Apply
kustomizer apply inventory
Apply builds the given inventory, then it validates and reconciles the Kubernetes objects using server-side apply.
kustomizer apply inventory [flags]
Examples
kustomizer apply inventory <name> [-a] [-p] [-f] -k --prune --wait --force --source --revision
# Apply an inventory from remote OCI artifacts
kustomizer apply inventory my-app -n apps -a oci://registry/org/repo:latest
# Apply an inventory using an OCI artifact digest
kustomizer apply inventory my-app -n apps -a oci://registry/org/repo@sha256:<digest>
# Apply an inventory from an encrypted OCI artifact
kustomizer apply inventory my-app -n apps -a oci://registry/org/repo:latest --age-identities ./keys/id.txt
# Apply an inventory from remote OCI artifacts and local patches
kustomizer apply inventory my-app -n apps -a oci://registry/org/repo:latest -p ./patches/safe-to-evict.yaml
# Force apply a local kustomize overlay then wait for all resources to become ready
kustomizer apply inventory my-app -n apps -k ./overlays/prod --prune --wait --force
# Apply Kubernetes YAML manifests from a locally cloned Git repository
kustomizer apply inventory my-app -n apps -f ./deploy/manifests --source="$(git ls-remote --get-url)" --revision="$(git describe --always)"
Options
--age-identities string Path to a file containing one or more age identities (private keys generated by age-keygen).
-a, --artifact strings OCI artifact URL in the format 'oci://registry/org/repo:tag' e.g. 'oci://docker.io/stefanprodan/app-deploy:v1.0.0'.
--create-namespace Create the inventory namespace if not present.
-f, --filename strings Path to Kubernetes manifest(s). If a directory is specified, then all manifests in the directory tree will be processed recursively.
--force Recreate objects that contain immutable fields changes.
-h, --help help for inventory
-k, --kustomize string Path to a directory that contains a kustomization.yaml.
-p, --patch strings Path to a kustomization file that contains a list of patches.
--prune Delete stale objects from the cluster.
--revision string The revision identifier.
--source string The URL to the source code.
--wait Wait for the applied Kubernetes objects to become ready.
Options inherited from parent commands
--as string Username to impersonate for the operation. User could be a regular user or a service account in a namespace.
--as-group stringArray Group to impersonate for the operation, this flag can be repeated to specify multiple groups.
--as-uid string UID to impersonate for the operation.
--cache-dir string Default cache directory (default "/home/runner/.kube/cache")
--certificate-authority string Path to a cert file for the certificate authority
--client-certificate string Path to a client certificate file for TLS
--client-key string Path to a client key file for TLS
--cluster string The name of the kubeconfig cluster to use
--context string The name of the kubeconfig context to use
--insecure-skip-tls-verify If true, the server's certificate will not be checked for validity. This will make your HTTPS connections insecure
--kubeconfig string Path to the kubeconfig file to use for CLI requests.
-n, --namespace string The inventory namespace. (default "default")
-s, --server string The address and port of the Kubernetes API server
--timeout duration The length of time to wait before giving up on the current operation. (default 1m0s)
--tls-server-name string Server name to use for server certificate validation. If it is not provided, the hostname used to contact the server is used
--token string Bearer token for authentication to the API server
--user string The name of the kubeconfig user to use
SEE ALSO
- kustomizer apply - Apply inventories from remote OCI artifacts, local kustomize overlays and/or Kubernetes YAML manifests.