search

vmware-archive / kubecfg

A tool for managing complex enterprise Kubernetes environments as code.
Apache License 2.0
727 stars 62 forks source link

type assertion panic in --diff-strategy=subset #269

Closed shric closed 5 years ago

shric commented 5 years ago

Naive pull request which seems to fix: https://github.com/bitnami/kubecfg/pull/268 The test case I added reproduced the panic pre-fix, but see below for real world example.

If, for example live has an array but the corresponding portion of config is an object:

panic: interface conversion: interface {} is []interface {}, not map[string]interface {}

goroutine 1 [running]:
kubecfg.removeFields(0x1f62e00, 0xc0007e30e0, 0x1ee9ee0, 0xc0003f3c60, 0xc0003662f8, 0xc000329801)
        kubecfg/diff.go:182 +0x1bf
kubecfg.removeMapFields(0xc0007e3020, 0xc0003296b0, 0x214d949)
        kubecfg/diff.go:202 +0x128
kubecfg.DiffCmd.Run(0x233ed00, 0xc0004b4578, 0x2388940, 0xc0000afe90, 0x213b53d, 0x7, 0x0, 0x7ffeefbff08b, 0x6, 0xc0007e3230, ...)

To reproduce, create something with an array field, e.g.:

  foo_role: kube.Role($.name) {
    rules: [ {
      apiGroups: ["extensions"],
      resources: ['podsecuritypolicies'],
      verbs: ['use'],
      resourceNames: [$.name],
    ] },
  },

Then make rules an object instead of an array:

  foo_role: kube.Role($.name) {
    rules: {
      apiGroups: ["extensions"],
      resources: ['podsecuritypolicies'],
      verbs: ['use'],
      resourceNames: [$.name],
    },
  },

Upon diff-strategy=subset https://github.com/bitnami/kubecfg/blob/38d6080676bdf18c02025af6775cd8b1967132a5/pkg/kubecfg/diff.go#L178-L181 finds that config's field is a map[string]interface{} but live is a []interface {} and fails the assertion. The converse should also fail in the same manner.