Skip to content

Annotations removed post bootstrap #239

Open
Open
Annotations removed post bootstrap#239
Labels
bugSomething isn't workingneeds triageWaiting for discussion / prioritization by team
@rcamse

Description

@rcamse
rcamse
opened on Dec 11, 2025

Subject of the issue

Using post rendering in Helm to set annotation on a configmap, however after bootstrap runs on install the annotations are removed.
Could we allow annotations either on the chart itself through values.yaml, or prevent bootstrap from pruning any labels/annotations added in post rendering.

Steps to reproduce

Add post rendering to Helm chart to add annotation. Done this via flux.

apiVersion: helm.toolkit.fluxcd.io/v2
kind: HelmRelease
metadata:
  creationTimestamp: "2025-12-11T14:50:53Z"
  finalizers:
  - finalizers.fluxcd.io
  generation: 1
  labels:
    kustomize.toolkit.fluxcd.io/name: step-certificates-release
    kustomize.toolkit.fluxcd.io/namespace: flux-deployment
  name: step-certificates
  namespace: flux-deployment
  resourceVersion: "32331357"
  uid: f321ecf4-17f8-447d-b355-e1d3f6a6cfa5
spec:
  chart:
    spec:
      chart: step-certificates
      reconcileStrategy: ChartVersion
      sourceRef:
        kind: HelmRepository
        name: step-certificates
      version: '*'
  install:
    crds: Create
    createNamespace: true
    remediation:
      retries: 3
  interval: 10m
  postRenderers:
  - kustomize:
      patches:
      - patch: "- op: add\n  path: /metadata/annotations\n  value: {}\n- op: add\n
          \ path: /metadata/annotations/reflector.v1.k8s.emberstack.com~1reflection-allowed\n
          \ value: \"true\"\n- op: add\n  path: /metadata/annotations/reflector.v1.k8s.emberstack.com~1reflection-allowed-namespaces\n
          \ value: \n"
        target:
          kind: ConfigMap
          name: step-certificates-certs
          namespace: step-test
          version: v1

Expected behaviour

Annotations are not removed after bootstrap is completed from any obects

Actual behaviour

Bootstrap seems to remove annotations added

Additional context

apiVersion: v1
kind: ConfigMap
metadata:
  annotations:
    meta.helm.sh/release-name: step-certificates
    meta.helm.sh/release-namespace: step-test
    test: test
  creationTimestamp: "2025-12-11T14:50:56Z"
  labels:
    app.kubernetes.io/instance: step-certificates
    app.kubernetes.io/managed-by: Helm
    app.kubernetes.io/name: step-certificates
    app.kubernetes.io/version: 0.28.1
    helm.sh/chart: step-certificates-1.28.1
    helm.toolkit.fluxcd.io/name: step-certificates
    helm.toolkit.fluxcd.io/namespace: flux-deployment
  name: step-certificates-certs
  namespace: step-test
  resourceVersion: "32327981"
  uid: 7528c20f-c03b-46a9-8146-73e665af7e73

Watching for changes of configmap

apiVersion: v1
data:
  intermediate_ca.crt: |
    REDACTED
  root_ca.crt: |
    REDACTED
kind: ConfigMap
metadata:
  creationTimestamp: "2025-12-11T14:50:56Z"
  name: step-certificates-certs
  namespace: step-test
  resourceVersion: "32328178"
  uid: 7528c20f-c03b-46a9-8146-73e665af7e73

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't workingneeds triageWaiting for discussion / prioritization by team

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions