Open DenisBiondic opened 5 years ago
There is a really hard to debug condition when you do something silly like defining a ClusterRole child with namespace as parts of its metadata. I have a repro repo with repro steps here: https://github.com/conplementAG/Metacontroller.ClusterRoleIssue
Essentially, this bit is problematic:
desired_children = [ { "apiVersion": "v1", "kind": "Namespace", "metadata": { "name": name } }, { "apiVersion": "rbac.authorization.k8s.io/v1", "kind": "ClusterRole", "metadata": { "name": name + "-my-special-role", "namespace": name # INTRODUCES AN INFINITE LOOP IN THE METACONTROLLER }, "rules": [ { "apiGroups": ["conplement.cloud"], "resources": ["supernamespaces"], "verbs": ["get", "list", "update", "delete"], "resourceNames": [name] } ] } ]
There is a really hard to debug condition when you do something silly like defining a ClusterRole child with namespace as parts of its metadata. I have a repro repo with repro steps here: https://github.com/conplementAG/Metacontroller.ClusterRoleIssue
Essentially, this bit is problematic: