Add steps to cleanup service provider setup

service-provider-setup/README.md

@@ -112,3 +112,82 @@ After the playbook finishes executing, the following services will be deployed (
 - laconic console: <http://lcn-console.laconic.com:8080/registry>
 - webapp deployer API: <https://webapp-deployer-api.pwa.laconic.com>
 - webapp deployer UI: <https://webapp-deployer-ui.pwa.laconic.com>
+
+## Cleanup
+
+Follow the steps given below to stop the webapp-deployer, container-registry, fixturenet-laconicd and laconic-console-deployment, undeploy k8s, remove GPG keys and DNS records
+- Stop deployments
+
+  ```
+  $ laconic-so deployment --dir webapp-ui stop
+  $ laconic-so deployment --dir webapp-deployer
+  $ laconic-so deployment --dir container-registry stop
+  $ laconic-so deployment --dir laconic-console-deployment  stop --delete-volumes
+  $ laconic-so deployment --dir fixturenet-laconicd-deployment  stop --delete-volumes
+  ```
+
+- Remove deployment directories
+  ```
+  sudo rm -rf webapp-ui
+  sudo rm -rf webapp-deployer
+  sudo rm -rf container-registry
+  sudo rm -rf laconic-console-deployment
+  sudo rm -rf fixturenet-laconicd-deployment
+  ```
+
+- Remove spec files
+
+  ```
+  rm webapp-deployer.spec
+  rm container-registry.spec
+  rm laconic-console-spec.yml
+  rm fixturenet-laconicd-spec.yml
+  ```
+
+- Undeploy the k8s
+
+  ```
+  $ cd service-provider-template
+  $ export VAULT_KEY=<gpg_passphrase>
+  $ bash .vault/vault-rekey.sh
+  $ ansible-playbook -i hosts site.yml --tags=k8s --limit=<org_id>_<location_id> --user <user> --extra-vars 'k8s_action=destroy'
+  ```
+
+- Remove service-provider-template repo
+  ```
+  $ rm -rf service-provider-template
+  ```
+
+- Remove any existing GPG keys
+  ```
+  $ rm -rf gpg-keys/
+  $ gpg --list-secret-keys --keyid-format=long
+  /home/dev/.gnupg/pubring.kbx
+  ----------------------------
+  sec   rsa4096/DA9E3D638930A699 2024-10-15 [SCEA]
+        69A3200727091E72B773BBEBDA9E3D638930A699
+  uid                 [ultimate] deepstack <support@deepstacksoft.com>
+  ssb   rsa3072/2B5D80CF44753EFD 2024-10-15 [SEA]
+
+  sec   rsa3072/2449A62C838440AB 2024-10-15 [SC]
+        646A42164F978DC1415C11F12449A62C838440AB
+  uid                 [ultimate] webapp-deployer-api.deepstack.com
+  ssb   rsa3072/67576558A2F2FE91 2024-10-15 [E]
+
+  $ gpg --delete-secret-key 69A3200727091E72B773BBEBDA9E3D638930A699
+  $ gpg --delete-key 69A3200727091E72B773BBEBDA9E3D638930A699
+  $ gpg --delete-secret-key 646A42164F978DC1415C11F12449A62C838440AB
+  $ gpg --delete-key 646A42164F978DC1415C11F12449A62C838440AB
+  ```
+- Remove the user if required
+
+  ```bash
+  $ userdel <user>
+
+  # If required, kill process that is using the user
+  # userdel: user <user> is currently used by process 1639
+  # $ kill -9 1639
+  ```
+
+- Remove DNS records using DigitalOcean's API:
+  - <https://docs.digitalocean.com/reference/api/api-try-it-now/#/Domain%20Records/domains_delete_record>

service-provider-setup/setup-k8s.yml

@@ -66,6 +66,7 @@
       command: gpg-agent --daemon
       ignore_errors: yes
 
+    # Cache GPG passphrase by signing a dummy string to avoid passphrase prompts in later steps
     - name: Sign a dummy string using gpg-key
       shell: echo "This is a dummy string." | gpg --batch --yes --local-user "{{ gpg_key_id }}" --passphrase "{{ vault_passphrase }}" --pinentry-mode loopback --sign -