Resolution of local file references in extensions transformer configuration

[KnVerey]

This issue continues a discussion started in https://github.com/kubernetes-sigs/kustomize/issues/4117. As of the fix for that issue, Kustomize sets the working directory for exec function plugins to the directory in which the current Kustomization is located. This solves the problem for the default case, where the configuration layer that initially defines the transformer config is the same as the layer that executes it.

There are two more advanced use cases where a problem remains: 1) When the transformer config is manipulated as a resource in lower Kustomization layers. 2) [upcoming] In Composition, where patching transformer config originating in a lower layer is a standard operation.

It is more important to address this for Composition, where manipulating transformer config is a first-class operation, and Kustomize always knows whether the KRM object it is dealing with is a transformer config.

Options under discussion include: 1) A reserved field (e.g. spec.localFilePaths) that Kustomize will always resolve relative to the current Kustomization, when present. This field would need to be harmonized with mounts.src in the function provider specification. This would be more dangerous to apply to Kustomization's resources field, though an additional restriction such as the local-resource annotation could be imposed in that context. 2) An annotation end-users could include on their KRM config objects to trigger path resolution of JSONpath-targeted fields relative to the current Kustomization/Composition. This option would be more annoying for the end-user, but safer to apply to Kustomization's resources field (where we don't know what is a transformer config vs. normal resource). 3) Metadata in the function schema provided through the Catalog enabling the plugin in question.

It's worth noting that although some valid extensions use cases do require file mounting, in the default case, transformer authors should be encouraged to provide as much of the input state as possible through the KRM configuration object and the input resource stream.

/kind feature /triage under-consideration @natasha41575

[k8s-ci-robot]

@KnVerey: This issue is currently awaiting triage.

SIG CLI takes a lead on issue triage for this repo, but any Kubernetes member can accept issues by applying the triage/accepted label.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes/test-infra](https://github.com/kubernetes/test-infra/issues/new?title=Prow%20issue:) repository.

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue or PR as fresh with /remove-lifecycle stale
• Mark this issue or PR as rotten with /lifecycle rotten
• Close this issue or PR with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[KnVerey]

/remove-lifecycle stale

I've been working on Composition recently and this is definitely a big problem for it (and the equivalent Kustomization flow, though that flow is not first-class).

[k8s-triage-robot]

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues and PRs.

This bot triages issues and PRs according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue or PR as fresh with /remove-lifecycle rotten
• Close this issue or PR with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

[natasha41575]

/remove-lifecycle rotten /lifecycle frozen

[KnVerey]

The inability to identify local file references in extensions transformer configs is also a problem for a fully functional kustomize localize: https://github.com/kubernetes-sigs/kustomize/pull/4590. The solution we choose should satisfy that use case as well.