Add disk full incident response toolkit

infra-run/scripts/bash/disk-full/02_find_big_files.sh

@@ -0,0 +1,63 @@
+#!/usr/bin/env bash
+set -o errexit
+set -o nounset
+set -o pipefail
+
+SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
+# shellcheck source=00_env.sh
+. "$SCRIPT_DIR/00_env.sh"
+
+SEARCH_PATH="/"
+TOP_N=20
+
+usage() {
+  printf 'Usage: %s [--path <path>] [--top <N>]\n' "$(basename "$0")"
+}
+
+while [[ "$#" -gt 0 ]]; do
+  case "$1" in
+    --path) SEARCH_PATH="${2:-}"; shift 2 ;;
+    --top) TOP_N="${2:-}"; shift 2 ;;
+    -h|--help) usage; exit 0 ;;
+    *) critical "Unknown argument: $1"; usage; exit 2 ;;
+  esac
+done
+
+if ! [[ "$TOP_N" =~ ^[0-9]+$ ]] || (( TOP_N < 1 )); then
+  critical "--top must be a positive integer"
+  exit 2
+fi
+
+validate_path "$SEARCH_PATH" || exit 2
+require_cmd find || exit 1
+require_cmd sort || exit 1
+require_cmd head || exit 1
+
+section "Largest Files Under $SEARCH_PATH"
+warning "Read-only scan. Permission errors can be normal without root access."
+
+find "$SEARCH_PATH" -xdev \
+  \( -path /proc -o -path /sys -o -path /dev -o -path /run \) -prune -o \
+  -type f -printf '%s\t%p\n' 2>/dev/null |
+  sort -rn |
+  head -n "$TOP_N" |
+  awk '
+    function human(bytes) {
+      split("B KB MB GB TB PB", unit)
+      size = bytes
+      idx = 1
+      while (size >= 1024 && idx < 6) {
+        size = size / 1024
+        idx++
+      }
+      return sprintf("%.1f%s", size, unit[idx])
+    }
+    {
+      size = $1
+      $1 = ""
+      sub(/^\t/, "")
+      printf "%10s  %s\n", human(size), $0
+    }
+  ' | tee -a "$LOG_FILE"
+
+ok "No files were modified."