From 386a95c9c3f15e0180541c4895c1cf8659a57769 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20Dost=C3=A1l?= <pdostal@suse.cz>
Date: Thu, 30 Nov 2023 11:56:51 +0100
Subject: [PATCH] GCE: Make the skip-networks list configurable and add
 tf-network to it.

In GCE the networking and security resources don't have tags neither metadata.
Also the delete protection feature isn't available for those. Instead,
all of those resources have link to the 'network' resource, which we
have whitelist for. So I:
 1) Make this whitelist of GCE `skip-networks` configurable in `pcw.ini`
 2) Add `tf-network` to this list (see https://gitlab.suse.de/qac/terraform)
---
 ocw/lib/gce.py    | 5 ++++-
 templates/pcw.ini | 3 +++
 2 files changed, 7 insertions(+), 1 deletion(-)

diff --git a/ocw/lib/gce.py b/ocw/lib/gce.py
index 8d5bf817..60e9b93a 100644
--- a/ocw/lib/gce.py
+++ b/ocw/lib/gce.py
@@ -3,6 +3,7 @@
 from os.path import basename
 from datetime import timezone
 from dateutil.parser import parse
+from webui.PCWConfig import ConfigFile
 import googleapiclient.discovery
 from googleapiclient.errors import HttpError
 from google.oauth2 import service_account
@@ -11,7 +12,6 @@
 
 class GCE(Provider):
     __instances = {}
-    __skip_networks = frozenset({"default"})
 
     def __new__(cls, namespace):
         if namespace not in GCE.__instances:
@@ -20,6 +20,9 @@ def __new__(cls, namespace):
 
     def __init__(self, namespace):
         super().__init__(namespace)
+
+        self.__skip_networks = frozenset(ConfigFile().getList('cleanup/gce-skip-networks', "default"))
+
         self.__compute_client = None
         self.private_key_data = self.get_data()
         self.project = self.private_key_data["project_id"]
diff --git a/templates/pcw.ini b/templates/pcw.ini
index 7f69e307..3c14efba 100644
--- a/templates/pcw.ini
+++ b/templates/pcw.ini
@@ -31,6 +31,9 @@ to = <your_email@suse.com>
 [cleanup]
 # Max age of data storage resources ( used in EC2 only )
 ec2-max-age-days = 1
+# The list of networks which themselves as well as their resources should not be cleaned up
+#   This is due to fact that netowrk and security resources in GCP don't have neither tags nor metadata
+gce-skip-networks = default,tf-network
 # Max age of data storage resources ( used in Azure and GCE )
 max-age-hours = 1
 # Max age for images in Openstack