Merge branch 'oreilly-main' into Update-comprehend-detection-filters

Author: swhite-oreilly

.github/workflows/ci.yaml

@@ -2,7 +2,7 @@ name: Golang CI
 
 on:
   push:
-    branches: [main]
+    branches: [oreilly-main]
   pull_request:
     types: [opened, reopened, synchronize]
   schedule:

.github/workflows/release.yaml

@@ -3,33 +3,8 @@ name: Publish release artifacts
 on:
   release:
     types: [created]
-permissions:
-  contents: write
-  pull-requests: write
 
 jobs:
-  update_readme:
-    name: Update Readme
-    runs-on: ubuntu-22.04
-    steps:
-    - name: Checkout code
-      uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-        ref: main
-    - name: Update versions in readme
-      run: |
-        sed -r -i "s/aws-nuke:v[0-9]+\.[0-9]+\.[0-9]+/aws-nuke:${{ github.ref_name }}/" README.md
-        sed -r -i "s/aws-nuke-v[0-9]+\.[0-9]+\.[0-9]+/aws-nuke-${{ github.ref_name }}/" README.md
-        sed -r -i "s/\/v[0-9]+\.[0-9]+\.[0-9]+\//\/${{ github.ref_name }}\//" README.md
-    - uses: peter-evans/create-pull-request@v5
-      name: Create Pull Request
-      with:
-        title: Update readme for ${{ github.ref_name }} release
-        commit-message: Update readme for ${{ github.ref_name }} release
-        body: Updating version references in the readme to ${{ github.ref_name }}
-        branch: update-readme-${{ github.ref_name }}
-        delete-branch: true
 
   release:
     name: Publish binaries
@@ -56,49 +31,3 @@ jobs:
         tag: ${{ github.ref }}
         overwrite: true
         file_glob: true
-
-  docker_build:
-    runs-on: ubuntu-22.04
-    name: Docker Build
-
-    steps:
-    - uses: actions/checkout@v3
-      with:
-        fetch-depth: 0
-
-    - name: Generate image tags
-      shell: bash
-      run: echo "tags=quay.io/rebuy/aws-nuke:${GITHUB_REF#refs/tags/},docker.io/rebuy/aws-nuke:${GITHUB_REF#refs/tags/}" >> $GITHUB_OUTPUT
-      id: generate_tags
-
-    - name: Set up QEMU
-      id: qemu
-      uses: docker/setup-qemu-action@v2
-      with:
-        platforms: arm64
-
-    - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@v2
-      with:
-        install: true
-
-    - name: Login to Docker Hub
-      uses: docker/login-action@v2
-      with:
-        username: ${{ secrets.DOCKER_USERNAME }}
-        password: ${{ secrets.DOCKER_PASSWORD }}
-
-    - name: Login to Quay.io
-      uses: docker/login-action@v2
-      with:
-        registry: quay.io
-        username: ${{ secrets.QUAY_USERNAME }}
-        password: ${{ secrets.QUAY_PASSWORD }}
-
-    - name: Build and push
-      uses: docker/build-push-action@v3
-      with:
-        context: .
-        push: true
-        tags: ${{ steps.generate_tags.outputs.tags }}
-        platforms: linux/amd64,linux/arm64

cmd/nuke.go

@@ -63,6 +63,16 @@ func (n *Nuke) Run() error {
 		return err
 	}
 
+	if n.items.Count(ItemStateFailed) > 0 && n.items.Count(ItemStateNew) == 0 {
+		for _, item := range n.items {
+			if item.State != ItemStateFailed {
+				continue
+			}
+			logrus.Error(fmt.Sprintf("%s. %s.", item.Type, item.Reason))
+		}
+		return fmt.Errorf("failed")
+	}
+
 	if n.items.Count(ItemStateNew) == 0 {
 		fmt.Println("No resource to delete.")
 		return nil
@@ -249,9 +259,14 @@ func (n *Nuke) HandleQueue() {
 			n.HandleRemove(item)
 			item.Print()
 		case ItemStateFailed:
-			n.HandleRemove(item)
-			n.HandleWait(item, listCache)
-			item.Print()
+			// item.Resource will be nil if an exception was thrown while retrieving cloudControl
+			// resourceType's items (I.E resourceTypes lister()), however we still pass down the
+			// reason and state so we aren't ignoring these exceptions.
+			if item.Resource != nil {
+				n.HandleRemove(item)
+				n.HandleWait(item, listCache)
+				item.Print()
+			}
 		case ItemStatePending:
 			n.HandleWait(item, listCache)
 			item.State = ItemStateWaiting

cmd/scan.go

@@ -5,6 +5,7 @@ import (
 	"fmt"
 	"runtime/debug"
 
