blockscout-terraform/roles/destroy/tasks/main.yml

- name: Ansible delete file glob
  find:
    paths: /tmp/
    file_type: directory
    patterns: "files-{{ group_names[0] }}"
  register: files_to_delete

- name: Ansible remove file glob
  file:
    path: "{{ item.path }}"
    state: absent
  with_items: "{{ files_to_delete.files }}"

- name: Copy files
  copy:
    src: "roles/main_infra/files/"
    dest: "/tmp/files-{{ group_names[0] }}/"

- name: Local or remote backend selector (remote)
  template:
    src: roles/main_infra/templates/remote-backend-selector.tf.j2
    dest: "/tmp/files-{{ group_names[0] }}/remote-backend-selector.tf" 
  when:
    - backend|bool == true

- name: Local or remote backend selector (local)
  file:
    state: absent
    dest: "/tmp/files-{{ group_names[0] }}/" 
  when:
    - not backend | default ('false') | bool

- name: Generating variables file
  template:
    src: roles/main_infra/templates/terraform.tfvars.j2
    dest: "/tmp/files-{{ group_names[0] }}/terraform.tfvars" 

- name: Generating backend file
  template:
    src: roles/main_infra/templates/backend.tfvars.j2
    dest: "/tmp/files-{{ group_names[0] }}/backend.tfvars"
  when: backend | bool

# This is due to the TF0.11-12 bug which do not allow to completely destroy resources if interpolation syntax is used in outputs.tf at edge cases
- name: Check if outputs.tf exists
  stat: 
    path: "/tmp/files-{{ group_names[0] }}/outputs.tf"
  register: outputs_stat

- name: Temporarily remove outputs.tf file
  command: "mv /tmp/files-{{ group_names[0] }}/outputs.tf /tmp/files-{{ group_names[0] }}/outputs.tf.backup"
  when: outputs_stat.stat.exists

- name: Check if .terraform folder exists
  stat:
    path: "/tmp/files-{{ group_names[0] }}/.terraform/"
  register: stat_result

- name: Remove .terraform folder
  file:
    path: "/tmp/files-{{ group_names[0] }}/.terraform/"
    state: absent
  when: stat_result.stat.exists

- name: Terraform plan to destroy main infra
  shell: "echo yes | {{ terraform_location }} {{ item }}"
  args:
    chdir: "/tmp/files-{{ group_names[0] }}/"
  with_items:
    - "init {{ '-backend-config=backend.tfvars' if backend|bool else '' }}"
    - plan -destroy -out terraform.tfplan
    - show -no-color terraform.tfplan
  register: tf_plan

- name: Terraform show destroy plan
  debug:
    var: tf_plan.results[2].stdout_lines

- name: User prompt
  pause:
    prompt: "Are you absolutely sure you want to execute the destruction plan shown above? [False]"
  register: user_answer
  until: user_answer.user_input | lower in conditional
  retries: 10000
  delay: 1
  vars:
    conditional: ['yes','no','true','false']
  when: inventory_hostname == groups['all'][0]

- name: Terraform destroy
  shell: "{{ terraform_location }} destroy -auto-approve" 
  args:
    chdir: "/tmp/files-{{ group_names[0] }}"
  when: hostvars[groups['all'][0]].user_answer.user_input | bool

- name: Delete vars from parameter store
  include: parameter_store.yml

- name: Check if outputs.tf.backup exists
  stat: 
    path: "/tmp/files-{{ group_names[0] }}/outputs.tf.backup"
  register: outputs_backup_stat

- name: Get back outputs.tf file
  command: "mv /tmp/files-{{ group_names[0] }}/outputs.tf.backup /tmp/files-{{ group_names[0] }}/outputs.tf"
  when: outputs_backup_stat.stat.exists

- name: User prompt
  pause:
    prompt: "Do you want to delete S3 bucket with state file and DynamoDB attached to it also? [Yes/No] Default: No"
  register: user_answer
  until: user_answer.user_input | lower in conditional 
  retries: 10000
  delay: 1
  vars:
    conditional: ['yes','no','true','false']
  when: inventory_hostname == groups['all'][0]

