diff --git a/.werft/platform-delete-preview-environments-cron.ts b/.werft/platform-delete-preview-environments-cron.ts index 33b5772b3c023f..62253179083e81 100644 --- a/.werft/platform-delete-preview-environments-cron.ts +++ b/.werft/platform-delete-preview-environments-cron.ts @@ -5,6 +5,7 @@ import { wipePreviewEnvironmentAndNamespace, helmInstallName, listAllPreviewName import { exec } from './util/shell'; import { previewNameFromBranchName } from './util/preview'; import { CORE_DEV_KUBECONFIG_PATH, HARVESTER_KUBECONFIG_PATH } from './jobs/build/const'; +import {deleteDNSRecord} from "./util/gcloud"; // for testing purposes // if set to 'true' it shows only previews that would be deleted @@ -81,7 +82,10 @@ async function deletePreviewEnvironments() { const promises: Promise[] = []; previewsToDelete.forEach(preview => { werft.log("deleting preview", preview) - promises.push(wipePreviewEnvironmentAndNamespace(helmInstallName, preview, CORE_DEV_KUBECONFIG_PATH, { slice: `Deleting preview ${preview}` })) + promises.push( + removeCertificate(preview, CORE_DEV_KUBECONFIG_PATH), + removeStagingDNSRecord(preview), + wipePreviewEnvironmentAndNamespace(helmInstallName, preview, CORE_DEV_KUBECONFIG_PATH, { slice: `Deleting preview ${preview}` })) }) await Promise.all(promises) } @@ -136,6 +140,39 @@ function isInactive(previewNS: string): boolean { } +async function removeCertificate(preview: string, kubectlConfig: string) { + exec(`kubectl --kubeconfig ${kubectlConfig} -n certs delete cert ${preview}`) + return +} + +// remove DNS records on the old generation of preview environments +async function removeStagingDNSRecord(preview: string) { + return Promise.all([ + deleteDNSRecord('A', `*.ws-dev.${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com'), + deleteDNSRecord('A', `*.${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com'), + deleteDNSRecord('A', `${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com'), + deleteDNSRecord('A', `prometheus-${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com'), + deleteDNSRecord('TXT', `prometheus-${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com'), + deleteDNSRecord('A', `grafana-${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com'), + deleteDNSRecord('TXT', `grafana-${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com'), + deleteDNSRecord('TXT', `_acme-challenge.${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com'), + deleteDNSRecord('TXT', `_acme-challenge.ws-dev.${preview}.staging.gitpod-dev.com`, 'gitpod-dev', 'gitpod-dev-com') + ]) +} + +// remove DNS records on the new (Harvester based) generation of preview environments +async function removePreviewDNSRecord(preview: string) { + return Promise.all([ + deleteDNSRecord('A', `*.ws-dev.${preview}.preview.gitpod-dev.com`, 'gitpod-core-dev', 'preview-gitpod-dev-com'), + deleteDNSRecord('A', `*.${preview}.preview.gitpod-dev.com`, 'gitpod-core-dev', 'preview-gitpod-dev-com'), + deleteDNSRecord('A', `${preview}.preview.gitpod-dev.com`, 'gitpod-core-dev', 'preview-gitpod-dev-com'), + deleteDNSRecord('A', `prometheus-${preview}.preview.gitpod-dev.com`, 'gitpod-core-dev', 'preview-gitpod-dev-com'), + deleteDNSRecord('TXT', `prometheus-${preview}.preview.gitpod-dev.com`, 'gitpod-core-dev', 'preview-gitpod-dev-com'), + deleteDNSRecord('A', `grafana-${preview}.preview.gitpod-dev.com`, 'gitpod-core-dev', 'preview-gitpod-dev-com'), + deleteDNSRecord('TXT', `grafana-${preview}.preview.gitpod-dev.com`, 'gitpod-core-dev', 'preview-gitpod-dev-com') + ]) +} + async function cleanLoadbalancer() { const prepPhase = "prep clean loadbalancers" const fetchPhase = "fetching unuse loadbalancer" diff --git a/.werft/util/gcloud.ts b/.werft/util/gcloud.ts index 1e51f34543ffb1..a6b2cfbdaaae65 100644 --- a/.werft/util/gcloud.ts +++ b/.werft/util/gcloud.ts @@ -52,6 +52,19 @@ export async function createDNSRecord(options: {domain: string, projectId: strin } } +export async function deleteDNSRecord(recordType: string, domain: string, projectId: string, dnsZone: string): Promise { + const dnsClient = new DNS({ + projectId: projectId, + keyFilename: GCLOUD_SERVICE_ACCOUNT_PATH, + }) + const zone = dnsClient.zone(dnsZone) + const [records] = await zone.getRecords({ name: `${domain}.`, type: recordType }) + + await Promise.all(records.map(record => { + return record.delete() + })) +} + // matchesExistingRecord will return true only if the existing record matches the same name and IP. // If IP doesn't match, then the record needs to be replaced in a following step. async function matchesExistingRecord(zone: Zone, domain: string, IP: string): Promise {