From 53cca793b9da48604aa84e4d1a0055f6b8eb2405 Mon Sep 17 00:00:00 2001 From: Serge van Ginderachter Date: Fri, 6 Dec 2024 14:38:47 +0100 Subject: [PATCH] Clarify precedence in Kustomization substituteFrom Signed-off-by: Serge van Ginderachter --- docs/spec/v1/kustomizations.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/docs/spec/v1/kustomizations.md b/docs/spec/v1/kustomizations.md index 554e6f0f..69d0d72f 100644 --- a/docs/spec/v1/kustomizations.md +++ b/docs/spec/v1/kustomizations.md @@ -609,8 +609,11 @@ stringData: token: ${token} ``` -The var values which are specified in-line with `substitute` +**Note:** The var values which are specified in-line with `substitute` take precedence over the ones derived from `substituteFrom`. +When var values for the same variable keys are derived from multiple +`ConfigMaps` or `Secrets` referenced in the `substituteFrom` list, then the +first take precedence over the later values. **Note:** If you want to avoid var substitutions in scripts embedded in ConfigMaps or container commands, you must use the format `$var` instead of @@ -1137,7 +1140,7 @@ This policy can be used for Kubernetes Jobs to rerun them when their container i #### `kustomize.toolkit.fluxcd.io/prune` When set to `Disabled`, this policy instructs the controller to skip the deletion of -the Kubernetes resources subject to [garbage collection](#prune). +the Kubernetes resources subject to [garbage collection](#prune). This policy can be used to protect sensitive resources such as Namespaces, PVCs and PVs from accidental deletion.