Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

CRD update fails if last-applied-configuration annotation too long

See original GitHub issue

During testing, I noticed another strange behavior, if I should put it another issue, let me know. Looks like pulumi falsely states, that the prometheuses.monitoring.coreos.com CRD was updated when enableReplaceCRD is false, but actually, it wasn’t. I tested this on minikube with kubernetes version v1.21.2.

Steps to reproduce:

Make sure you’re using an older pulumi-kubernetes version than 3.12.1, I used 3.7.2.
Use the code from my first comment with enableReplaceCRD: false and deploy the chart version 18.0.7. It should be deployed fine and the prometheuses.monitoring.coreos.com CRD should have a long kubectl.kubernetes.io/last-applied-configuration annotation.
Save the CRD definition with kubectl get crd/prometheuses.monitoring.coreos.com -o yaml.
Update the chart to 23.3.2 and try to deploy, it should fail on prometheuses.monitoring.coreos.com with the message the Kubernetes API server reported that "prometheuses.monitoring.coreos.com" failed to fully initialize or become live: CustomResourceDefinition.apiextensions.k8s.io "prometheuses.monitoring.coreos.com" is invalid: metadata.annotations: Too long: must have at most 262144 bytes.
Update pulumi-kubernetes to 3.12.1.
Try to deploy again, it will show, that all CRDs were updated.
Save the CRD definition again and compare it with the previous version, it will be the same.
Optionally check pulumi state with pulumi stack export, it will show that prometheuses.monitoring.coreos.com CRD resource has the newest version, both in the inputs and outputs section. The easiest way to do this, just to check the controller-gen.kubebuilder.io/version annotation, for the 18.0.7 chart it will be v0.4.1, for 23.3.2 will show v0.6.2.
Set enableReplaceCRD: true then run pulumi up.
Run pulumi refresh, it will show, that ~__inputs changed on prometheuses.monitoring.coreos.com.
Optionally check pulumi state again, now both inputs and outputs will show the older CRD definition from the 18.0.7 chart.
Run pulumi up, prometheuses.monitoring.coreos.com will show an update, but will fail with the error: the Kubernetes API server reported that "prometheuses.monitoring.coreos.com" failed to fully initialize or become live: CustomResourceDefinition.apiextensions.k8s.io "prometheuses.monitoring.coreos.com" is invalid: metadata.annotations: Too long: must have at most 262144 bytes.

So with the latest pulumi-kubernetes version without enableReplaceCRD, it says that every CRD updated, even prometheuses.monitoring.coreos.com, but on the environment, it actually stays the same.

_Originally posted by @ncsibra in https://github.com/pulumi/pulumi-kubernetes/issues/1841#issuecomment-996760823_

Issue Analytics

State:
Created 2 years ago
Comments:7 (1 by maintainers)

Top GitHub Comments

1reaction

gitfoolcommented, May 26, 2022

@lblackstone no unexpected changes now; thank you! 🎉

Resources:
    130 unchanged

1reaction

lblackstonecommented, May 24, 2022

Appreciate your patience on this fix! I got pulled off onto another project for the last several months and am just getting back to it. I’ve updated the PR, and should have a release out in the next day or two.