unused aws instace and vpcs cleanup #24
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| name: Daily AWS Cleanup Bot | |
| # on: | |
| # schedule: | |
| # - cron: '0 8 * * *' | |
| on: | |
| pull_request: | |
| types: | |
| - opened | |
| - synchronize | |
| branches: | |
| - awsresourcecleanup | |
| push: | |
| branches: | |
| - awsresourcecleanup | |
| jobs: | |
| cleanup: | |
| runs-on: linux-amd64-cpu4 | |
| steps: | |
| - name: Checkout repository | |
| uses: actions/checkout@v4 | |
| - name: Set up AWS CLI | |
| uses: aws-actions/configure-aws-credentials@v4 | |
| with: | |
| aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }} | |
| aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }} | |
| aws-region: us-west-1 | |
| - name: Identify resources running longer than 4 hours | |
| id: identify-resources | |
| run: | | |
| # Find EC2 instances with names ci* running longer than 4 hours | |
| running_instances=$(aws ec2 describe-instances \ | |
| --filters Name=instance-state-name,Values=running Name=tag:Name,Values=ci* \ | |
| --query "Reservations[*].Instances[?LaunchTime<=\`$(date -u -d '4 hours ago' +%Y-%m-%dT%H:%M:%SZ)\`].InstanceId" \ | |
| --output text | tr -d '\r' | tr '\n' ' ') | |
| echo "Found instances: $running_instances" | |
| echo "instances=$running_instances" >> $GITHUB_ENV | |
| # Find vpcs with names ci* | |
| vpcs=$(aws ec2 describe-vpcs \ | |
| --filters "Name=tag:Name,Values=ci*" \ | |
| --query "Vpcs[].VpcId" \ | |
| --output text | tr -d '\r' | tr '\n' ' ') | |
| # Check if the VPC has a main route table | |
| old_vpcs="" | |
| for vpc in $vpcs; do | |
| main_route_table=$(aws ec2 describe-route-tables \ | |
| --filters Name=vpc-id,Values=$vpc \ | |
| --query "RouteTables[?Associations[?Main==true]].RouteTableId" \ | |
| --output text) | |
| if [ -n "$main_route_table" ]; then | |
| echo "VPC: $vpc is associated with a main route table ($main_route_table). Skipping." | |
| continue | |
| fi | |
| echo "VPC: $vpc is valid for processing." | |
| old_vpcs="$old_vpcs $vpc" | |
| done | |
| echo "Old VPCs: $old_vpcs" | |
| echo "vpcs=$old_vpcs" >> $GITHUB_ENV | |
| - name: Terminate EC2 Instances | |
| if: env.instances != '' | |
| run: | | |
| for instance in $instances; do | |
| echo "Terminating instance: $instance" | |
| aws ec2 terminate-instances --instance-ids "$instance" | |
| done | |
| - name: Clean up VPCs | |
| if: env.vpcs != '' | |
| run: | | |
| for vpc in $vpcs; do | |
| # Check for EC2 instances attached to VPC | |
| instances_in_vpc=$(aws ec2 describe-instances \ | |
| --filters "Name=vpc-id,Values=$vpc" \ | |
| --query "Reservations[*].Instances[*].InstanceId" \ | |
| --output text) | |
| # if no instance attached delete it | |
| if [ -z "$instances_in_vpc" ]; then | |
| scripts/awsvpcscleanup.sh $vpc | |
| else | |
| echo "EC2 instances are still attached to VPC: $vpc. Skipping deletion." | |
| fi | |
| done | |
| - name: Post cleanup | |
| run: | | |
| echo "Cleanup completed." |