From 92d5172ad42ebc62eb78cac21b1e236ad6ace580 Mon Sep 17 00:00:00 2001
From: GitLab Bot <gitlab-bot@gitlab.com>
Date: Fri, 28 Aug 2020 21:20:15 +0000
Subject: Add latest changes from gitlab-org/security/gitlab@13-3-stable-ee

---
 app/services/clusters/aws/authorize_role_service.rb | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

(limited to 'app/services/clusters/aws')

diff --git a/app/services/clusters/aws/authorize_role_service.rb b/app/services/clusters/aws/authorize_role_service.rb
index fb620f77b9f..2712a4b05bb 100644
--- a/app/services/clusters/aws/authorize_role_service.rb
+++ b/app/services/clusters/aws/authorize_role_service.rb
@@ -9,6 +9,7 @@ module Clusters
 
       ERRORS = [
         ActiveRecord::RecordInvalid,
+        ActiveRecord::RecordNotFound,
         Clusters::Aws::FetchCredentialsService::MissingRoleError,
         ::Aws::Errors::MissingCredentialsError,
         ::Aws::STS::Errors::ServiceError
@@ -20,7 +21,8 @@ module Clusters
       end
 
       def execute
-        @role = create_or_update_role!
+        ensure_role_exists!
+        update_role_arn!
 
         Response.new(:ok, credentials)
       rescue *ERRORS => e
@@ -33,14 +35,12 @@ module Clusters
 
       attr_reader :role, :params
 
-      def create_or_update_role!
-        if role = user.aws_role
-          role.update!(params)
+      def ensure_role_exists!
+        @role = ::Aws::Role.find_by_user_id!(user.id)
+      end
 
-          role
-        else
-          user.create_aws_role!(params)
-        end
+      def update_role_arn!
+        role.update!(params)
       end
 
       def credentials
-- 
cgit v1.2.1