Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: add cleanup scan script for finding dangling / old resources #731

Merged
merged 7 commits into from
Nov 5, 2024
Merged

chore: add cleanup scan script for finding dangling / old resources #731

merged 7 commits into from
Nov 5, 2024

Conversation

jon-funk
Copy link
Collaborator

@jon-funk jon-funk commented Oct 31, 2024
edited by github-actions bot
Loading

Description

Adds a script that can be used to find dangling resources in a given namespace. After we've done a few rounds of cleaning it'd be good to place this into CICD as a scheduled check.

How Has This Been Tested?

Please describe the tests that you ran to verify your changes. Provide instructions so we can reproduce. Please also list any relevant details for your test configuration

  • Script accurately finds dangling resources and allows skipping based on a regex

Checklist

  • I have added tests that prove my fix is effective or that my feature works
  • New and existing unit tests pass locally with my changes

Further comments

NOTE: I'm running cleanup after demos are all done, here's a sample run of what it's finding:

jon-funk@Atlas:~/projects/nr-compliance-enforcement/.github/scripts$ ALLOW_EXPR="object-store" SKIP_AUTH=true ./cleanup_scan.sh 
ALLOW_EXPR: object-store
Scanning for workloads older than 30 days in the targeted namespace
...
Found 15 workloads older than 30 days in the targeted namespace


Scanning for dangling secrets not used by workloads
...
Found 57 dangling secrets older than 30 days in the targeted namespace


Scanning for dangling pvcs not used by workloads
...
Found no stale and dangling PVCs in the targeted namespace


Scanning for dangling configmaps not used by workloads
...
Found 8 dangling configmaps older than 30 days in the targeted namespace


To delete these found workloads, locally run the following to see them:
Note: skip flag uses your existing oc authentication

SKIP_AUTH=true ./.github/scripts/cleanup_scan.sh
cat /tmp/old_workloads_to_delete.txt && cat /tmp/secrets_to_delete.txt && cat /tmp/pvcs_to_delete.txt && cat /tmp/configmaps_to_delete.txt

Thanks for the PR!

Deployments, as required, will be available below:

Please create PRs in draft mode. Mark as ready to enable:

After merge, new images are deployed in:

@jon-funk jon-funk changed the base branch from main to release/noble-sea-lemon October 31, 2024 16:51
@jon-funk
Copy link
Collaborator Author

jon-funk commented Oct 31, 2024
edited
Loading

See JIRA ticket CE-972 for deletion details

@jon-funk jon-funk marked this pull request as ready for review October 31, 2024 20:59
@afwilcox afwilcox changed the base branch from release/noble-sea-lemon to release/frilled-dogwinkle November 5, 2024 18:16
@sonarcloud SonarCloud
Copy link

sonarcloud bot commented Nov 5, 2024

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarCloud

@afwilcox afwilcox merged commit 5e39e40 into release/frilled-dogwinkle Nov 5, 2024
15 checks passed
@afwilcox afwilcox deleted the CE-972 branch November 5, 2024 21:12
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@afwilcox afwilcox afwilcox approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jon-funk @afwilcox