Skip to content

Commit

Permalink
chore: cleanup google oidc providers after tests (#13997)
Browse files Browse the repository at this point in the history 
* chore: cleanup google oidc providers after tests

* chore: delete fix
  • Loading branch information
@awsluja
awsluja authored Oct 26, 2024
1 parent b6a645e commit 1c11017
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 0 deletions.
18 changes: 18 additions & 0 deletions packages/amplify-e2e-tests/src/cleanup-codebuild-resources.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -253,6 +253,23 @@ const getOrphanAppSyncApis = async (account: AWSAccountInfo, region: string): Pr
return staleApis?.map((it) => ({ apiId: it.apiId, name: it.name, region })) ?? [];
};

/**
* Get all OIDC providers in the account that match
*/
const deleteOrphanedOidcProviders = async (account: AWSAccountInfo): Promise<void> => {
const iamClient = new IAM(getAWSConfig(account));
const response = await iamClient.listOpenIDConnectProviders().promise();
if (response.OpenIDConnectProviderList) {
for (const provider of response.OpenIDConnectProviderList) {
// these seem to be the only offending resources at this time, but we can add more later
if (provider.Arn.endsWith('oidc-provider/accounts.google.com')) {
console.log('OIDC PROVIDER:', provider.Arn);
await iamClient.deleteOpenIDConnectProvider({ OpenIDConnectProviderArn: provider.Arn }).promise();
}
}
}
};

/**
* Get the relevant AWS config object for a given account and region.
*/
Expand Down Expand Up @@ -1041,6 +1058,7 @@ const cleanupAccount = async (account: AWSAccountInfo, accountIndex: number, fil

generateReport(staleResources);
await deleteResources(account, accountIndex, staleResources);
await deleteOrphanedOidcProviders(account);
console.log(`[ACCOUNT ${accountIndex}] Cleanup done!`);
};

Expand Down
18 changes: 18 additions & 0 deletions packages/amplify-e2e-tests/src/cleanup-e2e-resources.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -242,6 +242,23 @@ const getOrphanAppSyncApis = async (account: AWSAccountInfo, region: string): Pr
return staleApis.map((it) => ({ apiId: it.apiId, name: it.name, region }));
};

/**
* Get all OIDC providers in the account that match
*/
const deleteOrphanedOidcProviders = async (account: AWSAccountInfo): Promise<void> => {
const iamClient = new aws.IAM(getAWSConfig(account));
const response = await iamClient.listOpenIDConnectProviders().promise();
if (response.OpenIDConnectProviderList) {
for (const provider of response.OpenIDConnectProviderList) {
// these seem to be the only offending resources at this time, but we can add more later
if (provider.Arn.endsWith('oidc-provider/accounts.google.com')) {
console.log('OIDC PROVIDER:', provider.Arn);
await iamClient.deleteOpenIDConnectProvider({ OpenIDConnectProviderArn: provider.Arn }).promise();
}
}
}
};

/**
* Get the relevant AWS config object for a given account and region.
*/
Expand Down Expand Up @@ -934,6 +951,7 @@ const cleanupAccount = async (account: AWSAccountInfo, accountIndex: number, fil

generateReport(staleResources);
await deleteResources(account, accountIndex, staleResources);
await deleteOrphanedOidcProviders(account);
console.log(`[ACCOUNT ${accountIndex}] Cleanup done!`);
};

Expand Down

0 comments on commit 1c11017

Please sign in to comment.