-
Notifications
You must be signed in to change notification settings - Fork 5
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Signed-off-by: shiva kumar <[email protected]>
- Loading branch information
Showing
2 changed files
with
196 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,79 @@ | ||
name: Daily AWS Cleanup Bot | ||
|
||
# on: | ||
# schedule: | ||
# - cron: '0 8 * * *' | ||
|
||
on: | ||
pull_request: | ||
types: | ||
- opened | ||
- synchronize | ||
branches: | ||
- awsresourcecleanup | ||
push: | ||
branches: | ||
- awsresourcecleanup | ||
|
||
jobs: | ||
cleanup: | ||
runs-on: linux-amd64-cpu4 | ||
|
||
steps: | ||
- name: Checkout repository | ||
uses: actions/checkout@v4 | ||
|
||
- name: Set up AWS CLI | ||
uses: aws-actions/configure-aws-credentials@v4 | ||
with: | ||
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | ||
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | ||
aws-region: us-west-1 | ||
|
||
- name: Identify resources running longer than 4 hours | ||
id: identify-resources | ||
run: | | ||
# Find EC2 instances with names ci* running longer than 4 hours | ||
running_instances=$(aws ec2 describe-instances \ | ||
--filters Name=instance-state-name,Values=running Name=tag:Name,Values=ci* \ | ||
--query "Reservations[*].Instances[?LaunchTime<=\`$(date -u -d '4 hours ago' +%Y-%m-%dT%H:%M:%SZ)\`].InstanceId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
echo "Found instances: $running_instances" | ||
echo "instances=$running_instances" >> $GITHUB_ENV | ||
# Find vpcs with names ci* | ||
vpcs=$(aws ec2 describe-vpcs \ | ||
--filters "Name=tag:Name,Values=ci*" \ | ||
--query "Vpcs[].VpcId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
echo "Found VPCs: $vpcs" | ||
echo "vpcs=$vpcs" >> $GITHUB_ENV | ||
- name: Terminate EC2 Instances | ||
if: env.instances != '' | ||
run: | | ||
for instance in $instances; do | ||
echo "Terminating instance: $instance" | ||
aws ec2 terminate-instances --instance-ids "$instance" | ||
done | ||
- name: Clean up VPCs | ||
if: env.vpcs != '' | ||
run: | | ||
for vpc in $vpcs; do | ||
# Check for EC2 instances attached to VPC | ||
instances_in_vpc=$(aws ec2 describe-instances \ | ||
--filters "Name=vpc-id,Values=$vpc" \ | ||
--query "Reservations[*].Instances[*].InstanceId" \ | ||
--output text) | ||
# if no instance attached delete it | ||
if [ -z "$instances_in_vpc" ]; then | ||
scripts/awsvpcscleanup.sh $vpc | ||
else | ||
echo "EC2 instances are still attached to VPC: $vpc. Skipping deletion." | ||
fi | ||
done | ||
- name: Post cleanup | ||
run: | | ||
echo "Cleanup completed." |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,117 @@ | ||
#!/bin/bash | ||
|
||
if [[ $# -ne 1 ]]; then | ||
echo " vpcid required for deletion" | ||
exit 1 | ||
fi | ||
export vpc=$1 | ||
|
||
echo "Start Deleting VPC: $vpc resource" | ||
|
||
# Delete Internet Gateway | ||
internet_gateways=$(aws ec2 describe-internet-gateways \ | ||
--filters Name=attachment.vpc-id,Values=$vpc \ | ||
--query "InternetGateways[].InternetGatewayId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
|
||
for igw in $internet_gateways; do | ||
aws ec2 detach-internet-gateway --internet-gateway-id "$igw" --vpc-id "$vpc" | ||
aws ec2 delete-internet-gateway --internet-gateway-id "$igw" | ||
done | ||
|
||
# Delete NAT Gateways | ||
nat_gateways=$(aws ec2 describe-nat-gateways \ | ||
