-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Option to retain resource object origin data as a label #3979
Comments
In what situation would label selectors for complex paths be useful? Are length and character-set limitations a concern? Annotations would make more sense to me. Regardless, retaining the file structure, similar to helm template, would be a lot more user-friendly. |
I agree that length and character-set limitations might be a concern. This limit seems to apply to both labels and annotations, so I'm not sure if I see any good workarounds for that. EDIT: I misread the documentation; these limitations are just for label values, not annotation values. |
I don't understand the use case for labels, as opposed to annotations. |
I think annotations make more sense, I'm wondering if @monopole had a specific use case in mind? |
I agree that this sounds like an annotation rather than a label.
Doesn't this violate our "no build-time side-effects" policy? Should it be a field instead? |
+1 to fields rather than flags. |
If it is a field, how should it look? A single separate field?
Alternatively, should it be placed under an options field in case we have a number of boolean options that we want to consolidate into a single field?
@KnVerey WDYT? Or is it better to keep these fields at the top level? |
For the sake of thoroughness, here is my full proposal for this issue: InputThere should be a new field in the kustomization to toggle the option to add this annotation:
OutputLocal filesResources that are provided to kustomize via local files under the resources field in the kustomization file (or in the kustomization file of any bases) should have the following annotation:
where the path specified in the annotation is relative to the directory upon which kustomize build was invoked. That is, if someone runs Remote filesResources that are provided to kustomize as a remote base should have the following annotations:
where the repo specified in the annotation is the repository specified under the resources field in the kustomization file, and the path annotation is the path from the root of the repo to the resource file. Generated resource filesResources that are generated by kustomize will be a best-effort. For resources that are generated from data within a file, kustomize should add the following annotations (where possible):
Resources that are generated by fields in the kustomization file should have the following annotations (where possible):
In both these cases, the path should be relative to the directory upon which kustomize build was invoked. |
How will Instead of a variable number of annotations, how about a single origin annotation containing structured data, like we use for function configuration? Re: the field name, I'm a little worried that |
I think that's a good idea. How about:
If we do this, is the relation of this path field to
Since the original proposal was to have it as a flag to
I made a PR for this option: #4065. |
Sorry for the late review, I was on leave. I wrote this issue in terms of labels since paths and repo names make sense as label values. K8s uses labels for identifying attributes, for imposing an organizational structure on objects, and for fast selection (e.g. show the resources from repo x). However, Brian's correct that the 253 character limit on label values can be exceeded here, so annotations it is. Great discussion above about the form the annotations would take; completely agree. Nice! The only change I'd suggest is the proposed new kustomization field name. Since everything in a kustomization file is effectively a 'build option', we shouldn't have a field called
How about:
Code becomes
instead of
but makes life easier for the user. We'd also have to add a check in |
👍 I like this |
I like this too, I will update the PR |
Sorry for being a bit late to this discussion. Related to @KnVerey's original point regarding the annotations, if we go with I'm also unclear on the motivation for Immediate value here would be the ability to pipe the output of I do see the value in the From an API perspective, I really like the direction that was taken with the new # only include managed-by labels on Deployments
labels:
- includeManagedBy: true
fields:
- kind: Deployment
annotations:
includeOrigin: true |
The motivation is that a flag would violate our policy that there should be no build-time side-effects: https://kubectl.docs.kubernetes.io/faq/kustomize/eschewedfeatures/#build-time-side-effects-from-cli-args-or-env-variables. As a rule of thumb, anything that will change the output (produce a diff that needs to be committed if using gitops) must be driven by a field, whereas flags can be used for things that change whether the output is successfully produced at all (e.g. feature enablement). Note that the existing
My understanding is that
I'm not understanding where this is coming from. This issue isn't suggesting any new output formats, or really anything related to functions. |
@KnVerey sorry, I came here from #4090 and didn't explain my reasoning well. The motivation for my suggestions was related to tooling inter-op and in particular the Instead of having an arbitrary internal representation in addition to the Whether or not (and which) "internal" annotations are preserved becomes a concern of whatever process writes to disk. To borrow terms from kpt, you could imagine I hope that makes it clear what I'm thinking in terms of it being part of the CLI vs Kustomization API. We can get a lot of value out of standardizing on |
As an update for this issue, #4065 has been merged but I am holding off on closing this as there is ongoing discussion.
@marshall007 We are actually planning to deprecate
Yes, this is on my todo list, to migrate both kpt and kustomize to using
I think I'm not following why you are making this feature request on this issue. Could you perhaps provide a more concrete example of the use case with |
I'm aware of and agree with the deprecations that are in work. My understanding from #3953 (comment) was that the read-only commands will/may be updated to perform in-place hydration (so that things like Things to note on that:
If we assume both (1) and (2) are desirable properties of the CLI that we wish to maintain, it follows that:
Luckily we already have a specification for a data format that makes these guarantees, which is My naming of
I will write up a more formal proposal in a separate issue as soon as I have a chance, just pressed for time this week. I originally chimed in here because I am still concerned about the The build metadata should always be available for other processes in a pipeline to consume no matter what the user's kustomization looks like. As I said before, I think specifying the build metadata you include when writing out (to the filesystem or a cluster) should fall well within the responsibilities of the process that writes, not the one(s) that hydrate. |
/cc @natasha41575 |
Since #4065 has merged, let's close this issue. Feel free to continue discussion of how the read-only |
This might not interact ideally with e.g. for object:
I didn't find docs on the field syntax. The sources show that
you must write
Hope this helps somebody else. P.S. I tried to make a docs fix PR, but it requires me to sign a CRA and it'll take forever to get that through my employer, so I can't just patch the docs. |
Is your feature request related to a problem? Please describe.
The command
produces a stream of resources to stdout, while
writes resources to the given directory, one per file, with a generated name like deplyment_foo.yaml.
In either case, it's hard to track an object in the output back to its point of origin (a filepath, or a filepath in some repo).
Describe the solution you'd like
There are many ways to do this, but perhaps a new
build
flag--add-label-origin
that adds the labelUse a label rather than an annotation as origin is an identifying or selectable characteristic.
This would be a best effort. Some resources would might all come from the same file, some will be generated and not come from a file, some will be generated from data in a file (e.g. a helm chart), etc.
This feature could be the basis of recreating file structure in the output, which would ease code review of changing configuration data.
The text was updated successfully, but these errors were encountered: