fix cluster role binding namespace handling

[JaylonmcShan03]

Description

Fixes #710
This PR addresses and fixes the handling of namespaces in the kubernetes_cluster_role_binding_v1 resource

I am looking for feedback on my fix! Initially, I implemented logic in structures_rbac.go to handle namespace values directly. However, during acceptance testing, I encountered plan difference errors, where the namespace field was toggling between "default" and null. These differences caused Terraform to repeatedly attempt updates, believing the resource was not in the desired state.

To address this issue, I modified the schema to include diff suppression for the namespace field:
Diff suppression ensures that when the namespace field is either "default" (defaulted by Kubernetes) or null (irrelevant for Group and User), Terraform does not detect a difference.

Acceptance tests

• Have you added an acceptance test for the functionality being added?
• Have you run the acceptance tests on this branch?

Output from acceptance testing:

$ make testacc TESTARGS='-run=TestAccXXX'

...
irectory=/var/folders/bp/l16ph9cj7958ml9t254_zcv00000gn/T/plugintest2388791179 test_step_number=1
2024-11-25T08:43:36.326-0600 [DEBUG] sdk.helper_resource: Finished TestCase: test_name=TestAccKubernetesClusterRoleBindingV1_namespaceHandling
--- PASS: TestAccKubernetesClusterRoleBindingV1_namespaceHandling (1.77s)
PASS
ok      github.com/hashicorp/terraform-provider-kubernetes/kubernetes

Release Note

Release note for CHANGELOG:

...

References

Community Note

• Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
• If you are interested in working on this issue or have submitted a pull request, please leave a comment

[BBBmau]

seems like the logic can be simplified a bit more where the condition only handles the Kind that use the namespace. See if you can simplify this a bit more. Same goes for the flattener.

[BBBmau]

This looks good, only thing missing is a changelog-entry. after that i can approve this PR!

[BBBmau]

so i'm unsure if people are still running into this. Despite the comments on the previous issue I went and attempted to reproduce the bug but came across the expected behavior:
terraform init:

tf apply:

tfconfig:

terraform.tfstate:

I even went ahead and downgrade from 1.31->1.26 and still unable to reproduce the bug.

can you provide me with your kubectl configs as well as confirming that you can reproduce it yourself?

[stevehipwell]

@BBBmau it looks like your test is making use of the workaround of providing namespace = "" for cluster scoped subjects. To test this please remove lines 15 & 22 from your config.

[BBBmau]

@BBBmau it looks like your test is making use of the workaround of providing namespace = "" for cluster scoped subjects. To test this please remove lines 15 & 22 from your config.

That's what I get for attempting to reproduce a bug late at night. Thanks!

[BBBmau]

works great! I fixed up the test since it was explicitly setting the namespace to "". removed and tests pass as well as confirming by doing some manual tests.