feat: add lifecycle rule to expire logs

jenkins-x · Oct 8, 2024 · 8836925 · 8836925
1 parent 9ca5eb2
commit 8836925
Show file tree

Hide file tree

Showing 5 changed files with 22 additions and 0 deletions.
diff --git a/README.md b/README.md
@@ -462,6 +462,7 @@ Each example generates a valid _jx-requirements.yml_ file that can be used to bo
 | <a name="input_enable_reports_storage"></a> [enable\_reports\_storage](#input\_enable\_reports\_storage) | Flag to enable or disable long term storage for reports | `bool` | `true` | no |
 | <a name="input_enable_repository_storage"></a> [enable\_repository\_storage](#input\_enable\_repository\_storage) | Flag to enable or disable the repository bucket storage | `bool` | `true` | no |
 | <a name="input_enable_tls"></a> [enable\_tls](#input\_enable\_tls) | Flag to enable TLS in the final `jx-requirements.yml` file | `bool` | `false` | no |
+| <a name="input_expire_logs_after_days"></a> [expire\_logs\_after\_days](#input\_expire\_logs\_after\_days) | Number of days objects in the logs bucket are stored | `number` | `90` | no |
 | <a name="input_force_destroy"></a> [force\_destroy](#input\_force\_destroy) | Flag to determine whether storage buckets get forcefully destroyed. If set to false, empty the bucket first in the aws s3 console, else terraform destroy will fail with BucketNotEmpty error | `bool` | `false` | no |
 | <a name="input_force_destroy_subdomain"></a> [force\_destroy\_subdomain](#input\_force\_destroy\_subdomain) | Flag to determine whether subdomain zone get forcefully destroyed. If set to false, empty the sub domain first in the aws Route 53 console, else terraform destroy will fail with HostedZoneNotEmpty error | `bool` | `false` | no |
 | <a name="input_ignoreLoadBalancer"></a> [ignoreLoadBalancer](#input\_ignoreLoadBalancer) | Flag to specify if jx boot will ignore loadbalancer DNS to resolve to an IP | `bool` | `false` | no |

diff --git a/main.tf b/main.tf
@@ -54,6 +54,7 @@ module "cluster" {
   local-exec-interpreter             = var.local-exec-interpreter
   profile                            = var.profile
   enable_logs_storage                = var.enable_logs_storage
+  expire_logs_after_days             = var.expire_logs_after_days
   enable_reports_storage             = var.enable_reports_storage
   enable_repository_storage          = var.enable_repository_storage
   boot_secrets                       = var.boot_secrets

diff --git a/modules/cluster/storage.tf b/modules/cluster/storage.tf
@@ -54,6 +54,14 @@ resource "aws_s3_bucket_lifecycle_configuration" "logs_jenkins_x" {
       days_after_initiation = 7
     }
   }
+  rule {
+    status = "Enabled"
+    id     = "delete_old"
+    expiration {
+      expired_object_delete_marker = false
+      days = var.expire_logs_after_days
+    }
+  }
 }
 
 // ---------------------------------

diff --git a/modules/cluster/variables.tf b/modules/cluster/variables.tf
@@ -21,6 +21,12 @@ variable "enable_logs_storage" {
   default = true
 }
 
+variable "expire_logs_after_day" {
+  description = "Number of days objects in the logs bucket are stored"
+  type = number
+  default = 90
+}
+
 variable "enable_worker_group" {
   description = "Flag to enable worker group. Setting this to false will provision a node group instead"
   type        = bool

diff --git a/variables.tf b/variables.tf
@@ -97,6 +97,12 @@ variable "enable_logs_storage" {
   default     = true
 }
 
+variable "expire_logs_after_days" {
+  description = "Number of days objects in the logs bucket are stored"
+  type = number
+  default = 90
+}
+
 variable "enable_reports_storage" {
   description = "Flag to enable or disable long term storage for reports"
   type        = bool