| 1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253 |
- # An example ScheduledJob to run a regular check of OpenShift's internal
- # certificate status.
- #
- # Each job will upload new reports to a directory in the master hosts
- #
- # The Job specification is the same as 'certificate-check-upload.yaml'
- # and the expected pre-configuration is equivalent.
- # See that Job example and examples/README.md for more details.
- #
- # NOTE: ScheduledJob has been renamed to CronJob in upstream k8s recently. At
- # some point (OpenShift 3.6+) this will have to be renamed to "kind: CronJob"
- # and once the API stabilizes the apiVersion will have to be updated too.
- ---
- apiVersion: batch/v2alpha1
- kind: ScheduledJob
- metadata:
- name: certificate-check
- labels:
- app: certcheck
- spec:
- schedule: "0 0 1 * *" # every 1st day of the month at midnight
- jobTemplate:
- metadata:
- labels:
- app: certcheck
- spec:
- template:
- spec:
- containers:
- - name: openshift-ansible
- image: openshift/origin-ansible
- env:
- - name: PLAYBOOK_FILE
- value: playbooks/certificate_expiry/easy-mode-upload.yaml
- - name: INVENTORY_FILE
- value: /tmp/inventory/hosts # from configmap vol below
- - name: ANSIBLE_PRIVATE_KEY_FILE # from secret vol below
- value: /opt/app-root/src/.ssh/id_rsa/ssh-privatekey
- - name: CERT_EXPIRY_WARN_DAYS
- value: "45" # must be a string, don't forget the quotes
- volumeMounts:
- - name: sshkey
- mountPath: /opt/app-root/src/.ssh/id_rsa
- - name: inventory
- mountPath: /tmp/inventory
- volumes:
- - name: sshkey
- secret:
- secretName: sshkey
- - name: inventory
- configMap:
- name: inventory
- restartPolicy: Never
|
