-1

I am trying to apply kustomize from env/main/kustomization.yaml directory

kubectl diff --kustomize .

which gives error:

`: security; file 'base/replacements/xxxx.yaml' is not in or below 'env/main'

The above kustomization is applied on the base directory base/kustomization. If I run kubectl diff --kustomize . directly in the base directory there is no error. Running from env/main gives the error.

contents of kustomization.yaml in env/main

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- ../../base
images:
-  ecr-image

replacements:
- path: ../../base/replacements/file1.yaml
- path: ../../base/replacements/file2.yaml
- path: ../../base/replacements/file3.yaml

configMapGenerator:
 - literals:
    - abc

contents of kustomization.yaml base/

apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization

transformers:
  - tranxformers.yaml

configMapGenerator:
  - name: xxx
    namespace: name-space
    envs:
     - configs/env-file

resources:
  - applications/deployment.yaml

Why replacements files path are causing this error? Also please explain me the cause of this problem which makes me understand the flow of kustomize in a better way

Update:

  • if I move the replacements directory inside env/main directory there is no error. But this is not ideal since I want to use the base directory even for replacements

  • I did tried to use replacements as components but its not replacing the desired valued

Jatin Mehrotra
  • 9,286
  • 4
  • 28
  • 67

1 Answers1

0

A kustomization.yaml cannot refer to files outside of its own directory. It can only refer to (a) resources or (b) components, both of which are directories that contain their own kustomization.yaml file.

If you have a group of transformations -- such as several replacement definitions -- put them in a component, and the include that component as necessary.

E.g., you could structure things like:

.
├── base
│   └── kustomization.yaml
├── components
│   └── common_replacements
│       ├── file1.yaml
│       ├── file2.yaml
│       ├── file3.yaml
│       └── kustomization.yaml
└── envs
    ├── dev
    │   └── kustomization.yaml
    └── main
        └── kustomization.yaml

Where components/common_replacements/kustomnization.yaml would look like:

apiVersion: kustomize.config.k8s.io/v1alpha1
kind: Component

replacements:
  - file1.yaml
  - file2.yaml
  - file2.yaml

And then in env/main.kustomization.yaml you would have:

components:
  - ../../components/common_replacements

And similarly anywhere else you want to use the same replacements.

larsks
  • 277,717
  • 41
  • 399
  • 399
  • I tried your solution but I think replacements are not being applied even though there is no error. I can confirm that replacements are not being applied with your solution because I kept replacements in env/main and it worked and now when I trying your solution and applying kustomize the earlier value ( when replacements worked) is overridden – Jatin Mehrotra Aug 02 '23 at 04:59
  • Can you tell me why replacements when used as components didnt work? – Jatin Mehrotra Aug 03 '23 at 11:06
  • I cannot, because replacements work just fine when defined in a component. [Here's an example](https://github.com/larsks/so-example-76712848-kustomize-replacements/tree/main) I put together for a previous question on this topic. I'd be happy to take a closer look at your use case, but you would need to update your question to include a complete reproducer -- a minimal configuration that reproduces that problem you're asking about. – larsks Aug 03 '23 at 20:15