terraform-destroy workflow github actions

Question

I was able to deploy ec2 instance with github actions workflow. any idea what i need to do to reverse or destroy the changes I deployed on aws?

Here is my terraform apply form

name: Terraform-Apply

on:
  push:
    branches:
      - main
      
jobs:
  terraform:
    name: "Terraform Apply"
    runs-on: ubuntu-latest
    env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_REGION: 'us-west-1'
      
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        
      - name: Setup Terraform                                                                      
        uses: hashicorp/setup-terraform@v1

      - name: Terraform Init
        id: init
        run: terraform init  

      - name: Terraform Plan
        id: plan
        if: github.event_name == 'push'
        run: terraform plan -no-color
        continue-on-error: true
        
      - name: Terraform Plan Status
        if: steps.plan.outcome == 'failure'
        run: exit 1
        
      - name: Terraform Apply
        if: github.ref == 'refs/heads/main' && github.event_name == 'push'
        run: terraform apply -auto-approve

Answer 1

ok The following worked

name: Terraform Destroy
on:
 workflow_dispatch:

jobs:
 tf-destroy:
   runs-on: ubuntu-latest
   env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_REGION: 'us-west-1'
   steps:
      - name: Checkout
        uses: actions/checkout@v2
        
      - name: Setup Terraform                                                                      
        uses: hashicorp/setup-terraform@v1

      - name: Terraform Init
        id: init
        run: terraform init  
        
      - name: Show Destroy plan
        run: terraform plan -destroy
        continue-on-error: true

      - name: Terraform destroy
        id: destroy
        run: terraform destroy -auto-approve

Thank you

Answer 2

Since you aren't using any Terraform workspace, you can simply create a new TF_Destroy workspace with a workflow dispatch that can help you to execute it manually. This will nuke all the infrastructure.

name: Terraform Destroy
on:
 workflow_dispatch:

jobs:
 tf-destroy:
   runs-on: ubuntu-latest
   env:
      AWS_ACCESS_KEY_ID: ${{ secrets.AWS_ACCESS_KEY_ID }}
      AWS_SECRET_ACCESS_KEY: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
      AWS_REGION: 'us-west-1'
   steps:
     - name: Terraform destroy
       id: destroy
       run: terraform destroy -auto-approved

There is no way you can recover the destroyed resources.