+	"github.com/aws/aws-sdk-go/aws/awserr"
 	"github.com/rebuy-de/aws-nuke/v2/pkg/awsutil"
 	"github.com/rebuy-de/aws-nuke/v2/pkg/util"
 	"github.com/rebuy-de/aws-nuke/v2/resources"
@@ -72,6 +73,20 @@ func (s *scanner) list(region *Region, resourceType string) {
 			return
 		}
 
+		awsErr, ok := err.(awserr.Error)
+		if ok && awsErr.Code() == "ThrottlingException" {
+			s.items <- &Item{
+				Region:   region,
+				Resource: nil,
+				State:    ItemStateFailed,
+				Reason:   err.Error(),
+				Type:     resourceType,
+			}
+			dump := util.Indent(fmt.Sprintf("%v", err), "    ")
+			log.Errorf("Listing %s failed:\n%s", resourceType, dump)
+			return
+		}
+
 		dump := util.Indent(fmt.Sprintf("%v", err), "    ")
 		log.Errorf("Listing %s failed:\n%s", resourceType, dump)
 		return

resources/cloudcontrol.go

@@ -41,9 +41,11 @@ func init() {
 	registerCloudControl("AWS::NetworkFirewall::RuleGroup")
 }
 
+const CloudControlAPiMaxRetries = 5
+
 func NewListCloudControlResource(typeName string) func(*session.Session) ([]Resource, error) {
 	return func(sess *session.Session) ([]Resource, error) {
-		svc := cloudcontrolapi.New(sess)
+		svc := cloudcontrolapi.New(sess, &aws.Config{MaxRetries: aws.Int(CloudControlAPiMaxRetries)})
 
 		params := &cloudcontrolapi.ListResourcesInput{
 			TypeName: aws.String(typeName),

resources/opensearchservice-packages.go

@@ -0,0 +1,62 @@
+package resources
+
+import (
+	"time"
+
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/opensearchservice"
+	"github.com/rebuy-de/aws-nuke/v2/pkg/types"
+)
+
+type OSPackage struct {
+	svc         *opensearchservice.OpenSearchService
+	packageID   *string
+	packageName *string
+	createdTime *time.Time
+}
+
+func init() {
+	register("OSPackage", ListOSPackages)
+}
+
+func ListOSPackages(sess *session.Session) ([]Resource, error) {
+	svc := opensearchservice.New(sess)
+
+	listResp, err := svc.DescribePackages(&opensearchservice.DescribePackagesInput{})
+	if err != nil {
+		return nil, err
+	}
+
+	resources := make([]Resource, 0)
+
+	for _, pkg := range listResp.PackageDetailsList {
+		resources = append(resources, &OSPackage{
+			svc:         svc,
+			packageID:   pkg.PackageID,
+			packageName: pkg.PackageName,
+			createdTime: pkg.CreatedAt,
+		})
+	}
+
+	return resources, nil
+}
+
+func (o *OSPackage) Remove() error {
+	_, err := o.svc.DeletePackage(&opensearchservice.DeletePackageInput{
+		PackageID: o.packageID,
+	})
+
+	return err
+}
+
+func (o *OSPackage) Properties() types.Properties {
+	properties := types.NewProperties()
+	properties.Set("PackageID", o.packageID)
+	properties.Set("PackageName", o.packageName)
+	properties.Set("CreatedTime", o.createdTime.Format(time.RFC3339))
+	return properties
+}
+
+func (o *OSPackage) String() string {
+	return *o.packageID
+}

