From f4149254bcc5aea9ad6195b356bab887490ed73c Mon Sep 17 00:00:00 2001 From: anthony-nhs <121869075+anthony-nhs@users.noreply.github.com> Date: Thu, 29 Aug 2024 13:55:25 +0100 Subject: [PATCH] Fix: [AEA-4388] - delete old cname records (#1227) ## Summary - Routine Change ### Details - use new delete stacks script - delete old cname records --------- Co-authored-by: Kris Szlapa --- .github/scripts/delete_stacks.sh | 70 ++++++++++++++++--- .../delete_old_cloudformation_stacks.yml | 2 + 2 files changed, 62 insertions(+), 10 deletions(-) diff --git a/.github/scripts/delete_stacks.sh b/.github/scripts/delete_stacks.sh index 5760e91a4..1c0f6a69a 100755 --- a/.github/scripts/delete_stacks.sh +++ b/.github/scripts/delete_stacks.sh @@ -1,18 +1,39 @@ #!/usr/bin/env bash +# generic script for removing cloudformation stacks and old CNAME records where the pull request is closed + +# the name of the repo this is running in +REPO_NAME=prescriptionsforpatients + +# regex used in jq command that parses the output from aws cloudformation list-stacks and just captures stacks we are interested in +CAPTURE_REGEX="^pfp-pr-(\\d+)(-sandbox)?$" + +# regex that is used to get the pull request id from the cloud formation stack name +# this is used in a replace command to replace the stack name so what is left is just the pull request id +PULL_REQUEST_STACK_REGEX=pfp-pr- + +# this should be a query to get old CNAME records to delete +CNAME_QUERY=pfp-pr- + +main() { + delete_cloudformation_stacks + delete_cname_records +} + +delete_cloudformation_stacks() { + echo "checking cloudformation stacks" + echo + ACTIVE_STACKS=$(aws cloudformation list-stacks | jq -r --arg CAPTURE_REGEX "${CAPTURE_REGEX}" '.StackSummaries[] | select ( .StackStatus != "DELETE_COMPLETE" ) | select( .StackName | capture($CAPTURE_REGEX) ) | .StackName ') -delete_stacks () { - ACTIVE_STACKS="$1" mapfile -t ACTIVE_STACKS_ARRAY <<< "$ACTIVE_STACKS" + for i in "${ACTIVE_STACKS_ARRAY[@]}" do echo "Checking if stack $i has open pull request" - PULL_REQUEST=${i//pfp-pr-/} - PULL_REQUEST=${PULL_REQUEST//pr-} - PULL_REQUEST=${PULL_REQUEST//sandbox-/} + PULL_REQUEST=${i//${PULL_REQUEST_STACK_REGEX}/} PULL_REQUEST=${PULL_REQUEST//-sandbox/} echo "Checking pull request id ${PULL_REQUEST}" - URL="https://api.github.com/repos/NHSDigital/prescriptionsforpatients/pulls/${PULL_REQUEST}" + URL="https://api.github.com/repos/NHSDigital/${REPO_NAME}/pulls/${PULL_REQUEST}" RESPONSE=$(curl "${URL}" 2>/dev/null) STATE=$(echo "${RESPONSE}" | jq -r .state) if [ "$STATE" == "closed" ]; then @@ -26,9 +47,38 @@ delete_stacks () { done } +delete_cname_records() { + HOSTED_ZONE_ID=$(aws route53 list-hosted-zones-by-name --dns-name dev.eps.national.nhs.uk. | jq -r ".HostedZones[0] | .Id") + CNAME_RECORDS=$(aws route53 list-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" \ + --query "ResourceRecordSets[?Type == 'CNAME' && contains(Name, '${CNAME_QUERY}')]" \ + | jq -r " .[] | .Name") + + mapfile -t CNAME_RECORDS_ARRAY <<< "$CNAME_RECORDS" -ACTIVE_STACKS=$(aws cloudformation list-stacks | jq -r '.StackSummaries[] | select ( .StackStatus != "DELETE_COMPLETE" ) | select( .StackName | capture("^pfp-pr-(\\d+)(-sandbox)?$") ) | .StackName ') -OLD_ACTIVE_STACKS=$(aws cloudformation list-stacks | jq -r '.StackSummaries[] | select ( .StackStatus != "DELETE_COMPLETE" ) | select( .StackName | capture("^pr-(sandbox-)?(\\d+)$") ) | .StackName ') + for i in "${CNAME_RECORDS_ARRAY[@]}" + do + echo "Checking if CNAME record $i has open pull request" + + PULL_REQUEST=$(echo "$i" | grep -Po '(?<=-pr-)\d+') + echo "Checking pull request id ${PULL_REQUEST}" + URL="https://api.github.com/repos/NHSDigital/${REPO_NAME}/pulls/${PULL_REQUEST}" + RESPONSE=$(curl --url "${URL}" --header "Authorization: Bearer ${GITHUB_TOKEN}" 2>/dev/null) + STATE=$(echo "${RESPONSE}" | jq -r .state) + if [ "$STATE" == "closed" ]; then + echo "** going to delete CNAME record $i as state is ${STATE} **" + record_set=$(aws route53 list-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" \ + --query "ResourceRecordSets[?Name == '$i']" --output json | jq .[0]) + + jq -n --argjson record_set "${record_set}" \ + '{Changes: [{Action: "DELETE", ResourceRecordSet: $record_set}]}' > /tmp/payload.json + + aws route53 change-resource-record-sets --hosted-zone-id "${HOSTED_ZONE_ID}" --change-batch file:///tmp/payload.json + + echo "CNAME record $i deleted" + else + echo "not going to delete CNAME record $i as state is ${STATE} **" + fi + done +} -delete_stacks "${ACTIVE_STACKS}" -delete_stacks "${OLD_ACTIVE_STACKS}" +main diff --git a/.github/workflows/delete_old_cloudformation_stacks.yml b/.github/workflows/delete_old_cloudformation_stacks.yml index 6a453a425..109d13f76 100644 --- a/.github/workflows/delete_old_cloudformation_stacks.yml +++ b/.github/workflows/delete_old_cloudformation_stacks.yml @@ -36,3 +36,5 @@ jobs: shell: bash working-directory: .github/scripts run: ./delete_stacks.sh + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}