name: Terraform Destroy run-name: ${{ gitea.actor }} requested Terraform destroy on: workflow_dispatch: inputs: confirm: description: "Type NUKE to confirm destroy" required: true type: string target: description: "Destroy scope" required: true default: all type: choice options: - all - alpacas - llamas concurrency: group: terraform-global cancel-in-progress: false jobs: destroy: name: "Terraform Destroy" runs-on: ubuntu-latest steps: - name: Validate confirmation phrase run: | if [ "${{ inputs.confirm }}" != "NUKE" ]; then echo "Confirmation failed. You must type NUKE." exit 1 fi - name: Checkout repository uses: actions/checkout@v4 - name: Create Terraform secret files working-directory: terraform run: | cat > secrets.auto.tfvars << EOF pm_api_token_secret = "${{ secrets.PM_API_TOKEN_SECRET }}" EOF cat > backend.hcl << EOF bucket = "${{ secrets.B2_TF_BUCKET }}" key = "terraform.tfstate" region = "us-east-005" endpoints = { s3 = "${{ secrets.B2_TF_ENDPOINT }}" } access_key = "$(printf '%s' "${{ secrets.B2_KEY_ID }}" | tr -d '\r\n')" secret_key = "$(printf '%s' "${{ secrets.B2_APPLICATION_KEY }}" | tr -d '\r\n')" skip_credentials_validation = true skip_metadata_api_check = true skip_region_validation = true skip_requesting_account_id = true use_path_style = true EOF - name: Set up Terraform uses: hashicorp/setup-terraform@v2 with: terraform_version: 1.6.6 - name: Terraform Init working-directory: terraform run: terraform init -reconfigure -backend-config=backend.hcl - name: Terraform Destroy Plan working-directory: terraform run: | case "${{ inputs.target }}" in all) terraform plan -destroy -out=tfdestroy ;; alpacas) terraform plan -destroy -target=proxmox_vm_qemu.alpacas -out=tfdestroy ;; llamas) terraform plan -destroy -target=proxmox_vm_qemu.llamas -out=tfdestroy ;; *) echo "Invalid destroy target: ${{ inputs.target }}" exit 1 ;; esac - name: Terraform Destroy Apply working-directory: terraform run: terraform apply -auto-approve tfdestroy