cherry-pick: release-1.134: fix: sanitize managed fields metadata to remove leaked status subresource#6035
Merged
google-oss-prow[bot] merged 3 commits intoGoogleCloudPlatform:release-1.134from Jan 15, 2026
Conversation
…urce json.Unmarshal merges the input JSON into the existing struct. When reusing a k8s.Resource object across reconciliations, if a previous operation (like a status update) added a managedFields entry with subresource: status, and the subsequent json.Unmarshal (for a spec update) touches the same fields, the subresource: status field persists in the entry even if the new input didn't have it. This causes incorrect managedFields metadata where spec updates are attributed to the status subresource, leading to 'Location must be set' errors because KCC ignores spec fields managed by status. This change: 1. Adds SanitizeSpecManagedFields to explicitly clear subresource from entries that manage f:spec. 2. Applies this sanitization in LifecycleHandler.updateStatus and updateAPIServer immediately after unmarshalling the response. 3. Adds unit tests covering this corruption scenario. Refs: b/465380187
Collaborator
|
/lgtm |
Collaborator
|
/lgtm |
Contributor
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: cheftako The full list of commands accepted by this bot can be found here. The pull request process is described here DetailsNeeds approval from an approver in each of these files:
Approvers can indicate their approval by writing |
97f47e1
into
GoogleCloudPlatform:release-1.134
210 of 211 checks passed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Cherry picking PR #6008
BRIEF Change description
This change:
f:spec.LifecycleHandler.updateStatusandLifecycleHandler.updateAPIServerimmediately after unmarshalling the response viautil.Marshal().Fixes: b/465380187
WHY do we need this change?
json.Unmarshalmerges the input JSON into the existing struct. When reusing ak8s.Resourceobject across reconciliations, if a previous operation (like a status update) added a managedFields entry withsubresource: status, and the subsequentjson.Unmarshal(for a spec update) touches the same fields, thesubresource: statusfield persists in the entry even if the new input didn't have it.This causes incorrect managedFields metadata where spec updates are attributed to the status subresource, leading to 'Location must be set' errors when reconciling a CloudSchedulerJob because the controller ignores spec fields managed by status.
Special notes for your reviewer:
Does this PR add something which needs to be 'release noted'?
Additional documentation e.g., references, usage docs, etc.:
Intended Milestone
Please indicate the intended milestone.
Tests you have done
make ready-prto ensure this PR is ready for review.Created local build and ran E2E test to verify the managed fields stay correct all the time.