0

I am trying to merge some annotations in one file to multiple resources to keep it DRY and in order for pods to get information from a vault.

Generally I can add the following code to "mylogger" by using the kind: Deployment (which I presume will only allow me to get the info from this file into only the mylogger resource). After deployment the mylogger pod seems to be working, and can get the vault information.

Other information is that the project follows the base/overlay structure and uses kubectl and kustomize commands.

For the files...

vault-values.yml

apiVersion: apps/v1
kind: Deployment
metadata:
    name: mylogger
spec:
    template:
        metadata:
            annotations:
                inject-vault-value1: "path-to-vault-value1"
                inject-vault-value2: "path-to-vault-value2"

The mylogger.yml resource file is

apiVersion: apps/v1
kind: Deployment
metadata:
    name: mylogger
    labels:
        app: mylogger
spec:
    replicas: 2
    selector:
        matchLabels:
            app: mylogger
    template:
        metadata:
            labels:
                app: mylogger
        spec:
            initContainers:
.... and rest of file here

doing kubectl kustomize .../overlay/dev > manifest.yml

I can see the desired result in my manifest.yml file

apiVersion: apps/v1
kind: Deployment
metadata:
    name: mylogger
    labels:
        app: mylogger
spec:
    replicas: 1
    selector:
        matchLabels:
            app: mylogger
    template:
        metadata:
            annotations:
                inject-vault-value1: "path-to-vault-value1"
                inject-vault-value2: "path-to-vault-value2"
            labels:
                app: mylogger
        spec:
            initContainers:
... rest if file

The part under spec > template > metadata > annotations > inject-vault-value1 is there.

Is it possible to use the vault-value.yml file and insert its contents into for example myjob resource? Basically the part from spec and down, to its annotations

myjob.yml

apiVersion: apps/v1
kind: Deployment
metadata:
    name: myjob
spec:
    replicas: 1
    template:
        spec:
            containers:
            - name: myjob
                env:
                - name: random__env__variable
                  value: false
...rest of file here

Note: I want to use the file in the overlay folder as it has the correct vault information for that particular environment. I have nothing in base folder concerning the vault information or the vault yaml file.

Thought the command "patchesStrategicMerge" would come in handy, but for the kustomize command it seems only doable for a base/overlay contents

jakox
  • 3
  • 3
  • Without seeing your `kustomization.yaml` files it's a little hard to figure out how you currently have things configured. Can you update your question to include a [mcve]? – larsks Feb 14 '23 at 14:56

1 Answers1

0

How to best accomplish your goal depends on how your project is structured, but one option is to use a Kustomize patch, like this:

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

# This points to where you're loading your `mylogger` and `myjob` deployments
resources:
- ...

patches:
  - target:
      kind: Deployment
    patch: |
      apiVersion: apps/v1
      kind: Deployment
      metadata:
        name: this-is-ignored
      spec:
        template:
          metadata:
            annotations:
              inject-vault-value1: "path-to-vault-value1"
              inject-vault-value2: "path-to-vault-value2"

This will apply your two custom annotations to all deployments generated by this kustomization.yaml file. If you need to limit it to specific deployments, you can use a pattern expression or label selector to match the appropriate objects.

larsks
  • 277,717
  • 41
  • 399
  • 399