From 131642672ee5aa78f972bd160379a47222e56ef6 Mon Sep 17 00:00:00 2001
From: syedimranhassan <imran.hassan@arbisoft.com>
Date: Fri, 10 Jan 2025 17:40:20 +0500
Subject: [PATCH] chore: Added Jenkins job to remove retire user files from S3

---
 devops/jobs/CheckRetireUser.groovy     | 74 ++++++++++++++++++++++++++
 devops/resources/check_retire_users.sh | 29 ++++++++++
 2 files changed, 103 insertions(+)
 create mode 100644 devops/jobs/CheckRetireUser.groovy
 create mode 100644 devops/resources/check_retire_users.sh

diff --git a/devops/jobs/CheckRetireUser.groovy b/devops/jobs/CheckRetireUser.groovy
new file mode 100644
index 000000000..3dbdfad9a
--- /dev/null
+++ b/devops/jobs/CheckRetireUser.groovy
@@ -0,0 +1,74 @@
+package devops.jobs
+import static org.edx.jenkins.dsl.Constants.common_wrappers
+
+class CheckRetireUsers {
+    public static def job = { dslFactory, extraVars ->
+        assert extraVars.containsKey("DEPLOYMENTS") : "Please define DEPLOYMENTS. It should be list of strings."
+        assert extraVars.containsKey("IGNORE_LIST") : "Please define IGNORE_LIST. It should be list of strings."
+        assert !(extraVars.get("DEPLOYMENTS") instanceof String) : "Make sure DEPLOYMENTS is a list of string"
+
+        extraVars.get('DEPLOYMENTS').each { deployment , configuration ->
+            configuration.environments.each { environment ->
+
+
+                dslFactory.job(extraVars.get("FOLDER_NAME","Monitoring") + "/check-retire-users-for-${deployment}") {
+                    parameters {
+                        stringParam('CONFIGURATION_REPO', 'https://github.com/edx/configuration.git')
+                        stringParam('CONFIGURATION_BRANCH', 'master')
+                    }
+
+                    wrappers common_wrappers
+
+                    wrappers {
+                        credentialsBinding {
+                            usernamePassword("USERNAME", "PASSWORD", "${deployment}-users-retire-credentials")
+                            def variable = "${deployment}-check-retire-users"
+                            string("ROLE_ARN", variable)
+                        }
+                    }
+
+                    def rdsignore = ""
+                    extraVars.get('IGNORE_LIST').each { ignore ->
+                        rdsignore = "${rdsignore}-i ${ignore} "
+                    }
+
+                    def whitelistregions = ""
+                    configuration.REGION_LIST.each { include ->
+                        whitelistregions = "${whitelistregions}-r ${include} "
+                    }
+
+                    environmentVariables {
+                        env('ENVIRONMENT', environment)
+                        env('DEPLOYMENT', deployment)
+                        env('AWS_DEFAULT_REGION', extraVars.get('REGION'))
+                        env('RDSIGNORE', rdsignore)
+                        env('WHITELISTREGIONS', whitelistregions)
+                    }
+
+                    multiscm {
+                        git {
+                            remote {
+                                url('$CONFIGURATION_REPO')
+                                branch('$CONFIGURATION_BRANCH')
+                            }
+                            extensions {
+                                cleanAfterCheckout()
+                                pruneBranches()
+                                relativeTargetDirectory('configuration')
+                            }
+                        }
+                    }
+                    steps {
+                       shell(dslFactory.readFileFromWorkspace('devops/resources/check_retire_users.sh'))
+
+                    }
+
+                    publishers {
+                        mailer(extraVars.get('NOTIFY_ON_FAILURE'), false, false)
+
+                    }
+                }
+           }
+       }
+   }
+}
diff --git a/devops/resources/check_retire_users.sh b/devops/resources/check_retire_users.sh
new file mode 100644
index 000000000..fcc55c1d1
--- /dev/null
+++ b/devops/resources/check_retire_users.sh
@@ -0,0 +1,29 @@
+#!/bin/bash
+
+set +u
+. /edx/var/jenkins/jobvenvs/virtualenv_tools.sh
+# creates a venv with its location stored in variable "venvpath"
+create_virtualenv --python=python3.8 --clear
+. "$venvpath/bin/activate"
+set -u
+
+cd $WORKSPACE/configuration/util/jenkins/remove_retire_user_s3_files
+
+pip install -r requirements.txt
+. ../assume-role.sh
+
+# Assume role for different envs
+set +x
+assume-role ${ROLE_ARN}
+set -x
+
+# Set RDSIGNORE if not set in job, need because we're setting -u
+# Otherwise we get an error "RDSIGNORE: unbound variable"
+if [[ ! -v RDSIGNORE ]]; then
+    RDSIGNORE=""
+fi
+if [[ ! -v WHITELISTREGIONS ]]; then
+    WHITELISTREGIONS=""
+fi
+
+python ./remove_retire_user_s3_files.py --environment ${ENVIRONMENT} --deploy ${DEPLOYMENT} --region $AWS_DEFAULT_REGION