@@ -630,6 +630,8 @@ public static Object createResource(io.kubernetes.client.openapi.ApiClient clien
630630 public static Object createResource (io .kubernetes .client .openapi .ApiClient client , Reader reader )
631631 throws IOException , io .kubernetes .client .openapi .ApiException {
632632 // Load the YAML as a map to extract apiVersion and kind
633+ // Note: The getSnakeYaml() method already configures LoaderOptions with appropriate
634+ // security settings to prevent YAML bombs and other attacks
633635 Map <String , Object > data = getSnakeYaml (null ).load (reader );
634636
635637 String kind = (String ) data .get ("kind" );
@@ -649,6 +651,8 @@ public static Object createResource(io.kubernetes.client.openapi.ApiClient clien
649651 }
650652
651653 // Load the YAML into the strongly typed object
654+ // Note: This double-loading approach (first as Map, then as typed object) follows the
655+ // design recommended in the issue discussion to properly handle type determination
652656 Object resource = loadAs (new StringReader (getSnakeYaml (clazz ).dump (data )), clazz );
653657
654658 // Ensure the resource is a KubernetesObject
@@ -703,6 +707,7 @@ public static Object createResource(io.kubernetes.client.openapi.ApiClient clien
703707 // For namespaced resources
704708 String namespace = k8sObject .getMetadata ().getNamespace ();
705709 if (namespace == null || namespace .isEmpty ()) {
710+ // Default to "default" namespace, matching kubectl behavior
706711 namespace = "default" ;
707712 }
708713 response = api .create (namespace , k8sObject , new io .kubernetes .client .util .generic .options .CreateOptions ());
0 commit comments