62 lines
2.1 KiB
YAML
62 lines
2.1 KiB
YAML
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: tls-sync-wildcard
|
|
namespace: {{ .Values.tlsSync.sourceNamespace }}
|
|
labels:
|
|
app: tls-sync-wildcard
|
|
spec:
|
|
schedule: {{ .Values.tlsSync.schedule | quote }}
|
|
successfulJobsHistoryLimit: {{ .Values.tlsSync.successfulJobsHistoryLimit }}
|
|
failedJobsHistoryLimit: {{ .Values.tlsSync.failedJobsHistoryLimit }}
|
|
jobTemplate:
|
|
spec:
|
|
backoffLimit: {{ .Values.tlsSync.backoffLimit }}
|
|
activeDeadlineSeconds: {{ .Values.tlsSync.activeDeadlineSeconds }}
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: tls-sync-wildcard
|
|
spec:
|
|
restartPolicy: {{ .Values.tlsSync.restartPolicy }}
|
|
serviceAccountName: tls-sync-wildcard
|
|
containers:
|
|
- name: sync
|
|
image: {{ .Values.tlsSync.image.repository }}:{{ .Values.tlsSync.image.tag }}
|
|
imagePullPolicy: {{ .Values.tlsSync.image.pullPolicy }}
|
|
command:
|
|
- /bin/bash
|
|
- -c
|
|
- |
|
|
set -e
|
|
|
|
# Copier le script depuis le ConfigMap
|
|
cp /scripts/sync-all-certificates.sh /tmp/sync-all-certificates.sh
|
|
chmod +x /tmp/sync-all-certificates.sh
|
|
|
|
# Exécuter le script
|
|
/tmp/sync-all-certificates.sh \
|
|
--sourceCluster "{{ .Values.tlsSync.sourceCluster }}" \
|
|
--sourceNS "{{ .Values.tlsSync.sourceNamespace }}"
|
|
volumeMounts:
|
|
- name: kubeconfig
|
|
mountPath: /root/.kube
|
|
readOnly: true
|
|
- name: script
|
|
mountPath: /scripts
|
|
readOnly: true
|
|
env:
|
|
- name: KUBECONFIG
|
|
value: /root/.kube/config
|
|
resources:
|
|
{{- toYaml .Values.tlsSync.resources | nindent 14 }}
|
|
volumes:
|
|
- name: kubeconfig
|
|
secret:
|
|
secretName: {{ .Values.tlsSync.kubeconfigSecret }}
|
|
- name: script
|
|
configMap:
|
|
name: tls-sync-wildcard-script
|
|
defaultMode: 0755
|
|
|