Skip to content

Deploy fails for escaped quotesΒ #710

New issue
New issue
Open
Open
Deploy fails for escaped quotes#710
Labels
bugSomething isn't working
@oleva

Description

@oleva
oleva
opened on Nov 13, 2025

Which component(s) is affected?

No response

Describe the bug

Kubero operator generates a deploy command with escaped quotes that fail in shell:

sh -c "kubectl patch kuberoapps $APP --type=merge -p \"{\"spec\":{\"image\":{\"repository\": \"$REPOSITORY\",\"tag\": \"$TAG\"}}}\""

When sh -c executes this, the escaped quotes " inside the double-quoted string are misinterpreted, causing malformed JSON.

Causing:
Error from server (BadRequest): error decoding patch: invalid character 's' looking for beginning of object key string

Fix:
Use --patch-file instead of inline JSON patch.

Steps to reproduce

  1. Install Kubero on Upcloud
  2. Link to Docker repo
  3. Try to deploy with Source code -> Docker file

buildstrategy: dockerfile
deploymentstrategy: git
autodeploy: true

Expected behavior

The deploy step should successfully patch the KuberoApp resource with the new image repository and tag.

-> Build and deployed application

Screenshots

No response

Additional information

When Kubero creates a build job for GitOps deployment, the deploy container uses an inline JSON patch command that fails due to shell quoting issues:

Actual command generated by Kubero (from job spec):

json
{
  "command": [
    "sh",
    "-c",
    "kubectl patch kuberoapps $APP --type=merge -p \"{\"spec\":{\"image\":{\"repository\": \"$REPOSITORY\",\"tag\": \"$TAG\"}}}\""
  ]
}

The escaped quotes \" inside the double-quoted string in sh -c are not properly handled. When executed, the shell misinterprets the JSON structure, resulting in malformed JSON being sent to the Kubernetes API.

Suggested Fix

Replace the inline JSON patch with --patch-file approach:

Current (broken):

sh -c "kubectl patch kuberoapps $APP --type=merge -p \"{\"spec\":{\"image\":{\"repository\": \"$REPOSITORY\",\"tag\": \"$TAG\"}}}\""

Suggested fix:

sh -c "printf '{\"spec\":{\"image\":{\"repository\":\"%s\",\"tag\":\"%s\"}}}' \"\$REPOSITORY\" \"\$TAG\" > /tmp/patch.json && kubectl patch kuberoapps \"\$APP\" -n <NAME> --type=merge --patch-file /tmp/patch.json"

patch.json file containing:

The printf command generates a JSON file with the following structure (example values):

{
  "spec": {
    "image": {
      "repository": "registry.example.com",
      "tag": "main-EXAMPLE-1763035897983-20251113-1211"
    }
  }
}

Debug information

No response

Metadata

Metadata

Assignees

No one assigned

    Labels

    bugSomething isn't working

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions