From 3636d8f023713bc033c21f3ad36204787768355d Mon Sep 17 00:00:00 2001
From: Jan Roehrich <jan.roehrich@mercedes-benz.com>
Date: Wed, 22 Mar 2023 15:18:03 +0100
Subject: [PATCH] Fix session surviving cluster purge and recreate through
 cache

 * session needs to be removed from cache in case of faulty retrieval from credentials providers
---
 pkg/cloud/scope/session.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/pkg/cloud/scope/session.go b/pkg/cloud/scope/session.go
index f2338a260c..acf3fa3ab8 100644
--- a/pkg/cloud/scope/session.go
+++ b/pkg/cloud/scope/session.go
@@ -162,6 +162,10 @@ func sessionForClusterWithRegion(k8sClient client.Client, clusterScoper cloud.Cl
 		_, err := providers[0].Retrieve()
 		if err != nil {
 			conditions.MarkUnknown(clusterScoper.InfraCluster(), infrav1.PrincipalCredentialRetrievedCondition, infrav1.CredentialProviderBuildFailedReason, err.Error())
+
+			// delete the existing session from cache. Otherwise, we give back a defective session on next method invocation with same cluster scope
+			sessionCache.Delete(getSessionName(region, clusterScoper))
+
 			return nil, nil, errors.Wrap(err, "Failed to retrieve identity credentials")
 		}
 		awsConfig = awsConfig.WithCredentials(credentials.NewChainCredentials(awsProviders))