@@ -82,6 +82,18 @@ async def lbs_for_cluster(resource, cluster):
82
82
yield lb
83
83
84
84
85
+ async def secgroups_for_cluster (resource , cluster ):
86
+ """
87
+ Async iterator for security groups belonging to the specified cluster.
88
+ """
89
+ async for sg in resource .list ():
90
+ if not sg .description .startswith ("Security Group for" ):
91
+ continue
92
+ if not sg .description .endswith (f"Service LoadBalancer in cluster { cluster } " ):
93
+ continue
94
+ yield sg
95
+
96
+
85
97
async def volumes_for_cluster (resource , cluster ):
86
98
"""
87
99
Async iterator for volumes belonging to the specified cluster.
@@ -180,6 +192,15 @@ async def purge_openstack_resources(
180
192
)
181
193
logger .info ("deleted load balancers for LoadBalancer services" )
182
194
195
+ # Delete any security groups associated with loadbalancer services for the cluster
196
+ secgroups = networkapi .resource ("security-groups" )
197
+ check_secgroups = await try_delete (
198
+ logger ,
199
+ secgroups ,
200
+ secgroups_for_cluster (secgroups , name )
201
+ )
202
+ logger .info ("deleted security groups for LoadBalancer services" )
203
+
183
204
# Delete volumes and snapshots associated with PVCs, unless requested
184
205
# otherwise via the annotation
185
206
volumeapi = cloud .api_client ("volumev3" )
@@ -208,6 +229,8 @@ async def purge_openstack_resources(
208
229
raise ResourcesStillPresentError ("floatingips" , name )
209
230
if check_lbs and not await empty (lbs_for_cluster (loadbalancers , name )):
210
231
raise ResourcesStillPresentError ("loadbalancers" , name )
232
+ if check_secgroups and not await empty (secgroups_for_cluster (secgroups , name )):
233
+ raise ResourcesStillPresentError ("security-groups" , name )
211
234
if check_volumes and not await empty (volumes_for_cluster (volumes_detail , name )):
212
235
raise ResourcesStillPresentError ("volumes" , name )
213
236
if check_snapshots and not await empty (snapshots_for_cluster (snapshots_detail , name )):
0 commit comments