- name: Destroy S3 bucket
  s3_bucket:
    name: "{{ prefix }}-{{ bucket }}"
    state: absent
    force: yes
    profile: "{{ profile }}"
    aws_access_key: "{{ access_key }}"
    aws_secret_key: "{{ secret_key }}"
    region: "{{ region }}"
  vars:
    access_key: "{{ aws_access_key|default(omit) }}"
    secret_key: "{{ aws_secret_key|default(omit) }}"
    profile: "{{ aws_profile|default(omit) }}"
    region: "{{ aws_region|default(omit) }}"
  when: hostvars[groups['all'][0]].user_answer.user_input | bool

- dynamodb_table:
    name: "{{ prefix }}-{{ dynamodb_table }}"
    state: absent
    profile: "{{ profile }}"
    aws_access_key: "{{ access_key }}"
    aws_secret_key: "{{ secret_key }}"
    region: "{{ region }}"
  vars:
    access_key: "{{ aws_access_key|default(omit) }}"
    secret_key: "{{ aws_secret_key|default(omit) }}"
    profile: "{{ aws_profile|default(omit) }}"
    region: "{{ aws_region|default(omit) }}"
  when: hostvars[groups['all'][0]].user_answer.user_input | bool
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`- name: Ansible delete file glob`
			`find:`
			`paths: /tmp/`
			`file_type: directory`
			`patterns: "files-{{ group_names[0] }}"`
			`register: files_to_delete`

			`- name: Ansible remove file glob`
			`file:`
			`path: "{{ item.path }}"`
			`state: absent`
			`with_items: "{{ files_to_delete.files }}"`

			`- name: Copy files`
			`copy:`
			`src: "roles/main_infra/files/"`
			`dest: "/tmp/files-{{ group_names[0] }}/"`

Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`- name: Local or remote backend selector (remote)`
			`template:`
			`src: roles/main_infra/templates/remote-backend-selector.tf.j2`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`dest: "/tmp/files-{{ group_names[0] }}/remote-backend-selector.tf"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`when:`
			`- backend\|bool == true`

			`- name: Local or remote backend selector (local)`
			`file:`
			`state: absent`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`dest: "/tmp/files-{{ group_names[0] }}/"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`when:`
Fix a number of variables 2019-06-05 06:04:33 -07:00			`- not backend \| default ('false') \| bool`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00
			`- name: Generating variables file`
			`template:`
			`src: roles/main_infra/templates/terraform.tfvars.j2`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`dest: "/tmp/files-{{ group_names[0] }}/terraform.tfvars"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00
			`- name: Generating backend file`
			`template:`
			`src: roles/main_infra/templates/backend.tfvars.j2`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`dest: "/tmp/files-{{ group_names[0] }}/backend.tfvars"`
Fix a number of variables 2019-06-05 06:04:33 -07:00			`when: backend \| bool`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`# This is due to the TF0.11-12 bug which do not allow to completely destroy resources if interpolation syntax is used in outputs.tf at edge cases`
Fix destroy resources 2019-02-26 06:33:46 -08:00			`- name: Check if outputs.tf exists`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`stat:`
			`path: "/tmp/files-{{ group_names[0] }}/outputs.tf"`
Fix destroy resources 2019-02-26 06:33:46 -08:00			`register: outputs_stat`

			`- name: Temporarily remove outputs.tf file`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`command: "mv /tmp/files-{{ group_names[0] }}/outputs.tf /tmp/files-{{ group_names[0] }}/outputs.tf.backup"`
Fix destroy resources 2019-02-26 06:33:46 -08:00			`when: outputs_stat.stat.exists`

Fix bug with TF state clearance 2019-05-01 12:30:49 -07:00			`- name: Check if .terraform folder exists`
			`stat:`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`path: "/tmp/files-{{ group_names[0] }}/.terraform/"`
Fix bug with TF state clearance 2019-05-01 12:30:49 -07:00			`register: stat_result`

			`- name: Remove .terraform folder`
			`file:`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`path: "/tmp/files-{{ group_names[0] }}/.terraform/"`
Fix bug with TF state clearance 2019-05-01 12:30:49 -07:00			`state: absent`
Fix a number of variables 2019-06-05 06:04:33 -07:00			`when: stat_result.stat.exists`
Fix bug with TF state clearance 2019-05-01 12:30:49 -07:00
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`- name: Terraform plan to destroy main infra`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`shell: "echo yes \| {{ terraform_location }} {{ item }}"`
			`args:`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`chdir: "/tmp/files-{{ group_names[0] }}/"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`with_items:`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`- "init {{ '-backend-config=backend.tfvars' if backend\|bool else '' }}"`
			`- plan -destroy -out terraform.tfplan`
			`- show -no-color terraform.tfplan`
			`register: tf_plan`

