2020-01-01 13:55:28 +05:30
|
|
|
# frozen_string_literal: true
|
|
|
|
|
|
|
|
|
|
module Clusters
|
|
|
|
|
module Cleanup
|
2021-09-04 01:27:46 +05:30
|
|
|
class ServiceAccountService < ::Clusters::Cleanup::BaseService
|
2020-01-01 13:55:28 +05:30
|
|
|
def execute
|
|
|
|
|
delete_gitlab_service_account
|
|
|
|
|
|
|
|
|
|
log_event(:destroying_cluster)
|
|
|
|
|
|
|
|
|
|
cluster.destroy!
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
private
|
|
|
|
|
|
|
|
|
|
def delete_gitlab_service_account
|
|
|
|
|
log_event(:deleting_gitlab_service_account)
|
|
|
|
|
|
2021-12-11 22:18:48 +05:30
|
|
|
cluster.kubeclient&.delete_service_account(
|
2020-01-01 13:55:28 +05:30
|
|
|
::Clusters::Kubernetes::GITLAB_SERVICE_ACCOUNT_NAME,
|
|
|
|
|
::Clusters::Kubernetes::GITLAB_SERVICE_ACCOUNT_NAMESPACE
|
|
|
|
|
)
|
|
|
|
|
rescue Kubeclient::ResourceNotFoundError
|
2021-12-11 22:18:48 +05:30
|
|
|
# The resources have already been deleted, possibly on a previous attempt that timed out
|
|
|
|
|
rescue Gitlab::UrlBlocker::BlockedUrlError
|
|
|
|
|
# User gave an invalid cluster from the start, or deleted the endpoint before this job ran
|
2022-01-26 12:08:38 +05:30
|
|
|
rescue Kubeclient::HttpError => e
|
|
|
|
|
# unauthorized, forbidden: GitLab's access has been revoked
|
|
|
|
|
# certificate verify failed: Cluster is probably gone forever
|
|
|
|
|
raise unless e.message =~ /unauthorized|forbidden|certificate verify failed/i
|
2020-01-01 13:55:28 +05:30
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
|
|
|
|
end
|
