MichaelHindley
commented
2 years ago Investigating this further as an issue with the inventory implementation by the Gitlab Kubernetes Agent OR the inventory package, as there are inventory entries that start with _ and if edited and applied manually, the reconciliation triggers correctly.
The field separator at https://github.com/kubernetes-sigs/cli-utils/blob/4dd01e9068d2ebc8ace0f79a44ccdaebee86088f/pkg/object/objmetadata.go#L29-L32
The underscore character is indeed allowed as a resource name. As far my understanding goes, resource names fall into https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#path-segment-names where the only disallowed characters are
.,..,/,%.How this manifests itself is when tools that rely on cli-utils, like in our case the Gitlab Kubernetes Agent for GitOps attempt to reconcile resources from CNCF projects like Crossplane, they fail due to the ObjectMetadata validator imposing this constraints and throwing an error on valid resource names like this;
GitOps reconciliation engines use cli-utils for parts of their functionality and when it imposes it's own standards on naming it' seems to be causing issues in downstream projects.
For instance in this example, this resource can be applied with kubectl apply, but it can not be reconciled due to cli-utils not allowing
_in the resource name.I'm not sure who is right or wrong here, but I would at the very least expect to be able to apply valid kubernetes resources when using cli-utils, hence I created this issue here. I am also pinging maintainers in other affected repos as I track down where the implementations manifest themselves.