@@ -161,6 +161,28 @@ func addFirewallRule(ctx context.Context, name, network, projectID string, ports
161161 return nil
162162}
163163
164+ // deleteFirewallRule deletes the firewall rule identified by name.
165+ func deleteFirewallRule (ctx context.Context , name , projectID string ) error {
166+ service , err := NewComputeService ()
167+ if err != nil {
168+ return err
169+ }
170+
171+ ctx , cancel := context .WithTimeout (ctx , time .Minute * 3 )
172+ defer cancel ()
173+
174+ op , err := service .Firewalls .Delete (projectID , name ).Context (ctx ).Do ()
175+ if err != nil {
176+ return fmt .Errorf ("failed to delete %s firewall rule: %w" , name , err )
177+ }
178+
179+ if err := WaitForOperationGlobal (ctx , projectID , op ); err != nil {
180+ return fmt .Errorf ("failed to wait for delete %s firewall rule: %w" , name , err )
181+ }
182+
183+ return nil
184+ }
185+
164186// createFirewallRules creates the rules needed between the worker and master nodes.
165187func createFirewallRules (ctx context.Context , in clusterapi.InfraReadyInput , network string ) error {
166188 projectID := in .InstallConfig .Config .Platform .GCP .ProjectID
@@ -221,3 +243,9 @@ func createBootstrapFirewallRules(ctx context.Context, in clusterapi.InfraReadyI
221243 }
222244 return addFirewallRule (ctx , firewallName , network , projectID , getBootstrapSSHPorts (), srcTags , targetTags , srcRanges )
223245}
246+
247+ // removeBootstrapFirewallRules removes the rules created for the bootstrap node.
248+ func removeBootstrapFirewallRules (ctx context.Context , infraID , projectID string ) error {
249+ firewallName := fmt .Sprintf ("%s-bootstrap-in-ssh" , infraID )
250+ return deleteFirewallRule (ctx , firewallName , projectID )
251+ }
![openshift-merge-bot[bot]](https://avatars.githubusercontent.com/in/412865?v=4&size=40){kind=avatar}
0 commit comments