-
Notifications
You must be signed in to change notification settings - Fork 2.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiple matches error when using ClusterRole resourceNames for resource in multiple namespaces #1044
Comments
@tbarrella Each item in |
The reason this happened was using Skaffold with multiple Kaniko namespaces. Skaffold Config uses "docker-cfg" and "kaniko-secret" as default secret names, so those secrets were defined for multiple namespaces. I definitely wouldn't see this as a very big issue though |
@tbarrella Seems that pull request 1266 addresses the issue. Saved the configuration files used to reproduce here. kustomize build . apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dummy
rules:
- apiGroups:
- ""
resourceNames:
- dummy
resources:
- secrets
verbs:
- get
---
apiVersion: v1
data:
dummy: ""
kind: Secret
metadata:
name: dummy
namespace: default
type: Opaque
---
apiVersion: v1
data:
dummy: ""
kind: Secret
metadata:
name: dummy
namespace: kube-system
type: Opaque |
@tbarrella Can you confirm 3.0.3 is fixing th issue. $HOME/bin/kustomize.3.0.3 build . apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: dummy
rules:
- apiGroups:
- ""
resourceNames:
- dummy
resources:
- secrets
verbs:
- get
---
apiVersion: v1
data:
dummy: ""
kind: Secret
metadata:
name: dummy
namespace: default
type: Opaque
---
apiVersion: v1
data:
dummy: ""
kind: Secret
metadata:
name: dummy
namespace: kube-system
type: Opaque |
Yes, this looks fixed in 3.0.3, nice/thank you! |
Hello! This seems like a bug that's easiest to illustrate with an example. Is this meant to be handleable?
conifg.yaml:
kustomization.yaml:
Output:
The text was updated successfully, but these errors were encountered: