func()

in pkg/cluster/delete.go [494:611]

• 98 lines of code
• 28 McCabe index (conditional complexity)

func (m *manager) Delete(ctx context.Context) error {
	m.log.Printf("running ensureResourceGroup")
	err := m.ensureResourceGroup(ctx) // re-create RP RBAC if needed/missing on best-effort basics
	if err != nil {
		m.log.Error(err)
	}

	m.log.Printf("deleting dns")
	err = m.dns.Delete(ctx, m.doc.OpenShiftCluster)
	if err != nil {
		return err
	}

	m.log.Print("deleting private endpoint")
	err = m.fpPrivateEndpoints.DeleteAndWait(ctx, m.env.ResourceGroup(), env.RPPrivateEndpointPrefix+m.doc.ID)
	if err != nil {
		return err
	}

	if m.doc.OpenShiftCluster.UsesWorkloadIdentity() {
		m.log.Printf("deleting OIDC configuration")
		blobContainerURL := oidcbuilder.GenerateBlobContainerURL(m.env)
		blobsClient, err := m.rpBlob.GetBlobsClient(blobContainerURL)
		if err != nil {
			return err
		}
		err = oidcbuilder.DeleteOidcFolder(ctx, oidcbuilder.GetBlobName(m.subscriptionDoc.Subscription.Properties.TenantID, m.doc.ID), blobsClient)
		if err != nil {
			return err
		}
	}

	m.log.Printf("deleting role assignments")
	err = m.deleteRoleAssignments(ctx)
	if err != nil {
		return err
	}

	m.log.Printf("deleting role definition")
	err = m.deleteRoleDefinition(ctx)
	if err != nil {
		return err
	}

	// private endpoint LinkIDs are reused so we wait for the deletion of the
	// gateway LinkID record before deleting the private endpoint
	// this ensures that we don't delete a LinkID record that was previously in use
	// on a newly created cluster
	m.log.Printf("deleting gateway record")
	err = m.deleteGatewayAndWait(ctx)
	if err != nil {
		return err
	}

	err = m.deleteResourcesAndResourceGroup(ctx)
	if err != nil {
		return err
	}

	if m.doc.OpenShiftCluster.UsesWorkloadIdentity() {
		m.log.Printf("deleting platform managed identities' federated credentials")
		err = m.deleteFederatedCredentials(ctx)
		if err != nil {
			return err
		}

		m.log.Printf("deleting cluster MSI certificate")
		err = m.deleteClusterMsiCertificate(ctx)
		if err != nil {
			return err
		}
	}

	if !m.env.FeatureIsSet(env.FeatureDisableSignedCertificates) {
		managedDomain, err := dns.ManagedDomain(m.env, m.doc.OpenShiftCluster.Properties.ClusterProfile.Domain)
		if err != nil {
			return err
		}

		if managedDomain != "" {
			m.log.Print("deleting signed apiserver certificate")
			_, err = m.env.ClusterCertificates().DeleteCertificate(ctx, m.APICertName(), nil)
			if err != nil && !azcertificates.IsCertificateNotFoundError(err) {
				return err
			}

			m.log.Print("deleting signed ingress certificate")
			_, err = m.env.ClusterCertificates().DeleteCertificate(ctx, m.IngressCertName(), nil)
			if err != nil && !azcertificates.IsCertificateNotFoundError(err) {
				return err
			}
		}
	}

	if !m.env.IsLocalDevelopmentMode() {
		acrManager, err := acrtoken.NewManager(m.env, m.localFpAuthorizer)
		if err != nil {
			return err
		}

		rp := acrManager.GetRegistryProfile(m.doc.OpenShiftCluster)
		if rp != nil {
			err = acrManager.Delete(ctx, rp)
			if err != nil {
				return err
			}
		}
	}

	if m.adoptViaHive || m.installViaHive {
		err = m.hiveDeleteResources(ctx)
		if err != nil {
			return err
		}
	}

	return m.billing.Delete(ctx, m.doc)
}