Can Kustomize use env substitution for a non kubernetes kind?
rodrigoscferraz opened this issue ยท 4 comments
Describe the bug
I guess this is not an issue but i don't know where i can put my doubts.
I have an env file with some key value pairs and i want to use one of this values inside a file that is a yaml file but not a Kubernetes kind...something like this:
objstore.yaml
type: s3
config:
bucket: ${THANOS_OBJSTORE_BUCKET}
endpoint: s3.us-west-2.amazonaws.com
Is it possible?
My kustomize file looks like this:
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: monitoring
secretGenerator:
- name: thanos-objstore-config
files:
- objstore.yml
generatorOptions:
disableNameSuffixHash: true
configMapGenerator:
- name: kustomize-env
namespace: flux-system
envs:
- env
Basically i'm passing the file to secretGenerator but each environment (prod, staging,etc) have a different bucket name, so i need to set this dynamically. So i used an env file, and works fine for Kubernetes Kinds but when i tried to do the same for the file above the secret generated had exactly the value ${THANOS_OBJSTORE_BUCKET} instead of the value in env file.
Steps to reproduce
Use secretGenerator with a non kubernetes kind
Expected behavior
I want to use env on non kubernetes kinds.
Kubernetes version / Distro / Cloud provider
1.22
Flux version
1.23
Git provider
No response
Container Registry provider
No response
Additional context
No response
Maintenance Acknowledgement
- I am aware of Flux v1's maintenance status
Code of Conduct
- I agree to follow this project's Code of Conduct
I do not think this is possible in Kustomize. (If it was possible or not, I believe the limitation would be on Kustomize's side.)
This is a really great question and I wanted to let you know how I feel about that, even if I don't have anything helpful to say here. There are some surprising things about features like substitution and kyaml setters that go along with image updating.
We should have better documentation around those issues, as it will help to consider where they may be caused by artificial limitations that were not imposed in an intentional way. However this (the Flux v1 repo) is unlikely to be the best place to have that whole conversation. Please check out the Flux v2 discussions:
https://github.com/fluxcd/flux2/discussions
This is the place where we recommend feature requests, general feedback, Q&A, and "how does it work" type topics to go, since it is searchable and persistent in a way that GitHub Issues cannot match. I do not know why you cannot envsubst inside of a patch file, or whether this is a universal limitation that might have some workaround... and I definitely do not know enough to say if it's a good reason or not. But these are all interesting questions!
@kingdonb oh gosh i didn't noticed that i'm on flux v1 repo hahaha but thx for feedback
Just to close this question i was able to do this using a Secret instead of the secret generator passing the values as a string with ugly "\n" to indent the content as i need.