Skip to content

Commit

Permalink
Add script to cleanup task definitions in GHA workflow
Browse files Browse the repository at this point in the history
  • Loading branch information
@coreycarvalho
coreycarvalho committed Dec 26, 2024
1 parent 1be83d0 commit e987510
Showing 1 changed file with 108 additions and 2 deletions.
110 changes: 108 additions & 2 deletions .github/workflows/task-defnition-cleanup.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,5 +19,111 @@ jobs:
- name: Checkout Repository
uses: actions/checkout@v3

- name: echo hello
run: echo hello
- name: Configure AWS Credentials
uses: aws-actions/configure-aws-credentials@v2
with:
aws-access-key-id: ${{ secrets.VAEC_AWS_ACCESS_KEY_ID }}
aws-secret-access-key: ${{ secrets.VAEC_AWS_SECRET_ACCESS_KEY }}
aws-region: us-gov-west-1
role-to-assume: ${{ secrets.VAEC_DEPLOY_ROLE }}
role-skip-session-tagging: true
role-duration-seconds: 1800

- name: Cleanup Old ECS Task Definitions
env:
DRY_RUN: ${{ github.event.inputs.dry_run || 'false' }}
run: |
#!/bin/bash
set -e
# Configuration
MAX_REV=10
DRY_RUN=$DRY_RUN
echo "Starting ECS Task Definitions cleanup...
echo "Dry run mode: $DRY_RUN"
# Function to deregister task definitions or perform dry run
deregister_task_definition() {
local task_def=$1
if [ "$DRY_RUN" = "true" ]; then
echo "[Dry Run] Would deregister task definition: $task_def"
else
echo "Deregistering task definition: $task_def"
aws ecs deregister-task-definition --task-definition "$task_def" --region "$REGION"
echo "Deregistered $task_def"
fi
}
# Function to list all task definitions with pagination
list_all_task_definitions() {
local family_filter=$1
local next_token=""
local task_defs=()
while true; do
if [ -z "$family_filter" ]; then
response=$(aws ecs list-task-definitions \
--region "$REGION" \
--output json \
--query 'taskDefinitionArns' \
--max-items 1000)
else
response=$(aws ecs list-task-definitions \
--region "$REGION" \
--family-prefix "$family_filter" \
--sort DESC \
--output json \
--query 'taskDefinitionArns' \
--max-items 1000)
fi
# Extract task definitions
current_batch=$(echo "$response" | jq -r '.taskDefinitionArns[]')
task_defs+=($current_batch)
# Check for NextToken
next_token=$(echo "$response" | jq -r '.NextToken // empty')
if [ -z "$next_token" ]; then
break
fi
done
echo "${task_defs[@]}"
}
# Retrieve all task definitions ARNs
echo "Fetching all ECS Task Definitions..."
TASK_DEFINITIONS=$(list_all_task_definitions)
declare -A TASK_FAMILY_MAP
# Organize task definitions by family, filtering only families with "api" in their name
for TD in $TASK_DEFINITIONS; do
FAMILY=$(echo $TD | awk -F':' '{print $7}' | awk -F'/' '{print $2}')
# Check if the family name contains "api" (case-insensitive)
if [[ "$FAMILY" =~ [Aa][Pp][Ii] ]]; then
TASK_FAMILY_MAP["$FAMILY"]+="$TD "
fi
done
# Iterate over each filtered family and deregister older revisions
for FAMILY in "${!TASK_FAMILY_MAP[@]}"; do
echo "Processing Task Family: $FAMILY"
# List all revisions for the family with pagination
REVISIONS=$(list_all_task_definitions "$FAMILY")
REV_COUNT=0
for REV in $REVISIONS; do
REV_COUNT=$((REV_COUNT + 1))
if [ "$REV_COUNT" -le "$MAX_REV" ]; then
echo "Keeping revision $REV_COUNT: $REV"
else
deregister_task_definition "$REV"
fi
done
done
echo "ECS Task Definitions cleanup completed successfully."

0 comments on commit e987510

Please sign in to comment.