kustomize build with KUSTOMIZE_PLUGIN_HOME tries to load wrong plugin - Error: loading generator plugins: failed to load generator: expected file with Go object code at: .../plugin/v1/secret/Secret.so

paololazzari commented 6 months ago

What happened?

I am trying to follow this solution https://github.com/kubernetes-sigs/kustomize/issues/1696#issuecomment-1478749665 to patch a custom generator from an overlay.

$ tree
.
├── generators-base
│   ├── kustomization.yaml
│   └── secrets.yaml
├── overlays
│   └── dev
│       ├── generator-config
│       │   └── kustomization.yaml
│       └── kustomization.yaml
└── plugin
    └── util
        └── gcloudsecretgenerator
            └── gcloudSecretGenerator

8 directories, 5 files

generators-base/kustomization.yaml:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

generators:
- secrets.yaml

generators-base/secrets.yaml:

apiVersion: util
kind: gcloudSecretGenerator
metadata:
  name: appsecrets
argsOneLiner: |-
  mySecret myGcloudSecretName

overlays/dev/generator-config/kustomization.yaml

resources:
  - ../../../generators-base

patches:
  - target:
      kind: gcloudSecretGenerator
      name: appsecrets
    patch: |-
      - op: replace
        path: /argsOneLiner
        value:
          mySecret myGcloudSecretName
          mySecondSecret mySecondGcloudSecretName

overlays/dev/kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

generators:
  - ./generator-config

plugin/util/gcloudsecretgenerator/gcloudSecretGenerator

#!/bin/bash

# Discard the first argument
secret_data=("${@:2}")

# Loop over input arguments and for every other input look up the secret value
for ((i=1;i< ${#secret_data[@]} ;i+=2));
do
  # Get secret and convert to base64
  secret_value=$(gcloud secrets versions access latest --secret=${secret_data[$i]} | base64)
  secret_data[$i]="$secret_value"
done

# Format secret data properly for interpolation
v=$(printf '"%s" : "%s"\n  ' "${secret_data[@]}")

echo "
kind: Secret
apiVersion: v1
metadata:
  name: secret
data:
  $v
"

I know the plugin works fine because if I try to use it for a non-overlay workflow it works fine (as demonstrated here). In this scenario however, it does not work:

$ KUSTOMIZE_PLUGIN_HOME="$(pwd)/plugin" kustomize build overlays/dev/ --enable-alpha-plugins
Error: loading generator plugins: failed to load generator: expected file with Go object code at: /var/folders/9r/09jj1p_x7qd5pbfjfncq1pj00000gp/T/tmp.S0ihapiY4I/plugin/v1/secret/Secret.so

For some reason, it ignores my plugin and expects a Go object elsewhere.

What did you expect to happen?

I expected the generator-base secret to be patched and then expected the plugin to run properly.

Expected output

apiVersion: v1
data:
  mySecret: ippZ0USQwwTUfptm....
  mySecondSecret: ippZ0USQwwTUfptm....
kind: Secret
metadata:
  name: appsecrets

Kustomize version

v5.4.1

Operating system

MacOS

k8s-ci-robot commented 6 months ago

This issue is currently awaiting triage.

SIG CLI takes a lead on issue triage for this repo, but any Kubernetes member can accept issues by applying the triage/accepted label.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available [here](https://git.k8s.io/community/contributors/guide/pull-requests.md). If you have questions or suggestions related to my behavior, please file an issue against the [kubernetes-sigs/prow](https://github.com/kubernetes-sigs/prow/issues/new?title=Prow%20issue:) repository.

k8s-triage-robot commented 3 months ago

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Mark this issue as fresh with /remove-lifecycle stale
Close this issue with /close
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

k8s-triage-robot commented 2 months ago

The Kubernetes project currently lacks enough active contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

After 90d of inactivity, lifecycle/stale is applied
After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

Mark this issue as fresh with /remove-lifecycle rotten
Close this issue with /close
Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle rotten

paololazzari commented 1 month ago

/remove-lifecycle rotten

kubernetes-sigs / kustomize