Ansible k8s problem ("strategic merge patch format is not supported")

Hello,

i am trying to configure a k8s cluster with ansible. It is working quite well but new i have a problem with a custom resource (cert-manager Certificate and ClusterIssuer) When i rerun the scripts it gives me an error: “strategic merge patch format is not supported”.
I am not sure if it is an Ansible problem but if i am correct this was a bug in k8s but it has been already fixed. (here https://github.com/kubernetes/kubernetes/issues/53379 and here https://github.com/kubernetes/kubernetes/pull/53558)
If i run kubectl apply it works without problem (certificate “mycert” configured).

The role looks like this:

• name: Create cluster issuer
  k8s:
  state: present
  kubeconfig: “{{kubeconfig_path}}”
  definition:
  apiVersion: certmanager.k8s.io/v1alpha1
  kind: ClusterIssuer
  metadata:
  name: letsencrypt-staging
  spec:
  acme:
  server: https://acme-staging-v02.api.letsencrypt.org/directory
  email: support@mycompany.com
  privateKeySecretRef:
  name: letsencrypt-staging
  http01: {}

Can someone help me what if this is a bug in ansible or it is a bug in k8s or just my mistake?

Thanks!
Attila

Apologies, I’ve only just seen this.

This is now fixed in devel - k8s takes a merge_type param - you can either pass ‘merge’ explicitly for Custom Resource Definitions or, as of this morning,

[‘strategic-merge’, ‘merge’] for all resources - if it fails to patch using strategic-merge, it will fall back to merge.

https://github.com/ansible/ansible/pull/42219

https://github.com/ansible/ansible/pull/44821

You’ll need to update openshift to 0.6.1 or above to make use of merge_type

As always, you can use devel modules with stable Ansible

http://willthames.github.io/2017/12/12/using-updated-modules-with-stable-ansible.html

here the caveat at the end is very important - you’ll want to copy module_utils/k8s/raw.py and common.py

Will