You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the bug
When trying to follow these instructions for deploying FarosCE in Kubernetes I'm getting the following issue:
Error: accumulating resources: accumulation err='accumulating resources from './faros': '/private/var/folders/vx/gbhv_rk12vq1zdf76bpn0nhh0000gq/T/kustomize-1233669672/kube/base/faros' must resolve to a file': recursed accumulation of path '/private/var/folders/vx/gbhv_rk12vq1zdf76bpn0nhh0000gq/T/kustomize-1233669672/kube/base/faros': loading KV pairs: env source files: [./config/.env]: security; file '/private/var/folders/vx/gbhv_rk12vq1zdf76bpn0nhh0000gq/T/kustomize-1233669672/kube/base/faros/config/.env' is not in or below '/private/var/folders/vx/gbhv_rk12vq1zdf76bpn0nhh0000gq/T/kustomize-1233669672/kube/base/faros'
This is caused by the fact that we are trying to re-utilize the existing .env configuration file in the root by symlinking it to kube/faros/config/.env. When kustomize parses this files, it attempts to load a resource that is above the path of the kustomization.yaml file in question which is typically prohibited for security reasons. However this can be bypassed with the flag --load-restrictor LoadRestrictionsNone and that often works but as we have just found out it doesn't seem to hold true for when resources are being referenced remotely like the command above.
Describe the bug
When trying to follow these instructions for deploying FarosCE in Kubernetes I'm getting the following issue:
This is caused by the fact that we are trying to re-utilize the existing
.env
configuration file in the root by symlinking it tokube/faros/config/.env
. When kustomize parses this files, it attempts to load a resource that is above the path of thekustomization.yaml
file in question which is typically prohibited for security reasons. However this can be bypassed with the flag--load-restrictor LoadRestrictionsNone
and that often works but as we have just found out it doesn't seem to hold true for when resources are being referenced remotely like the command above.Here's a reference to a kustomize Github issue touching on the unexpected behavior.
If one clones the repository and runs
things work properly, and the --load-restrictor flag is respected
To Reproduce
Steps to reproduce the behavior:
kustomize build --load-restrictor LoadRestrictionsNone https://github.com/faros-ai/faros-community-edition/kube/base
Expected behavior
FarosCE K8s manifests are rendered correctly
Screenshots and logs
Deployment
The text was updated successfully, but these errors were encountered: