Add ability to destroy/cleanup/deprovision runway services
Currently we have no task in CI that will destroy/cleanup/deprovision a service in Runway.
If you remove a service from the provisioner project, this will remove the deployment project etc, but will not actually do anything with the running service or any other resources created by terraform in the deployment project.
We should
- Add a manual
on_stopjob to all deployment project pipelines that will runterraform destroy. This means we have a way of running a destroy all resources in all environments created by Runway. - Figure out how to automate running this destroy job when the provisioner deprovisions a project (before the provisioner does it's work).
Status
The target state of runway workload deprovisioning is for users to open an MR on runway provisioner, removing the entry from inventory.json. The provisioner pipeline should
- Diff against the latest inventory.json to identify workloads for de-provisioning
- Trigger a de-provisioning pipeline on the respective deployment projects
- Proceed with applying the terraform changes on the provisioner only after deployment projects have completed and their terraform states are cleared.
2 phases of work:
- Deprovisioning functionality on runwayctl: runwayctl!509 (merged)
- Provisioner to trigger and monitor deprovisioning: MR to be prepared
Separating the responsibilities allow runway users to perform de-provisioning on their own.
Closing summary
The fully-functioning destroy feature is available in runwayctl from v3.18.1.
There are 2 ways to trigger a deletion
- [power-user method] Setting
DESTROY_RUNWAY_WORKLOADCI variable on the service project - [preferred route] Delete the Runway workload entry on https://gitlab.com/gitlab-com/gl-infra/platform/runway/provisioner/-/blob/main/inventory.json
An example of a destroy workflow is in