diff --git a/.github/scripts/purge-aws-resources.sh b/.github/scripts/purge-aws-resources.sh new file mode 100644 index 00000000..76c5b80e --- /dev/null +++ b/.github/scripts/purge-aws-resources.sh @@ -0,0 +1,75 @@ +# ------------------------------------------------------------ +# Copyright 2023 The Radius Authors. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# ------------------------------------------------------------ + +RESOURCE_TYPES='AWS::RDS::DBInstance,AWS::RDS::DBSubnetGroup,AWS::MemoryDB::Cluster,AWS::MemoryDB::SubnetGroup' + +# File to store the list of deleted resources +DELETED_RESOURCES_FILE='deleted-resources.txt' + +# Number of retries +MAX_RETRIES=5 + +# Retry delay in seconds +RETRY_DELAY=300 # 5 minutes + +function delete_aws_resources() { + # Empty the file + truncate -s 0 $DELETED_RESOURCES_FILE + + for resource_type in ${RESOURCE_TYPES//,/ }; do + aws cloudcontrol list-resources --type-name "$resource_type" --query "ResourceDescriptions[].Identifier" --output text | tr '\t' '\n' | while read identifier; do + aws cloudcontrol get-resource --type-name "$resource_type" --identifier "$identifier" --query "ResourceDescription.Properties" --output text | while read resource; do + echo "Deleting resource of type: $resource_type with identifier: $identifier" + echo "$identifier\n" >>$DELETED_RESOURCES_FILE + aws cloudcontrol delete-resource --type-name "$resource_type" --identifier "$identifier" + done + done + done + + if [ -s $DELETED_RESOURCES_FILE ]; then + return 1 + else + return 0 + fi +} + +RETRY_COUNT=0 +while [ $RETRY_COUNT -lt $MAX_RETRIES ]; do + # Trigger the function to delete the resources + delete_aws_resources + + # If the function returned 0, then no resources needed to be deleted + # on this run. This means that all resources have been deleted. + if [ $? -eq 0 ]; then + echo "All resources deleted successfully" + break + fi + + # Still have resources to delete, increase the retry count + RETRY_COUNT=$((RETRY_COUNT + 1)) + + # Check if there are more retries left + if [ $RETRY_COUNT -lt $MAX_RETRIES ]; then + # Retry after delay + echo "Retrying in $RETRY_DELAY seconds..." + sleep $RETRY_DELAY + fi +done + +# Check if the maximum number of retries exceeded +if [ $RETRY_COUNT -eq $MAX_RETRIES ]; then + echo "Maximum number of retries exceeded" +fi diff --git a/.github/workflows/purge-aws-test-resources.yaml b/.github/workflows/purge-aws-test-resources.yaml new file mode 100644 index 00000000..e5cb97ca --- /dev/null +++ b/.github/workflows/purge-aws-test-resources.yaml @@ -0,0 +1,40 @@ +name: Purge AWS Test Resources + +on: + schedule: + # Runs every day at 5 AM + - cron: "0 5 * * *" + +env: + GH_TOKEN: ${{ github.token }} + AWS_REGION: us-west-2 + +jobs: + purge_aws_resources: + name: Purge AWS Test Resources + runs-on: ubuntu-latest + steps: + - name: Checkout code + uses: actions/checkout@v4 + + - name: Install AWS CLI + run: | + sudo apt-get update + sudo apt-get install -y awscli + + - name: Login to AWS + run: | + aws configure set aws_access_key_id ${{ secrets.AWS_ACCESS_KEY_ID }} + aws configure set aws_secret_access_key ${{ secrets.AWS_SECRET_ACCESS_KEY }} + aws configure set region ${{ env.AWS_REGION }} + aws configure set output json + + - name: Delete old AWS resources + run: bash .github/scripts/purge-aws-resources.sh + + - name: Create GitHub issue on failure + if: failure() && github.event_name == 'schedule' + run: | + gh issue create --title "Purge Purge AWS Test Resources workflow failed" \ + --body "Test failed on ${{ github.repository }}. See [workflow logs](${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}) for more details." \ + --repo ${{ github.repository }}