Objects not discovered as dependent, but parent-object discovered as dependency
erdii opened this issue ยท 1 comments
Hey @tohjustin ๐ :)
I think I've experienced a bug and hope this report helps improving your wonderful tool.
Please let me know if you want more info or something else!
Story time
I've installed package-operator which brings its own CRDs which are strictly organized in a hierarchy.
After installation of the operator [1], there is a tree of objects, glued together by ownerReferences that looks like this:
ClusterPackage/package-operator
-> ClusterObjectDeployment/package-operator
-> ClusterObjectSet/package-operator-$hash
-> Actual kubernetes objects
But some object relations are missing from kubectl-lineage's output. This is the output for kubectl lineage clusterpackage package-operator:
NAME READY STATUS AGE
ClusterPackage/package-operator - 3m35s
โโโ ClusterObjectDeployment/package-operator - 3m34s
โโโ ClusterObjectSet/package-operator-56496479f6 - 3m33s
โโโ ClusterRole/package-operator-remote-phase-manager - 3m17s
โโโ ClusterRoleBinding/package-operator - 3m44s
โโโ CustomResourceDefinition/clusterobjectdeployments.package-operator.run - 3m37s
โโโ CustomResourceDefinition/clusterobjectsetphases.package-operator.run - 3m37s
โโโ CustomResourceDefinition/clusterobjectsets.package-operator.run - 3m37s
โโโ CustomResourceDefinition/clusterobjectslice.package-operator.run - 3m37s
โโโ CustomResourceDefinition/clusterobjecttemplates.package-operator.run - 3m37s
โโโ CustomResourceDefinition/clusterpackages.package-operator.run - 3m37s
โโโ CustomResourceDefinition/objectdeployments.package-operator.run - 3m37s
โโโ CustomResourceDefinition/objectsetphases.package-operator.run - 3m37s
โโโ CustomResourceDefinition/objectsets.package-operator.run - 3m37s
โโโ CustomResourceDefinition/objectslice.package-operator.run - 3m37s
โโโ CustomResourceDefinition/objecttemplates.package-operator.run - 3m37s
โโโ CustomResourceDefinition/packages.package-operator.run - 3m37s
โโโ Namespace/package-operator-system - 4m22s
I know that there is a missing ServiceAccount which I can reverse query for its dependencies with kubectl lineage -D -n package-operator-system ServiceAccount/package-operator:
NAMESPACE NAME READY STATUS AGE
package-operator-system ServiceAccount/package-operator - 5m31s
โโโ ClusterObjectSet/package-operator-56496479f6 - 5m20s
โ โโโ ClusterObjectDeployment/package-operator - 5m21s
โ โโโ ClusterPackage/package-operator - 5m22s
โโโ ClusterRoleBinding/package-operator - 5m31s
โ โโโ ClusterObjectSet/package-operator-56496479f6 - 5m20s
โ โโโ ClusterRole/cluster-admin - 6m56s
โโโ ClusterRoleBinding/system:basic-user - 6m56s
โ โโโ ClusterRole/system:basic-user - 6m56s
โโโ ClusterRoleBinding/system:discovery - 6m56s
โ โโโ ClusterRole/system:discovery - 6m56s
โโโ ClusterRoleBinding/system:public-info-viewer - 6m56s
โ โโโ ClusterRole/system:public-info-viewer - 6m56s
โโโ ClusterRoleBinding/system:service-account-issuer-discovery - 6m56s
โโโ ClusterRole/system:service-account-issuer-discovery - 6m56s
and also a deployment kubectl lineage -D -n package-operator-system Deployment/package-operator-manager:
NAMESPACE NAME READY STATUS AGE
package-operator-system Deployment/package-operator-manager 1/1 11m
โโโ ClusterObjectSet/package-operator-56496479f6 - 11m
โโโ ClusterObjectDeployment/package-operator - 11m
โโโ ClusterPackage/package-operator - 11m
I'll link the Package sources for reference [2]. The full list of missing dependent objects should be:
- Deployment/package-operator-manager
- ServiceAccount/package-operator
All objects have proper ownerReferences set up. I've tried to include all relevant object manifest in the attached dump. [3]
[1]
kubectl apply -f https://github.com/package-operator/package-operator/releases/download/v1.6.5/self-bootstrap-job.yaml
[2] https://github.com/package-operator/package-operator/tree/v1.6.6/config/packages/package-operator
[3] package-operator-objectdump.tar.gz
Hi @erdii! Really glad that you found this tool useful for you & thanks for writing this comprehensive bug report ๐
Can I also trouble you to share the example outputs shared above but including the --output=wide flag? That would help me get a better idea of the list of relationships that the tool as resolved from scanning through all the resources fetched from your cluster.
I'll try to make some time to take a good look at this soon ๐