Based on the docs that I've read, there are 3 methods of patching:
The difference between patchesStrategicMerge and patchesJson6902 is obvious. patchesStrategicMerge requires a duplicate structure of the kubernetes resource to identify the base resource that is being patched followed by the modified portion of the spec to denote what gets changed (or deleted).
patchesJson6902 defines a 'target' attribute used to specify the kubernetes resource with a 'path' attribute that specifies which attribute in the resource gets modified, added, or removed.
However, what is not clear to me is the difference between patches and patchesJson6902. They seem to be very similar in nature. Both specify a 'target' attribute and operation objects which describes what gets modified.
The only difference I've noticed is that patches does not require a 'group' attribute while patchesJson6902 does; The reason for this is unknown.
So why the difference between the two? How do I determine which one to use?
The explanation for this is here.
To summarize, patchJson6902 is an older keyword which can only match one resource via target (no wildcards), and accepts only Group-version-kind (GVK), namespace, and name.
The patches directive is newer and accepts more elements (annotation selector and label selector as well). In addition, namespace and name can be regexes. The target for patches can match more than one resource, all of which will be patched.
In addition, with patches, it will attempt to parse patch files as a Json6902 patch, and if that does not work, it will fall back to attempting the patch as a strategic merge. Therefore, in many cases patches can obviate the need of using patchesStrategicMerge as well.
Overall, it seems as if patches should work pretty universally for new projects.
UPDATE: Indeed, both patchesJson6902 and patchesStrategicMerge have been deprecated in v5.0.0 in favor of patches.
Upstream documentation for these key words: