Problem
When a user deletes a ServiceProviderAPI object (e.g., Flux) at the onboarding cluster, the ServiceProvider begins tearing down its managed resources (HelmRelease, OCIRepository, Secrets - all these resources so that a domain service runs). However, there's no check to verify whether user-created resources of that domain's APIs (e.g., GitRepository, Bucket, HelmRepository) still exist on the MCP.
This can lead to:
- Orphaned custom resources on the MCP after the controllers are removed
- Unexpected behavior for end users who still have active resources
Proposed Documentation
Add a section to the Service Provider development guide that:
- Makes developers aware when proper finalizer handling is critical
- Explains the expected deletion flow (check for user CRs before removing managed resources)
- Explain the problem of determining which objects block deletion (generically) but in the same time it would be desirable to give the end user a good UX e.g. by adding a new status condition/phase (
DeletionBlocked) to the ServiceProviderAPI object at the Onboarding cluster
- Notes that this protection mechanism is not yet implemented in the service-provider-runtime/template
Acceptance Criteria
Problem
When a user deletes a ServiceProviderAPI object (e.g.,
Flux) at the onboarding cluster, the ServiceProvider begins tearing down its managed resources (HelmRelease,OCIRepository, Secrets - all these resources so that a domain service runs). However, there's no check to verify whether user-created resources of that domain's APIs (e.g.,GitRepository,Bucket,HelmRepository) still exist on the MCP.This can lead to:
Proposed Documentation
Add a section to the Service Provider development guide that:
DeletionBlocked) to the ServiceProviderAPI object at the Onboarding clusterAcceptance Criteria