kubernetes/argocd
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add tls sync

Browse Source
This commit is contained in:
Melvin
2026-01-21 00:33:03 +01:00
parent b3e344a1e2
commit 52832863f7
15 changed files with 631 additions and 212 deletions
Download Patch File Download Diff File Expand all files Collapse all files

62
helm/tls-sync/ops/templates/cronjob.yaml Normal file
View File

@@ -0,0 +1,62 @@
apiVersion: batch/v1
kind: CronJob
metadata:
name: tls-sync
namespace: {{ .Release.Namespace }}
spec:
schedule: {{ .Values.tlsSync.schedule | quote }}
concurrencyPolicy: {{ .Values.tlsSync.concurrencyPolicy }}
successfulJobsHistoryLimit: {{ .Values.tlsSync.successfulJobsHistoryLimit }}
failedJobsHistoryLimit: {{ .Values.tlsSync.failedJobsHistoryLimit }}
jobTemplate:
spec:
activeDeadlineSeconds: {{ .Values.tlsSync.jobTimeout }}
backoffLimit: 2
template:
metadata:
labels:
app: tls-sync
spec:
serviceAccountName: tls-sync
restartPolicy: OnFailure
containers:
- name: sync
image: {{ .Values.tlsSync.image.repository }}:{{ .Values.tlsSync.image.tag }}
imagePullPolicy: {{ .Values.tlsSync.image.pullPolicy }}
command:
- /bin/bash
- -c
- |
# Installer jq si nécessaire (l'image bitnami/kubectl ne contient pas jq)
if ! command -v jq &> /dev/null; then
echo "Installation de jq..."
apk add --no-cache jq 2>/dev/null || \
(apt-get update && apt-get install -y jq 2>/dev/null) || \
(yum install -y jq 2>/dev/null) || \
(echo "⚠️ Impossible d'installer jq" && exit 1)
fi
# Exécuter le script de synchronisation
/scripts/sync-all-certificates.sh
env:
- name: SOURCE_NS
value: {{ .Values.tlsSync.sourceNamespace | quote }}
volumeMounts:
- name: sync-script
mountPath: /scripts
readOnly: true
- name: kubeconfig
mountPath: /root/.kube
readOnly: true
resources:
{{- toYaml .Values.tlsSync.resources | nindent 14 }}
volumes:
- name: sync-script
configMap:
name: tls-sync-script
defaultMode: 0755
- name: kubeconfig
secret:
secretName: tls-sync-kubeconfig
optional: true