huevos-y-bacon · April 29, 2022 14:54
diff --git a/std-pipeline-destroy b/std-pipeline-destroy
 #!/usr/bin/env bash
 # shellcheck disable=1091,2068,2086,2162,2016
 STRING=pipeline

 if command -v colours &> /dev/null; then source colours; fi
 unset COUNT

 [[ $* == *"--force"* ]] && FORCE=yes
 [[ $* == *"--check"* ]] && CHECK=yes

 if [[ -z $CHECK ]]; then
  echo -e "\n${BOLD}${RED}WARNING: THIS CHECKS FOR AND DESTROYS STANDARD PIPELINE RESOURCES!${NORM}\n"
 else echo -e "\nCHECKING FOR STANDARD PIPELINE RESOURCES\n"
 fi

 echo "${CYAN}Checking for strings:${NORM}
 - ${CYAN}STRING : ${YELLOW}${STRING}${NORM}"

 CBPROJECTS=$(aws codebuild list-projects | jq -r ".projects[] | select(. | contains(\"${STRING}\"))")

 if (( ${#CBPROJECTS[0]} )); then
  echo -e "${BOLD}${RED}\nCodeBuild Projects:${NORM}" 
  for p in ${CBPROJECTS[@]}; do
    echo "- $p"
  done
  echo
 else echo -e "\nNo ${STRING} projects found"
 fi

 [[ $CHECK ]] && { c="echo ${GREEN}"; e="${NORM}"; }

 if [[ -z $FORCE ]]; then
 if [[ -z $CHECK ]]; then
  echo -e "${RED}THIS WILL DELETE THESE PROJECTS AND RELATED IAM RESOURCES"
  read -p "${YELLOW}Are you sure you want to proceed? (y/n) ${NORM}" choice
  case "$choice" in
    y|Y ) ;;
    * ) echo -e "Aborting\n" && exit 0;;
  esac
  echo
 fi

 # DELETE CB PROJECTS
 if (( ${#CBPROJECTS[0]} )); then
  echo "${BOLD}${YELLOW}Deleting CB projects:${NORM}"
  for p in ${CBPROJECTS[@]}; do
    echo "${YELLOW}- $p${NORM}"
    ${c}aws codebuild delete-project --name $p ${e}
  done
 fi

 # DELETE ROLES AND POLICIES
 for r in $(aws iam list-roles --query "Roles[?contains(RoleName, \`${STRING}\`)].RoleName" --out text); do 
  echo -e "\n${BOLD}${RED}Role: $r ${NORM}"

  # DELETE ROLE-POLICIES
  for p in $(aws iam list-role-policies --role-name $r --query 'PolicyNames[]' --out text); do 
    echo "${BOLD}${YELLOW}Deleting role-policy (inline): $p ${NORM}"
    ${c}aws iam delete-role-policy --role-name $r --policy-name $p ${e}
  done

  # DETACH ATTACHED POLICIES
  for a in $(aws iam list-attached-role-policies --role-name $r --query 'AttachedPolicies[].PolicyArn' --out text); do
    echo "${BOLD}${YELLOW}Detaching policy: $a ${NORM}"
    ${c}aws iam detach-role-policy --role-name $r --policy-arn $a ${e}
    # DELETE POLICY IF UNATTACHED
    for v in $(aws iam list-policy-versions --policy-arn $a --query 'Versions[?IsDefaultVersion==`false`].VersionId' --out text); do
      echo "${BOLD}${YELLOW}Deleting non-default policy version: $v ${NORM}"
      ${c}aws iam delete-policy-version --policy-arn $a --version-id $v ${e}
    done
    echo "Check if policy has any other attachments; if not, delete"
    if [[ $(aws iam get-policy --policy-arn $a --query 'Policy.AttachmentCount') -gt 0 ]]; then
      echo "${YELLOW}Policy $a has another attachment - not deleting"
    else
      echo "${BOLD}${YELLOW}Deleting policy: $a ${NORM}"
      ${c}aws iam delete-policy --policy-arn $a ${e}
    fi
  done
  # DELETE ROLE
  echo "${BOLD}${YELLOW}Deleting role: $r ${NORM}"
  ${c}aws iam delete-role --role-name $r ${e}
 done
 fi
 echo
	#!/usr/bin/env bash
	# shellcheck disable=1091,2068,2086,2162,2016
	STRING=pipeline

