cleanup_ec2_runners #607
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# | |
# Copyright (c) 2014-present, The osquery authors | |
# | |
# This source code is licensed as defined by the LICENSE file found in the | |
# root directory of this source tree. | |
# | |
# SPDX-License-Identifier: (Apache-2.0 OR GPL-2.0-only) | |
# Cleanup any lingering ec2 runners | |
name: cleanup_ec2_runners | |
on: | |
schedule: | |
- cron: "0 */1 * * *" | |
workflow_dispatch: | |
jobs: | |
cleanup: | |
runs-on: ubuntu-latest | |
timeout-minutes: 5 | |
steps: | |
- name: Configure AWS credentials | |
uses: aws-actions/configure-aws-credentials@v4 | |
with: | |
aws-access-key-id: ${{ secrets.EC2_GITHUB_RUNNER_AWS_ACCESS_KEY_ID }} | |
aws-secret-access-key: ${{ secrets.EC2_GITHUB_RUNNER_AWS_SECRET_ACCESS_KEY }} | |
aws-region: ${{ secrets.EC2_GITHUB_RUNNER_AWS_REGION }} | |
- name: Find Instances | |
run: | | |
cutoff=$(date -u --date="-2 hours" "+%Y-%m-%dT%H:%M") | |
aws ec2 describe-instances \ | |
--filters Name=instance-state-name,Values=running Name=instance.group-id,Values=sg-0757a3162c999331b \ | |
--query "Reservations[].Instances[?LaunchTime<=\`$cutoff\`][].{id: InstanceId, type: InstanceType, launched: LaunchTime}" \ | |
| tee instances.json | |
- name: Terminate Instances | |
run: | | |
# This is a for loop, so that any failures don't stop all the instances from terminating | |
for i in $(jq -r '.[].id' instances.json); do | |
aws ec2 terminate-instances --instance-ids "$i" | |
done |