Merge pull request #113 from ministryofjustice/delete-dangling-ssl-certs

Add SSL certificates cleanup when cfn_create fails
ministryofjustice · Jun 16, 2015 · 1c9861f · 1c9861f
2 parents a12f699 + ae3ab13
commit 1c9861f
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,3 +1,7 @@
+## Version 0.5.3 [WIP]
+* Improve message content when cfn_create raises an exception and fails.
+* Cleanup SSL certificates when cfn_create raises an exception and fails.
+
 ## Version 0.5.2
 
 * Fix bug where certificates were not being deleted on calls to upload or

diff --git a/bootstrap_cfn/fab_tasks.py b/bootstrap_cfn/fab_tasks.py
@@ -334,6 +334,7 @@ def cfn_create():
     cfn = get_connection(Cloudformation)
     # Upload any SSL certs that we may need for the stack.
     if 'ssl' in cfn_config.data:
+        print green("Uploading SSL certificates to stack")
         iam = get_connection(IAM)
         iam.upload_ssl_certificate(cfn_config.ssl(), stack_name)
     # Useful for debug
@@ -342,6 +343,10 @@ def cfn_create():
     try:
         stack = cfn.create(stack_name, cfn_config.process())
     except:
+        # cleanup ssl certificates if any
+        if 'ssl' in cfn_config.data:
+            print red("Deleting SSL certificates from stack")
+            iam.delete_ssl_certificate(cfn_config.ssl(), stack_name)
         import traceback
         abort(red("Failed to create: {error}".format(error=traceback.format_exc())))