Vintner
Job Execution

Destroy Jobs

How Tendril executes DESTROY jobs — terraform destroy with state cleanup.

Destroy Jobs

DESTROY jobs tear down all infrastructure provisioned by a vine.

Execution Flow

Assume cloud credentials

Same as other job types.

terraform init

Initializes with the S3 backend to download the existing state file.

terraform destroy

terraform destroy -auto-approve

Removes all resources tracked in the Terraform state. No confirmation prompt — the user already confirmed via the UI or CLI.

State cleanup

The state file in Supabase S3 is left in place (empty or minimal) for audit purposes.

Report results

Job status → SUCCESS. Vine status is set to DESTROYED.

Partial Destroy Recovery

If the destroy fails mid-way (e.g., resource dependency, timeout):

  1. Terraform state reflects which resources were already destroyed
  2. The job is marked FAILED with the error message
  3. User retries — the next destroy only attempts the remaining resources
  4. This continues until all resources are removed

What Gets Destroyed

Everything provisioned by the vine:

  • VPC/VNet and all networking resources (subnets, NAT gateways, security groups)
  • Kubernetes cluster (EKS/GKE/AKS) and node groups
  • Databases (Aurora/Cloud SQL/Azure Database instances)
  • Caches (ElastiCache/Memorystore/Azure Cache)
  • NoSQL tables, queues, topics
  • Container registries
  • Secrets
  • DNS records and certificates
  • WAF rules
  • IAM roles (IRSA)

Destroy is permanent for stateful resources. Database data, cache contents, and secret values are lost. Terraform state is preserved so re-apply is possible, but the data is gone.

Deploy Jobs

How Tendril executes DEPLOY jobs — terraform apply, kubeconfig, and ArgoCD installation.

Worker & Utility Jobs

DEPLOY_WORKER, UPDATE_WORKER, DESTROY_WORKER, and CONNECTION_TEST jobs.

On this page

Destroy JobsExecution FlowAssume cloud credentialsterraform initterraform destroyState cleanupReport resultsPartial Destroy RecoveryWhat Gets Destroyed