From 4676650f59d48f90e579e7b28796f3921b755aa8 Mon Sep 17 00:00:00 2001 From: Khue Doan Date: Sun, 8 May 2022 20:59:50 +0700 Subject: [PATCH] refactor: switch config jobs to cron jobs --- platform/gitea/templates/config-job.yaml | 71 ++++++++++--------- .../vault/templates/generate-secrets-job.yaml | 64 +++++++++-------- 2 files changed, 70 insertions(+), 65 deletions(-) diff --git a/platform/gitea/templates/config-job.yaml b/platform/gitea/templates/config-job.yaml index f9e5ec68..6d65e666 100644 --- a/platform/gitea/templates/config-job.yaml +++ b/platform/gitea/templates/config-job.yaml @@ -1,43 +1,46 @@ apiVersion: batch/v1 -kind: Job # TODO switch to CronJob +kind: CronJob metadata: name: gitea-config namespace: {{ .Release.Namespace }} annotations: argocd.argoproj.io/sync-wave: "1" spec: - backoffLimit: 3 - template: + schedule: '*/5 * * * *' + jobTemplate: spec: - restartPolicy: Never - containers: - - name: apply - image: golang:1.17-alpine - env: - - name: GITEA_HOST - value: http://gitea-http:3000 - - name: GITEA_USER - valueFrom: - secretKeyRef: - name: gitea-admin-secret - key: username - - name: GITEA_PASSWORD - valueFrom: - secretKeyRef: - name: gitea-admin-secret - key: password - workingDir: /go/src/gitea-config - command: - - sh - - -c - args: - - | - go get . - go run . - volumeMounts: + backoffLimit: 3 + template: + spec: + restartPolicy: Never + containers: + - name: apply + image: golang:1.17-alpine + env: + - name: GITEA_HOST + value: http://gitea-http:3000 + - name: GITEA_USER + valueFrom: + secretKeyRef: + name: gitea-admin-secret + key: username + - name: GITEA_PASSWORD + valueFrom: + secretKeyRef: + name: gitea-admin-secret + key: password + workingDir: /go/src/gitea-config + command: + - sh + - -c + args: + - | + go get . + go run . + volumeMounts: + - name: source + mountPath: /go/src/gitea-config + volumes: - name: source - mountPath: /go/src/gitea-config - volumes: - - name: source - configMap: - name: gitea-config-source + configMap: + name: gitea-config-source diff --git a/platform/vault/templates/generate-secrets-job.yaml b/platform/vault/templates/generate-secrets-job.yaml index 1a5494dc..5c93445a 100644 --- a/platform/vault/templates/generate-secrets-job.yaml +++ b/platform/vault/templates/generate-secrets-job.yaml @@ -1,39 +1,41 @@ apiVersion: batch/v1 -kind: Job # TODO switch to CronJob +kind: CronJob metadata: name: generate-secrets namespace: {{ .Release.Namespace }} annotations: - # TODO init and unseal in previous waves for production usage - argocd.argoproj.io/sync-wave: "3" + argocd.argoproj.io/sync-wave: "3" # TODO init and unseal in previous waves for production usage spec: - backoffLimit: 3 - template: + schedule: '*/5 * * * *' + jobTemplate: spec: - restartPolicy: Never - containers: - - name: apply - image: golang:1.17-alpine - env: - - name: VAULT_ADDR - value: http://vault:8200 - - name: VAULT_TOKEN - valueFrom: - secretKeyRef: - name: vault-token # TODO use production token - key: token - workingDir: /go/src/generate-secrets - command: - - sh - - -c - args: - - | - go get . - go run . - volumeMounts: + backoffLimit: 3 + template: + spec: + restartPolicy: Never + containers: + - name: apply + image: golang:1.17-alpine + env: + - name: VAULT_ADDR + value: http://vault:8200 + - name: VAULT_TOKEN + valueFrom: + secretKeyRef: + name: vault-token + key: token + workingDir: /go/src/generate-secrets + command: + - sh + - -c + args: + - | + go get . + go run . + volumeMounts: + - name: source + mountPath: /go/src/generate-secrets + volumes: - name: source - mountPath: /go/src/generate-secrets - volumes: - - name: source - configMap: - name: generate-secrets-source + configMap: + name: generate-secrets-source