Skip to content

Bug Report: Kustomize operator service account duplicate definition conflict #19054

New issue
New issue
Open
#19053
Open
Bug Report: Kustomize operator service account duplicate definition conflict#19054
#19053
Assignees
mdnfiras
Labels
Component: OperatorVtop related issuesType: Bug
@mdnfiras

Description

@mdnfiras
mdnfiras
opened on Dec 18, 2025

Overview of the Issue

When deploying the examples/operator/operator.yaml file with FluxCD, I get the following error:

kustomize build failed: namespace transformation produces ID conflict: [{"apiVersion":"v1","kind":"ServiceAccount","metadata":{"annotations":{"internal.config.kubernetes.io/previousKinds":"ServiceAccount","internal.config.kubernetes.io/previousNames":"vitess-operator","internal.config.kubernetes.io/previousNamespaces":"example"},"name":"vitess-operator","namespace":"vitess"}} {"apiVersion":"v1","kind":"ServiceAccount","metadata":{"annotations":{"internal.config.kubernetes.io/previousKinds":"ServiceAccount","internal.config.kubernetes.io/previousNames":"vitess-operator","internal.config.kubernetes.io/previousNamespaces":"default"},"name":"vitess-operator","namespace":"vitess"}}]

The issue is that in examples/operator/operator.yaml there are 2 service accounts:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: vitess-operator
  namespace: example
---
apiVersion: v1
kind: ServiceAccount
metadata:
  name: vitess-operator

The example/vitess-operator service account is used by the RoleBinding and default/vitess-operator service account is used by the ClusterRoleBinding. The deployment namespace is not set, so it will default to default if applied with kubectl, and mount the default/vitess-operator service account.

With FluxCD/Kustomize however, I'm updating the namespace to vitess so it tries to update all resources, including both service accounts, hence the conflict.

Reproduction Steps

  1. Create the Flux Kustomization that points to file kustomization.yaml (shown below) which references the examples/operator/operator.yaml file:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: vitess

resources:
  - resources/vitess.ns.yaml
  - resources/operator.yaml
  1. Note that this kustomization.yaml file will set the namespace of all namespaced resources to vitess. Deploying this Flux Kustomization produces the previously mentioned error.

Binary Version

v23.0.0

Operating System and Environment details

Minikube Kubernetes on Debian.

Log Fragments

Metadata
Metadata
Assignees
Labels
Component: OperatorVtop related issuesType: Bug
Type
No type
Projects
No projects
Milestone
No milestone
Relationships
None yet
Development
No branches or pull requests
Issue actions