Bug 1949862

Summary: The ccoctl tool hits the panic sometime when running the delete subcommand
Product: OpenShift Container Platform Reporter: wang lin <lwan>
Component: Cloud Credential OperatorAssignee: Joel Diaz <jdiaz>
Status: CLOSED ERRATA QA Contact: wang lin <lwan>
Severity: high Docs Contact:
Priority: unspecified    
Version: 4.8CC: arane, gshereme, jdiaz, lwan
Target Milestone: ---   
Target Release: 4.8.0   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: No Doc Update
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2021-07-27 23:00:57 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description wang lin 2021-04-15 09:27:55 UTC 
Description of problem:
When running the command `ccoctl aws delete --name=lwantt --region=us-east-2
`  to delete aws resource, after running several times, may hit the below panic. 

$ ccoctl aws delete --name=lwantt --region=us-east-2
2021/04/15 14:47:41 Identity Provider object .well-known/openid-configuration deleted from the bucket lwantt-oidc
2021/04/15 14:47:42 Identity Provider object keys.json deleted from the bucket lwantt-oidc
2021/04/15 14:47:43 Identity Provider bucket lwantt-oidc deleted
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x48 pc=0xeed589]

goroutine 1 [running]:
github.com/openshift/cloud-credential-operator/pkg/cmd/provisioning/aws.deleteIAMRoles(0x1477860, 0xc000338be0, 0x7fff70a10217, 0x6, 0x7fff70a10217, 0x6)
	github.com/openshift/cloud-credential-operator/pkg/cmd/provisioning/aws/delete.go:96 +0x569
github.com/openshift/cloud-credential-operator/pkg/cmd/provisioning/aws.deleteCmd(0xc00033d080, 0xc000338880, 0x0, 0x2)
	github.com/openshift/cloud-credential-operator/pkg/cmd/provisioning/aws/delete.go:192 +0x335
github.com/spf13/cobra.(*Command).execute(0xc00033d080, 0xc000338840, 0x2, 0x2, 0xc00033d080, 0xc000338840)
	github.com/spf13/cobra.1/command.go:854 +0x29d
github.com/spf13/cobra.(*Command).ExecuteC(0xc00033c000, 0xc00021ff60, 0x1, 0x1)
	github.com/spf13/cobra.1/command.go:958 +0x349
github.com/spf13/cobra.(*Command).Execute(...)
	github.com/spf13/cobra.1/command.go:895
main.main()
	github.com/openshift/cloud-credential-operator/cmd/ccoctl/main.go:19 +0xaf

Version-Release number of selected component (if applicable):
4.8.0-0.nightly-2021-04-15-030836

How reproducible:
about 1 time in 10 times

Steps to Reproduce: 
1.Run create subcommand to create aws resources, like
$ccoctl aws create-all --name=lwantt --region=us-east-2 --credentials-requests-dir=./credrequests
2.  Run delete subcommand to delete those resources
$ccoctl aws delete --name=lwantt --region=us-east-2
3.Repeat above two commands several times

Actual results:
hit the panic

Expected results:
Should not hit the panic

Additional info:
Comment 3 wang lin 2021-05-06 10:07:48 UTC 
Verified on 4.8.0-0.nightly-2021-05-06-032413


Now if GetRole() fails, ccoctl won't hit the panic,  rather than shows the error message.

2021/05/06 17:30:56 failed to fetch IAM role qeci-20114-sg-MasterIamRole-61F68JQTTM5W: NoSuchEntity: The role with name qeci-20114-sg-MasterIamRole-61F68JQTTM5W cannot be found.
	status code: 404, request id: 263205f1-9a09-4de7-91b3-d521197b10b5
Comment 6 errata-xmlrpc 2021-07-27 23:00:57 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438