apiVersion: batch/v1 kind: CronJob metadata: name: tls-sync-wildcard namespace: {{ .Values.tlsSync.sourceNamespace }} labels: app: tls-sync-wildcard spec: schedule: {{ .Values.tlsSync.schedule | quote }} successfulJobsHistoryLimit: {{ .Values.tlsSync.successfulJobsHistoryLimit }} failedJobsHistoryLimit: {{ .Values.tlsSync.failedJobsHistoryLimit }} jobTemplate: spec: backoffLimit: {{ .Values.tlsSync.backoffLimit }} activeDeadlineSeconds: {{ .Values.tlsSync.activeDeadlineSeconds }} template: metadata: labels: app: tls-sync-wildcard spec: restartPolicy: {{ .Values.tlsSync.restartPolicy }} serviceAccountName: tls-sync-wildcard containers: - name: sync image: {{ .Values.tlsSync.image.repository }}:{{ .Values.tlsSync.image.tag }} imagePullPolicy: {{ .Values.tlsSync.image.pullPolicy }} command: - /bin/bash - -c - | set -e # Copier le script depuis le ConfigMap cp /scripts/sync-all-certificates.sh /tmp/sync-all-certificates.sh chmod +x /tmp/sync-all-certificates.sh # Exécuter le script /tmp/sync-all-certificates.sh \ --sourceCluster "{{ .Values.tlsSync.sourceCluster }}" \ --sourceNS "{{ .Values.tlsSync.sourceNamespace }}" volumeMounts: - name: kubeconfig mountPath: /root/.kube readOnly: true - name: script mountPath: /scripts readOnly: true env: - name: KUBECONFIG value: /root/.kube/config resources: {{- toYaml .Values.tlsSync.resources | nindent 14 }} volumes: - name: kubeconfig secret: secretName: {{ .Values.tlsSync.kubeconfigSecret }} - name: script configMap: name: tls-sync-wildcard-script defaultMode: 0755