Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-15906

ccoctl azure delete leaks role assignments

XMLWordPrintable

    • No
    • Proposed
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      Azure managed identity role assignments created using 'ccoctl azure' sub-commands are not cleaned up when running 'ccoctl azure delete'

      Version-Release number of selected component (if applicable):

      4.14.0

      How reproducible:

      100%

      Steps to Reproduce:

      1. Create Azure workload identity infrastructure using 'ccoctl azure create-all'
      2. Delete Azure workload identity infrastructure using 'ccoctl azure delete'
      3. Observe lingering role assignments in either the OIDC resource group if not deleted OR in the DNS Zone resource group if the OIDC resource group is deleted by providing '--delete-oidc-resource-group'. 

      Actual results:

      Role assignments for managed identities are not deleted following 'ccoctl azure delete'

      Expected results:

      Role assignments for managed identities are deleted following 'ccoctl azure delete'

      Additional info:

       

              jstuever@redhat.com Jeremiah Stuever
              abutcher@redhat.com Andrew Butcher
              Mingxia Huang Mingxia Huang
              Votes:
              0 Vote for this issue
              Watchers:
              7 Start watching this issue

                Created:
                Updated:
                Resolved: