зеркало из https://github.com/Azure/ARO-RP.git
Now check that CRG managedBy == openshiftcluster.id, if not, we do not run full delete
always delete role assignments/definitions dont return err if we fail to get the resource group, continue with delete logic fix warnf fmt
This commit is contained in:
Ross Bryan
Mikalai Radchuk
Родитель
357fa65f03
Коммит
a3cd326784
|
|
@ -259,9 +259,21 @@ func (m *manager) deleteRoleDefinition(ctx context.Context) error {
|
|||
|
||||
func (m *manager) Delete(ctx context.Context) error {
|
||||
resourceGroup := stringutils.LastTokenByte(m.doc.OpenShiftCluster.Properties.ClusterProfile.ResourceGroupID, '/')
|
||||
//In edge case of CRG not being managedBy ARO, we have a different delete path
|
||||
//we will assume normal case and set rgManagedByARO to true CRG is managedby ARO
|
||||
rgManagedByARO := true
|
||||
rg, err := m.resourceGroups.Get(ctx, resourceGroup)
|
||||
if err != nil {
|
||||
m.log.Warnf("failed to get resourceGroup %s", err)
|
||||
} else {
|
||||
if rg.ManagedBy == nil || *rg.ManagedBy == "" || !strings.EqualFold(*rg.ManagedBy, m.doc.OpenShiftCluster.ID) {
|
||||
rgManagedByARO = false
|
||||
m.log.Infof("cluster resource group not managed by aro %s", *rg.Name)
|
||||
}
|
||||
}
|
||||
|
||||
m.log.Printf("deleting dns")
|
||||
err := m.dns.Delete(ctx, m.doc.OpenShiftCluster)
|
||||
err = m.dns.Delete(ctx, m.doc.OpenShiftCluster)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
|
@ -284,25 +296,27 @@ func (m *manager) Delete(ctx context.Context) error {
|
|||
return err
|
||||
}
|
||||
|
||||
m.log.Printf("deleting resources")
|
||||
err = m.deleteResources(ctx)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
// only delete if managedByARO
|
||||
if rgManagedByARO {
|
||||
m.log.Printf("deleting resources")
|
||||
err = m.deleteResources(ctx)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
m.log.Printf("deleting resource group %s", resourceGroup)
|
||||
err = m.resourceGroups.DeleteAndWait(ctx, resourceGroup)
|
||||
if detailedErr, ok := err.(autorest.DetailedError); ok &&
|
||||
(detailedErr.StatusCode == http.StatusForbidden || detailedErr.StatusCode == http.StatusNotFound) {
|
||||
err = nil
|
||||
m.log.Printf("deleting resource group %s", resourceGroup)
|
||||
err = m.resourceGroups.DeleteAndWait(ctx, resourceGroup)
|
||||
if detailedErr, ok := err.(autorest.DetailedError); ok &&
|
||||
(detailedErr.StatusCode == http.StatusForbidden || detailedErr.StatusCode == http.StatusNotFound) {
|
||||
err = nil
|
||||
}
|
||||
if azureerrors.HasAuthorizationFailedError(err) {
|
||||
err = nil
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
}
|
||||
if azureerrors.HasAuthorizationFailedError(err) {
|
||||
err = nil
|
||||
}
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if !m.env.FeatureIsSet(env.FeatureDisableSignedCertificates) {
|
||||
managedDomain, err := dns.ManagedDomain(m.env, m.doc.OpenShiftCluster.Properties.ClusterProfile.Domain)
|
||||
if err != nil {
|
||||
|
|
|
|||
Загрузка…
Ссылка в новой задаче