英文:
Reference autogenerated secret with name prefix
问题
I'm using kustomize to manage a rather standard deployment. I have a namePrefix to modify the resource names.
我正在使用kustomize来管理一个相当标准的部署。我有一个 namePrefix 来修改资源名称。
I need to add a custom resource to my configuration which itself autogenerates a secret after creation. The secret name consists of a fixed prefix and the name of the custom resource. I want to reference this secret in my deployment.
我需要在我的配置中添加一个自定义资源,它在创建后会自动生成一个密钥。密钥的名称由固定前缀和自定义资源的名称组成。我想在我的部署中引用这个密钥。
# kustomization.yaml
resources:
- deployment.yaml
- custom-resource.yaml
namePrefix: my-prefix-
secretGenerator:
- name: my-secret
files:
- password.txt
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
labels:
app: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-image
image: my-image:latest
envFrom:
- secretRef:
name: my-secret
- secretRef:
name: prefix-my-custom-resource <-- does not work
# custom-resource.yaml
apiVersion: some.crd.io/v1
kind: CustomResource
metadata:
name: my-custom-resource
The custom resource will autogenerate: (not result of kubectl kustomize .)
自定义资源将自动生成:(不是 kubectl kustomize . 的结果)
apiVersion: v1
kind: Secret
metadata:
name: prefix-my-custom-resource
Due to the use of the PrefixTransformer, the name of the custom resource is changed to my-prefix-my-custom-resource. Therefore, the secretRef in the deployment yaml needs to be updated to prefix-my-prefix-my-custom-resource. I tried to solve this with a nameReference configuration, but I don't think the fieldSpec allows for a substring. Is there any solution to this?
由于使用了 PrefixTransformer,自定义资源的名称更改为 my-prefix-my-custom-resource。因此,部署 yaml 中的 secretRef 需要更新为 prefix-my-prefix-my-custom-resource。我尝试使用 nameReference 配置解决这个问题,但我认为 fieldSpec 不允许子字符串。是否有解决方法?
英文:
I'm using kustomize to manage a rather standard deployment. I have a namePrefix to modify the resource names.
I need to add a custom resource to my configuration which itself autogenerates a secret after creation. The secret name consists of a fixed prefix and the name of the custom resource. I want to reference this secret in my deployment.
# kustomization.yaml
resources:
- deployment.yaml
- custom-resource.yaml
namePrefix: my-prefix-
secretGenerator:
- name: my-secret
files:
- password.txt
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
labels:
app: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-image
image: my-image:latest
envFrom:
- secretRef:
name: my-secret
- secretRef:
name: prefix-my-custom-resource <-- does not work
# custom-resource.yaml
apiVersion: some.crd.io/v1
kind: CustomResource
metadata:
name: my-custom-resource
The custom resource will autogenerate: (not result of kubectl kustomize .)
apiVersion: v1
kind: Secret
metadata:
name: prefix-my-custom-resource
Due to the use of the PrefixTransformer, the name of the custom resource is changed to my-prefix-my-custom-resource. Therefore, the secretRef in the deployment yaml needs to be updated to prefix-my-prefix-my-custom-resource. I tried to solve this with a nameReference configuration, but I don't think the fieldSpec allows for a substring. Is there any solution to this?
答案1
得分: 1
With the help of a colleague, we were able to solve this with vars:
# kustomization.yaml
resources:
- deployment.yaml
- custom-resource.yaml
namePrefix: my-prefix-
secretGenerator:
- name: my-secret
files:
- password.txt
configurations:
- configurations/var-reference.yaml
vars:
- name: MY-VARIABLE
objref:
kind: CustomResource
name: my-custom-resource
apiVersion: some.crd.io/v1
fieldref:
fieldpath: metadata.name
# configurations/var-reference.yaml
varReference:
- kind: Deployment
path: spec/template/spec/containers/envFrom/secretRef/name
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
labels:
app: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-image
image: my-image:latest
envFrom:
- secretRef:
name: my-secret
- secretRef:
name: prefix-$(MY-VARIABLE)
I'm aware that vars are deprecated and might try to find a solution with replacements, but for now I'm good with this solution.
英文:
With the help of a colleague, we were able to solve this with vars:
# kustomization.yaml
resources:
- deployment.yaml
- custom-resource.yaml
namePrefix: my-prefix-
secretGenerator:
- name: my-secret
files:
- password.txt
configurations:
- configurations/var-reference.yaml
vars:
- name: MY-VARIABLE
objref:
kind: CustomResource
name: my-custom-resource
apiVersion: some.crd.io/v1
fieldref:
fieldpath: metadata.name
# configurations/var-reference.yaml
varReference:
- kind: Deployment
path: spec/template/spec/containers/envFrom/secretRef/name
# deployment.yaml
apiVersion: apps/v1
kind: Deployment
metadata:
name: my-deployment
labels:
app: my-app
spec:
replicas: 3
selector:
matchLabels:
app: my-app
template:
metadata:
labels:
app: my-app
spec:
containers:
- name: my-image
image: my-image:latest
envFrom:
- secretRef:
name: my-secret
- secretRef:
name: prefix-$(MY-VARIABLE)
I'm aware that vars are deprecated and might try to find a solution with replacements, but for now I'm good with this solution.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论