--filter Name=vpc-id,Values=$vpc \ | ||
--query "NatGateways[].NatGatewayId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
for ngw in $nat_gateways; do | ||
aws ec2 delete-nat-gateway --nat-gateway-id "$ngw" | ||
done | ||
|
||
# Delete Elastic IPs | ||
eips=$(aws ec2 describe-addresses \ | ||
--filters Name=domain,Values=vpc \ | ||
--query "Addresses[].[AllocationId,Association.VpcId]" \ | ||
--output text | grep "$vpc" | awk '{print $1}' | tr -d '\r' | tr '\n' ' ') | ||
for eip in $eips; do | ||
aws ec2 release-address --allocation-id "$eip" | ||
done | ||
|
||
# Detach and Delete Security Groups | ||
security_groups=$(aws ec2 describe-security-groups \ | ||
--filters Name=vpc-id,Values=$vpc \ | ||
--query "SecurityGroups[?GroupName!='default'].GroupId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
for sg in $security_groups; do | ||
enis=$(aws ec2 describe-network-interfaces \ | ||
--filters Name=group-id,Values=$sg \ | ||
--query "NetworkInterfaces[].NetworkInterfaceId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
for eni in $enis; do | ||
aws ec2 modify-network-interface-attribute \ | ||
--network-interface-id "$eni" \ | ||
--groups "$(aws ec2 describe-security-groups \ | ||
--query 'SecurityGroups[?GroupName==`default`].GroupId' \ | ||
--output text)" | ||
done | ||
aws ec2 delete-security-group --group-id "$sg" | ||
done | ||
|
||
# Delete Route Tables , do not delete Main route table | ||
route_tables=$(aws ec2 describe-route-tables \ | ||
--filters Name=vpc-id,Values=$vpc \ | ||
--query "RouteTables[?Associations[?Main==false]].RouteTableId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
for rt in $route_tables; do | ||
associations=$(aws ec2 describe-route-tables \ | ||
--route-table-ids "$rt" \ | ||
--query "RouteTables[0].Associations[].RouteTableAssociationId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
|
||
for assoc in $associations; do | ||
aws ec2 disassociate-route-table --association-id "$assoc" | ||
done | ||
aws ec2 delete-route-table --route-table-id "$rt" | ||
done | ||
|
||
# Delete Subnets | ||
subnets=$(aws ec2 describe-subnets \ | ||
--filters Name=vpc-id,Values=$vpc \ | ||
--query "Subnets[].SubnetId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
|
||
for subnet in $subnets; do | ||
aws ec2 delete-subnet --subnet-id "$subnet" | ||
done | ||
|
||
# Delete Network Interfaces | ||
eni_ids=$(aws ec2 describe-network-interfaces \ | ||
--filters Name=vpc-id,Values=$vpc \ | ||
--query "NetworkInterfaces[].NetworkInterfaceId" \ | ||
--output text | tr -d '\r' | tr '\n' ' ') | ||
for eni in $eni_ids; do | ||
aws ec2 delete-network-interface --network-interface-id "$eni" | ||
done | ||
|
||
echo "All resource Deleted for VPC: $vpc , now delete vpc" | ||
|
||
attempts=0 | ||
# try 3 times with 5 minutes interval | ||
while [ $attempts -lt 3 ]; do | ||
echo "Attempting to delete VPC: $vpc (Attempt $((attempts+1)))" | ||
if aws ec2 delete-vpc --vpc-id $vpc; then | ||
echo "Successfully deleted VPC: $vpc" | ||
break | ||
else | ||
attempts=$((attempts + 1)) | ||
if [ $attempts -lt 3 ]; then | ||
echo "Failed to delete VPC: $vpc. Retrying in 30 seconds..." | ||
sleep 30 | ||
fi | ||
fi | ||
done | ||
|
||
if [ $attempts -eq 3 ]; then | ||
echo "Failed to delete VPC: $vpc after 3 attempts. Skipping." | ||
exit 1 | ||
fi |