Pre-Check: check for skip policy

redhat-performance · Aug 26, 2024 · ad8df39 · ad8df39
1 parent 13b179c
commit ad8df39
Show file tree

Hide file tree

Showing 8 changed files with 17 additions and 7 deletions.
diff --git a/cloud_governance/policy/aws/cleanup/database_idle.py b/cloud_governance/policy/aws/cleanup/database_idle.py
@@ -32,7 +32,8 @@ def run_policy_operations(self):
             resource_arn = db.get('DBInstanceArn', '')
             if Utils.greater_than(val1=running_days, val2=CLOUDWATCH_METRICS_AVAILABLE_DAYS) \
                     and not cluster_tag \
-                    and self.is_database_idle(resource_id):
+                    and self.is_database_idle(resource_id) \
+                    and self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP'):
                 cleanup_days = self.get_clean_up_days_count(tags=tags)
                 cleanup_result = self.verify_and_delete_resource(resource_id=resource_id, tags=tags,
                                                                  clean_up_days=cleanup_days)

diff --git a/cloud_governance/policy/aws/cleanup/instance_idle.py b/cloud_governance/policy/aws/cleanup/instance_idle.py
@@ -35,6 +35,7 @@ def run_policy_operations(self):
             if Utils.contains_ignore_case(string=status, str1='running') and \
                     not cluster_tag and \
                     Utils.greater_than(val1=running_days, val2=INSTANCE_IDLE_DAYS) and \
+                    self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP') and \
                     self.verify_instance_idle(resource_id=instance_id):
                 cleanup_days = self.get_clean_up_days_count(tags=tags)
                 cleanup_result = self.verify_and_delete_resource(resource_id=instance_id, tags=tags,

diff --git a/cloud_governance/policy/aws/cleanup/unattached_volume.py b/cloud_governance/policy/aws/cleanup/unattached_volume.py
@@ -23,7 +23,9 @@ def run_policy_operations(self):
             resource_id = volume.get('VolumeId')
             cleanup_result = False
             cluster_tag = self._get_cluster_tag(tags=volume.get('Tags'))
-            if Utils.equal_ignore_case(volume.get('State'), 'available') and cluster_tag not in active_cluster_ids:
+            if Utils.equal_ignore_case(volume.get('State'), 'available') and \
+                    cluster_tag not in active_cluster_ids and \
+                    self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP'):
                 cleanup_days = self.get_clean_up_days_count(tags=tags)
                 cleanup_result = self.verify_and_delete_resource(resource_id=resource_id, tags=tags,
                                                                  clean_up_days=cleanup_days)

diff --git a/cloud_governance/policy/aws/cleanup/unused_nat_gateway.py b/cloud_governance/policy/aws/cleanup/unused_nat_gateway.py
@@ -68,7 +68,8 @@ def run_policy_operations(self):
             cluster_tag = self._get_cluster_tag(tags=tags)
             cleanup_days = 0
             if (Utils.equal_ignore_case(nat_gateway.get('State'), 'available')
-                    and cluster_tag not in self.__active_cluster_ids):
+                    and cluster_tag not in self.__active_cluster_ids and
+                    self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP')):
                 if (not self.__check_nat_gateway_in_routes(nat_gateway_id=resource_id) or
                         self.__check_cloud_watch_logs(resource_id=resource_id)):
                     cleanup_days = self.get_clean_up_days_count(tags=tags)

diff --git a/cloud_governance/policy/aws/empty_roles.py b/cloud_governance/policy/aws/empty_roles.py
@@ -30,7 +30,8 @@ def run_policy_operations(self):
             cleanup_days = 0
             inline_policies = self._iam_operations.list_inline_role_policies(role_name=role_name)
             attached_policies = self._iam_operations.list_attached_role_policies(role_name=role_name)
-            if not cluster_tag and len(inline_policies) == 0 and len(attached_policies) == 0:
+            if not cluster_tag and len(inline_policies) == 0 and len(attached_policies) == 0 and \
+                self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP'):
                 cleanup_days = self.get_clean_up_days_count(tags=tags)
                 cleanup_result = self.verify_and_delete_resource(resource_id=role_name, tags=tags,
                                                                  clean_up_days=cleanup_days)

diff --git a/cloud_governance/policy/aws/ip_unattached.py b/cloud_governance/policy/aws/ip_unattached.py
@@ -28,7 +28,7 @@ def run_policy_operations(self):
             ip_not_used = False
             resource_id = address.get('AllocationId')
             cluster_tag = self._get_cluster_tag(tags=address.get('Tags'))
-            if cluster_tag not in active_cluster_ids:
+            if cluster_tag not in active_cluster_ids and self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP'):
                 if not address.get('NetworkInterfaceId'):
                     cleanup_days = self.get_clean_up_days_count(tags=tags)
                     ip_not_used = True

diff --git a/cloud_governance/policy/aws/s3_inactive.py b/cloud_governance/policy/aws/s3_inactive.py
@@ -24,11 +24,14 @@ def run_policy_operations(self):
         for bucket in s3_buckets:
             bucket_name = bucket.get('Name')
             tags = self._s3operations.get_bucket_tagging(bucket_name)
+            if bucket_name != 'krkn-mirror':
+                continue
             cleanup_result = False
             cluster_tag = self._get_cluster_tag(tags=tags)
             cleanup_days = 0
             s3_contents = self._s3operations.get_bucket_contents(bucket_name=bucket_name)
-            if cluster_tag not in self.__global_active_cluster_ids and len(s3_contents) == 0:
+            if (cluster_tag not in self.__global_active_cluster_ids and len(s3_contents) == 0
+                    and self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP')):
                 cleanup_days = self.get_clean_up_days_count(tags=tags)
                 cleanup_result = self.verify_and_delete_resource(resource_id=bucket_name, tags=tags,
                                                                  clean_up_days=cleanup_days)

diff --git a/cloud_governance/policy/aws/zombie_snapshots.py b/cloud_governance/policy/aws/zombie_snapshots.py
@@ -40,7 +40,8 @@ def run(self):
             cleanup_result = False
             cluster_tag = self._get_cluster_tag(tags=tags)
             cleanup_days = 0
-            if not cluster_tag and not self.__snapshot_id_in_images(resource_id):
+            if not cluster_tag and not self.__snapshot_id_in_images(resource_id) and \
+                    self.get_skip_policy_value(tags=tags) not in ('NOTDELETE', 'SKIP'):
                 cleanup_days = self.get_clean_up_days_count(tags=tags)
                 cleanup_result = self.verify_and_delete_resource(resource_id=resource_id, tags=tags,
                                                                  clean_up_days=cleanup_days)