Skip to content

Commit 5f8b889

Browse files
SkarlsoSkarlso
committed
use DeleteRole which detaches and policies before deleting the role
1 parent 748c131 commit 5f8b889

File tree

1 file changed

+17
-9
lines changed

1 file changed

+17
-9
lines changed

test/e2e/shared/aws.go

Lines changed: 17 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -498,7 +498,7 @@ func deleteResourcesInCloudFormation(prov client.ConfigProvider, t *cfn_bootstra
498498
By(fmt.Sprintf("deleting the following role: %s", role.RoleName))
499499
repeat := false
500500
Eventually(func(gomega Gomega) bool {
501-
_, err := iamSvc.DeleteRole(&iam.DeleteRoleInput{RoleName: aws.String(role.RoleName)})
501+
err := DeleteRole(prov, role.RoleName)
502502
if err != nil && !repeat {
503503
By(fmt.Sprintf("failed to delete role '%s'; reason: %+v", role.RoleName, err))
504504
repeat = true
@@ -529,9 +529,11 @@ func deleteResourcesInCloudFormation(prov client.ConfigProvider, t *cfn_bootstra
529529
By(fmt.Sprintf("cleanup for policy '%s'", p.String()))
530530
repeat := false
531531
Eventually(func(gomega Gomega) bool {
532-
_, err := iamSvc.DeletePolicy(&iam.DeletePolicyInput{PolicyArn: p.Arn})
532+
response, err := iamSvc.DeletePolicy(&iam.DeletePolicyInput{
533+
PolicyArn: p.Arn,
534+
})
533535
if err != nil && !repeat {
534-
By(fmt.Sprintf("failed to delete policy '%s'; reason: %+v", policy.Description, err))
536+
By(fmt.Sprintf("failed to delete policy '%s'; reason: %+v, response: %s", policy.Description, err, response.String()))
535537
repeat = true
536538
}
537539
code, ok := awserrors.Code(err)
@@ -559,8 +561,12 @@ func deleteResourcesInCloudFormation(prov client.ConfigProvider, t *cfn_bootstra
559561

560562
// TODO: remove once test infra accounts are fixed.
561563
func deleteMultitenancyRoles(prov client.ConfigProvider) {
562-
DeleteRole(prov, "multi-tenancy-role")
563-
DeleteRole(prov, "multi-tenancy-nested-role")
564+
if err := DeleteRole(prov, "multi-tenancy-role"); err != nil {
565+
By(fmt.Sprintf("failed to delete role multi-tenancy-role %s", err))
566+
}
567+
if err := DeleteRole(prov, "multi-tenancy-nested-role"); err != nil {
568+
By(fmt.Sprintf("failed to delete role multi-tenancy-nested-role %s", err))
569+
}
564570
}
565571

566572
// detachAllPoliciesForRole detaches all policies for role.
@@ -589,23 +595,25 @@ func detachAllPoliciesForRole(prov client.ConfigProvider, name string) error {
589595
}
590596

591597
// DeleteRole deletes roles in a best effort manner.
592-
func DeleteRole(prov client.ConfigProvider, name string) {
598+
func DeleteRole(prov client.ConfigProvider, name string) error {
593599
iamSvc := iam.New(prov)
594600

595601
// if role does not exist, return.
596602
_, err := iamSvc.GetRole(&iam.GetRoleInput{RoleName: aws.String(name)})
597603
if err != nil {
598-
return
604+
return err
599605
}
600606

601607
if err := detachAllPoliciesForRole(prov, name); err != nil {
602-
return
608+
return err
603609
}
604610

605611
_, err = iamSvc.DeleteRole(&iam.DeleteRoleInput{RoleName: aws.String(name)})
606612
if err != nil {
607-
return
613+
return err
608614
}
615+
616+
return nil
609617
}
610618

611619
func GetPolicyArn(prov client.ConfigProvider, name string) string {

0 commit comments

Comments
 (0)