From 5e5db8412c72076e676461fae4f65095c6bb20e1 Mon Sep 17 00:00:00 2001 From: Dmitry Gurevich <99176494+gurevichdmitry@users.noreply.github.com> Date: Wed, 20 Mar 2024 12:26:46 +0200 Subject: [PATCH] fix delete gcp script --- deploy/test-environments/delete_env.sh | 6 +++-- deploy/test-environments/delete_gcp_env.sh | 30 ++++++++++++---------- 2 files changed, 20 insertions(+), 16 deletions(-) diff --git a/deploy/test-environments/delete_env.sh b/deploy/test-environments/delete_env.sh index 0943f94258..5bad622d4c 100755 --- a/deploy/test-environments/delete_env.sh +++ b/deploy/test-environments/delete_env.sh @@ -101,7 +101,9 @@ else GCP_FILTER="name:'$ENV_PREFIX*'" fi -ALL_GCP_DEPLOYMENTS=$(gcloud deployment-manager deployments list --filter="$GCP_FILTER" --format="value(name)") +while IFS= read -r line; do + ALL_GCP_DEPLOYMENTS+=("$line") +done < <(gcloud deployment-manager deployments list --filter="$GCP_FILTER" --format="value(name)") # Divide environments into those to be deleted and those to be skipped TO_DELETE_ENVS=() @@ -163,7 +165,7 @@ printf "%s\n" "${FAILED_STACKS[@]}" # Delete GCP deployments PROJECT_NAME=$(gcloud config get-value core/project) PROJECT_NUMBER=$(gcloud projects list --filter="${PROJECT_NAME}" --format="value(PROJECT_NUMBER)") -./delete_gcp_env.sh "$PROJECT_NAME" "$PROJECT_NUMBER" "$ALL_GCP_DEPLOYMENTS" +./delete_gcp_env.sh "$PROJECT_NAME" "$PROJECT_NUMBER" "${ALL_GCP_DEPLOYMENTS[@]}" # Delete Azure groups FAILED_AZURE_GROUPS=() diff --git a/deploy/test-environments/delete_gcp_env.sh b/deploy/test-environments/delete_gcp_env.sh index 3e0574380d..4848a795e3 100755 --- a/deploy/test-environments/delete_gcp_env.sh +++ b/deploy/test-environments/delete_gcp_env.sh @@ -13,15 +13,15 @@ PROJECT_NUMBER=$2 shift 2 GCP_DEPLOYMENTS=("$@") -echo "Project Name: $PROJECT_NAME" -echo "Project Number: $PROJECT_NUMBER" -echo "GCP Deployments: ${GCP_DEPLOYMENTS[*]}" +# Add the needed roles to delete the templates to the project using the deployment manager +gcloud projects add-iam-policy-binding "${PROJECT_NAME}" --member=serviceAccount:"${PROJECT_NUMBER}"@cloudservices.gserviceaccount.com --role=roles/iam.roleAdmin --no-user-output-enabled +gcloud projects add-iam-policy-binding "${PROJECT_NAME}" --member=serviceAccount:"${PROJECT_NUMBER}"@cloudservices.gserviceaccount.com --role=roles/resourcemanager.projectIamAdmin --no-user-output-enabled -for DEPLOYMENT in "${GCP_DEPLOYMENTS[@]}"; do - # Add the needed roles to delete the templates to the project using the deployment manager - gcloud projects add-iam-policy-binding "${PROJECT_NAME}" --member=serviceAccount:"${PROJECT_NUMBER}"@cloudservices.gserviceaccount.com --role=roles/iam.roleAdmin --no-user-output-enabled - gcloud projects add-iam-policy-binding "${PROJECT_NAME}" --member=serviceAccount:"${PROJECT_NUMBER}"@cloudservices.gserviceaccount.com --role=roles/resourcemanager.projectIamAdmin --no-user-output-enabled +DELETED_DEPLOYMENTS=() +FAILED_DEPLOYMENTS=() +for DEPLOYMENT in "${GCP_DEPLOYMENTS[@]}"; do + echo "Deleting GCP deployment: $DEPLOYMENT" if gcloud deployment-manager deployments delete "$DEPLOYMENT" -q; then echo "Successfully deleted GCP deployment: $DEPLOYMENT" DELETED_DEPLOYMENTS+=("$DEPLOYMENT") @@ -30,18 +30,20 @@ for DEPLOYMENT in "${GCP_DEPLOYMENTS[@]}"; do FAILED_DEPLOYMENTS+=("$DEPLOYMENT") fi - # Remove the roles required to deploy the DM templates - gcloud projects remove-iam-policy-binding "${PROJECT_NAME}" --member=serviceAccount:"${PROJECT_NUMBER}"@cloudservices.gserviceaccount.com --role=roles/iam.roleAdmin --no-user-output-enabled - gcloud projects remove-iam-policy-binding "${PROJECT_NAME}" --member=serviceAccount:"${PROJECT_NUMBER}"@cloudservices.gserviceaccount.com --role=roles/resourcemanager.projectIamAdmin --no-user-output-enabled - done -# Print summary of gcp deployments deletions +# Remove the roles required to deploy the DM templates +gcloud projects remove-iam-policy-binding "${PROJECT_NAME}" --member=serviceAccount:"${PROJECT_NUMBER}"@cloudservices.gserviceaccount.com --role=roles/iam.roleAdmin --no-user-output-enabled +gcloud projects remove-iam-policy-binding "${PROJECT_NAME}" --member=serviceAccount:"${PROJECT_NUMBER}"@cloudservices.gserviceaccount.com --role=roles/resourcemanager.projectIamAdmin --no-user-output-enabled + echo "Successfully deleted GCP deployments (${#DELETED_DEPLOYMENTS[@]}):" -printf "%s\n" "${DELETED_DEPLOYMENTS[@]}" +# Print summary of gcp deployments deletions +if [ ${#DELETED_DEPLOYMENTS[@]} -gt 0 ]; then + printf "%s\n" "${DELETED_DEPLOYMENTS[@]}" +fi +echo "Failed to delete GCP deployments (${#FAILED_DEPLOYMENTS[@]}):" if [ ${#FAILED_DEPLOYMENTS[@]} -gt 0 ]; then - echo "Failed to delete GCP deployments (${#FAILED_DEPLOYMENTS[@]}):" printf "%s\n" "${FAILED_DEPLOYMENTS[@]}" exit 1 fi