particle-os/debian-forge-composer
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

osbuild-service-maintenance: implement removal of security groups

Browse source 
Security groups of instances that are terminated should be removed.
HMS-3632
This commit is contained in:
Florian Schüller 2024-12-03 17:55:59 +01:00 committed by Florian Schüller
parent 7ebe266d3c
commit a96ea533c0
4 changed files with 186 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

41
internal/cloud/awscloud/maintenance.go
View file

@ -3,6 +3,7 @@ package awscloud
import (
"context"
"fmt"
"strings"
"github.com/aws/aws-sdk-go-v2/aws"
"github.com/aws/aws-sdk-go-v2/service/ec2"
@ -66,14 +67,14 @@ func (a *AWS) RemoveSnapshotAndDeregisterImage(image *ec2types.Image) error {
return err
}
func (a *AWS) DescribeInstancesByTag(tagKey, tagValue string) ([]ec2types.Reservation, error) {
func (a *AWS) describeInstancesByKeyValue(key, value string) ([]ec2types.Reservation, error) {
res, err := a.ec2.DescribeInstances(
context.Background(),
&ec2.DescribeInstancesInput{
Filters: []ec2types.Filter{
{
Name: aws.String(fmt.Sprintf("tag:%s", tagKey)),
Values: []string{tagValue},
Name: aws.String(key),
Values: []string{value},
},
},
},
@ -84,6 +85,14 @@ func (a *AWS) DescribeInstancesByTag(tagKey, tagValue string) ([]ec2types.Reserv
return res.Reservations, nil
}
func (a *AWS) DescribeInstancesByTag(tagKey, tagValue string) ([]ec2types.Reservation, error) {
return a.describeInstancesByKeyValue(fmt.Sprintf("tag:%s", tagKey), tagValue)
}
func (a *AWS) DescribeInstancesBySecurityGroupID(securityGroupID string) ([]ec2types.Reservation, error) {
return a.describeInstancesByKeyValue("instance.group-id", securityGroupID)
}
func (a *AWS) DescribeInstancesByInstanceID(instanceID string) ([]ec2types.Reservation, error) {
res, err := a.ec2.DescribeInstances(
context.Background(),
@ -106,3 +115,29 @@ func (a *AWS) TerminateInstances(instanceIDs []string) error {
)
return err
}
func (a *AWS) DescribeSecurityGroupsByPrefix(ctx context.Context, prefix string) ([]ec2types.SecurityGroup, error) {
var securityGroups []ec2types.SecurityGroup
sgOutput, err := a.ec2.DescribeSecurityGroups(ctx, &ec2.DescribeSecurityGroupsInput{})
if err != nil {
return securityGroups, fmt.Errorf("failed to describe security groups: %w", err)
}
for _, sg := range sgOutput.SecurityGroups {
if sg.GroupName != nil && strings.HasPrefix(*sg.GroupName, prefix) {
securityGroups = append(securityGroups, sg)
}
}
return securityGroups, nil
}
func (a *AWS) DeleteSecurityGroupById(ctx context.Context, sgID *string) error {
_, err := a.ec2.DeleteSecurityGroup(
ctx,
&ec2.DeleteSecurityGroupInput{
GroupId: sgID,
},
)
return err
}