search

viaduct-ai / kustomize-sops

KSOPS - A Flexible Kustomize Plugin for SOPS Encrypted Resources
Apache License 2.0
615 stars 83 forks source link

ksops not working with kustomize on Mac ARM #255

Open mkocur-ledger opened 2 weeks ago

mkocur-ledger commented 2 weeks ago

Hello, so just installed ksops and kustomize with brew:

which ksops
/usr/local/bin/ksops
$ksops

KSOPS is a flexible kustomize plugin for SOPS encrypted resources.
KSOPS supports both legacy and KRM style exec kustomize functions.

kustomize Usage:
- kustomize build --enable-alpha-plugins --enable-exec

Standalone Usage :
- Legacy: ksops secret-generator.yaml
- KRM: cat secret-generator.yaml | ksops

$ file /usr/local/bin/ksops
/usr/local/bin/ksops: Mach-O 64-bit executable arm64

$ kustomize version
v5.4.2

$ kustomize build --enable-alpha-plugins --enable-exec --enable-helm '/mydir'

error: loading generator plugins: failed to load generator: expected file with Go object code at: /Users/user/.config/kustomize/plugin/viaduct.ai/v1/ksops/ksops.so

I tried also official installation script but it just creates one binary in /usr/local/bin.

My understanding is that kustomize should allow executing a binary instead of looking for a library with --enable-exec but I have no clue how to convince it to do it.

dosubot[bot] commented 2 weeks ago

Hello @mkocur-ledger! I'm here to help you with any issues or questions you have regarding this repository. If you need assistance, feel free to ask.

To resolve the error "failed to load generator: expected file with Go object code at: /Users/user/.config/kustomize/plugin/viaduct.ai/v1/ksops/ksops.so" when running kustomize build --enable-alpha-plugins --enable-exec --enable-helm '/mydir', you need to ensure that the ksops plugin is correctly installed and available in the expected directory.

Here are the steps to ensure the plugin is correctly installed:

  1. Set the XDG_CONFIG_HOME environment variable: Ensure that XDG_CONFIG_HOME is set to $HOME/.config in your shell configuration file (.bashrc or .zshrc).

    export XDG_CONFIG_HOME=$HOME/.config

  2. Run the installation script: Execute the provided installation script to download and place the ksops plugin in the correct directory. You can use the following script:

    #!/bin/bash
set -e

PLUGIN_PATH="$XDG_CONFIG_HOME/kustomize/plugin/viaduct.ai/v1/ksops/"

if [[ ! -d "$PLUGIN_PATH" ]]; then
 mkdir -p "$PLUGIN_PATH"
fi

get_machine_arch () {
   machine_arch=""
   case $(uname -m) in
       i386)    machine_arch="i386" ;;
       i686)    machine_arch="i386" ;;
       x86_64)  machine_arch="x86_64" ;;
       aarch64) machine_arch="arm64" ;;
       arm64)   machine_arch="arm64" ;;
   esac
   echo $machine_arch
}

ARCH=$(get_machine_arch)
OS=""
case $(uname | tr '[:upper:]' '[:lower:]') in
 linux*)
   OS="Linux"
   ;;
 darwin*)
   OS="Darwin"
   ;;
 msys*)
   OS="Windows"
   ;;
 windowsnt*)
   OS="Windows"
   ;;
 *)
   echo "Unknown OS type: $(uname)"
   echo "Please consider contributing to this script to support your OS."
   exit 1
   ;;
esac

echo "Downloading latest release to ksops plugin path"
if [ -x "$(command -v wget)" ]; then
   wget -c https://github.com/viaduct-ai/kustomize-sops/releases/latest/download/ksops_latest_${OS}_${ARCH}.tar.gz -O - | tar -zxvf - -C "$PLUGIN_PATH"
elif [ -x "$(command -v curl)" ]; then
   curl -s -L https://github.com/viaduct-ai/kustomize-sops/releases/latest/download/ksops_latest_${OS}_${ARCH}.tar.gz | tar -zxvf - -C "$PLUGIN_PATH"
else
   echo "This script requires either wget or curl."
   exit 1
fi

echo "Successfully installed ksops"

  3. Verify the plugin location: Ensure that the ksops plugin is located at $XDG_CONFIG_HOME/kustomize/plugin/viaduct.ai/v1/ksops/ksops.

    ls $XDG_CONFIG_HOME/kustomize/plugin/viaduct.ai/v1/ksops/

    You should see the ksops file in this directory.

  4. Run kustomize with the correct flags: Ensure you are using the correct flags to enable plugins when running kustomize.

    kustomize build --enable-alpha-plugins --enable-exec --enable-helm '/mydir'

By following these steps, you should be able to resolve the error and successfully use the ksops plugin with kustomize [1][2].

To continue talking to Dosu, mention @dosu.

mkocur-ledger commented 2 weeks ago

It started working after copying ksops binary into /Users/user/.config/kustomize/plugin/viaduct.ai/v1/ksops/. Seems a bit undocumented, though...

devstein commented 2 weeks ago

Hey @mkocur-ledger sorry you ran into issues, but glad you were able to resolve it.

If you had to move the binary to that path that means your must have the legacy style plugins set up. Are you able to share your kustomize.yaml and KSOPS generator.yaml files?

mkocur-ledger commented 1 week ago

Sure.

kustomization.yaml

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
namespace: xx

generators:
  - secrets-generator.yaml

secrets-generator.yaml

apiVersion: viaduct.ai/v1
kind: ksops
metadata:
  name: applications-secrets
files:
  - one.sops.yaml
  - two.sops.yaml

Nothing fancy here.