOVE='{"databases":["app-${{ github.event.number }}"],"name":"app-${{ github.event.number }}"}' | |
| echo 'getting current users from crunchy' | |
| CURRENT_USERS=$(oc get PostgresCluster/postgres-crunchy-dev -o json | jq '.spec.users') | |
| echo "${CURRENT_USERS}" | |
| # Remove the user from the list, | |
| UPDATED_USERS=$(echo "$CURRENT_USERS" | jq --argjson user "$USER_TO_REMOVE" 'map(select(. != $user))') | |
| PATCH_JSON=$(jq -n --argjson users "$UPDATED_USERS" '{"spec": {"users": $users}}') | |
| oc patch PostgresCluster/postgres-crunchy-dev --type=merge -p "$PATCH_JSON" | |
| # get primary crunchy pod and remove the role and db | |
| CRUNCHY_PG_PRIMARY_POD_NAME=$(oc get pods -l postgres-operator.crunchydata.com/role=master -o json | jq -r '.items[0].metadata.name') | |
| echo "${CRUNCHY_PG_PRIMARY_POD_NAME}" | |
| # Terminate all connections to the database before trying terminate | |
| oc exec "${CRUNCHY_PG_PRIMARY_POD_NAME}" -- psql -c "SELECT pg_terminate_backend(pg_stat_activity.pid) FROM pg_stat_activity WHERE pg_stat_activity.datname = 'app-${{ github.event.number }}' AND pid <> pg_backend_pid();" | |
| # Drop the database and role | |
| oc exec "${CRUNCHY_PG_PRIMARY_POD_NAME}" -- psql -c "DROP DATABASE \"app-${{ github.event.number }}\" --cascade" | |
| oc exec "${CRUNCHY_PG_PRIMARY_POD_NAME}" -- psql -c "DROP ROLE \"app-${{ github.event.number }}\" --cascade" | |
| echo "Database and Role for PR is cleaned." | |
| exit 0 |