| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 |
- # An example Job to run a certificate check of OpenShift's internal
- # certificate status from within OpenShift.
- #
- # The generated reports are uploaded to a location in the master
- # hosts, using the playbook 'easy-mode-upload.yaml'.
- #
- # This example uses the openshift/origin-ansible container image.
- # (see README_CONTAINER_IMAGE.md in the top level dir for more details).
- #
- # The following objects are expected to be configured before the creation
- # of this Job:
- # - A ConfigMap named 'inventory' with a key named 'hosts' that
- # contains the Ansible inventory file
- # - A Secret named 'sshkey' with a key named 'ssh-privatekey
- # that contains the ssh key to connect to the hosts
- # (see examples/README.md for more details)
- ---
- apiVersion: batch/v1
- kind: Job
- metadata:
- name: certificate-check
- spec:
- parallelism: 1
- completions: 1
- template:
- metadata:
- name: certificate-check
- spec:
- containers:
- - name: openshift-ansible
- image: docker.io/openshift/origin-ansible
- env:
- - name: PLAYBOOK_FILE
- value: playbooks/openshift-checks/certificate_expiry/easy-mode-upload.yaml
- - name: INVENTORY_FILE
- value: /tmp/inventory/hosts # from configmap vol below
- - name: ANSIBLE_PRIVATE_KEY_FILE # from secret vol below
- value: /opt/app-root/src/.ssh/id_rsa/ssh-privatekey
- - name: CERT_EXPIRY_WARN_DAYS
- value: "45" # must be a string, don't forget the quotes
- volumeMounts:
- - name: sshkey
- mountPath: /opt/app-root/src/.ssh/id_rsa
- - name: inventory
- mountPath: /tmp/inventory
- volumes:
- - name: sshkey
- secret:
- secretName: sshkey
- - name: inventory
- configMap:
- name: inventory
- restartPolicy: Never
|