resources/opensearchservice-vpcendpoints.go

@@ -0,0 +1,76 @@
+package resources
+
+import (
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/opensearchservice"
+	"github.com/rebuy-de/aws-nuke/v2/pkg/types"
+)
+
+type OSVPCEndpoint struct {
+	svc           *opensearchservice.OpenSearchService
+	vpcEndpointId *string
+}
+
+func init() {
+	register("OSVPCEndpoint", ListOSVPCEndpoints)
+}
+
+func ListOSVPCEndpoints(sess *session.Session) ([]Resource, error) {
+	svc := opensearchservice.New(sess)
+
+	vpcEndpointIds, err := getOpenSearchVpcEndpointIds(svc)
+	if err != nil {
+		return nil, err
+	}
+
+	listResp, err := svc.DescribeVpcEndpoints(&opensearchservice.DescribeVpcEndpointsInput{
+		VpcEndpointIds: vpcEndpointIds,
+	})
+	if err != nil {
+		return nil, err
+	}
+
+	resources := make([]Resource, 0)
+
+	for _, vpcEndpoint := range listResp.VpcEndpoints {
+		resources = append(resources, &OSVPCEndpoint{
+			svc:           svc,
+			vpcEndpointId: vpcEndpoint.VpcEndpointId,
+		})
+	}
+
+	return resources, nil
+}
+
+func getOpenSearchVpcEndpointIds(svc *opensearchservice.OpenSearchService) ([]*string, error) {
+	vpcEndpointIds := make([]*string, 0)
+
+	listResp, err := svc.ListVpcEndpoints(&opensearchservice.ListVpcEndpointsInput{})
+	if err != nil {
+		return nil, err
+	}
+
+	for _, vpcEndpoint := range listResp.VpcEndpointSummaryList {
+		vpcEndpointIds = append(vpcEndpointIds, vpcEndpoint.VpcEndpointId)
+	}
+
+	return vpcEndpointIds, nil
+}
+
+func (o *OSVPCEndpoint) Remove() error {
+	_, err := o.svc.DeleteVpcEndpoint(&opensearchservice.DeleteVpcEndpointInput{
+		VpcEndpointId: o.vpcEndpointId,
+	})
+
+	return err
+}
+
+func (o *OSVPCEndpoint) Properties() types.Properties {
+	properties := types.NewProperties()
+	properties.Set("VpcEndpointId", o.vpcEndpointId)
+	return properties
+}
+
+func (o *OSVPCEndpoint) String() string {
+	return *o.vpcEndpointId
+}

resources/polly-lexicons.go

@@ -0,0 +1,57 @@
+package resources
+
+import (
+	"github.com/aws/aws-sdk-go/aws/session"
+	"github.com/aws/aws-sdk-go/service/polly"
+	"github.com/rebuy-de/aws-nuke/v2/pkg/types"
+)
+
+type PollyLexicon struct {
+	svc        *polly.Polly
+	name       *string
+	attributes *polly.LexiconAttributes
+}
+
+func init() {
+	register("PollyLexicons", ListPollyLexicons)
+}
+
+func ListPollyLexicons(sess *session.Session) ([]Resource, error) {
+	svc := polly.New(sess)
+	resources := []Resource{}
+
+	listLexiconsInput := &polly.ListLexiconsInput{}
+
+	listOutput, err := svc.ListLexicons(listLexiconsInput)
+	if err != nil {
+		return nil, err
+	}
+	for _, lexicon := range listOutput.Lexicons {
+		resources = append(resources, &PollyLexicon{
+			svc:        svc,
+			name:       lexicon.Name,
+			attributes: lexicon.Attributes,
+		})
+	}
+	return resources, nil
+}
+
+func (lexicon *PollyLexicon) Remove() error {
+	deleteInput := &polly.DeleteLexiconInput{
+		Name: lexicon.name,
+	}
+	_, err := lexicon.svc.DeleteLexicon(deleteInput)
+	return err
+}
+
+func (lexicon *PollyLexicon) Properties() types.Properties {
+	properties := types.NewProperties()
+	properties.Set("Name", lexicon.name)
+	properties.Set("Alphabet", lexicon.attributes.Alphabet)
+	properties.Set("LanguageCode", lexicon.attributes.LanguageCode)
+	properties.Set("LastModified", lexicon.attributes.LastModified)
+	properties.Set("LexemesCount", lexicon.attributes.LexemesCount)
+	properties.Set("LexiconArn", lexicon.attributes.LexiconArn)
+	properties.Set("Size", lexicon.attributes.Size)
+	return properties
+}