Home > Software design >  Kustomize - Imported (resource) patch doesn't work
Kustomize - Imported (resource) patch doesn't work

Time:01-26

I am not managing to include a kustomization.yaml that only contains patches. As a minimal example of the problem I'm solving, I can illustrate with the folder structure below:

.
├── kustomization.yaml
├── nested
│   ├── kustomization.yaml
│   └── serviceaccount-patch.yaml
└── service-account.yaml

The files are:

# kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization 
metadata:
  name: top
resources:
  - service-account.yaml
  - nested

# service-account.yaml
kind: ServiceAccount
apiVersion: v1
metadata:
  name: base
spec:
  automountServiceAccountToken: false

# nested/kustomization.yaml
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization 
metadata:
  name: nested
patches:
  - path: serviceaccount-patch.yaml
    target:
      kind: ServiceAccount
      name: base

# nested/serviceaccount-patch.yaml
- op: replace
  path: /metadata/name
  value: replaced

The patch is not applied. When putting the patch straight into kustomization.yaml it does work. I'd like to keep this structure, as my actual use case is to have the following:

.
├── base
│   ├── env
│   │   ├── app
│   │   │   ├── kustomization.yaml
│   │   │   └── service-account.yaml
│   │   └── kustomization.yaml
│   ├── kustomization.yaml
│   └── shared
│       ├── kustomization.yaml
│       └── pod.yaml
├── overlay
│   └── dev
│       ├── env
│       │   ├── app
│       │   │   ├── kustomization.yaml
│       │   │   └── serviceaccount-patch2.yaml
│       │   ├── kustomization.yaml
│       │   └── serviceaccount-patch.yaml
│       ├── kustomization.yaml
│       └── shared
│           └── kustomization.yaml

Here, I would have two parts for each environment: env and shared. I would overrule the namespace in overlay/dev/env/kustomization.yaml. That file would also include the base base/env, making sure that the namespace of the shared base is not modified. The above also illustrates which patch works (serviceaccount-patch.yaml) and which doesn't (serviceaccount-patch2.yaml).

If there is a better way to achieve this, I'd love to hear it.

CodePudding user response:

A patch can only be applied to resources that are generated by the kustomization.yaml that includes the patch. In other words, running kustomize build without the patch defined must create the resources that you want to patch.

Running kustomize build in your nested directory produces no output -- that file includes no resources, so your patch is no-op.

I'm not entirely sure I understand your desired layout; in particular, it's not clear what the difference between dev/ and /dev/env/ is meant to be. You would generally set things up like this:

.
├── base
│   ├── kustomization.yaml
│   └── service-account.yaml
└── overlay
    ├── dev
    │   ├── kustomization.yaml
    │   └── serviceaccount-patch.yaml
    ├── us-east
    │   ├── kustomization.yaml
    │   └── ...
    └── us-west
    │   ├── kustomization.yaml
    │   └── ...

Where overlay/dev/kustomization.yaml looks like:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

resources:
  - ../../base

patches:
  - path: serviceaccount-patch.yaml
    target:
      kind: ServiceAccount
      name: base

Running kustomize build overlay/dev shows that the patch is applied as expected:

apiVersion: v1
kind: ServiceAccount
metadata:
  name: replaced
spec:
  automountServiceAccountToken: false

Page link:https//www.codepudding.com/Softwaredesign/683902.html

Prev:How can I make the shell evaluate a filename argument in a Kubernetes CronJob?
Next:Mongoose - update a value with find by id
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding