Skip to content

Commit b8d81d5

Browse files
jameslinnelljameslinnell
authored
[NDR-162] Delete redundant resources from dev (#402)
* Add delete scripts * Creating tickets * Allow delete or list * Add check for tf workspace in delete * protect persistent workspaces
1 parent ad89389 commit b8d81d5

File tree

1 file changed

+111
-5
lines changed

1 file changed

+111
-5
lines changed

scripts/list_workspace_resource.sh

Lines changed: 111 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1,8 +1,7 @@
11
#!/bin/bash
22

3-
# source /utils/workspace_utils.sh
4-
#
5-
TERRAFORM_WORKSPACE="$1"
3+
TERRAFORM_WORKSPACE=""
4+
do_delete=false
65

76
function _list_tagged_resources() {
87
local workspace=$1
@@ -103,6 +102,26 @@ function _list_log_groups() {
103102
done
104103
}
105104

105+
function _delete_log_groups() {
106+
local workspace=$1
107+
local log_groups
108+
109+
# List all log groups and filter those containing the specified substring
110+
log_groups=$(aws logs describe-log-groups | jq -r --arg substring "$workspace" '.logGroups[] | select(.logGroupName | contains($substring)) | .logGroupName')
111+
112+
# Check if any log groups were found
113+
if [ -z "$log_groups" ]; then
114+
echo "No CloudWatch Logs log groups found containing the substring: $workspace"
115+
return 0
116+
fi
117+
118+
# Loop through each log group and delete it
119+
for log_group in $log_groups; do
120+
echo "Deleting CloudWatch Logs log group: $log_group"
121+
aws logs delete-log-group --log-group-name "$log_group"
122+
done
123+
}
124+
106125
function _list_dynamo_tables() {
107126
local workspace=$1
108127
local tables
@@ -644,6 +663,23 @@ function _list_cloudwatch_alarms() {
644663
done
645664
}
646665

666+
function _delete_cloudwatch_alarms() {
667+
local workspace=$1
668+
669+
alarms=$(aws cloudwatch describe-alarms --output json | jq -r --arg SUBSTRING "$workspace" '.MetricAlarms[] | select(.AlarmName | contains($SUBSTRING)) | .AlarmName')
670+
671+
if [ -z "$alarms" ]; then
672+
echo "No CloudWatch alarms containing the substring: $workspace"
673+
return 0
674+
fi
675+
676+
echo "Deleting the following CloudWatch alarms:"
677+
for alarm in $alarms; do
678+
echo "$alarm"
679+
done
680+
aws cloudwatch delete-alarms --alarm-names $alarms
681+
}
682+
647683
function _list_appconfig() {
648684
local workspace=$1
649685
SUBSTRING="$workspace"
@@ -683,6 +719,27 @@ function _list_lambda_layers() {
683719
done
684720
}
685721

722+
function _delete_lambda_layers() {
723+
local workspace=$1
724+
local layers=$(aws lambda list-layers --output json)
725+
726+
if [ -n "$workspace" ]; then
727+
layers=$(echo "$layers" | jq -r --arg SUBSTRING "$workspace" '.Layers[] | select(.LayerName | contains($SUBSTRING)) | .LayerName')
728+
fi
729+
730+
[ -z "$layers" ] && echo "No Lambda Layers found containing substring: $workspace" && return 0
731+
732+
for layer in $layers; do
733+
echo "Deleting versions for Lambda Layer: $layer"
734+
versions=$(aws lambda list-layer-versions --layer-name "$layer" --output json | jq -r '.LayerVersions[].Version')
735+
for v in $versions; do
736+
echo " - Deleting $layer version $v"
737+
aws lambda delete-layer-version --layer-name "$layer" --version-number "$v"
738+
done
739+
done
740+
741+
}
742+
686743
function _list_cloudwatch_dashboards() {
687744
local workspace=$1
688745
local dashboards=$(aws cloudwatch list-dashboards --output json)
@@ -851,7 +908,7 @@ function _list_sns_subscriptions() {
851908
local subs=$(aws sns list-subscriptions --output json)
852909

853910
if [ -n "$workspace" ]; then
854-
subs=$(echo "$subs" | jq -r --arg SUBSTRING "$workspace" '.Subscriptions[] | select(.SubscriptionArn | contains($SUBSTRING) or .TopicArn | contains($SUBSTRING)) | .SubscriptionArn')
911+
subs=$(echo "$subs" | jq -r --arg SUBSTRING "$workspace-sns" ' .Subscriptions[] | select((.SubscriptionArn | contains($SUBSTRING)) or (.TopicArn | contains($SUBSTRING))) | .SubscriptionArn')
855912
else
856913
subs=$(echo "$subs" | jq -r '.Subscriptions[] | .SubscriptionArn')
857914
fi
@@ -863,6 +920,17 @@ function _list_sns_subscriptions() {
863920
done
864921
}
865922

923+
function _delete_sns_subscriptions() {
924+
local workspace=$1
925+
local subs=$(aws sns list-subscriptions --output json)
926+
subs=$(echo "$subs" | jq -r --arg SUBSTRING "$workspace-sns" ' .Subscriptions[] | select((.SubscriptionArn | contains($SUBSTRING)) or (.TopicArn | contains($SUBSTRING))) | .SubscriptionArn')
927+
[ -z "$subs" ] && echo "No SNS Subscriptions found for $workspace" && return 0
928+
929+
for sub in $subs; do
930+
echo "SNS Subscription: $sub"
931+
done
932+
}
933+
866934
function _list_lambda_event_source_mappings() {
867935
local workspace=$1
868936
local mappings=$(aws lambda list-event-source-mappings --output json)
@@ -923,4 +991,42 @@ function _list_workspace_resources() {
923991
_list_lambda_event_source_mappings "$TERRAFORM_WORKSPACE"
924992
}
925993

926-
_list_workspace_resources
994+
function _delete_workspace_resources() {
995+
if [[ -z "${TERRAFORM_WORKSPACE:-}" ]]; then
996+
echo "❌ ERROR: TERRAFORM_WORKSPACE is not set."
997+
exit 1
998+
fi
999+
1000+
case "$TERRAFORM_WORKSPACE" in
1001+
ndr-dev | ndr-test | pre-prod | prod)
1002+
echo "❌ ERROR: Deletion is not allowed for workspace: $TERRAFORM_WORKSPACE"
1003+
exit 1
1004+
;;
1005+
esac
1006+
1007+
_delete_log_groups "$TERRAFORM_WORKSPACE"
1008+
_delete_lambda_layers "$TERRAFORM_WORKSPACE"
1009+
_delete_cloudwatch_alarms "$TERRAFORM_WORKSPACE"
1010+
_delete_sns_subscriptions "$TERRAFORM_WORKSPACE"
1011+
}
1012+
1013+
# Parse args
1014+
for arg in "$@"; do
1015+
case "$arg" in
1016+
--delete)
1017+
do_delete=true
1018+
shift
1019+
;;
1020+
*)
1021+
TERRAFORM_WORKSPACE="$arg"
1022+
shift
1023+
;;
1024+
esac
1025+
done
1026+
1027+
# Run correct function
1028+
if $do_delete; then
1029+
_delete_workspace_resources
1030+
else
1031+
_list_workspace_resources
1032+
fi

0 commit comments

Comments
 (0)