Normally Digger workflow is not supposed to be triggered manually. It is triggered ether by the orchestrator backend, or directly by an event from GitHub (in the âbackendlessâ mode with no-backend: true option set). The Destroy operation is a special case, by design: the only way to run terraform destroy in Digger is by triggering a workflow manually. This way unwanted destroys are guaranteed to never happen.
You can create a dedicated workflow accepting project name and action:
on:
workflow_dispatch:
inputs:
project:
description: 'Digger project to perform destroy on'
required: true
jobs:
destroy:
runs-on: ubuntu-latest
steps:
- name: digger destroy
uses: diggerhq/digger@vLatest
with:
mode: manual
command: "digger destroy"
project: "${{ inputs.project }}"
setup-aws: true
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-east-2
env:
GITHUB_CONTEXT: ${{ toJson(github) }}
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
Note the arguments âmode: manualâ and âcommand: digger destroyâ above are
different from the default workflow
