From dd5f92d1288c23d9741080b4ca159c91e37a1c4a Mon Sep 17 00:00:00 2001
From: Felix Kunde <felix.kunde@zalando.de>
Date: Thu, 9 Jul 2020 13:43:38 +0200
Subject: [PATCH 1/3] delete secrets the right way

---
 pkg/cluster/cluster.go   |  6 ++----
 pkg/cluster/resources.go | 16 ++++++++++++++--
 2 files changed, 16 insertions(+), 6 deletions(-)

diff --git a/pkg/cluster/cluster.go b/pkg/cluster/cluster.go
index 44c3e9b62..ef728a728 100644
--- a/pkg/cluster/cluster.go
+++ b/pkg/cluster/cluster.go
@@ -797,10 +797,8 @@ func (c *Cluster) Delete() {
 		c.logger.Warningf("could not delete statefulset: %v", err)
 	}
 
-	for _, obj := range c.Secrets {
-		if err := c.deleteSecret(obj); err != nil {
-			c.logger.Warningf("could not delete secret: %v", err)
-		}
+	if err := c.deleteSecrets(); err != nil {
+		c.logger.Warningf("could not delete secrets: %v", err)
 	}
 
 	if err := c.deletePodDisruptionBudget(); err != nil {
diff --git a/pkg/cluster/resources.go b/pkg/cluster/resources.go
index 5c35058c2..6353b617f 100644
--- a/pkg/cluster/resources.go
+++ b/pkg/cluster/resources.go
@@ -725,7 +725,19 @@ func (c *Cluster) deleteEndpoint(role PostgresRole) error {
 	return nil
 }
 
-func (c *Cluster) deleteSecret(secret *v1.Secret) error {
+func (c *Cluster) deleteSecrets() error {
+	c.setProcessName("deleting secrets")
+	for uid := range c.Secrets {
+		if err := c.deleteSecret(uid); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (c *Cluster) deleteSecret(uid types.UID) error {
+	secret := c.Secrets[uid]
 	c.setProcessName("deleting secret %q", util.NameFromMeta(secret.ObjectMeta))
 	c.logger.Debugf("deleting secret %q", util.NameFromMeta(secret.ObjectMeta))
 	err := c.KubeClient.Secrets(secret.Namespace).Delete(context.TODO(), secret.Name, c.deleteOptions)
@@ -733,7 +745,7 @@ func (c *Cluster) deleteSecret(secret *v1.Secret) error {
 		return err
 	}
 	c.logger.Infof("secret %q has been deleted", util.NameFromMeta(secret.ObjectMeta))
-	delete(c.Secrets, secret.UID)
+	c.Secrets[uid] = nil
 
 	return err
 }

From 5b085a77062d3a7903c1db0ae8b8e015cab75a82 Mon Sep 17 00:00:00 2001
From: Felix Kunde <felix.kunde@zalando.de>
Date: Thu, 9 Jul 2020 15:24:03 +0200
Subject: [PATCH 2/3] make a one function

---
 pkg/cluster/resources.go | 22 ++++++----------------
 1 file changed, 6 insertions(+), 16 deletions(-)

diff --git a/pkg/cluster/resources.go b/pkg/cluster/resources.go
index 6353b617f..46b48293e 100644
--- a/pkg/cluster/resources.go
+++ b/pkg/cluster/resources.go
@@ -727,29 +727,19 @@ func (c *Cluster) deleteEndpoint(role PostgresRole) error {
 
 func (c *Cluster) deleteSecrets() error {
 	c.setProcessName("deleting secrets")
-	for uid := range c.Secrets {
-		if err := c.deleteSecret(uid); err != nil {
+	for uid, secret := range c.Secrets {
+		c.logger.Debugf("deleting secret %q", util.NameFromMeta(secret.ObjectMeta))
+		err := c.KubeClient.Secrets(secret.Namespace).Delete(context.TODO(), secret.Name, c.deleteOptions)
+		if err != nil {
 			return err
 		}
+		c.logger.Infof("secret %q has been deleted", util.NameFromMeta(secret.ObjectMeta))
+		c.Secrets[uid] = nil
 	}
 
 	return nil
 }
 
-func (c *Cluster) deleteSecret(uid types.UID) error {
-	secret := c.Secrets[uid]
-	c.setProcessName("deleting secret %q", util.NameFromMeta(secret.ObjectMeta))
-	c.logger.Debugf("deleting secret %q", util.NameFromMeta(secret.ObjectMeta))
-	err := c.KubeClient.Secrets(secret.Namespace).Delete(context.TODO(), secret.Name, c.deleteOptions)
-	if err != nil {
-		return err
-	}
-	c.logger.Infof("secret %q has been deleted", util.NameFromMeta(secret.ObjectMeta))
-	c.Secrets[uid] = nil
-
-	return err
-}
-
 func (c *Cluster) createRoles() (err error) {
 	// TODO: figure out what to do with duplicate names (humans and robots) among pgUsers
 	return c.syncRoles()

From 4feae64c281452d72e23209ae147b59ee4c57497 Mon Sep 17 00:00:00 2001
From: Felix Kunde <felix.kunde@zalando.de>
Date: Thu, 9 Jul 2020 16:04:12 +0200
Subject: [PATCH 3/3] continue deleting secrets even if one delete fails

---
 pkg/cluster/resources.go | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/pkg/cluster/resources.go b/pkg/cluster/resources.go
index 46b48293e..c75457a5a 100644
--- a/pkg/cluster/resources.go
+++ b/pkg/cluster/resources.go
@@ -727,16 +727,23 @@ func (c *Cluster) deleteEndpoint(role PostgresRole) error {
 
 func (c *Cluster) deleteSecrets() error {
 	c.setProcessName("deleting secrets")
+	var errors []string
+	errorCount := 0
 	for uid, secret := range c.Secrets {
 		c.logger.Debugf("deleting secret %q", util.NameFromMeta(secret.ObjectMeta))
 		err := c.KubeClient.Secrets(secret.Namespace).Delete(context.TODO(), secret.Name, c.deleteOptions)
 		if err != nil {
-			return err
+			errors = append(errors, fmt.Sprintf("could not delete secret %q: %v", util.NameFromMeta(secret.ObjectMeta), err))
+			errorCount++
 		}
 		c.logger.Infof("secret %q has been deleted", util.NameFromMeta(secret.ObjectMeta))
 		c.Secrets[uid] = nil
 	}
 
+	if errorCount > 0 {
+		return fmt.Errorf("could not delete all secrets: %v", errors)
+	}
+
 	return nil
 }