			`- name: Terraform show destroy plan`
			`debug:`
			`var: tf_plan.results[2].stdout_lines`

			`- name: User prompt`
			`pause:`
			`prompt: "Are you absolutely sure you want to execute the destruction plan shown above? [False]"`
			`register: user_answer`
			`until: user_answer.user_input \| lower in conditional`
			`retries: 10000`
			`delay: 1`
			`vars:`
			`conditional: ['yes','no','true','false']`
			`when: inventory_hostname == groups['all'][0]`

			`- name: Terraform destroy`
			`shell: "{{ terraform_location }} destroy -auto-approve"`
			`args:`
			`chdir: "/tmp/files-{{ group_names[0] }}"`
			`when: hostvars[groups['all'][0]].user_answer.user_input \| bool`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00
Several user improvements 2019-04-23 17:02:33 -07:00			`- name: Delete vars from parameter store`
			`include: parameter_store.yml`

Fix destroy resources 2019-02-26 06:33:46 -08:00			`- name: Check if outputs.tf.backup exists`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`stat:`
			`path: "/tmp/files-{{ group_names[0] }}/outputs.tf.backup"`
Fix destroy resources 2019-02-26 06:33:46 -08:00			`register: outputs_backup_stat`

			`- name: Get back outputs.tf file`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`command: "mv /tmp/files-{{ group_names[0] }}/outputs.tf.backup /tmp/files-{{ group_names[0] }}/outputs.tf"`
Fix destroy resources 2019-02-26 06:33:46 -08:00			`when: outputs_backup_stat.stat.exists`

Added possibility to attach existing RDS instance; added more prompts for users before executing dangerous actions 2019-02-26 09:04:47 -08:00			`- name: User prompt`
			`pause:`
			`prompt: "Do you want to delete S3 bucket with state file and DynamoDB attached to it also? [Yes/No] Default: No"`
			`register: user_answer`
Update destroy role, fix bugs 2019-07-04 05:08:36 -07:00			`until: user_answer.user_input \| lower in conditional`
Fix a number of variables 2019-06-05 06:04:33 -07:00			`retries: 10000`
			`delay: 1`
			`vars:`
			`conditional: ['yes','no','true','false']`
			`when: inventory_hostname == groups['all'][0]`
Added possibility to attach existing RDS instance; added more prompts for users before executing dangerous actions 2019-02-26 09:04:47 -08:00
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`- name: Destroy S3 bucket`
			`s3_bucket:`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`name: "{{ prefix }}-{{ bucket }}"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`state: absent`
fixes after beta testing 2019-02-23 16:16:07 -08:00			`force: yes`
Several user improvements 2019-04-23 17:02:33 -07:00			`profile: "{{ profile }}"`
			`aws_access_key: "{{ access_key }}"`
			`aws_secret_key: "{{ secret_key }}"`
			`region: "{{ region }}"`
			`vars:`
			`access_key: "{{ aws_access_key\|default(omit) }}"`
			`secret_key: "{{ aws_secret_key\|default(omit) }}"`
			`profile: "{{ aws_profile\|default(omit) }}"`
			`region: "{{ aws_region\|default(omit) }}"`
Fix a number of variables 2019-06-05 06:04:33 -07:00			`when: hostvars[groups['all'][0]].user_answer.user_input \| bool`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00
			`- dynamodb_table:`
Fixes bugs, also added removal for insecure variables before uploading config to S3 2019-02-27 04:23:26 -08:00			`name: "{{ prefix }}-{{ dynamodb_table }}"`
Code refactor: added ansible as the deployment hypervisor 2019-02-23 09:23:41 -08:00			`state: absent`
Several user improvements 2019-04-23 17:02:33 -07:00			`profile: "{{ profile }}"`
			`aws_access_key: "{{ access_key }}"`
			`aws_secret_key: "{{ secret_key }}"`
			`region: "{{ region }}"`
			`vars:`
			`access_key: "{{ aws_access_key\|default(omit) }}"`
			`secret_key: "{{ aws_secret_key\|default(omit) }}"`
			`profile: "{{ aws_profile\|default(omit) }}"`
			`region: "{{ aws_region\|default(omit) }}"`
Fix a number of variables 2019-06-05 06:04:33 -07:00			`when: hostvars[groups['all'][0]].user_answer.user_input \| bool`