Skip to content

Commit 91665a2

Browse files
Vemarthula-MicrosoftVemarthula-Microsoft
committed
fixing of deploy cleanup failure
1 parent fe0119b commit 91665a2

File tree

1 file changed

+38
-65
lines changed

1 file changed

+38
-65
lines changed

.github/workflows/deploy.yml

Lines changed: 38 additions & 65 deletions
Original file line numberDiff line numberDiff line change
@@ -21,6 +21,7 @@ jobs:
2121
outputs:
2222
RESOURCE_GROUP_NAME: ${{ steps.check_create_rg.outputs.RESOURCE_GROUP_NAME }}
2323
WEBAPP_URL: ${{ steps.get_output.outputs.WEBAPP_URL }}
24+
SELECTED_AI_REGION: ${{ steps.deploy.outputs.selected_ai_region || env.VALID_REGION }}
2425
steps:
2526
- name: Checkout Code
2627
uses: actions/checkout@v3
@@ -126,9 +127,9 @@ jobs:
126127
IMAGE_TAG="latest"
127128
fi
128129
129-
# Prefer quota-selected region if available
130130
EFFECTIVE_AI_REGION="${VALID_REGION:-eastus}"
131131
echo "Using AI Deployments Region: $EFFECTIVE_AI_REGION"
132+
echo "selected_ai_region=$EFFECTIVE_AI_REGION" >> $GITHUB_OUTPUT
132133
133134
az deployment group create \
134135
--name ${{ env.SOLUTION_PREFIX }}-deployment \
@@ -181,6 +182,7 @@ jobs:
181182
runs-on: ubuntu-latest
182183
env:
183184
RESOURCE_GROUP_NAME: ${{ needs.deploy.outputs.RESOURCE_GROUP_NAME }}
185+
AI_REGION: ${{ needs.deploy.outputs.SELECTED_AI_REGION }}
184186
steps:
185187
- name: Setup Azure CLI
186188
run: |
@@ -195,31 +197,22 @@ jobs:
195197
if: always()
196198
id: get_azure_resources
197199
run: |
198-
199200
set -e
200201
echo "Fetching Log Analytics workspace from resource group ${{ env.RESOURCE_GROUP_NAME }}..."
201-
202-
# Run the az monitor log-analytics workspace list command to get the workspace name
203-
log_analytics_workspace_name=$(az monitor.log-analytics.workspace list --resource-group ${{ env.RESOURCE_GROUP_NAME }} --query "[0].name" -o tsv)
204-
205-
if [ -z "$log_analytics_workspace_name" ]; then
206-
echo "No Log Analytics workspace found in resource group ${{ env.RESOURCE_GROUP_NAME }}."
207-
else
202+
log_analytics_workspace_name=$(az monitor log-analytics workspace list --resource-group ${{ env.RESOURCE_GROUP_NAME }} --query "[0].name" -o tsv || true)
203+
if [ -n "$log_analytics_workspace_name" ]; then
208204
echo "LOG_ANALYTICS_WORKSPACE_NAME=${log_analytics_workspace_name}" >> $GITHUB_ENV
209-
echo "Log Analytics workspace name: ${log_analytics_workspace_name}"
205+
echo "Log Analytics workspace name: ${log_analytics_workspace_name}"
206+
else
207+
echo "No Log Analytics workspace found."
210208
fi
211-
212209
echo "Fetching OpenAI resource from resource group ${{ env.RESOURCE_GROUP_NAME }}..."
213-
214-
# Run the az resource list command to get the OpenAI resource name
215-
openai_resource_name=$(az resource list --resource-group ${{ env.RESOURCE_GROUP_NAME }} --resource-type "Microsoft.CognitiveServices/accounts" --query "[0].name" -o tsv)
216-
217-
if [ -z "$openai_resource_name" ]; then
218-
echo "No OpenAI resource found in resource group ${{ env.RESOURCE_GROUP_NAME }}."
219-
exit 1
220-
else
210+
openai_resource_name=$(az resource list --resource-group ${{ env.RESOURCE_GROUP_NAME }} --resource-type "Microsoft.CognitiveServices/accounts" --query "[0].name" -o tsv || true)
211+
if [ -n "$openai_resource_name" ]; then
221212
echo "OPENAI_RESOURCE_NAME=${openai_resource_name}" >> $GITHUB_ENV
222-
echo "OpenAI resource name: ${openai_resource_name}"
213+
echo "OpenAI resource name: ${openai_resource_name}"
214+
else
215+
echo "No OpenAI resource found."
223216
fi
224217
225218
- name: List KeyVaults and Store in Array
@@ -256,22 +249,10 @@ jobs:
256249
echo "KEYVAULTS=$keyvault_array" >> $GITHUB_ENV
257250
fi
258251
259-
- name: Delete Bicep Deployment
252+
- name: Delete Bicep Deployment (defer RG deletion to end)
260253
if: always()
261254
run: |
262-
set -e
263-
echo "Checking if resource group exists..."
264-
rg_exists=$(az group exists --name ${{ env.RESOURCE_GROUP_NAME }})
265-
if [ "$rg_exists" = "true" ]; then
266-
echo "Resource group exist. Cleaning..."
267-
az group delete \
268-
--name ${{ env.RESOURCE_GROUP_NAME }} \
