From 21e3745110ff837db445aafeb505d2741e1da9eb Mon Sep 17 00:00:00 2001
From: Kfir Toledo <kfir.toledo@ibm.com>
Date: Sun, 22 Sep 2024 03:50:19 +0300
Subject: [PATCH] operator: Fix delete ClusterRule name

Signed-off-by: Kfir Toledo <kfir.toledo@ibm.com>
---
 pkg/operator/controller/instance_controller.go      | 13 ++++++++-----
 pkg/operator/controller/instance_controller_test.go |  2 +-
 2 files changed, 9 insertions(+), 6 deletions(-)

diff --git a/pkg/operator/controller/instance_controller.go b/pkg/operator/controller/instance_controller.go
index be1054b2..4eee553b 100644
--- a/pkg/operator/controller/instance_controller.go
+++ b/pkg/operator/controller/instance_controller.go
@@ -48,6 +48,7 @@ const (
 	StatusModeNotExist    = "NotExist"
 	StatusModeProgressing = "ProgressingMode"
 	StatusModeReady       = "Ready"
+	ClusterRoleName       = InstanceNamespace + ":" + cpapi.Name
 )
 
 // InstanceReconciler reconciles a ClusterLink instance object.
@@ -431,7 +432,7 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name
 	// Create the ClusterRole for the controlplane.
 	clusterRole := &rbacv1.ClusterRole{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: name + namespace,
+			Name: ClusterRoleName,
 		},
 		Rules: []rbacv1.PolicyRule{
 			{
@@ -499,12 +500,12 @@ func (r *InstanceReconciler) createAccessControl(ctx context.Context, name, name
 	// Create ClusterRoleBinding for the controlplane.
 	clusterRoleBinding := &rbacv1.ClusterRoleBinding{
 		ObjectMeta: metav1.ObjectMeta{
-			Name: name + namespace,
+			Name: ClusterRoleName,
 		},
 		RoleRef: rbacv1.RoleRef{
 			APIGroup: "rbac.authorization.k8s.io",
 			Kind:     "ClusterRole",
-			Name:     name + namespace,
+			Name:     ClusterRoleName,
 		},
 		Subjects: []rbacv1.Subject{
 			{
@@ -615,6 +616,8 @@ func (r *InstanceReconciler) createResource(ctx context.Context, object client.O
 func (r *InstanceReconciler) deleteClusterLink(ctx context.Context, namespace string) error {
 	// Delete controlPlane Resources
 	cpObj := metav1.ObjectMeta{Name: cpapi.Name, Namespace: namespace}
+	cprRuleObj := metav1.ObjectMeta{Name: ClusterRoleName, Namespace: namespace}
+
 	if err := r.deleteResource(ctx, &appsv1.Deployment{ObjectMeta: cpObj}); err != nil {
 		return err
 	}
@@ -623,11 +626,11 @@ func (r *InstanceReconciler) deleteClusterLink(ctx context.Context, namespace st
 		return err
 	}
 
-	if err := r.deleteResource(ctx, &rbacv1.ClusterRole{ObjectMeta: cpObj}); err != nil {
+	if err := r.deleteResource(ctx, &rbacv1.ClusterRole{ObjectMeta: cprRuleObj}); err != nil {
 		return err
 	}
 
-	if err := r.deleteResource(ctx, &rbacv1.ClusterRoleBinding{ObjectMeta: cpObj}); err != nil {
+	if err := r.deleteResource(ctx, &rbacv1.ClusterRoleBinding{ObjectMeta: cprRuleObj}); err != nil {
 		return err
 	}
 
diff --git a/pkg/operator/controller/instance_controller_test.go b/pkg/operator/controller/instance_controller_test.go
index c4e21f8e..e2c268bd 100644
--- a/pkg/operator/controller/instance_controller_test.go
+++ b/pkg/operator/controller/instance_controller_test.go
@@ -148,7 +148,7 @@ func TestClusterLinkController(t *testing.T) {
 	cpID := types.NamespacedName{Name: cpapi.Name, Namespace: controller.InstanceNamespace}
 	cpResource := []client.Object{&appsv1.Deployment{}, &corev1.Service{}}
 	roleID := types.NamespacedName{
-		Name:      cpapi.Name + controller.InstanceNamespace,
+		Name:      controller.ClusterRoleName,
 		Namespace: controller.InstanceNamespace,
 	}
 	roleResource := []client.Object{&rbacv1.ClusterRole{}, &rbacv1.ClusterRoleBinding{}}