From 842eb7329162c2cf41b4f33f9a42540d86e4e105 Mon Sep 17 00:00:00 2001 From: Nikolai Kondrashov Date: Mon, 22 Apr 2024 16:30:39 +0300 Subject: [PATCH] cloud: Add shutdown command --- cloud | 75 ++++++++++++++++++++++++++++++++------- kcidb/cloud/cost-mon | 0 kcidb/cloud/function.sh | 12 +++++++ kcidb/cloud/functions.sh | 50 +++++++++++++++++--------- kcidb/cloud/run.sh | 14 ++++++++ kcidb/cloud/sections.sh | 8 ++++- kcidb/cloud/submitters.sh | 7 ++++ 7 files changed, 135 insertions(+), 31 deletions(-) mode change 100644 => 100755 kcidb/cloud/cost-mon diff --git a/cloud b/cloud index a3259c11..8c0135af 100755 --- a/cloud +++ b/cloud @@ -340,17 +340,19 @@ function execute_command() { ) # Make sure requisite services are enabled - app_deploy "$project" - services_enable "$project" appengine secretmanager cloudfunctions \ - cloudbuild cloudscheduler firestore \ - sqladmin storage run iam bigquery - - # Enable generating PostgreSQL superuser password (if not specified), - # if the instance doesn't exist yet - declare exists - exists=$(psql_instance_exists "$project" "$PSQL_INSTANCE") - if ! "$exists"; then - password_set_generate psql_superuser true + if [ "$command" != "shutdown" ]; then + app_deploy "$project" + services_enable "$project" appengine secretmanager cloudfunctions \ + cloudbuild cloudscheduler firestore \ + sqladmin storage run iam bigquery + + # Enable generating PostgreSQL superuser password (if not specified), + # if the instance doesn't exist yet + declare exists + exists=$(psql_instance_exists "$project" "$PSQL_INSTANCE") + if ! "$exists"; then + password_set_generate psql_superuser true + fi fi # Handle "deploy" command @@ -419,6 +421,18 @@ function execute_command() { --purge-db-trigger-topic="$purge_db_trigger_topic" sections_run "$sections" submitters_deploy \ "$project" "$new_topic" "${submitters[@]}" + # Handle "shutdown" command + elif [ "$command" == "shutdown" ]; then + sections_run "$sections" submitters_shutdown \ + "$project" "$new_topic" "${submitters[@]}" + functions_shutdown \ + --sections="$sections" \ + --project="$project" \ + --prefix="$prefix" \ + --cache-redirect-function-name="$cache_redirect_function_name" + sections_run "$sections" run_shutdown \ + --project="$project" \ + --grafana-service="$grafana_service" # Handle "withdraw" command elif [ "$command" == "withdraw" ]; then sections_run "$sections" submitters_withdraw \ @@ -474,6 +488,7 @@ function usage() { echo " deploy Deploy an installation to the cloud." echo " env Output environment YAML for Cloud Functions." echo " shell Execute a shell with deployment environment." + echo " shutdown Shutdown an installation in the cloud." echo " withdraw Withdraw an installation from the cloud." echo " list-sections List sections of the installation." echo "" @@ -635,6 +650,40 @@ function usage_shell() { echo "" } +# Output shutdown command usage information +function usage_shutdown() { + echo "Usage: $(basename "$0") shutdown [OPTION...] PROJECT NAMESPACE" + echo "Shutdown a KCIDB installation in a Google Cloud project." + echo "" + echo "Options:" + echo "" + echo " -h, --help" + echo " Display this usage message and exit." + echo " -v, --verbose" + echo " Output the shutdown steps being executed." + echo " -s, --sections=EXTGLOB" + echo " Specify an extended shell glob matching the" + echo " installation sections to limit shutdown to." + echo " See output of \"$(basename "$0") list-sections\"" + echo " for a list of available sections." + echo " --smtp-mocked" + echo " The project being shut down uses a PubSub topic for" + echo " receiving notification messages instead of the SMTP" + echo " server" + echo " --test" + echo " The project being shut down has test resources" + echo " deployed." + echo " --submitter=NAME" + echo " Specify a service account to shutdown submissions" + echo " for. Repeat to add more submitters." + echo "" + echo "Positional arguments:" + echo "" + echo " PROJECT Google Cloud project ID, e.g. \"kernelci-production\"." + echo " NAMESPACE Namespace for all objects, e.g. \"test\"." + echo "" +} + # Output withdraw command usage information function usage_withdraw() { echo "Usage: $(basename "$0") withdraw [OPTION...] PROJECT NAMESPACE" @@ -721,9 +770,9 @@ function execute() { declare getopt_shortopts="h" declare getopt_longopts="help" - if [[ $command == @(deploy|env|shell|withdraw) ]]; then + if [[ $command == @(deploy|env|shell|shutdown|withdraw) ]]; then getopt_longopts+=",smtp-mocked,test" - if [[ $command == @(deploy|withdraw) ]]; then + if [[ $command == @(deploy|shutdown|withdraw) ]]; then getopt_shortopts+="vs:" getopt_longopts+=",verbose,sections:,submitter:" fi diff --git a/kcidb/cloud/cost-mon b/kcidb/cloud/cost-mon old mode 100644 new mode 100755 diff --git a/kcidb/cloud/function.sh b/kcidb/cloud/function.sh index 0a91c218..9637c78d 100644 --- a/kcidb/cloud/function.sh +++ b/kcidb/cloud/function.sh @@ -40,6 +40,18 @@ function function_delete() fi } +# Shutdown a Cloud Function if it exists +# Args: sections project prefix name +function function_shutdown() { + declare -r sections="$1"; shift + declare -r project="$1"; shift + declare -r prefix="$1"; shift + declare -r name="$1"; shift + sections_run_explicit "$sections" \ + "functions.$name" shutdown \ + function_delete --quiet --project="$project" "${prefix}${name}" +} + # Delete a Cloud Function if it exists # Args: sections project prefix name function function_withdraw() { diff --git a/kcidb/cloud/functions.sh b/kcidb/cloud/functions.sh index fd87bd3b..d71d0e58 100644 --- a/kcidb/cloud/functions.sh +++ b/kcidb/cloud/functions.sh @@ -234,29 +234,45 @@ function functions_deploy() { rm "$env_yaml_file" } -# Withdraw Cloud Functions -# Args: --sections=GLOB --project=NAME --prefix=PREFIX +# Withdraw or shutdown Cloud Functions +# Args: action +# --sections=GLOB --project=NAME --prefix=PREFIX # --cache-redirect-function-name=NAME -function functions_withdraw() { +function _functions_withdraw_or_shutdown() { + declare -r action="$1"; shift declare params params="$(getopt_vars sections project prefix \ cache_redirect_function_name \ -- "$@")" eval "$params" - function_withdraw "$sections" "$project" "$prefix" \ - purge_db - function_withdraw "$sections" "$project" "$prefix" \ - pick_notifications - function_withdraw "$sections" "$project" "$prefix" \ - send_notification - function_withdraw "$sections" "$project" "$prefix" \ - spool_notifications - function_withdraw "$sections" "$project" "$prefix" \ - "$cache_redirect_function_name" - function_withdraw "$sections" "$project" "$prefix" \ - cache_urls - function_withdraw "$sections" "$project" "$prefix" \ - load_queue + "function_$action" "$sections" "$project" "$prefix" \ + purge_db + "function_$action" "$sections" "$project" "$prefix" \ + pick_notifications + "function_$action" "$sections" "$project" "$prefix" \ + send_notification + "function_$action" "$sections" "$project" "$prefix" \ + spool_notifications + "function_$action" "$sections" "$project" "$prefix" \ + "$cache_redirect_function_name" + "function_$action" "$sections" "$project" "$prefix" \ + cache_urls + "function_$action" "$sections" "$project" "$prefix" \ + load_queue +} + +# Shutdown Cloud Functions +# Args: --sections=GLOB --project=NAME --prefix=PREFIX +# --cache-redirect-function-name=NAME +function functions_shutdown() { + _functions_withdraw_or_shutdown shutdown "$@" +} + +# Withdraw Cloud Functions +# Args: --sections=GLOB --project=NAME --prefix=PREFIX +# --cache-redirect-function-name=NAME +function functions_withdraw() { + _functions_withdraw_or_shutdown withdraw "$@" } fi # _FUNCTIONS_SH diff --git a/kcidb/cloud/run.sh b/kcidb/cloud/run.sh index dc1d785a..a3249bc4 100644 --- a/kcidb/cloud/run.sh +++ b/kcidb/cloud/run.sh @@ -230,6 +230,20 @@ YAML_END roles/run.invoker } +# Shutdown Run services. +# Args: --project=ID +# --grafana-service=NAME +function run_shutdown() { + declare params + params="$(getopt_vars project \ + grafana_service \ + -- "$@")" + eval "$params" + # Remove public access to Grafana + run_iam_policy_binding_withdraw "$project" "$grafana_service" \ + allUsers roles/run.invoker +} + # Withdraw from Run. # Args: --project=ID # --grafana-service=NAME diff --git a/kcidb/cloud/sections.sh b/kcidb/cloud/sections.sh index 25251762..f14e8fbb 100644 --- a/kcidb/cloud/sections.sh +++ b/kcidb/cloud/sections.sh @@ -56,7 +56,13 @@ function sections_run_explicit() { declare -r name="$1"; shift declare -r verb="$1"; shift declare -r command="$1"; shift - declare -r action="${verb}ing" + declare action + + if [ "$verb" == "shutdown" ]; then + action="shutting down" + else + action="${verb}ing" + fi if ! [[ -v SECTIONS[$name] ]]; then echo "Unknown section name ${name@Q}" >&2 diff --git a/kcidb/cloud/submitters.sh b/kcidb/cloud/submitters.sh index c1a1fb36..d2651913 100644 --- a/kcidb/cloud/submitters.sh +++ b/kcidb/cloud/submitters.sh @@ -28,4 +28,11 @@ function submitters_withdraw() { done } +# Shutdown submitters +# Args: project new_topic [submitter...] +function submitters_shutdown() { + submitters_withdraw "$@" + # Deploying will add permissions again +} + fi # _SUBMITTERS_SH