269-
--yes \
270-
--no-wait
271-
echo "Resource group deleted... ${{ env.RESOURCE_GROUP_NAME }}"
272-
else
273-
echo "Resource group does not exists."
274-
fi
255+
echo "Skipping early RG deletion to allow purges to run first."
275256
276257
- name: Purge log analytics workspace
277258
if: always()
@@ -353,48 +334,28 @@ jobs:
353334
- name: Purging the Resources
354335
if: always()
355336
run: |
356-
357337
set -e
358-
359338
echo "Azure OpenAI: ${{ env.OPENAI_RESOURCE_NAME }}"
360-
361-
# Purge OpenAI Resource
362-
echo "Purging the OpenAI Resource..."
363-
if ! az resource delete --ids /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/providers/Microsoft.CognitiveServices/locations/${{ env.VALID_REGION || 'eastus' }}/resourceGroups/${{ env.RESOURCE_GROUP_NAME }}/deletedAccounts/${{ env.OPENAI_RESOURCE_NAME }} --verbose; then
364-
echo "Failed to purge openai resource: ${{ env.OPENAI_RESOURCE_NAME }}"
365-
else
366-
echo "Purged the openai resource: ${{ env.OPENAI_RESOURCE_NAME }}"
339+
if [ -n "${{ env.OPENAI_RESOURCE_NAME }}" ]; then
340+
echo "Purging the OpenAI Resource (soft-delete) in region ${{ env.AI_REGION }}..."
341+
az resource delete --ids /subscriptions/${{ secrets.AZURE_SUBSCRIPTION_ID }}/providers/Microsoft.CognitiveServices/locations/${{ env.AI_REGION || 'eastus' }}/resourceGroups/${{ env.RESOURCE_GROUP_NAME }}/deletedAccounts/${{ env.OPENAI_RESOURCE_NAME }} --verbose || echo "OpenAI purge skipped or failed."
367342
fi
368-
369-
# List of keyvaults
370343
KEYVAULTS="${{ env.KEYVAULTS }}"
371-
372-
# Remove the surrounding square brackets, if they exist
373344
stripped_keyvaults=$(echo "$KEYVAULTS" | sed 's/\[\|\]//g')
374-
375-
# Convert the comma-separated string into an array
376345
IFS=',' read -r -a keyvault_array <<< "$stripped_keyvaults"
377-
378-
echo "Using KeyVaults Array..."
379346
for keyvault_name in "${keyvault_array[@]}"; do
380-
echo "Processing KeyVault: $keyvault_name"
381-
# Check if the KeyVault is soft-deleted
382-
deleted_vaults=$(az keyvault list-deleted --query "[?name=='$keyvault_name']" -o json --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }})
383-
384-
# If the KeyVault is found in the soft-deleted state, purge it
347+
kv_trim=$(echo "$keyvault_name" | sed 's/\"//g' | xargs)
348+
[ -z "$kv_trim" ] && continue
349+
echo "Processing KeyVault: $kv_trim"
350+
deleted_vaults=$(az keyvault list-deleted --query "[?name=='$kv_trim']" -o json --subscription ${{ secrets.AZURE_SUBSCRIPTION_ID }} || echo '[]')
385351
if [ "$(echo "$deleted_vaults" | jq length)" -gt 0 ]; then
386-
echo "KeyVault '$keyvault_name' is soft-deleted. Proceeding to purge..."
387-
# Purge the KeyVault
388-
if az keyvault purge --name "$keyvault_name" --no-wait; then
389-
echo "Successfully purged KeyVault '$keyvault_name'."
390-
else
391-
echo "Failed to purge KeyVault '$keyvault_name'."
392-
fi
352+
echo "KeyVault '$kv_trim' soft-deleted. Purging..."
353+
az keyvault purge --name "$kv_trim" --no-wait || echo "Failed to purge KeyVault '$kv_trim'"
393354
else
394-
echo "KeyVault '$keyvault_name' is not soft-deleted. No action taken."
355+
echo "KeyVault '$kv_trim' not soft-deleted. Skipping."
395356
fi
396357
done
397-
echo "Resource purging completed successfully"
358+
echo "Resource purging completed"
398359
399360
- name: Send Notification on Failure
400361
if: failure() || needs.deploy.result == 'failure'
@@ -412,6 +373,18 @@ jobs:
412373
-H "Content-Type: application/json" \
413374
-d "$EMAIL_BODY" || echo "Failed to send notification"
414375
376+
- name: Final Resource Group Deletion
377+
if: always()
378+
run: |
379+
set -e
380+
rg_exists=$(az group exists --name ${{ env.RESOURCE_GROUP_NAME }})
381+
if [ "$rg_exists" = true ]; then
382+
echo "Deleting resource group ${{ env.RESOURCE_GROUP_NAME }}..."
383+
az group delete --name ${{ env.RESOURCE_GROUP_NAME }} --yes --no-wait || echo "RG delete command issued."
384+
else
385+
echo "Resource group already gone."
386+
fi
387+
415388
- name: Logout from Azure
416389
if: always()
417390
run: |

0 commit comments

Comments
 (0)