Replacements takes secret name without a random suffix

What happened?

Replacements set wrong secret name to target key, it does not contain a random suffix.

What did you expect to happen?

Secret name from secret object and in replaced paths matches.

How can we reproduce it (as minimally and precisely as possible)?

# kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
  - service.yaml
secretGenerator:
  - name: data
    envs:
      - data.env
replacements:
  - source:
      kind: Secret
    targets:
      - select:
          kind: Service
        fieldPaths:
          - metadata.annotations.secretName
        options:
          create: true

# service.yaml
apiVersion: v1
kind: Service
metadata:
  name: nginx
spec:
  type: ClusterIP
  ports:
  - port: 80
    targetPort: http
    protocol: TCP
    name: http

# data.env
a=b

Expected output

apiVersion: v1
data:
  a: Yg==
kind: Secret
metadata:
  name: data-k695gkmbtk
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
  annotations:
    secretName: data-k695gkmbtk
  name: nginx
spec:
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: http
  type: ClusterIP

Actual output

apiVersion: v1
data:
  a: Yg==
kind: Secret
metadata:
  name: data-k695gkmbtk
type: Opaque
---
apiVersion: v1
kind: Service
metadata:
  annotations:
    secretName: data # <-- here it is
  name: nginx
spec:
  ports:
  - name: http
    port: 80
    protocol: TCP
    targetPort: http
  type: ClusterIP

Kustomize version

v5.5.0

Operating system

Linux

kubernetes-sigs / kustomize

Replacements takes secret name without a random suffix #5791

What happened?

What did you expect to happen?

How can we reproduce it (as minimally and precisely as possible)?

Expected output

Actual output

Kustomize version

Operating system