Open sebhoss opened 2 weeks ago
@sebhoss this is a server-side issue. The force=true
option replaces the resource whether it exists or not. A post request is issued to the server, however, it fails because you have set immutable=true
. The only way to fix that is to delete and re-create the secret
@abikouo thanks - I guess I was looking for something like kubectl replace
but with Ansible doing the replacement only if there is a difference and thus avoid to delete/create the secret on every execution.
SUMMARY
I have a secret that sets its
immutable
field totrue
and thus cannot be changed through a normal apply operation but requires a replacement in case itsdata
does change. According to https://docs.ansible.com/ansible/latest/collections/kubernetes/core/k8s_module.html#parameter-force a replacement should have happened but it fails insteadISSUE TYPE
COMPONENT NAME
kubernetes.core.k8s
ANSIBLE VERSION
COLLECTION VERSION
CONFIGURATION
OS / ENVIRONMENT
Fedora 40
STEPS TO REPRODUCE
Use the following secret (or any other that sets
immutable: true
):EXPECTED RESULTS
My expectation was that this changing the data of an immutable secret with
force: true
does workACTUAL RESULTS