Eschewed Features
Eschewed Features
FAQ
security: file ‘foo’ is not in or below ‘bar’
v2.0 added a security check that prevents kustomizations from reading files outside their own directory root.
This was meant to help protect the person inclined to download kustomization directories from the web and use them without inspection to control their production cluster (see #693, #700, #995 and #998)
Resources (including configmap and secret generators)
can still be shared via the recommended best practice
of placing them in a directory with their own
kustomization file, and referring to this directory as a
base from any kustomization that
wants to use it. This encourages modularity and
relocatability.
To disable this in v3, use the load_restrictor flag:
kustomize build --load_restrictor none $target
Some field is not transformed by kustomize
Example: #1319, #1322, #1347 and etc.
The fields transformed by kustomize is configured explicitly in defaultconfig. The configuration itself can be customized by including configurations in kustomization.yaml, e.g.
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
configurations:
- kustomizeconfig.yaml
The configuration directive allows customization of the following transformers:
commonAnnotations: []
commonLabels: []
nameprefix: []
namespace: []
varreference: []
namereference: []
images: []
replicas: []
To persist the changes to default configuration, submit a PR like #1338, #1348 and etc.
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.
最后修改 2023年02月01日: Update references for kustomize v5 (56153e2)