From df0e01e5dd03d603d434a4314c4d514c6a062b84 Mon Sep 17 00:00:00 2001
From: Anil Belur <abelur@linuxfoundation.org>
Date: Sat, 17 Oct 2020 13:16:50 +1000
Subject: [PATCH] Check ownerid and visibility on image cleanup

Recently update on the cloud provider caused the builder-cron-openstack
job to break, which exposed a bug in our cleanup scripts.

Check the visibility and ownerid of the image before attempting to
remove and image.

Issue: RELENG-3239
Change-Id: I38098c45fe73e872f3ca96960f704f168d9c4596
Signed-off-by: Anil Belur <abelur@linuxfoundation.org>
---
 lftools/openstack/image.py                                 | 14 +++++++++++++-
 ...Handle-image-ownership-in-cleanup-e598855680b02a50.yaml | 10 ++++++++++
 2 files changed, 23 insertions(+), 1 deletion(-)
 create mode 100644 releasenotes/notes/Handle-image-ownership-in-cleanup-e598855680b02a50.yaml

diff --git a/lftools/openstack/image.py b/lftools/openstack/image.py
index b37597a6..cd35cd71 100644
--- a/lftools/openstack/image.py
+++ b/lftools/openstack/image.py
@@ -74,9 +74,21 @@ def cleanup(os_cloud, days=0, hide_public=False, ci_managed=True, clouds=None):
 
     def _remove_images_from_cloud(images, cloud):
         print("Removing {} images from {}.".format(len(images), cloud.cloud_config.name))
+        project_info = cloud._get_project_info()
         for image in images:
+
             if image.is_protected:
-                print("WARNING: Image {} is protected. Cannot remove...".format(image.name))
+                log.warning("Image {} is protected. Cannot remove...".format(image.name))
+                continue
+
+            if image.visibility == "shared":
+                log.warning("Image {} is shared. Cannot remove...".format(image.name))
+                continue
+
+            if project_info["id"] != image.owner:
+                log.warning(
+                    "Image {} not owned by project {}. Cannot remove...".format(image.name, cloud.cloud_config.name)
+                )
                 continue
 
             try:
diff --git a/releasenotes/notes/Handle-image-ownership-in-cleanup-e598855680b02a50.yaml b/releasenotes/notes/Handle-image-ownership-in-cleanup-e598855680b02a50.yaml
new file mode 100644
index 00000000..e0c22838
--- /dev/null
+++ b/releasenotes/notes/Handle-image-ownership-in-cleanup-e598855680b02a50.yaml
@@ -0,0 +1,10 @@
+---
+fixes:
+  - |
+    Check image owner and visibility on image cleanup
+
+    Recently update on the cloud provider has caused the builder-cron-openstack
+    job to fail, and exposed a bug in our cleanup scripts.
+
+    Check the visibility and ownerid of the image before attempting to remove
+    and image.
-- 
2.16.6