/libnuke

Common Golang Packages for use by the Various Cloud Nuke Tools

Primary LanguageGoMIT LicenseMIT

libnuke

release License GoDoc

Known Vulnerabilities Maintainability Go Report Card

Current Test State Test Coverage codecov

Status: Initial Development - Everything works, but is still being abstracted and tailored to aws-nuke and azure-nuke, as such func signatures and other things may change in breaking ways until things stabilize.

Overview

This is an attempt to consolidate the commonalities between aws-nuke and azure-nuke into a single library that can be used between them and for future tooling, for example gcp-nuke. Additionally, the goal is to make it easier to add new features with better test coverage.

The goal of this library is to have a well tested and stable library to build additional nuke tools on top of, while reducing the technical debt overhead of managing each tool individually. By abstracting away and testing the core parts of the code, each implementing tool can focus on adding resources to remove and lower the barrier of entry for new contributors.

Attribution, License, and Copyright

First, of all this library would not have been possible without the hard work of the team over at rebuy-de and their original work on rebuy-de/aws-nuke.

This library is licensed under the MIT license. See the LICENSE file for more information. The bulk of this library was originally sourced from rebuy-de/aws-nuke. See the Sources for more.

History of the Library

This all started when I created a managed fork of aws-nuke from the original aws nuke. The fork became necessary after attempting to make contributions and respond to issues to learn that the current maintainers only have time to work on the project about once a month and while receptive to bringing in other people to help maintain, made it clear it would take time. Considering the feedback cycle was already weeks on initial communications, I had to make the hard decision to fork and maintain myself.

After the fork, I created azure-nuke to fulfill a missing need there and quickly realized that it would be great to pull all the common code into a common library that could be shared by the two tools with the realization I would be also be making gcp-nuke in the near future.

A Few Notes About the Original Code

The code initially written for aws-nuke for iterating over and clearing out resources was well-written, and I wanted to use it for other cloud providers. Originally I copied it for azure-nuke, but I didn't want to have to keep on maintaining multiple copies.

There are a few shortcomings with the original code base. For example, there's no way to do dependency management. For example, some resources must be cleared before others can, or it will end in error. Now, the retry mechanism is usually sufficient for this, but only sometimes.

The queue code was very novel in its approach, and I wanted to keep that, but I wanted to make sure it was agnostic to the system using it. As such, the queue package can be used for just about anything you want to queue and retry items. However, it is still geared towards the removal of said it, its primary interface has to have the Remove method is still available.

License

MIT

Sources

Most of this code originated from the original aws-nuke project.

Versioning

This library will follow the semver model. However, it is still in alpha/beta and as such the API is subject to change until it is stable and will remain on the 0.y.z model until then.

Packages

I strongly dislike the use of the internal directory in any open source Golang project. Therefore, everything is in the pkg directory and exported wherever possible to allow others to use it. This project follows the semver model, so breaking changes will be made in a way that is compatible with semver.

config

This provides the configuration for libnuke. It contains the configuration for all the accounts, regions, and resource types. It also contains the presets that can be used to apply a set of filters to a nuke process. The configuration is loaded from a YAML file and is meant to be used by the implementing tool. Use of the configuration is not required but is recommended. The configuration can be implemented a specific way for each tool providing it has the necessary methods available.

errors

This provides common errors that can be used throughout the library for handling of resource errors

filter

This provides a way to filter resources based on a set of criteria. See full documentation for more information.

log

This is a simple wrapper around fmt.Println that formats resource cleanup messages nicely.

nuke

This provides the framework for scanning for resources and then iterating over said resources to determine if they should be removed or not and in what order.

queue

This is a queue package that can be used for just about anything but is geared towards the removal of resources.

resource

This provides a way to interact with resources. This provides multiple interfaces to test against as resources can optionally implement these interfaces.

settings

This provides a way to handle settings for the library. The primary use case is arbitrary settings that resources might need to be configurable that changes the behavior of how said resource is to be removed. For example, EC2Instances have Deletion Protection, this allows the resource to define it needs a setting called DisableDeletionProtection and then allows that to be defined in the config package and then passed to the resource when it is being removed.

types

This is a collection of common types that are used throughout the library.

utils

This is a collection of common utilities that are used throughout the library.