ConfigMapGenerator should not update unrelated ClusterRole rule

When using the ConfigMap generator, a lease object entry is updated with the
generated configmap name. This should not happen as it's an unrelated object
type.

As a workaround a unique name can be used for the ConfigMap.

Fails on kustomize version 4.2.0 and kubectl version v1.21.2
This commit is contained in:
Lincoln Stoll
2021-07-10 16:26:48 +02:00
committed by Katrina Verey
parent ee4b7847f0
commit 4079056501

View File

@@ -531,3 +531,59 @@ metadata:
name: secret-example-7hf4fh868h
`)
}
func TestUnrelatedNameReferenceReplacementIssue4054(t *testing.T) {
th := kusttest_test.MakeHarness(t)
// The cluster-autoscaler lease name should not be changed.
th.WriteF("role.yaml", `
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: cluster-autoscaler
rules:
- apiGroups: ["coordination.k8s.io"]
resources: ["leases"]
resourceNames: ["cluster-autoscaler"]
verbs: ["get","update"]
`)
th.WriteK(".", `
resources:
- role.yaml
configMapGenerator:
- name: cluster-autoscaler
namespace: kube-system
literals:
- AWS_REGION="us-east-1"
`)
// The resourceNames for the leases resource in the ClusterRole should not be
// updated with the name suffix, because it's not targeting the generated
// configmap
m := th.Run(".", th.MakeDefaultOptions())
th.AssertActualEqualsExpected(m, `
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
labels: null
name: cluster-autoscaler
rules:
- apiGroups:
- coordination.k8s.io
resourceNames:
- cluster-autoscaler
resources:
- leases
verbs:
- get
- update
---
apiVersion: v1
data:
AWS_REGION: us-east-1
kind: ConfigMap
metadata:
name: cluster-autoscaler-h8mmcct52k
namespace: kube-system
`)
}