	if command -v colours &> /dev/null; then source colours; fi
	unset COUNT

	[[ $* == "--force" ]] && FORCE=yes
	[[ $* == "--check" ]] && CHECK=yes

	if [[ -z $CHECK ]]; then
	echo -e "\n${BOLD}${RED}WARNING: THIS CHECKS FOR AND DESTROYS STANDARD PIPELINE RESOURCES!${NORM}\n"
	else echo -e "\nCHECKING FOR STANDARD PIPELINE RESOURCES\n"
	fi

	echo "${CYAN}Checking for strings:${NORM}
	- ${CYAN}STRING : ${YELLOW}${STRING}${NORM}"

	CBPROJECTS=$(aws codebuild list-projects \| jq -r ".projects[] \| select(. \| contains(\"${STRING}\"))")

	if (( ${#CBPROJECTS[0]} )); then
	echo -e "${BOLD}${RED}\nCodeBuild Projects:${NORM}"
	for p in ${CBPROJECTS[@]}; do
	echo "- $p"
	done
	echo
	else echo -e "\nNo ${STRING} projects found"
	fi

	[[ $CHECK ]] && { c="echo ${GREEN}"; e="${NORM}"; }

	if [[ -z $FORCE ]]; then
	if [[ -z $CHECK ]]; then
	echo -e "${RED}THIS WILL DELETE THESE PROJECTS AND RELATED IAM RESOURCES"
	read -p "${YELLOW}Are you sure you want to proceed? (y/n) ${NORM}" choice
	case "$choice" in
	y\|Y ) ;;
	* ) echo -e "Aborting\n" && exit 0;;
	esac
	echo
	fi

	# DELETE CB PROJECTS
	if (( ${#CBPROJECTS[0]} )); then
	echo "${BOLD}${YELLOW}Deleting CB projects:${NORM}"
	for p in ${CBPROJECTS[@]}; do
	echo "${YELLOW}- $p${NORM}"
	${c}aws codebuild delete-project --name $p ${e}
	done
	fi

	# DELETE ROLES AND POLICIES
	for r in $(aws iam list-roles --query "Roles[?contains(RoleName, \`${STRING}\`)].RoleName" --out text); do
	echo -e "\n${BOLD}${RED}Role: $r ${NORM}"

	# DELETE ROLE-POLICIES
	for p in $(aws iam list-role-policies --role-name $r --query 'PolicyNames[]' --out text); do
	echo "${BOLD}${YELLOW}Deleting role-policy (inline): $p ${NORM}"
	${c}aws iam delete-role-policy --role-name $r --policy-name $p ${e}
	done

	# DETACH ATTACHED POLICIES
	for a in $(aws iam list-attached-role-policies --role-name $r --query 'AttachedPolicies[].PolicyArn' --out text); do
	echo "${BOLD}${YELLOW}Detaching policy: $a ${NORM}"
	${c}aws iam detach-role-policy --role-name $r --policy-arn $a ${e}
	# DELETE POLICY IF UNATTACHED
	for v in $(aws iam list-policy-versions --policy-arn $a --query 'Versions[?IsDefaultVersion==`false`].VersionId' --out text); do
	echo "${BOLD}${YELLOW}Deleting non-default policy version: $v ${NORM}"
	${c}aws iam delete-policy-version --policy-arn $a --version-id $v ${e}
	done
	echo "Check if policy has any other attachments; if not, delete"
	if [[ $(aws iam get-policy --policy-arn $a --query 'Policy.AttachmentCount') -gt 0 ]]; then
	echo "${YELLOW}Policy $a has another attachment - not deleting"
	else
	echo "${BOLD}${YELLOW}Deleting policy: $a ${NORM}"
	${c}aws iam delete-policy --policy-arn $a ${e}
	fi
	done
	# DELETE ROLE
	echo "${BOLD}${YELLOW}Deleting role: $r ${NORM}"
	${c}aws iam delete-role --role-name $r ${e}
	done
	fi
	echo