Merge pull request #328 from pdostal/gce_terraform

asmorodskyi · web-flow · commit 58024cd5c074 · 2023-12-04T13:23:35.000+01:00
GCE: Add 'tf-network' to the list of protected networks
diff --git a/ocw/lib/gce.py b/ocw/lib/gce.py
@@ -3,6 +3,7 @@
 from os.path import basename
 from datetime import timezone
 from dateutil.parser import parse
+from webui.PCWConfig import ConfigFile
 import googleapiclient.discovery
 from googleapiclient.errors import HttpError
 from google.oauth2 import service_account
@@ -11,7 +12,6 @@
 
 class GCE(Provider):
     __instances = {}
-    __skip_networks = frozenset({"default"})
 
     def __new__(cls, namespace):
         if namespace not in GCE.__instances:
@@ -20,6 +20,9 @@ def __new__(cls, namespace):
 
     def __init__(self, namespace):
         super().__init__(namespace)
+
+        self.__skip_networks = frozenset(ConfigFile().getList('cleanup/gce-skip-networks', ["default"]))
+
         self.__compute_client = None
         self.private_key_data = self.get_data()
         self.project = self.private_key_data["project_id"]
diff --git a/templates/pcw.ini b/templates/pcw.ini
@@ -31,6 +31,9 @@ to = <your_email@suse.com>
 [cleanup]
 # Max age of data storage resources ( used in EC2 only )
 ec2-max-age-days = 1
+# The list of networks which themselves as well as their resources should not be cleaned up
+#   This is due to fact that netowrk and security resources in GCP don't have neither tags nor metadata
+gce-skip-networks = default,tf-network
 # Max age of data storage resources ( used in Azure and GCE )
 max-age-hours = 1
 # Max age for images in Openstack
