OCM-12806 | feat: Delete operator roles auto mode (and changes to account roles)

[hunterkepley]

There is a map which we return from the function which merges with maps from the last call (deleteOperatorRole is called once per role so we must merge these, and only print out warnings that we could not delete the policies ONCE PER POLICY). The issue is that, without this, you will get prints 1) if they are deleted in the end and 2) multiple times for the route53 policy

With these changes, it only prints the warning when it is unable to delete the policy one time. One role may be unable to delete a policy (controlplane) if the other still has the role attached (ingress). We cannot do this before or after function calls because it is designed to ask the user per every oprole if they want to delete the role.

There is an extra change to account roles which makes sure you are using hcpsharedvpc roles before asking if you want to attempt deleting the hcpsharedvpc roles. This way it doesn't ask if you are using non-sharedvpc hcp account or op roles

In the end, this results in good UX, where the user is asked once if they want to delete these policies, and will tell you once if the policy was deleted, or unable to be deleted due to attachments to other resources

[den-rgb]

/retest

[codecov]

Codecov Report

Attention: Patch coverage is 22.05882% with 53 lines in your changes missing coverage. Please review.

Project coverage is 29.11%. Comparing base (0e62a32) to head (4bb370e).
Report is 7 commits behind head on master.

Files with missing lines	Patch %	Lines
pkg/aws/policies.go	32.60%	27 Missing and 4 partials ⚠️
pkg/roles/utils.go	0.00%	18 Missing ⚠️
cmd/dlt/accountroles/cmd.go	0.00%	4 Missing ⚠️

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #2656      +/-   ##
==========================================
- Coverage   29.18%   29.11%   -0.07%     
==========================================
  Files         184      184              
  Lines       25352    25451      +99     
==========================================
+ Hits         7399     7411      +12     
- Misses      17358    17443      +85     
- Partials      595      597       +2     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[den-rgb]

/lgtm

[openshift-ci]

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: den-rgb, hunterkepley

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

• OWNERS [den-rgb,hunterkepley]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[openshift-ci-robot]

/retest-required

Remaining retests: 0 against base HEAD dcd493e and 2 for PR HEAD 4bb370e in total

[openshift-ci]

@hunterkepley: all tests passed!

Full PR test history. Your PR dashboard.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository. I understand the commands that are listed here.

[hunterkepley]

/cherry-pick release_1.2.49

[openshift-cherrypick-robot]

@hunterkepley: new pull request created: #2665

In response to this:

/cherry-pick release_1.2.49

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.