Fix Workload Cluster Deletion: Improve jq Query to Target Only Kustomization/HelmRelease on Workload Cluster

francois klieberrequested to merge
feature/keep_prune_on_cluster-import_kustomization into main

Problem:

When a workload cluster named workload-cluster is deleted, the deletion hook is supposed to remove all associated resources (Kustomizations, HelmReleases, etc.). However, there is an issue where a specific Kustomization named cattle-agent-workload-cluster is not deleted, and the cluster itself is not removed from Rancher.

The root cause is that the deletion hook does not prune the Kustomization named cluster-import because its .spec.kubeConfig is not empty; it contains a reference to the cluster-creator-kubeconfig, which is necessary for the correct import of the cluster into Rancher.

Solution:

This MR proposes to prevent Kustomizations or HelmReleases that use .spec.kubeConfig.secretRef.name = "cluster-creator-kubeconfig" from having the prune option disabled. This change ensures that these specific resources are handled correctly during the deletion process, allowing the workload cluster to be fully removed.

Merge request reports