Only attempt to delete bootstrap data secret if InsecureSkipSecretsManager isn't set

David Mather · sedefsavas · commit 600ef9e91f24 · 2022-04-15T08:52:44.000-07:00
diff --git a/controllers/awsmachine_controller.go b/controllers/awsmachine_controller.go
@@ -733,8 +733,10 @@ func (r *AWSMachineReconciler) ignitionUserData(scope *scope.MachineScope, objec
 }
 
 func (r *AWSMachineReconciler) deleteBootstrapData(machineScope *scope.MachineScope, clusterScope cloud.ClusterScoper, objectStoreScope scope.S3Scope) error {
-	if err := r.deleteEncryptedBootstrapDataSecret(machineScope, clusterScope); err != nil {
-		return err
+	if !machineScope.AWSMachine.Spec.CloudInit.InsecureSkipSecretsManager {
+		if err := r.deleteEncryptedBootstrapDataSecret(machineScope, clusterScope); err != nil {
+			return err
+		}
 	}
 
 	if objectStoreScope != nil {

Original file line number	Diff line number	Diff line change
`@@ -733,8 +733,10 @@ func (r AWSMachineReconciler) ignitionUserData(scope scope.MachineScope, objec`
`733`	`733`	`}`
`734`	`734`
`735`	`735`	`func (r AWSMachineReconciler) deleteBootstrapData(machineScope scope.MachineScope, clusterScope cloud.ClusterScoper, objectStoreScope scope.S3Scope) error {`
`736`		`- if err := r.deleteEncryptedBootstrapDataSecret(machineScope, clusterScope); err != nil {`
`737`		`- return err`
	`736`	`+ if !machineScope.AWSMachine.Spec.CloudInit.InsecureSkipSecretsManager {`
	`737`	`+ if err := r.deleteEncryptedBootstrapDataSecret(machineScope, clusterScope); err != nil {`
	`738`	`+ return err`
	`739`	`+ }`
`738`	`740`	`}`
`739`	`741`
`740`	`742`	`if objectStoreScope != nil {`