destroy-stack.yml

name: Destroy - Stack

run-name: "${{ inputs.stack }} | ${{ inputs.environment }} | ${{ inputs.terraform_vars }}"

on:
  workflow_dispatch:
    inputs:
      stack:
        type: choice
        description: Stack to destroy
        options:
          - degrades-dashboards
        required: true
      environment:
        description: Environment of stack to destroy
        default: dev
        required: true
      terraform_vars:
        default: dev.tfvars
        description: "Terraform vars file to use."
        required: true

permissions:
  pull-requests: write
  id-token: write
  contents: read

jobs:
  destroy_stack:
    if: inputs.environment == 'dev'
    defaults:
      run:
        working-directory: ./stacks/${{ inputs.stack }}/terraform
    runs-on: ubuntu-latest
    environment: ${{ inputs.environment }}
    steps:
      - name: Checkout Repository
        uses: actions/checkout@v6

      - name: Build Lambda Zip
        run: |
          make zip-degrades-lambdas

      - name: Configure AWS Credentials
        uses: aws-actions/configure-aws-credentials@v6
        with:
          aws-region: ${{ vars.AWS_REGION }}
          role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
          mask-aws-account-id: true

      - name: Setup Terraform
        uses: hashicorp/setup-terraform@v4
        with:
          terraform_version: "latest"

      - name: Terraform Init
        run: |
          terraform init -no-color -backend-config="key=data-pipeline/${{ inputs.stack }}/terraform.tfstate" \
          -backend-config="bucket=${{ secrets.AWS_STATE_BUCKET }}" \
          -backend-config="dynamodb_table=${{ secrets.AWS_STATE_LOCK_TABLE }}"

      - name: Setup Terraform Variables
        run: |-
          cat > pipeline.auto.tfvars <<EOF
              environment = "${{ inputs.environment }}"
          EOF

      - name: Terraform Destroy
        run: |
          terraform destroy -auto-approve -var-file="../vars/${{ inputs.terraform_vars }}"