Bug 1949862 - The ccoctl tool hits the panic sometime when running the delete subcommand
Summary: The ccoctl tool hits the panic sometime when running the delete subcommand
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Cloud Credential Operator
Version: 4.8
Hardware: Unspecified
OS: Unspecified
unspecified
high
Target Milestone: ---
: 4.8.0
Assignee: Joel Diaz
QA Contact: wang lin
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-04-15 09:27 UTC by wang lin
Modified: 2021-07-27 23:01 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-07-27 23:00:57 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Github openshift cloud-credential-operator pull 328 0 None open Bug 1949862: avoid referencing object after error 2021-04-19 18:33:31 UTC
Red Hat Product Errata RHSA-2021:2438 0 None None None 2021-07-27 23:01:18 UTC

Description wang lin 2021-04-15 09:27:55 UTC
Description of problem:
When running the command `ccoctl aws delete --name=lwantt --region=us-east-2
`  to delete aws resource, after running several times, may hit the below panic. 

$ ccoctl aws delete --name=lwantt --region=us-east-2
2021/04/15 14:47:41 Identity Provider object .well-known/openid-configuration deleted from the bucket lwantt-oidc
2021/04/15 14:47:42 Identity Provider object keys.json deleted from the bucket lwantt-oidc
2021/04/15 14:47:43 Identity Provider bucket lwantt-oidc deleted
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x48 pc=0xeed589]

goroutine 1 [running]:
github.com/openshift/cloud-credential-operator/pkg/cmd/provisioning/aws.deleteIAMRoles(0x1477860, 0xc000338be0, 0x7fff70a10217, 0x6, 0x7fff70a10217, 0x6)
	github.com/openshift/cloud-credential-operator/pkg/cmd/provisioning/aws/delete.go:96 +0x569
github.com/openshift/cloud-credential-operator/pkg/cmd/provisioning/aws.deleteCmd(0xc00033d080, 0xc000338880, 0x0, 0x2)
	github.com/openshift/cloud-credential-operator/pkg/cmd/provisioning/aws/delete.go:192 +0x335
github.com/spf13/cobra.(*Command).execute(0xc00033d080, 0xc000338840, 0x2, 0x2, 0xc00033d080, 0xc000338840)
	github.com/spf13/cobra.1/command.go:854 +0x29d
github.com/spf13/cobra.(*Command).ExecuteC(0xc00033c000, 0xc00021ff60, 0x1, 0x1)
	github.com/spf13/cobra.1/command.go:958 +0x349
github.com/spf13/cobra.(*Command).Execute(...)
	github.com/spf13/cobra.1/command.go:895
main.main()
	github.com/openshift/cloud-credential-operator/cmd/ccoctl/main.go:19 +0xaf

Version-Release number of selected component (if applicable):
4.8.0-0.nightly-2021-04-15-030836

How reproducible:
about 1 time in 10 times

Steps to Reproduce: 
1.Run create subcommand to create aws resources, like
$ccoctl aws create-all --name=lwantt --region=us-east-2 --credentials-requests-dir=./credrequests
2.  Run delete subcommand to delete those resources
$ccoctl aws delete --name=lwantt --region=us-east-2
3.Repeat above two commands several times

Actual results:
hit the panic

Expected results:
Should not hit the panic

Additional info:

Comment 3 wang lin 2021-05-06 10:07:48 UTC
Verified on 4.8.0-0.nightly-2021-05-06-032413


Now if GetRole() fails, ccoctl won't hit the panic,  rather than shows the error message.

2021/05/06 17:30:56 failed to fetch IAM role qeci-20114-sg-MasterIamRole-61F68JQTTM5W: NoSuchEntity: The role with name qeci-20114-sg-MasterIamRole-61F68JQTTM5W cannot be found.
	status code: 404, request id: 263205f1-9a09-4de7-91b3-d521197b10b5

Comment 6 errata-xmlrpc 2021-07-27 23:00:57 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Moderate: OpenShift Container Platform 4.8.2 bug fix and security update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2021:2438


Note You need to log in before you can comment on or make changes to this bug.