Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] modifications in generated resource are not overridden till the next sync #1426

Closed
JimBugwadia opened this issue Jan 2, 2021 · 0 comments · Fixed by #1463
Closed

[BUG] modifications in generated resource are not overridden till the next sync #1426

JimBugwadia opened this issue Jan 2, 2021 · 0 comments · Fixed by #1463
Assignees
@NoSkillGirl
Labels
bug Something isn't working
Milestone
Kyverno Release 1...

Comments

@JimBugwadia
Copy link
Member

Software version numbers

1.3.0-rc9

Describe the bug

Generate a resource with synchronize: true. Now change the resource. The expectation is that the changes are immediately reverted to match the policy clone source resource or data element.

To Reproduce

Apply policy:

apiVersion: kyverno.io/v1
kind: ClusterPolicy
metadata:
  name: generate-secret
spec:
  rules:
  - name: generate-secret
    match:
      resources:
        kinds:
        - Namespace
    generate:
      synchronize: true
      kind: Secret
      name: mysecret
      namespace: "{{ request.object.metadata.name }}"
      data:
        kind: Secret
        type: Opaque
        data:
          secret1: c2VjcmV0
          secret2: c2VjcmV0
          secret3: c2VjcmV0

Then edit the resource. Remove secret2 and add a secret4.

Expected behavior

The resource changes are reverted to match the policy.

Note that changes to other data elements (not controlled by the policy) should not be updated.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@NoSkillGirl NoSkillGirl

Labels
bug Something isn't working
Projects
None yet
Milestone
Kyverno Release 1.3.2
Development

Successfully merging a pull request may close this issue.

added logic for generate policy with data NoSkillGirl/kyverno
3 participants
@JimBugwadia @realshuting @NoSkillGirl