Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

clean up ssh keys when cleaning up e2e test resources #380

Merged
merged 9 commits into from
Oct 18, 2022
Merged

clean up ssh keys when cleaning up e2e test resources #380

merged 9 commits into from
Oct 18, 2022

Conversation

MorrisLaw
Copy link
Member

@MorrisLaw MorrisLaw commented Aug 22, 2022
edited
Loading

What this PR does / why we need it:
Cleans up ssh keys from our DO test account whenever do-janitor is called.

Which issue(s) this PR fixes (optional, in fixes #<issue number>(, fixes #<issue_number>, ...) format, will close the issue(s) when PR gets merged):
Fixes #238

Special notes for your reviewer:
Not 100% sure how this will work since I'm not able to compare a createdAt time value to the timeToCleanInHours value we'd typically use within do-janitor (godo.Key does not have this as an available field nor does it seem to ever set one implicitly somewhere). It seems like we only run do-janitor when we want to clean up old resources in the DO account. The only problem I can think of is if we want there to be some longstanding ssh keys to exist within the DO account (outside of these ephemeral e2e test keys). Then this code would likely delete them every time do-janitor is ran. But hard to tell for sure unless I can manually test this.

Any recommendations for how I can test this change (safely)? @timoreimann @cpanato

Also, is this issue still an issue? Or is it stale at this point. I don't see any left over keys in the account aside from some created by other co-maintainers.

Documentation:

Release note:

NONE

@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. release-note-none Denotes a PR that doesn't merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. and removed do-not-merge/release-note-label-needed Indicates that a PR should not merge because it's missing one of the release note labels. labels Aug 22, 2022
@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Aug 22, 2022
@cpanato
Copy link
Member

cpanato commented Aug 22, 2022

thanks @MorrisLaw

there is a few issues

hack/do-janitor/do-janitor.go:113:26: client.Key undefined (type *godo.Client has no field or method Key) (typecheck)
        _, err := client.Key.DeleteByID(ctx, key.ID)
                         ^
hack/do-janitor/do-janitor.go:215:35: client.Key undefined (type *godo.Client has no field or method Key) (typecheck)
        keys, resp, err := client.Key.List(ctx, opt)
                                  ^
hack/do-janitor/do-janitor.go:231:13: opt.ListOptions undefined (type *godo.ListOptions has no field or method ListOptions) (typecheck)
        opt.ListOptions.Page = page + 1
            ^

@MorrisLaw
Copy link
Member Author

Build issues are fixed. Any recommendations/advice on how I can test this? @cpanato

cpanato
cpanato requested changes Sep 16, 2022
View reviewed changes
Copy link
Member

@cpanato cpanato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for working on this

cpanato
cpanato reviewed Oct 7, 2022
View reviewed changes
hack/do-janitor/do-janitor.go Outdated
capdoStr := "capdo" // using this for repeated comparisons in the loop below
for _, key := range keys {
// we only care to cleanup keys that start with "capdo"
if len(key.Name) >= len(capdoStr) && key.Name[0:len(capdoStr)] == capdoStr {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

the ssh keys we generate start with capdo- how about we do a simple check with strings.HasPrefix(key.Name, "capdo-")

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Even better! Will update shortly

cpanato
cpanato approved these changes Oct 18, 2022
View reviewed changes
Copy link
Member

@cpanato cpanato left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks cool
thank you
/approve
/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label Oct 18, 2022
@k8s-ci-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: cpanato, MorrisLaw

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot merged commit 8ce3862 into kubernetes-sigs:main Oct 18, 2022
@k8s-ci-robot k8s-ci-robot added this to the v1.1.0 milestone Oct 18, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cpanato cpanato cpanato approved these changes

@timoreimann timoreimann Awaiting requested review from timoreimann

@prksu prksu Awaiting requested review from prksu

@fabriziopandini fabriziopandini Awaiting requested review from fabriziopandini

Assignees

@cpanato cpanato

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. release-note-none Denotes a PR that doesn't merit a release note. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
v1.1.0
Development

Successfully merging this pull request may close these issues.

Ensure SSH keys are cleaned up from the DO e2e test account
3 participants
@MorrisLaw @cpanato @k8s-ci-robot