k8s-deploy: Cannot apply resources with defined namespaces in manifest
Repro steps:
- Obtain a manifest with defined namespaces (e.g. cert-manager, ingress-nginx)
- Add k8s-deploy step that deploys to kubernetes and commit, do not specify a namespece
Current behaviour:
- Kubernetes deployment fails
Error: the namespace from the provided object "kube-system" does not match the namespace "cert-manager". You must pass '--namespace=kube-system'
Error: the namespace from the provided object "ingress-nginx" does not match the namespace "default". You must pass '--namespace=ingress-nginx'
Expected behaviour:
- k8s-deploy should not pass namespace=default parameter to kubectl if namespace is not defined in github action
The reasoning is, official instructions for ingress-nginx, cert-manager and others do not need a namespace parameter in kubectl, and if namespace=default is passed, the command fails. I have to split the manifests into multiple manifests per each namespace as a workaround.
About this issue
- Original URL
- State: open
- Created 3 years ago
- Reactions: 3
- Comments: 23
Tried latest 4.9 and 4.10 releases, but issue is still here:
As a workaround for now, I’d suggest using multiple k8s-deploy commands in your YAML like so:
We recently patched an issue where kubectl errors were failing silently, causing the action to pass even if a kubectl command necessary to execute the action had failed. As a result, users were seeing rollout failures even though their resources had successfully deployed because our action was checking the default namespace (if no namespace was provided, but if one was provided to the action it would check that one) for the deployed resources, but since the resources would be deployed to the namespace specified in the YAML, the rollout check would not be able to find the deployed resource, thereby causing the action to fail.
Our solution was to make sure that if no namespace was provided to the action, kubectl would deploy and perform a rollout check on the default namespace, or to do the same to whatever other namespace may be provided. Of course, this leads to the issue that you ran into, where the namespace being used by the action in the
kubectl
command it runs (default) is different from the namespace specified in your deployment YAML, and kubectl fails as a result.We plan on working on a fix to support deployment to multiple namespaces within a single run by checking if deployment manifests specify a namespace, but I recommend using the above workaround until we release a new version with this functionality.
I hope this helps!
Thank you both and thank you @jaiveerk for the explanation!
@hansmbakker we will keep you updated on this. We are working on a fix.
@davidgamero I believe I’m encountering this issue with k8s-deploy@v4 but I cannot reopen this issue.
I’m trying to deploy cert-manager 1.10.1. cert-manager is normally installed using
kubectl apply -f
. I put the manifest from https://github.com/cert-manager/cert-manager/releases/download/v1.10.1/cert-manager.yaml in my repo and ran the following action:Log: