From 4453e2722d385c4fde07388496a18e09a12d414b Mon Sep 17 00:00:00 2001
From: Chris Kalafarski <chris@farski.com>
Date: Tue, 15 Aug 2023 11:09:25 -0400
Subject: [PATCH] Add parameter checker script

---
 .github/workflows/check-code-freshness.yml | 24 +++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/check-code-freshness.yml b/.github/workflows/check-code-freshness.yml
index b68cc0b9c..36596f4cc 100644
--- a/.github/workflows/check-code-freshness.yml
+++ b/.github/workflows/check-code-freshness.yml
@@ -18,8 +18,26 @@ jobs:
           aws-region: us-west-2
           role-to-assume: arn:aws:iam::561178107736:role/DevOps-GitHubOidcFederatedRole
           role-session-name: GitHubActions-CheckCodeFreshness
-      - name: Deploy CloudFormation stack
-        working-directory: devops
+      - name: Check parameter ages
         run: |
           threshold=$(date --date="90 days ago" +%FT%H:%M:%SZ)
-          echo $threshold
+
+          aws_command="aws ssm describe-parameters --profile prx-legacy --parameter-filters Key=Name,Option=Contains,Values=pkg"
+          unset NEXT_TOKEN
+
+          function process_parameter {
+            echo $1 | jq '.Name'
+          }
+
+          function parse_output() {
+            if [ ! -z "$cli_output" ]; then
+              echo $cli_output | jq -c --arg d "$threshold" '.Parameters[] | select( .Name | contains("/prx/prod/Spire/")) | select(.LastModifiedDate < $d)' | while read param; do
+                process_parameter $param
+              done
+              NEXT_TOKEN=$(echo $cli_output | jq -r ".NextToken")
+            fi
+          }
+
+          # The command is run and output parsed in the below statements.
+          cli_output=$($aws_command)
+          parse_output