@@ -324,6 +324,36 @@ func (bal *BucketAccessListener) Delete(ctx context.Context, bucketAccess *v1alp
324324}
325325
326326func (bal * BucketAccessListener ) deleteBucketAccessOp (ctx context.Context , bucketAccess * v1alpha1.BucketAccess ) error {
327+ // Fetching bucketClaim and corresponding bucket to get the bucketID
328+ // for performing DriverRevokeBucketAccess request.
329+ bucketClaimName := bucketAccess .Spec .BucketClaimName
330+ bucketClaim , err := bal .bucketClaims (bucketAccess .ObjectMeta .Namespace ).Get (ctx , bucketClaimName , metav1.GetOptions {})
331+ if err != nil {
332+ klog .V (3 ).ErrorS (err , "Failed to fetch bucketClaim" , "bucketClaim" , bucketClaimName )
333+ return errors .Wrap (err , "Failed to fetch bucketClaim" )
334+ }
335+
336+ bucket , err := bal .buckets ().Get (ctx , bucketClaim .Status .BucketName , metav1.GetOptions {})
337+ if err != nil {
338+ klog .V (3 ).ErrorS (err , "Failed to fetch bucket" , "bucket" , bucketClaim .Status .BucketName )
339+ return errors .Wrap (err , "Failed to fetch bucket" )
340+ }
341+
342+ req := & cosi.DriverRevokeBucketAccessRequest {
343+ BucketId : bucket .Status .BucketID ,
344+ AccountId : bucketAccess .Status .AccountID ,
345+ }
346+
347+ // First we revoke the bucketAccess from the driver
348+ if _ , err := bal .provisionerClient .DriverRevokeBucketAccess (ctx , req ); err != nil {
349+ klog .V (3 ).ErrorS (err ,
350+ "Failed to revoke bucket access" ,
351+ "bucketAccess" , bucketAccess .ObjectMeta .Name ,
352+ "bucketClaim" , bucketClaimName ,
353+ )
354+ return errors .Wrap (err , "failed to revoke access" )
355+ }
356+
327357 credSecretName := bucketAccess .Spec .CredentialsSecretName
328358 secret , err := bal .secrets (bucketAccess .ObjectMeta .Namespace ).Get (ctx , credSecretName , metav1.GetOptions {})
329359 if err != nil {
0 commit comments