From 02821d1ca051d6f2f1b9f7bf3d308a3a9b4b1059 Mon Sep 17 00:00:00 2001
From: Zachary Susswein <utb2@cdc.gov>
Date: Mon, 16 Dec 2024 21:01:12 +0000
Subject: [PATCH] Workflow to close PR pool on close

This workflow _should_ clean up the associated Batch pool when closing
the PR.

It doesn't clean up the associated tagged image in ACR (that's harder)
or jobs that were run on the pool. It would be nice to auto-delete any
linked jobs, but it seems tricker than I'd want? I'll plan to revisit
that when moving this into a dedicated action outside this repo.

Closes #62
---
 .../workflows/delete-pool-on-pr-close.yaml    | 63 +++++++++++++++++++
 1 file changed, 63 insertions(+)
 create mode 100644 .github/workflows/delete-pool-on-pr-close.yaml

diff --git a/.github/workflows/delete-pool-on-pr-close.yaml b/.github/workflows/delete-pool-on-pr-close.yaml
new file mode 100644
index 0000000..feefcac
--- /dev/null
+++ b/.github/workflows/delete-pool-on-pr-close.yaml
@@ -0,0 +1,63 @@
+name: Tear down Batch pool
+
+on:
+  pull_request:
+    types:
+      - closed
+    branches:
+      - main
+  workflow_dispatch:
+
+jobs:
+
+  delete-pool:
+    runs_on: cdc-cdcgov
+    name: Delete Batch pool
+
+  steps:
+    - name: Checkout code
+      uses: actions/checkout@v4
+      with:
+        ref: ${{ github.event.pull_request.head.sha }}
+
+    - name: Get commit message
+      id: commit-message
+      run: echo "message=$(git log -1 --pretty=%s HEAD)" >> $GITHUB_OUTPUT
+
+      # From: https://stackoverflow.com/a/58035262/2097171
+    - name: Extract branch name
+      shell: bash
+      run: echo "branch=${GITHUB_HEAD_REF:-${GITHUB_REF#refs/heads/}}" >> $GITHUB_OUTPUT
+      id: branch-name
+
+    - name: Figure out tag (either latest if it is main or the branch name)
+      id: image-tag
+      run: |
+        if [ "${{ steps.branch-name.outputs.branch }}" = "main" ]; then
+          echo "tag=latest" >> $GITHUB_OUTPUT
+        else
+          echo "tag=${{ steps.branch-name.outputs.branch }}" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Install az CLI
+      run: |
+        apt-get update && apt-get install -y --no-install-recommends azure-cli
+
+    - name: Login to Azure with NNH Service Principal
+      id: azure_login_2
+      uses: azure/login@v2
+      with:
+      # managed by EDAV. Contact Amit Mantri or Jon Kislin if you have issues.
+        creds: ${{ secrets.EDAV_CFA_PREDICT_NNHT_SP }}
+
+    - name: Delete pool
+      id: delete_pool
+      run: |
+
+        az batch account login \
+          --resource-group {{ secrets.PRD_RESOURCE_GROUP }} \
+          -- name "{{ env.BATCH_ACCOUNT }}"
+
+        az batch pool delete \
+            --pool-id "cfa-epinow2-${{ steps.image-tag.outputs.tag }}" \
+            --yes