-
Notifications
You must be signed in to change notification settings - Fork 287
Expand file tree
/
Copy pathtest_clean_failed_tests_aws_assets.sh
More file actions
executable file
·250 lines (209 loc) · 9.62 KB
/
test_clean_failed_tests_aws_assets.sh
File metadata and controls
executable file
·250 lines (209 loc) · 9.62 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
#!/bin/bash
# test_clean_failed_tests_aws_assets.sh
# Integration test for clean_failed_tests_aws_assets.sh
# Creates tagged and untagged AWS resources, then verifies the cleanup script
# only deletes resources tagged with Environment=Test.
set -uo pipefail
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
CLEANUP_SCRIPT="$SCRIPT_DIR/clean_failed_tests_aws_assets.sh"
# --- Cleanup trap: ensure test resources are removed regardless of outcome ---
TAGGED_QUEUE_URL=""
UNTAGGED_QUEUE_URL=""
TAGGED_TOPIC_ARN=""
UNTAGGED_TOPIC_ARN=""
TAGGED_SCHEDULE_GROUP=""
TAGGED_SCHEDULE_NAME=""
UNTAGGED_SCHEDULE_GROUP=""
cleanup_test_resources() {
echo ""
echo "=== Trap Teardown ==="
[[ -n "$UNTAGGED_QUEUE_URL" ]] && aws sqs delete-queue --queue-url "$UNTAGGED_QUEUE_URL" 2>/dev/null || true
[[ -n "$UNTAGGED_TOPIC_ARN" ]] && aws sns delete-topic --topic-arn "$UNTAGGED_TOPIC_ARN" 2>/dev/null || true
[[ -n "$TAGGED_QUEUE_URL" ]] && aws sqs delete-queue --queue-url "$TAGGED_QUEUE_URL" 2>/dev/null || true
[[ -n "$TAGGED_TOPIC_ARN" ]] && aws sns delete-topic --topic-arn "$TAGGED_TOPIC_ARN" 2>/dev/null || true
if [[ -n "$TAGGED_SCHEDULE_NAME" && -n "$TAGGED_SCHEDULE_GROUP" ]]; then
aws scheduler delete-schedule --name "$TAGGED_SCHEDULE_NAME" --group-name "$TAGGED_SCHEDULE_GROUP" 2>/dev/null || true
fi
if [[ -n "$TAGGED_SCHEDULE_GROUP" ]]; then
aws scheduler delete-schedule-group --name "$TAGGED_SCHEDULE_GROUP" 2>/dev/null || true
fi
if [[ -n "$UNTAGGED_SCHEDULE_GROUP" ]]; then
aws scheduler delete-schedule-group --name "$UNTAGGED_SCHEDULE_GROUP" 2>/dev/null || true
fi
echo " Cleaned up test fixtures"
}
trap cleanup_test_resources EXIT
# --- Test harness ---
PASS=0
FAIL=0
assert_eq() {
local expected="$1" actual="$2" message="$3"
if [[ "$expected" == "$actual" ]]; then
echo " PASS: $message"
PASS=$((PASS + 1))
else
echo " FAIL: $message (expected='$expected', actual='$actual')"
FAIL=$((FAIL + 1))
fi
}
assert_contains() {
local haystack="$1" needle="$2" message="$3"
if echo "$haystack" | grep -qE "$needle"; then
echo " PASS: $message"
PASS=$((PASS + 1))
else
echo " FAIL: $message (output did not contain '$needle')"
FAIL=$((FAIL + 1))
fi
}
assert_not_empty() {
local value="$1" message="$2"
if [[ -n "$value" ]]; then
echo " PASS: $message"
PASS=$((PASS + 1))
else
echo " FAIL: $message (value was empty)"
FAIL=$((FAIL + 1))
fi
}
# --- Setup: create tagged and untagged resources ---
PREFIX="cleanup-test-$(date +%s)"
ACCOUNT_ID=$(aws sts get-caller-identity --query 'Account' --output text)
echo "=== Setup: creating test resources (prefix: $PREFIX, account: $ACCOUNT_ID) ==="
# Tagged SQS queue
TAGGED_QUEUE="$PREFIX-tagged-queue"
TAGGED_QUEUE_URL=$(aws sqs create-queue \
--queue-name "$TAGGED_QUEUE" \
--tags Environment=Test,Source=Brighter \
--query 'QueueUrl' --output text)
echo " Created tagged queue: $TAGGED_QUEUE"
# Untagged SQS queue
UNTAGGED_QUEUE="$PREFIX-untagged-queue"
UNTAGGED_QUEUE_URL=$(aws sqs create-queue \
--queue-name "$UNTAGGED_QUEUE" \
