func()

in substrate/pkg/controller/substrate/cluster/instanceprofile.go [67:109]

• 38 lines of code
• 10 McCabe index (conditional complexity)

func (i *InstanceProfile) Create(ctx context.Context, substrate *v1alpha1.Substrate) (reconcile.Result, error) {
	// Role
	if _, err := i.IAM.CreateRole(&iam.CreateRoleInput{RoleName: discovery.Name(substrate), AssumeRolePolicyDocument: AssumeRolePolicyDocument}); err != nil {
		if err.(awserr.Error).Code() != iam.ErrCodeEntityAlreadyExistsException {
			return reconcile.Result{}, fmt.Errorf("creating role, %w", err)
		}
		logging.FromContext(ctx).Infof("Found role %s", aws.StringValue(discovery.Name(substrate)))
	} else {
		logging.FromContext(ctx).Infof("Created role %s", aws.StringValue(discovery.Name(substrate)))
	}
	// Policy
	if _, err := i.IAM.PutRolePolicyWithContext(ctx, &iam.PutRolePolicyInput{RoleName: discovery.Name(substrate), PolicyName: discovery.Name(substrate), PolicyDocument: PolicyDocument}); err != nil {
		return reconcile.Result{}, fmt.Errorf("adding policy to role, %w", err)
	} else {
		logging.FromContext(ctx).Infof("Created policy %s for %s", aws.StringValue(discovery.Name(substrate)), aws.StringValue(discovery.Name(substrate)))
	}
	// Managed Policies
	for _, policy := range ManagedPolicies {
		if _, err := i.IAM.AttachRolePolicyWithContext(ctx, &iam.AttachRolePolicyInput{RoleName: discovery.Name(substrate), PolicyArn: aws.String(policy)}); err != nil {
			return reconcile.Result{}, fmt.Errorf("attaching role policy %w", err)
		}
		logging.FromContext(ctx).Infof("Ensured managed policy %s for %s", policy, aws.StringValue(discovery.Name(substrate)))
	}
	// Profile
	if _, err := i.IAM.CreateInstanceProfileWithContext(ctx, &iam.CreateInstanceProfileInput{InstanceProfileName: discovery.Name(substrate)}); err != nil {
		if err.(awserr.Error).Code() != iam.ErrCodeEntityAlreadyExistsException {
			return reconcile.Result{}, fmt.Errorf("creating instance profile, %w", err)
		}
		logging.FromContext(ctx).Infof("Found instance profile %s", aws.StringValue(discovery.Name(substrate)))
	} else {
		logging.FromContext(ctx).Infof("Created instance profile %s", aws.StringValue(discovery.Name(substrate)))
	}
	// Binding
	if _, err := i.IAM.AddRoleToInstanceProfile(&iam.AddRoleToInstanceProfileInput{InstanceProfileName: discovery.Name(substrate), RoleName: discovery.Name(substrate)}); err != nil {
		if err.(awserr.Error).Code() != iam.ErrCodeLimitExceededException {
			return reconcile.Result{}, fmt.Errorf("adding role to instance profile, %w", err)
		}
		logging.FromContext(ctx).Infof("Found role %s on instance profile %s", aws.StringValue(discovery.Name(substrate)), aws.StringValue(discovery.Name(substrate)))
	} else {
		logging.FromContext(ctx).Infof("Added role %s to instance profile %s", aws.StringValue(discovery.Name(substrate)), aws.StringValue(discovery.Name(substrate)))
	}
	return reconcile.Result{}, nil
}