Open annasong20 opened 1 year ago
Great feature! <3 I noticed one thing though: it seems to be broken for remote transformers? I don't know if that's a bug or a feature :p I have a repository here reproducing the error I'm seeing: https://github.com/Jell/kustomize-localize-remote-transformers-issue
To me this looks like a similar error to: https://github.com/kubernetes-sigs/kustomize/issues/4958
(not sure if I should open a separate ticket or not, but I saw on the release note I should give feedback on the feature in this issue, so I thought I would start here)
I think having an --overwrite flag is really needed. We use localize because our git repo is not especially fast. Combined with localize doing everything sequentially, that means pulling resources in our CI pipelines is a no-go as it is too expensive.
So we use localize. However, every change requires us to "relocalize" before commits. Which in turns requires us to have a process to remove all our localized folders since we can't just pass a flag --overwrite.
@Jell Thank you for uploading the exact setup!
Yes, this behavior is intentional. However, the feature that the alpha version of localize
intentionally excluded was not remote transformers, but transformers resulting from a kustomization. The Fields section of the documentation reads "In addition to localizing files" and the plugin footnote both allude to this.
We will add this feature in beta if it has enough popularity.
Don't know if you want this in a separate feature request or not, but I will start here.
So I might be misunderstanding how to localize cmd works, but my understanding is that I can download remote resources from remote repositories like github.
It would be nice to add the possibility of downloading OCI manifests as well. This is a feature that the flux community have implemented https://fluxcd.io/flux/installation, https://fluxcd.io/flux/cmd/flux_pull_artifact/
So a simple example, you can write the following and it will donwload the OCI artifact an unpack it.
flux pull artifact oci://ghcr.io/grafana-operator/kustomize/grafana-operator:v5.0.0-rc1 --output ./grafana-operator/
For those of us that uses flux it's nothing strange but for none flux users it would be nice to be able to do the same using Kustomize.
So adding oci support to localize to be able to do something like this would be nice:
kustomize localize oci://ghcr.io/grafana-operator/kustomize/grafana-operator:v5.0.0-rc1
@NissesSenap Thanks for the comment! I agree that we should try to support oci as a remote format - it seems to be becoming a more and more popular way to store kubernetes manifests.
If we do support oci, we should support it both with kustomize build
and kustomize localize
.
@natasha41575 , I didn't know that kustomize build
supported remote repositories until today. But since it does, it feels natural to add OCI support to the build
sub command as well.
Is there any documentation on how to update custom generators to give them support for localize? For instance ksops. It provides sops secret encryption but its referenced encrypted manifest files are missed. Is there an interface for generators communicating back to localize?
In the following example secrets/example.yaml
is not localized.
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
generators:
- secret-generator.yaml
apiVersion: viaduct.ai/v1
kind: ksops
metadata:
name: secret-generator
files:
- secrets/example.yaml
Hi @Striar-Yunis, thank you for the link and exact setup!
Unfortunately, in alpha, localize
only knows how to download/copy file references in the built-in plugins listed here: https://kubectl.docs.kubernetes.io/references/kustomize/cmd/localize/#fields. I think the ability to specify file references for custom generators/transformers will be great to discuss for beta.
This issue has not been updated in over 1 year, and should be re-triaged.
You can:
/triage accepted
(org members only)/close
For more details on the triage process, see https://www.kubernetes.dev/docs/guide/issue-triage/
/remove-triage accepted
The Kubernetes project currently lacks enough contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle stale
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle stale
The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.
This bot triages un-triaged issues according to the following rules:
lifecycle/stale
is appliedlifecycle/stale
was applied, lifecycle/rotten
is appliedlifecycle/rotten
was applied, the issue is closedYou can:
/remove-lifecycle rotten
/close
Please send feedback to sig-contributor-experience at kubernetes/community.
/lifecycle rotten
This umbrella issue tracks user feedback for the new alpha command
kustomize localize
.