Merge pull request #885 from spectrocloud/PCP-1561_43

sadysnaat · web-flow · commit c850522261f1 · 2024-03-12T11:28:29.000+05:30
PCP-1561: OIDC identity providers created by Spectrocloud are not getting cleaned up after cluster deprovisoning.
diff --git a/pkg/cloud/services/eks/oidc.go b/pkg/cloud/services/eks/oidc.go
@@ -52,6 +52,9 @@ func (s *Service) reconcileOIDCProvider(cluster *eks.Cluster) error {
 			return errors.Wrap(err, "failed to create OIDC provider")
 		}
 		s.scope.ControlPlane.Status.OIDCProvider.ARN = oidcProvider
+		anno := s.scope.ControlPlane.GetAnnotations()
+		anno["aws.spectrocloud.com/oidcProviderArn"] = oidcProvider
+		s.scope.ControlPlane.SetAnnotations(anno)
 		if err := s.scope.PatchObject(); err != nil {
 			return errors.Wrap(err, "failed to update control plane with OIDC provider ARN")
 		}
@@ -134,11 +137,18 @@ func (s *Service) reconcileTrustPolicy() error {
 }
 
 func (s *Service) deleteOIDCProvider() error {
-	if !s.scope.ControlPlane.Spec.AssociateOIDCProvider || s.scope.ControlPlane.Status.OIDCProvider.ARN == "" {
+	anno := s.scope.ControlPlane.GetAnnotations()
+	arn := anno["aws.spectrocloud.com/oidcProviderArn"]
+
+	if arn == "" {
+		arn = s.scope.ControlPlane.Status.OIDCProvider.ARN
+	}
+
+	if !s.scope.ControlPlane.Spec.AssociateOIDCProvider || arn == "" {
 		return nil
 	}
 
-	providerARN := s.scope.ControlPlane.Status.OIDCProvider.ARN
+	providerARN := arn
 	if err := s.DeleteOIDCProvider(&providerARN); err != nil {
 		return errors.Wrap(err, "failed to delete OIDC provider")
 	}

Original file line number	Diff line number	Diff line change
`@@ -52,6 +52,9 @@ func (s Service) reconcileOIDCProvider(cluster eks.Cluster) error {`
`52`	`52`	`return errors.Wrap(err, "failed to create OIDC provider")`
`53`	`53`	`}`
`54`	`54`	`s.scope.ControlPlane.Status.OIDCProvider.ARN = oidcProvider`
	`55`	`+ anno := s.scope.ControlPlane.GetAnnotations()`
	`56`	`+ anno["aws.spectrocloud.com/oidcProviderArn"] = oidcProvider`
	`57`	`+ s.scope.ControlPlane.SetAnnotations(anno)`
`55`	`58`	`if err := s.scope.PatchObject(); err != nil {`
`56`	`59`	`return errors.Wrap(err, "failed to update control plane with OIDC provider ARN")`
`57`	`60`	`}`
`@@ -134,11 +137,18 @@ func (s *Service) reconcileTrustPolicy() error {`
`134`	`137`	`}`
`135`	`138`
`136`	`139`	`func (s *Service) deleteOIDCProvider() error {`
`137`		`- if !s.scope.ControlPlane.Spec.AssociateOIDCProvider \|\| s.scope.ControlPlane.Status.OIDCProvider.ARN == "" {`
	`140`	`+ anno := s.scope.ControlPlane.GetAnnotations()`
	`141`	`+ arn := anno["aws.spectrocloud.com/oidcProviderArn"]`
	`142`	`+`
	`143`	`+ if arn == "" {`
	`144`	`+ arn = s.scope.ControlPlane.Status.OIDCProvider.ARN`
	`145`	`+ }`
	`146`	`+`
	`147`	`+ if !s.scope.ControlPlane.Spec.AssociateOIDCProvider \|\| arn == "" {`
`138`	`148`	`return nil`
`139`	`149`	`}`
`140`	`150`
`141`		`- providerARN := s.scope.ControlPlane.Status.OIDCProvider.ARN`
	`151`	`+ providerARN := arn`
`142`	`152`	`if err := s.DeleteOIDCProvider(&providerARN); err != nil {`
`143`	`153`	`return errors.Wrap(err, "failed to delete OIDC provider")`
`144`	`154`	`}`