Skip to content

unused aws instace and vpcs cleanup #86

unused aws instace and vpcs cleanup

unused aws instace and vpcs cleanup #86

Workflow file for this run

name: Daily AWS Cleanup Bot
on:
pull_request:
types:
- opened
- synchronize
branches:
- test-awsresourcecleanup
push:
branches:
- test-awsresourcecleanup
jobs:
cleanup:
runs-on: linux-amd64-cpu4
steps:
- name: Checkout repository
uses: actions/checkout@v4
- name: Set up AWS CLI
uses: aws-actions/configure-aws-credentials@v4
with:
aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}
aws-region: us-west-1
- name: Identify resources for deletion
id: identify-resources
run: |
# Find vpcs with names ci*
vpcs=$(aws ec2 describe-vpcs \
--filters "Name=tag:Name,Values=ci*" \
--query "Vpcs[].VpcId" \
--output text | tr -d '\r' | tr '\n' ' ')
echo "Found VPCs: $vpcs"
echo "vpcs=$vpcs" >> $GITHUB_ENV
- name: Clean up VPCs
if: env.vpcs != ''
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
get_tag_value(){
local vpc_id=$1
local key=$2
aws ec2 describe-tags --filters "Name=resource-id,Values=$vpc_id" "Name=key,Values=$key" \
--query "Tags[0].Value" --output text
}
for vpc in $vpcs; do
github_repository=$(get_tag_value $vpc "GitHubRepository")
run_id=$(get_tag_value $vpc "GitHubRunId")
job_name=$(get_tag_value $vpc "GitHubJob")
response=$(curl -s -H "Authorization: Bearer $GITHUB_TOKEN" \
"https://api.github.com/repos/${github_repository}/actions/runs/${run_id}/jobs")
if [[ -z "$response" || "$response" == "null" ]]; then
continue
fi
# 1. make sure .jobs exist in response
# e.g. { "message": "Not Found", "documentation_url": "https://docs.github.com/rest", "status": "404" }
# 2. check if all jobs completed
is_jobs_not_completed=1
jobs_exist=$(echo "$response" | jq -e '.jobs? // null' >/dev/null 2>&1; echo $?)
if [[ "$jobs_exist" -ne 0 ]]; then
is_jobs_not_completed=$(echo "$response" | jq -r ".jobs? // [] |
map(select(.status != \"completed\")) |
length")
fi
echo "SHIVA $vpc $jobs_exist $is_jobs_not_completed"
if [[ "$is_jobs_not_completed" -eq 0 ]]; then
echo "Holodeck e2e Job status is not in running stage , Delete the vpc $vpc and dependent resources"
scripts/awscleanup.sh $vpc
fi
done
- name: Post cleanup
run: |
echo "Cleanup completed."