Skip to content

The CI environment Deployment history cleanup

Jump to bottom
CARMLPipelinePrincipal edited this page Feb 13, 2023 · 4 revisions

This pipeline and its scripts can be used to limit the number of deployments that are listed in the Azure deployments history at any given time. This is especially useful for a scope like 'Management Group', since for that scope, Azure Resource Manager does not currently provide automatic deletion of deployments from your history as you near the 800 limit.

Without automatic deletion, if the scope you are deploying to is already at the 800 limit, your next deployment fails with an error. The corresponding error message would look similar to Creating the deployment '<deploymentName>' would exceed the quota of '800'. The current deployment count is '804'. Please delete some deployments before creating a new one, or see https://aka.ms/800LimitFix for information on managing deployment limits.

The platform pipeline platform.deployment.history.cleanup.yml has an automatic schedule that runs every night, but can also be triggered on-demand.

By default, the pipeline will cleanup both the Subscription, as well as Management Group scope using the used script's default configuration. In addition, you can specify a pipeline variable maxDeploymentRetentionInDays to define beyond which time frame deployments should always be deleted. Within the timeframe, only non-failed and non-running deployments are considered.

NOTE
In order for the pipeline to remove both Management-Group-Level as well as Subscription-Level deployments the used service principal needs the permissions either scope. If you use CARML to test deployments on any of these scopes your principal will already have the required permissions.
In case the principal does not have the required permissions you can either:

  • Not register the platform.deployment.history.cleanup.yml pipeline OR
  • Adjust the pipeline's default behavior to not remove deployments on the scope you'd like to preserve (i.e., change default: true to default: false)

Navigation

Location

You can find the used scripts under

How it works

Both scripts work in the same way:

  1. The script fetches all current deployments at a given scope from Azure (i.e., Management-Group-scope or Subscription-scope).
    • For example, it may find
      • 120 successful deployments
      • 10 failed deployments that are 3 weeks old
      • 10 failed deployments that are 1 week old
      • 10 running deployments
  2. By default, it then filters them down to non-running & non-failing deployments (can be modified). It only considers failed deployments for deletion if they are older than a provided time limit.
    • Following the example, and with a maxDeploymentRetentionInDays of 14 days (2 weeks), the following deployments are targeted for deletion from the deployment history:
      • 120 successful deployments
      • 10 failed deployments that are 3 weeks old
  3. Lastly, it removes all matching deployments in chunks of 100 deployments each.
    • In the context of the example, this means the procedure deletes the deployments in 2 chunks, first removing 100, and then 30 deployments.

How to use it

For details on how to use the functions, please refer to the scripts local documentation.

Note: Each script must be loaded ('dot-sourced') before the function can be invoked.

This wiki is being actively developed If you discover any documentation bugs or would like to request new content, please raise them as an issue.

Contributions to this wiki are done through the main repo under docs/wiki.

Wiki content

Clone this wiki locally