|
| 1 | +name: Cleanup Azure self hosted runners |
| 2 | +run-name: Cleanup Azure self hosted runners |
| 3 | + |
| 4 | +on: |
| 5 | + schedule: |
| 6 | + # Run every 6 hours |
| 7 | + - cron: "0 */6 * * *" |
| 8 | + workflow_dispatch: |
| 9 | + |
| 10 | +# The following secrets are required for this workflow to run: |
| 11 | +# AZURE_CREDENTIALS - Credentials for the Azure CLI. It's recommended to set up a resource |
| 12 | +# group specifically for self-hosted Actions Runners. |
| 13 | +# az ad sp create-for-rbac --name "{YOUR_DESCRIPTIVE_NAME_HERE}" --role contributor \ |
| 14 | +# --scopes /subscriptions/{SUBSCRIPTION_ID_HERE}/resourceGroups/{RESOURCE_GROUP_HERE} \ |
| 15 | +# --sdk-auth |
| 16 | +# AZURE_RESOURCE_GROUP - Resource group to create the runner(s) in |
| 17 | +jobs: |
| 18 | + delete-runner: |
| 19 | + runs-on: ubuntu-latest |
| 20 | + steps: |
| 21 | + - uses: actions/checkout@v4 |
| 22 | + - name: Azure Login |
| 23 | + uses: azure/login@v2 |
| 24 | + with: |
| 25 | + creds: ${{ secrets.AZURE_CREDENTIALS }} |
| 26 | + - name: Discover VMs to delete |
| 27 | + uses: azure/CLI@v2 |
| 28 | + env: |
| 29 | + GH_APP_ID: ${{ secrets.GH_APP_ID }} |
| 30 | + GH_APP_PRIVATE_KEY: ${{ secrets.GH_APP_PRIVATE_KEY }} |
| 31 | + with: |
| 32 | + # Stick to 2.63.0 until jq is added to 2.64.0+ https://github.com/Azure/azure-cli/issues/29830 |
| 33 | + azcliversion: 2.63.0 |
| 34 | + inlineScript: | |
| 35 | + active_vms=$(az vm list -g ${{ secrets.AZURE_RESOURCE_GROUP }} | jq -c '.[] | {name,timeCreated}') |
| 36 | + current_time=$(date +%s) |
| 37 | + one_hour_ago=$(($current_time - 3600)) |
| 38 | +
|
| 39 | + if [ -z "$active_vms" ]; then |
| 40 | + echo "No active VMs found, nothing to do." |
| 41 | + exit 0 |
| 42 | + else |
| 43 | + echo "Found these active VMs:" |
| 44 | + echo $active_vms |
| 45 | + fi |
| 46 | +
|
| 47 | + for active_vm in ${active_vms[@]}; do |
| 48 | + vm_name=$(echo $active_vm | jq '.name') |
| 49 | + # Use jq to extract and format the date-time string |
| 50 | + vm_creation_time_string="$(echo $active_vm | |
| 51 | + jq -r '.timeCreated | sub("\\.[0-9]+[+-][0-9]+:[0-9]+$"; "") | sub("T"; " ")')" |
| 52 | + vm_creation_time=$(TZ=UTC date -d "$vm_creation_time_string" +%s) |
| 53 | +
|
| 54 | + if [ "$one_hour_ago" -lt "$vm_creation_time" ]; then |
| 55 | + echo "::notice::The VM ${vm_name} was created less then 1 hour ago and shouldn't be deleted yet. Skipping." |
| 56 | + elif test true = "$(if test ! -f .cli-authenticated; then |
| 57 | + ./gh-cli-auth-as-app.sh && |
| 58 | + >.cli-authenticated # only authenticate once |
| 59 | + fi && |
| 60 | + gh api repos/$GITHUB_REPOSITORY/actions/runners \ |
| 61 | + --jq '.runners[] | select(.name == "'$vm_name'") | .busy')"; then |
| 62 | + echo "::notice::The VM ${vm_name} is still busy." |
| 63 | + else |
| 64 | + echo "::warning::The VM ${vm_name} was created more than 3 hours ago and wasn't deleted. Let's do that now." |
| 65 | + az vm delete -n "$vm_name" -g ${{ secrets.AZURE_RESOURCE_GROUP }} --yes |
| 66 | + az network nsg delete -n "$vm_name"-nsg -g ${{ secrets.AZURE_RESOURCE_GROUP }} |
| 67 | + az network vnet delete -n "$vm_name"-vnet -g ${{ secrets.AZURE_RESOURCE_GROUP }} |
| 68 | + az network public-ip delete -n "$vm_name"-ip -g ${{ secrets.AZURE_RESOURCE_GROUP }} |
| 69 | + fi |
| 70 | + done |
0 commit comments