Can kustomizations configMapGenerator use the file in parent folder, thanks.

[johnzheng1975]

Eschewed features

• This issue is not requesting templating, unstuctured edits, build-time side-effects from args or env vars, or any other eschewed feature.

What would you like to have added?

$ cat kustomization.yaml
generatorOptions:
  disableNameSuffixHash: true
configMapGenerator:
  - name: try01
    files:
      - application.yaml
      - ../asset-manifest.yaml

$ kustomize build .
Error: loading KV pairs: file sources: [application.yaml ../asset-manifest.yaml]: security; file '/home/oc-dev-blue/golang-try01-quickstart/asset-manifest.yaml' is not in y01-quickstart/deploy'

Why is this needed?

can we use the files in parent folder, or any workarround for this? thanks.

Can you accomplish the motivating task without this feature, and if so, how?

we have to move all files in same folder of kustomization.yaml
However, in real case, this is not true.

What other solutions have you considered?

copy duplicate files in kustomization.yaml, the code structure is ugly.

Anything else we should know?

No response

Feature ownership

• I am interested in contributing this feature myself! 🎉

[k8s-ci-robot]

This issue is currently awaiting triage.

SIG CLI takes a lead on issue triage for this repo, but any Kubernetes member can accept issues by applying the triage/accepted label.

The triage/accepted label can be added by org members by writing /triage accepted in a comment.

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes-sigs/prow repository.

[johnzheng1975]

Then I want to try another solution like:

$ cat kustomization.yaml
generatorOptions:
  disableNameSuffixHash: true
configMapGenerator:
  - name: try01
    files:
      - application.yaml

  - name: client
    literals:
      - securityChampion=$(yq e '.security.champion' ../asset-manifest.yaml)

I wish it can come out correct value, like

$ yq e '.security.champion' ../asset-manifest.yaml
aaa.bbb@ccc.com

However, it still show variable as below, not show aaa.bbb@ccc.com

$ kustomize build .
apiVersion: v1
data:
  securityChampion: $(yq e '.security.champion' ../asset-manifest.yaml)
kind: ConfigMap
metadata:
  name: client

[k8s-triage-robot]

The Kubernetes project currently lacks enough contributors to adequately respond to all issues.

This bot triages un-triaged issues according to the following rules:

• After 90d of inactivity, lifecycle/stale is applied
• After 30d of inactivity since lifecycle/stale was applied, lifecycle/rotten is applied
• After 30d of inactivity since lifecycle/rotten was applied, the issue is closed

You can:

• Mark this issue as fresh with /remove-lifecycle stale
• Close this issue with /close
• Offer to help out with Issue Triage

Please send feedback to sig-contributor-experience at kubernetes/community.

/lifecycle stale

[johnzheng1975]

Ok, for security point of view, this does not work by design.
~/code/golang-try01-quickstart/deploy$ kustomize build .
Error: loading KV pairs: file sources: [application.yaml ../test2.yaml]: security; file '/home/xxx/code/golang-try01-quickstart/test2.yaml' is not in or below '/home/xxx/code/golang-try01-quickstart/deploy'

[johnzheng1975]

However, we have one work around, with flux2 gitrepository.

k get gitrepo -n flux-system     xx-dev-try01 -oyaml
# kubectl  get gitrepo -n flux-system xx-dev-try01 -oyaml
apiVersion: source.toolkit.fluxcd.io/v1
kind: GitRepository
metadata:
  name: xx-dev-try01
  namespace: flux-system
spec:
  ignore: |
    # exclude all
    /*
    # include deploy dir
    !/deploy
    !/job
    !/asset-manifest.yaml
  interval: 12h
  ref:
    tag: v1.9.80
  secretRef:
    name: flux-system
  timeout: 60s
  url: ssh://git@github.azc.ext.aaa.com/xxx/golang-try01-quickstart.git

Thus, you can use ../ in kustomize folder.

$ k exec -ti nginx -n flux-system -- bash
# kubectl  exec -ti nginx -n flux-system -- bash
root@nginx:/tmp/try# curl -O http://source-controller.flux-system.svc.cluster.local./gitrepository/flux-system/xxx-dev-try01-env/177b1142957ef31617bdfb264629577303bbbb2e.tar.gz
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100  4968  100  4968    0     0  1975k      0 --:--:-- --:--:-- --:--:-- 2425k
root@nginx:/tmp/try# ls
177b1142957ef31617bdfb264629577303bbbb2e.tar.gz
root@nginx:/tmp/try# tar -xvf 177b1142957ef31617bdfb264629577303bbbb2e.tar.gz
.
asset-manifest.yaml
deploy
deploy/application.yaml
deploy/environments
... ...
deploy/kustomization.yaml
root@nginx:/tmp/try# ls
177b1142957ef31617bdfb264629577303bbbb2e.tar.gz  asset-manifest.yaml  deploy