From 47146b71d716581975820608898757844f8e7ed6 Mon Sep 17 00:00:00 2001
From: Amit Sahastrabuddhe <amit.sahastra@gmail.com>
Date: Thu, 3 Aug 2023 23:20:50 +0530
Subject: [PATCH] PCP-1561: OIDC identity providers created by Spectrocloud are
 not getting cleaned up after cluster deprovisoning.

---
 pkg/cloud/services/eks/oidc.go | 14 ++++++++++++--
 1 file changed, 12 insertions(+), 2 deletions(-)

diff --git a/pkg/cloud/services/eks/oidc.go b/pkg/cloud/services/eks/oidc.go
index ae35fcd962..ab23395b1f 100644
--- a/pkg/cloud/services/eks/oidc.go
+++ b/pkg/cloud/services/eks/oidc.go
@@ -52,6 +52,9 @@ func (s *Service) reconcileOIDCProvider(cluster *eks.Cluster) error {
 			return errors.Wrap(err, "failed to create OIDC provider")
 		}
 		s.scope.ControlPlane.Status.OIDCProvider.ARN = oidcProvider
+		anno := s.scope.ControlPlane.GetAnnotations()
+		anno["aws.spectrocloud.com/oidcProviderArn"] = oidcProvider
+		s.scope.ControlPlane.SetAnnotations(anno)
 		if err := s.scope.PatchObject(); err != nil {
 			return errors.Wrap(err, "failed to update control plane with OIDC provider ARN")
 		}
@@ -134,11 +137,18 @@ func (s *Service) reconcileTrustPolicy() error {
 }
 
 func (s *Service) deleteOIDCProvider() error {
-	if !s.scope.ControlPlane.Spec.AssociateOIDCProvider || s.scope.ControlPlane.Status.OIDCProvider.ARN == "" {
+	anno := s.scope.ControlPlane.GetAnnotations()
+	arn := anno["aws.spectrocloud.com/oidcProviderArn"]
+
+	if arn == "" {
+		arn = s.scope.ControlPlane.Status.OIDCProvider.ARN
+	}
+
+	if !s.scope.ControlPlane.Spec.AssociateOIDCProvider || arn == "" {
 		return nil
 	}
 
-	providerARN := s.scope.ControlPlane.Status.OIDCProvider.ARN
+	providerARN := arn
 	if err := s.DeleteOIDCProvider(&providerARN); err != nil {
 		return errors.Wrap(err, "failed to delete OIDC provider")
 	}