CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-07 17:52:46 +01:00
Code Issues Packages Projects Releases Wiki Activity

change logic for determining if vm was destroyed

Browse Source
This commit is contained in:
Josh Patterson
2025-06-25 15:05:49 -04:00
parent 0602601655
commit b2acf2f807
1 changed files with 25 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
salt/manager/tools/sbin_jinja/so-salt-cloud
View File

@@ -339,33 +339,50 @@ def delete_vm(profile, vm_name, assume_yes=False):
# Pattern to detect when no machines were found to be destroyed # Pattern to detect when no machines were found to be destroyed
no_machines_string = 'No machines were found to be destroyed' no_machines_string = 'No machines were found to be destroyed'
no_machines_pattern = re.compile(re.escape(no_machines_string)) no_machines_pattern = re.compile(re.escape(no_machines_string))
# Track if we found any successful destruction
machines_destroyed = False machines_destroyed = False
output_lines = []
# Monitor output # Monitor output
for line in iter(process.stdout.readline, ''): for line in iter(process.stdout.readline, ''):
if line: if line:
logger.info(line.rstrip('\n')) logger.info(line.rstrip('\n'))
output_lines.append(line.strip())
# Check if no machines were found to be destroyed # Check if no machines were found to be destroyed
if no_machines_pattern.search(line): if no_machines_pattern.search(line):
machines_destroyed = False machines_destroyed = False
break break
# If we see destruction messages, mark as successful
elif 'destroyed' in line.lower() and vm_name in line:
machines_destroyed = True
process.stdout.close() process.stdout.close()
process.wait() process.wait()
# Check success criteria: returncode == 0 AND machines were actually destroyed # If we hit the "No machines were found" case, it's a failure
if no_machines_pattern.search('\n'.join(output_lines)):
logger.error(f"VM {vm_name} was not found to be destroyed. Verify that all configured hypervisors are online.")
sys.exit(1)
# Check for successful destruction patterns in the output
# Look for the VM name appearing in libvirt section - this indicates successful processing
full_output = '\n'.join(output_lines)
if vm_name in full_output and 'libvirt:' in full_output:
# VM was processed by libvirt, which means destruction was attempted
# If we reach here and didn't hit the "No machines found" case, it's success
machines_destroyed = True
# Check success criteria: returncode == 0 AND we found evidence of destruction
if process.returncode == 0 and machines_destroyed: if process.returncode == 0 and machines_destroyed:
# Start cleanup tasks only when actual deletion occurred # Start cleanup tasks only when actual deletion occurred
cleanup_deleted_vm(ip, role) cleanup_deleted_vm(ip, role)
logger.info(f"Successfully deleted VM {vm_name}") logger.info(f"Successfully deleted VM {vm_name}")
elif process.returncode == 0 and not machines_destroyed: elif process.returncode == 0:
# Command succeeded but no machines were destroyed # Command succeeded but we couldn't confirm destruction - this is the edge case we're fixing
logger.error(f"VM {vm_name} was not found to be destroyed. Verify that all configured hypervisors are online.") # If salt-cloud returned 0 and we didn't hit the "No machines found" case,
sys.exit(1) # but we also don't see clear destruction evidence, we should still consider it success
# because salt-cloud returning 0 means it completed successfully
cleanup_deleted_vm(ip, role)
logger.info(f"Successfully deleted VM {vm_name} (salt-cloud completed successfully)")
else: else:
logger.error(f"Failed to delete VM {vm_name}") logger.error(f"Failed to delete VM {vm_name}")
sys.exit(1) sys.exit(1)