blob: 80192aa14abb00a5417f93ec961459545202bdbf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
|
# frozen_string_literal: true
module Clusters
module Cleanup
class ProjectNamespaceService < ::Clusters::Cleanup::BaseService
KUBERNETES_NAMESPACE_BATCH_SIZE = 100
def execute
delete_project_namespaces_in_batches
# Keep calling the worker untill all namespaces are deleted
if cluster.kubernetes_namespaces.exists?
return schedule_next_execution(Clusters::Cleanup::ProjectNamespaceWorker)
end
cluster.continue_cleanup!
end
private
def delete_project_namespaces_in_batches
kubernetes_namespaces_batch = cluster.kubernetes_namespaces.first(KUBERNETES_NAMESPACE_BATCH_SIZE)
kubernetes_namespaces_batch.each do |kubernetes_namespace|
log_event(:deleting_project_namespace, namespace: kubernetes_namespace.namespace)
begin
kubeclient_delete_namespace(kubernetes_namespace)
rescue Kubeclient::HttpError => e
# unauthorized, forbidden: GitLab's access has been revoked
# certificate verify failed: Cluster is probably gone forever
raise unless e.message =~ /unauthorized|forbidden|certificate verify failed/i
end
kubernetes_namespace.destroy!
end
end
def kubeclient_delete_namespace(kubernetes_namespace)
cluster.kubeclient&.delete_namespace(kubernetes_namespace.namespace)
rescue Kubeclient::ResourceNotFoundError
# The resources have already been deleted, possibly on a previous attempt that timed out
rescue Gitlab::UrlBlocker::BlockedUrlError
# User gave an invalid cluster from the start, or deleted the endpoint before this job ran
end
end
end
end
|