Skip to content

Commit

Permalink
Merge pull request #886 from spectrocloud/PCP-1561_42
Browse files Browse the repository at this point in the history 
PCP-1561: OIDC identity providers created by Spectrocloud are not getting cleaned up after cluster deprovisoning.
  • Loading branch information
@sadysnaat
sadysnaat authored Mar 12, 2024
2 parents 66ec5e8 + 31dd1b4 commit 5ad4280
Showing 1 changed file with 12 additions and 2 deletions.
14 changes: 12 additions & 2 deletions pkg/cloud/services/eks/oidc.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -52,6 +52,9 @@ func (s *Service) reconcileOIDCProvider(cluster *eks.Cluster) error {
return errors.Wrap(err, "failed to create OIDC provider")
}
s.scope.ControlPlane.Status.OIDCProvider.ARN = oidcProvider
anno := s.scope.ControlPlane.GetAnnotations()
anno["aws.spectrocloud.com/oidcProviderArn"] = oidcProvider
s.scope.ControlPlane.SetAnnotations(anno)
if err := s.scope.PatchObject(); err != nil {
return errors.Wrap(err, "failed to update control plane with OIDC provider ARN")
}
Expand Down Expand Up @@ -134,11 +137,18 @@ func (s *Service) reconcileTrustPolicy() error {
}

func (s *Service) deleteOIDCProvider() error {
if !s.scope.ControlPlane.Spec.AssociateOIDCProvider || s.scope.ControlPlane.Status.OIDCProvider.ARN == "" {
anno := s.scope.ControlPlane.GetAnnotations()
arn := anno["aws.spectrocloud.com/oidcProviderArn"]

if arn == "" {
arn = s.scope.ControlPlane.Status.OIDCProvider.ARN
}

if !s.scope.ControlPlane.Spec.AssociateOIDCProvider || arn == "" {
return nil
}

providerARN := s.scope.ControlPlane.Status.OIDCProvider.ARN
providerARN := arn
if err := s.DeleteOIDCProvider(&providerARN); err != nil {
return errors.Wrap(err, "failed to delete OIDC provider")
}
Expand Down

0 comments on commit 5ad4280

Please sign in to comment.