PCP-2735: EKS cluster deletion stuck with error failed to delete OIDC…

… provider
spectrocloud · Mar 27, 2024 · 189c6f8 · 189c6f8
1 parent 28f8022
commit 189c6f8
Showing 1 changed file with 22 additions and 3 deletions.
diff --git a/pkg/cloud/services/eks/oidc.go b/pkg/cloud/services/eks/oidc.go
@@ -36,6 +36,13 @@ import (
 	"sigs.k8s.io/cluster-api/controllers/remote"
 )
 
+const (
+	// OidcProviderArnAnnotation set/unset this annotation to managed control plane.
+	// This is required in case of force pivot control plane status do not have ARN in status.
+	// In that cases annotation will be used to delete oidc resource.
+	OidcProviderArnAnnotation = "aws.spectrocloud.com/oidcProviderArn"
+)
+
 func (s *Service) reconcileOIDCProvider(cluster *eks.Cluster) error {
 	if !s.scope.ControlPlane.Spec.AssociateOIDCProvider {
 		return nil
@@ -53,7 +60,10 @@ func (s *Service) reconcileOIDCProvider(cluster *eks.Cluster) error {
 		}
 		s.scope.ControlPlane.Status.OIDCProvider.ARN = oidcProvider
 		anno := s.scope.ControlPlane.GetAnnotations()
-		anno["aws.spectrocloud.com/oidcProviderArn"] = oidcProvider
+		if anno == nil {
+			anno = make(map[string]string)
+		}
+		anno[OidcProviderArnAnnotation] = oidcProvider
 		s.scope.ControlPlane.SetAnnotations(anno)
 		if err := s.scope.PatchObject(); err != nil {
 			return errors.Wrap(err, "failed to update control plane with OIDC provider ARN")
@@ -137,10 +147,15 @@ func (s *Service) reconcileTrustPolicy() error {
 }
 
 func (s *Service) deleteOIDCProvider() error {
-	anno := s.scope.ControlPlane.GetAnnotations()
-	arn := anno["aws.spectrocloud.com/oidcProviderArn"]
+
+	// In case of force pivot managed control plane do not have ARN in status, that lead to oidcProvider not getting cleaned up during delete.
+	// OidcProviderArnAnnotation will be used to avoid it.
+
+	annotations := s.scope.ControlPlane.GetAnnotations()
+	arn := annotations[OidcProviderArnAnnotation]
 
 	if arn == "" {
+		// Upgrade support for cluster without OidcProviderArnAnnotation set
 		arn = s.scope.ControlPlane.Status.OIDCProvider.ARN
 	}
 
@@ -158,6 +173,10 @@ func (s *Service) deleteOIDCProvider() error {
 		return errors.Wrap(err, "failed to update control plane with OIDC provider ARN")
 	}
 
+	// Remove OidcProviderArnAnnotation after successfully deleting oidc provider
+	annotations[OidcProviderArnAnnotation] = ""
+	s.scope.ControlPlane.SetAnnotations(annotations)
+
 	return nil
 }