kustomize
kustomize copied to clipboard
kubernetes-sigs
`kustomize` should leave all ConfigMap values as quoted strings, since no other type is legal.
What happened?
We have a YAML string in a ConfigMap that contains a variable (e.g. ${TEST}) which will be replaced with a string AFTER running kustomize --build .
The problem is that the quotes are removed from the string by kustomize and then if that variable is replaced with something like true, the ConfigMap will be invalid since true is interpreted as a boolean value instead of a string and that is not allowed in a ConfigMap.
What did you expect to happen?
I expect kustomize to leave a quoted string quoted.
How can we reproduce it (as minimally and precisely as possible)?
# kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- "configmap.yaml"
# resources.yaml
apiVersion: v1
kind: ConfigMap
metadata:
name: test-object
data:
pci: '${TEST}'
Expected output
apiVersion: v1
data:
pci: '${TEST}'
kind: ConfigMap
metadata:
name: test-object
Actual output
apiVersion: v1
data:
pci: ${TEST}
kind: ConfigMap
metadata:
name: test-object
- Note the missing quotes. If that variable is then templated with a boolean or integer, this is a significant problem.
Kustomize version
v5.3.0
Operating system
MacOS
This issue is currently awaiting triage.
SIG CLI takes a lead on issue triage for this repo, but any Kubernetes member can accept issues by applying the triage/accepted label.
The triage/accepted label can be added by org members by writing /triage accepted in a comment.
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.
Potentially related to: https://github.com/kubernetes-sigs/kustomize/issues/5124
This problem kinda sucks because the original YAML will have quotes that are not preserved between the conversion of kustomize template->JSON->YAML, and if we desire to keep them, there's no way to indicate to kustomize that they shouldn't be removed. Suppose we start with this YAML kustomize template:
apiVersion: v1
kind: ConfigMap
data:
test1: "${TEMPLATE_VAR1}"
test2: "{TEMPLATE_VAR2}"
test3: "true"
test4: "test4"
metadata:
name: config
When executing kustomize build, it'll read the kustomization.yaml file and render the manifest. I've narrowed the path down to the JSONToYAML() function used by the build command here: https://github.com/kubernetes-sigs/kustomize/blob/33caee50cb25954e1889cea30e3a5b6283e0bfef/api/resource/resource.go#L371
This function is supposed to take a JSON byte array and turns it into valid YAML:
JSON:
{"apiVersion":"v1","data":{"test1":"${TEMPLATE_VAR1}","test2":"{TEMPLATE_VAR2}","test3":"true","test4":"test4"},"kind":"ConfigMap","metadata":{"name":"config"}}
FINAL RESULT
apiVersion: v1
data:
test1: ${TEMPLATE_VAR1}
test2: '{TEMPLATE_VAR2}'
test3: "true"
test4: test4
kind: ConfigMap
metadata:
name: config
My assumption is that any string that isn’t already a valid JSON type (such as a sub structure with {} or a boolean true) gets its quotes stripped (You can test the code out in this playground link: https://go.dev/play/p/rFUUlFjPk5f):
Our investigation suggests that the YAML parser is doing the right thing, but the fact that quotes are removed when we explicitly need them, and there appears to be no way to force them to be kept, is very problematic in our use case.