--query 'QueueUrl' --output text)
echo " Created untagged queue: $UNTAGGED_QUEUE"
# Tagged SNS topic
TAGGED_TOPIC="$PREFIX-tagged-topic"
TAGGED_TOPIC_ARN=$(aws sns create-topic \
--name "$TAGGED_TOPIC" \
--tags Key=Environment,Value=Test Key=Source,Value=Brighter \
--query 'TopicArn' --output text)
echo " Created tagged topic: $TAGGED_TOPIC"
# Untagged SNS topic
UNTAGGED_TOPIC="$PREFIX-untagged-topic"
UNTAGGED_TOPIC_ARN=$(aws sns create-topic \
--name "$UNTAGGED_TOPIC" \
--query 'TopicArn' --output text)
echo " Created untagged topic: $UNTAGGED_TOPIC"
# Subscription on the tagged topic (from the tagged queue)
TAGGED_QUEUE_ARN=$(aws sqs get-queue-attributes \
--queue-url "$TAGGED_QUEUE_URL" \
--attribute-names QueueArn \
--query 'Attributes.QueueArn' --output text)
SUBSCRIPTION_ARN=$(aws sns subscribe \
--topic-arn "$TAGGED_TOPIC_ARN" \
--protocol sqs \
--notification-endpoint "$TAGGED_QUEUE_ARN" \
--query 'SubscriptionArn' --output text)
echo " Created subscription: $SUBSCRIPTION_ARN"
# Tagged EventBridge Scheduler group with a schedule
TAGGED_SCHEDULE_GROUP="$PREFIX-tagged-group"
aws scheduler create-schedule-group \
--name "$TAGGED_SCHEDULE_GROUP" \
--tags Key=Environment,Value=Test Key=Source,Value=Brighter 2>&1
echo " Created tagged schedule group: $TAGGED_SCHEDULE_GROUP"
TAGGED_SCHEDULE_NAME="$PREFIX-tagged-schedule"
if ! aws scheduler create-schedule \
--name "$TAGGED_SCHEDULE_NAME" \
--group-name "$TAGGED_SCHEDULE_GROUP" \
--schedule-expression "at(2099-01-01T00:00:00)" \
--schedule-expression-timezone "UTC" \
--flexible-time-window '{"Mode":"OFF"}' \
--target "{\"Arn\":\"arn:aws:sqs:us-west-2:${ACCOUNT_ID}:fake-queue\",\"RoleArn\":\"arn:aws:iam::${ACCOUNT_ID}:role/fake-role\",\"Input\":\"test\"}" \
--action-after-completion DELETE 2>&1; then
echo " WARNING: Failed to create schedule (target ARN validation). Schedule group tests may be incomplete."
TAGGED_SCHEDULE_NAME=""
fi
echo " Created tagged schedule: $TAGGED_SCHEDULE_NAME"
# Untagged EventBridge Scheduler group (should NOT be deleted)
UNTAGGED_SCHEDULE_GROUP="$PREFIX-untagged-group"
aws scheduler create-schedule-group \
--name "$UNTAGGED_SCHEDULE_GROUP" 2>&1
echo " Created untagged schedule group: $UNTAGGED_SCHEDULE_GROUP"
# Allow time for tag propagation — the Resource Groups Tagging API is eventually consistent
sleep 15
# --- Test 1: --dry-run lists tagged resources without deleting ---
echo ""
echo "=== Test 1: --dry-run lists tagged resources without deleting ==="
DRY_RUN_OUTPUT=$("$CLEANUP_SCRIPT" --dry-run 2>&1)
DRY_RUN_EXIT=$?
assert_eq "0" "$DRY_RUN_EXIT" "dry-run exits with 0"
assert_contains "$DRY_RUN_OUTPUT" "DRY RUN" "output indicates dry-run mode"
assert_contains "$DRY_RUN_OUTPUT" "$TAGGED_QUEUE" "output lists tagged queue"
assert_contains "$DRY_RUN_OUTPUT" "$TAGGED_TOPIC" "output lists tagged topic"
assert_contains "$DRY_RUN_OUTPUT" "$TAGGED_SCHEDULE_GROUP" "output lists tagged schedule group"
# Tagged queue must still exist after dry-run
QUEUE_CHECK=$(aws sqs get-queue-url --queue-name "$TAGGED_QUEUE" --query 'QueueUrl' --output text 2>/dev/null || echo "")
assert_not_empty "$QUEUE_CHECK" "tagged queue still exists after dry-run"
# --- Test 2: actual run deletes tagged resources and logs actions ---
echo ""
echo "=== Test 2: actual run deletes tagged resources ==="
RUN_OUTPUT=$("$CLEANUP_SCRIPT" 2>&1)
RUN_EXIT=$?
assert_eq "0" "$RUN_EXIT" "cleanup exits with 0"
assert_contains "$RUN_OUTPUT" "$TAGGED_QUEUE" "output logs tagged queue deletion"
assert_contains "$RUN_OUTPUT" "$TAGGED_TOPIC" "output logs tagged topic deletion"
# --- Test 3: deletion order — subscriptions before topics ---
echo ""
echo "=== Test 3: subscriptions deleted before topics ==="
# The subscription line should appear before the topic line in output
SUB_LINE=$(echo "$RUN_OUTPUT" | grep -n "subscription" | head -1 | cut -d: -f1)
TOPIC_LINE=$(echo "$RUN_OUTPUT" | grep -n "topic" | grep -v "subscription" | head -1 | cut -d: -f1)
if [[ -n "$SUB_LINE" && -n "$TOPIC_LINE" ]]; then
if [[ "$SUB_LINE" -lt "$TOPIC_LINE" ]]; then
echo " PASS: subscriptions deleted before topics (line $SUB_LINE < $TOPIC_LINE)"
PASS=$((PASS + 1))
else
echo " FAIL: subscriptions should be deleted before topics (sub=$SUB_LINE, topic=$TOPIC_LINE)"
FAIL=$((FAIL + 1))
fi
else
echo " SKIP: could not determine deletion order from output"
fi
# --- Test 4: tagged resources were actually deleted ---
echo ""
echo "=== Test 4: tagged resources were deleted ==="
# Allow time for eventual consistency — SQS/SNS deletions may take a few seconds to propagate
sleep 10
TAGGED_QUEUE_CHECK=$(aws sqs get-queue-url --queue-name "$TAGGED_QUEUE" 2>&1 || true)
assert_contains "$TAGGED_QUEUE_CHECK" "NonExistentQueue|does not exist" "tagged queue was deleted"
TAGGED_TOPIC_CHECK=$(aws sns get-topic-attributes --topic-arn "$TAGGED_TOPIC_ARN" 2>&1 || true)
assert_contains "$TAGGED_TOPIC_CHECK" "NotFound|not found|Not Found" "tagged topic was deleted"
# --- Test 5: untagged resources were NOT deleted ---
echo ""
echo "=== Test 5: untagged resources were NOT deleted ==="
UNTAGGED_QUEUE_CHECK=$(aws sqs get-queue-url --queue-name "$UNTAGGED_QUEUE" --query 'QueueUrl' --output text 2>/dev/null || echo "")
assert_not_empty "$UNTAGGED_QUEUE_CHECK" "untagged queue was NOT deleted"
UNTAGGED_TOPIC_CHECK=$(aws sns get-topic-attributes --topic-arn "$UNTAGGED_TOPIC_ARN" --query 'Attributes.TopicArn' --output text 2>/dev/null || echo "")
assert_not_empty "$UNTAGGED_TOPIC_CHECK" "untagged topic was NOT deleted"
# --- Test 6: tagged schedule group and schedules were deleted ---
echo ""
echo "=== Test 6: tagged schedule group was deleted ==="
SCHEDULE_GROUP_CHECK=$(aws scheduler get-schedule-group --name "$TAGGED_SCHEDULE_GROUP" 2>&1 || true)
assert_contains "$SCHEDULE_GROUP_CHECK" "ResourceNotFoundException|not found|Not Found" "tagged schedule group was deleted"
# --- Test 7: untagged schedule group was NOT deleted ---
echo ""
echo "=== Test 7: untagged schedule group was NOT deleted ==="
UNTAGGED_GROUP_CHECK=$(aws scheduler get-schedule-group --name "$UNTAGGED_SCHEDULE_GROUP" --query 'Name' --output text 2>/dev/null || echo "")
assert_not_empty "$UNTAGGED_GROUP_CHECK" "untagged schedule group was NOT deleted"
# Teardown is handled by the EXIT trap defined at the top of the script.
# --- Results ---
echo ""
echo "=== Results ==="
echo " Passed: $PASS"
echo " Failed: $FAIL"
if [[ $FAIL -gt 0 ]]; then
exit 1
fi
exit 0