Skip to content

Example of replacing env vars in deployments #1270

New issue
New issue
Open
Open
Example of replacing env vars in deployments#1270
@lusis

Description

@lusis
lusis
opened on Apr 7, 2025

I've tried multiple attempts at this but does anyone have a clear cut policy example that will modify (or remove - I legit don't care) an env var from a pod template spec if it exists?

CEL, jsonpach, whatever doesn't matter. All of the examples assume you know the index of the element and there's conflicting information about WHICH kind of mutation can do what I want.

The use case feels like one of the most common one - managing env vars centrally. Ideally I have a handful of o11y related env vars that I need to remove from pod specs and move to envFrom. I have the envFrom addition working via patchesJson6902 but removing the env vars (especially when the index isn't consistent) is proving to be really difficult.

Assuming I want to remove the env vars DD_AGENT_SERVICE_HOST and DATADOG_ENABLED, what's the easiest approach to maintain. This is a pattern we want to use repeatedly to migrate env vars while we wait for code owners to approve PRs.

Here's a few variations I've tried on a test app:

      mutate:
        targets:
          - apiVersion: v1
            kind: Deployment
            name: "{{ request.object.metadata.name }}"
            namespace: "{{ request.object.metadata.namespace }}"

        # spec.template.spec.containers.exists(container, container.?env.orValue([]).exists(e, e.name == 'DD_AGENT_SERVICE_HOST' && e.value == 'datadog-agent.datadog.svc.cluster.local'))
        foreach:
          - list: request.object.spec.template.spec.containers[]
            preconditions:
              all:
                - key: "{{ element.env[].name || '' }}"
                  operator: Equals
                  value: DD_AGENT_SERVICE_HOST
            patchStrategicMerge:
              spec:
                template:
                  spec:
                    containers:
                      - env:
                          - name: DD_AGENT_SERVICE_HOST
                            value: "otel-dogstatsd.default"
                          - name: DATADOG_ENABLED
                            value: "true"
            # patchesJson6902: |-
            #   - path: /spec/template/spec/containers/{{elementIndex}}/env/-
            #     op: replace
            #     value:
            #       name: DATADOG_ENABLED
            #       value: "true"
            #   - path: /spec/template/spec/containers/{{elementIndex}}/env/-
            #     op: remove
            #     value:
            #       name: DD_AGENT_SERVICE_HOST
            #       value: "otel-dogstatsd.default"
            #   - path: /spec/template/spec/containers/{{elementIndex}}/envFrom/-1
            #     op: add
            #     value: {"configMapRef": {"name" : "o11y-env-vars"}}

Like I said I don't really care if it's cel or whatever I just need the simplest approach.

Thanks!

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions