-
Notifications
You must be signed in to change notification settings - Fork 36
Support fetching resources from Kubernetes #61
Conversation
This adds a template method which can be used to retrieve the last applied configuration of a Kubernetes resource inside of a template.
For getResource function calls the lookup namespace no longer defaults to anything. The function signature is roughly `(namespace, kind, name string) -> (string, error)` and all of these parameters must be provided by the user.
Consideration before merging: This is also only supported in kubectl > 1.6. I'm wondering if it makes sense to use Maybe the function should also be called |
This implements #45, by the way. |
FYI this is waiting on me figuring out which Most things seem to go through a Go |
That's not merged, right? Are there plans to do so? |
@FaKod I haven't looked at this in a long time. Back when I originally wrote it I abandoned it because the output of If not kontemplate would need some implementation of a normalised form for all the possible resources. Maybe such a thing exists in the k8s codebase itself but I haven't gone looking. |
@tazjin What do you mean with normalized? My use case f.e. is, that I have to retrieve API servers root CA. I solved it with $ CA_BUNDLE=$(kubectl get cm -n kube-system extension-apiserver-authentication -o=jsonpath='{.data.client-ca-file}' | base64 | tr -d '\n') \
kontemplate apply s4.yaml So in my case a
What do you (or others) think? |
@FaKod Ah interesting, that's a use-case I hadn't actually considered. The original idea here was to be able to eventually get a stable hash of a resource in-cluster so that, for example, pods could contain a hash of configmaps or whatever to trigger updates. This JSON-path based implementation could be useful for other cases! |
Adds support for a
getResource(namespace, kind, name)
template function which can insert the last applied configuration of a resource in a template.This is useful for doing things like this:
which will cause rolling updates based on the current configmap configuration.
Another useful effect of this is that this can be used even if the dependent resource is not managed by Kubernetes, for example a certificate
Secret
created by kubernetes-letsencrypt.