Skip to content

Commit

Permalink
PRMP-919: Fix CloudFront delete workflow failures (#195)
Browse files Browse the repository at this point in the history
  • Loading branch information
abbas-khan10 authored Sep 16, 2024
1 parent 1dce17b commit 0eb73f7
Show file tree
Hide file tree
Showing 2 changed files with 27 additions and 22 deletions.
13 changes: 8 additions & 5 deletions .github/workflows/cleanup-cloudfront-edge-associations.yml
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ jobs:
echo Lambda Function Name: ${{ inputs.lambda_function_name }}
- name: Checkout
uses: actions/checkout@v3
uses: actions/checkout@v4
with:
repository: 'nhsconnect/national-document-repository-infrastructure'
ref: ${{ inputs.build_branch }}
Expand All @@ -58,11 +58,12 @@ jobs:
python-version: ${{ inputs.python_version }}

- name: Configure AWS Credentials for ${{ vars.AWS_REGION }}
uses: aws-actions/configure-aws-credentials@v2
uses: aws-actions/configure-aws-credentials@v4
with:
role-to-assume: ${{ secrets.AWS_ASSUME_ROLE }}
role-skip-session-tagging: true
aws-region: ${{ vars.AWS_REGION }}
mask-aws-account-id: true

- name: Get CloudFront Distribution ID
id: cloudfront
Expand All @@ -73,18 +74,20 @@ jobs:
if [ -z "$distribution_id" ]; then
echo "No distribution found for origin ID: ${{ inputs.sandbox_workspace }}-lloyd-george-store"
exit 1
else
echo "Distribution ID found: $distribution_id"
fi
echo "Distribution ID found: $distribution_id"
echo "DISTRIBUTION_ID=$distribution_id" >> $GITHUB_ENV
- name: Install Python Dependencies
if: env.DISTRIBUTION_ID != ''
run: |
python3 -m venv ./venv
./venv/bin/pip3 install --upgrade pip boto3==1.33.11
- name: Remove Lambda@Edge & CloudFront Associations
if: env.DISTRIBUTION_ID != ''
run: ./venv/bin/python3 -u scripts/remove_edge_associations.py
env:
DISTRIBUTION_ID: ${{ env.DISTRIBUTION_ID }}
Expand Down
36 changes: 19 additions & 17 deletions scripts/remove_edge_associations.py
Original file line number Diff line number Diff line change
@@ -1,43 +1,45 @@
import boto3
from botocore.exceptions import ClientError
import json


def log(message):
print(message, flush=True)


def detach_lambda_edge_associations(distribution_id: str):
try:
client = boto3.client('cloudfront')
client = boto3.client("cloudfront")

response = client.get_distribution_config(Id=distribution_id)
config = response['DistributionConfig']
etag = response['ETag']
config = response["DistributionConfig"]
etag = response["ETag"]

behaviors: list[dict] = []
default_behavior = config.get('DefaultCacheBehavior', None)
if (default_behavior and
'LambdaFunctionAssociations' in default_behavior and
default_behavior['LambdaFunctionAssociations']['Quantity'] > 0):
default_behavior = config.get("DefaultCacheBehavior", None)
if (
default_behavior
and "LambdaFunctionAssociations" in default_behavior
and default_behavior["LambdaFunctionAssociations"]["Quantity"] > 0
):
behaviors.append(default_behavior)

if ('CacheBehaviors' in config and config['CacheBehaviors']['Quantity'] > 0):
behaviors.extend(config['CacheBehaviors']['Items'])
if "CacheBehaviors" in config and config["CacheBehaviors"]["Quantity"] > 0:
behaviors.extend(config["CacheBehaviors"]["Items"])

for behavior in behaviors:
if 'LambdaFunctionAssociations' in behavior:
behavior['LambdaFunctionAssociations'] = {'Quantity': 0}
if "LambdaFunctionAssociations" in behavior:
behavior["LambdaFunctionAssociations"] = {"Quantity": 0}

client.update_distribution(
Id=distribution_id,
DistributionConfig=config,
IfMatch=etag
Id=distribution_id, DistributionConfig=config, IfMatch=etag
)

log("Cleared Lambda@Edge associations from CloudFront distribution.")
except ClientError as e:
log(f"Error removing associations for distribution {distribution_id}: {e}")
raise


if __name__ == "__main__":
import os

Expand All @@ -49,4 +51,4 @@ def detach_lambda_edge_associations(distribution_id: str):
if not lambda_function_name:
raise ValueError("The LAMBDA_FUNCTION_NAME environment variable is not set.")

detach_lambda_edge_associations(distribution_id)
detach_lambda_edge_associations(distribution_id)

0 comments on commit 0eb73f7

Please sign in to comment.