Open aabouzaid opened 1 year ago
Can you describe the implementation you have in mind? It would need a new flag to specify that the stdin input is in a different format, and a new output format to output the resource again? I m not against it in principle but i feel this might be non trivial to implement? Could you describe how this could work? Thanks! ❤️
Hi Yann :wave:
I'm thinking in a simpler impelmentation where Kubeconform will detect the type of STDIN, and if it's ResourceList
, it will process the values of the items
key as files.
I already did something similar for SopsSecretGenerator
apiVersion: config.kubernetes.io/v1
kind: ResourceList
metadata:
name: krm-function-input
items:
- apiVersion: goabout.com/v1beta1
kind: SopsSecretGenerator
metadata:
annotations:
config.kubernetes.io/function: |
exec:
path: SopsSecretGenerator
config.kubernetes.io/local-config: 'true'
config.k8s.io/id: '1'
name: secret-from-file
disableNameSuffixHash: true
files:
- testdata/file.txt
- apiVersion: goabout.com/v1beta1
kind: SopsSecretGenerator
metadata:
annotations:
config.kubernetes.io/function: |
exec:
path: SopsSecretGenerator
config.kubernetes.io/local-config: 'true'
config.k8s.io/id: '2'
name: secret-from-env
disableNameSuffixHash: true
envs:
- testdata/vars.env
The ResourceList
manifest is generated automatically by Kustomize.
If you think you can do this with reasonable effort maybe give it a shot... maybe push early, before writing tests, so I can review the implementation?
@yannh here is the PoC #170 Just 1 method that parses the Stdin content.
Kubeconform could be used as a validator plugin in Kustomize (it's built into
kubectl
since v1.14)All needed is just support KRM as input to Kubeconform.
I will create a PR for you if the feature is accepted.