138 lines
5.4 KiB
YAML
138 lines
5.4 KiB
YAML
{{- if .Values.janitor.enabled -}}
|
|
{{- $janitorExtraEnv := ternary .Values.cronjob.janitor.extraEnv .Values.deployment.extraEnv (not (empty .Values.cronjob.janitor.extraEnv )) -}}
|
|
---
|
|
apiVersion: batch/v1
|
|
kind: CronJob
|
|
metadata:
|
|
name: {{ include "hydra.fullname" . }}-janitor
|
|
{{- if .Release.Namespace }}
|
|
namespace: {{ .Release.Namespace }}
|
|
{{- end }}
|
|
labels:
|
|
{{- include "hydra.janitor.labels" . | nindent 4 }}
|
|
{{- with .Values.cronjob.janitor.labels }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
annotations:
|
|
{{- with .Values.cronjob.janitor.annotations }}
|
|
{{- toYaml . | nindent 4 }}
|
|
{{- end }}
|
|
spec:
|
|
concurrencyPolicy: Forbid
|
|
schedule: {{ .Values.cronjob.janitor.schedule | quote }}
|
|
jobTemplate:
|
|
spec:
|
|
template:
|
|
metadata:
|
|
labels:
|
|
{{- include "hydra.janitor.labels" . | nindent 12 }}
|
|
{{- with .Values.cronjob.janitor.labels }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.cronjob.janitor.podMetadata.labels }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
annotations:
|
|
{{- include "hydra.annotations.checksum" . | nindent 12 -}}
|
|
{{- with .Values.cronjob.janitor.annotations }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with $.Values.cronjob.janitor.podMetadata.annotations }}
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
spec:
|
|
restartPolicy: OnFailure
|
|
{{- with .Values.imagePullSecrets }}
|
|
imagePullSecrets:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
serviceAccountName: {{ include "hydra.cronjob.janitor.serviceAccountName" . }}
|
|
automountServiceAccountToken: {{ .Values.cronjob.janitor.automountServiceAccountToken }}
|
|
volumes:
|
|
- name: {{ include "hydra.name" . }}-config-volume
|
|
configMap:
|
|
name: {{ include "hydra.fullname" . }}
|
|
{{- if .Values.cronjob.janitor.extraVolumes }}
|
|
{{- toYaml .Values.cronjob.janitor.extraVolumes | nindent 12 }}
|
|
{{- end }}
|
|
containers:
|
|
- name: janitor
|
|
image: "{{ .Values.image.repository }}:{{ .Values.image.tag }}"
|
|
imagePullPolicy: {{ .Values.image.pullPolicy }}
|
|
{{- with .Values.cronjob.janitor.securityContext }}
|
|
securityContext:
|
|
{{- toYaml . | nindent 16 }}
|
|
{{- end }}
|
|
{{- if .Values.cronjob.janitor.customCommand }}
|
|
command: {{- toYaml .Values.cronjob.janitor.customCommand | nindent 14 }}
|
|
{{- else }}
|
|
command: ["hydra"]
|
|
{{- end }}
|
|
{{- if .Values.cronjob.janitor.customArgs }}
|
|
args: {{- toYaml .Values.cronjob.janitor.customArgs | nindent 14 }}
|
|
{{- else }}
|
|
args:
|
|
- janitor
|
|
{{- if .Values.janitor.cleanupGrants }}
|
|
- --grants
|
|
{{- end }}
|
|
{{- if .Values.janitor.cleanupRequests }}
|
|
- --requests
|
|
{{- end }}
|
|
{{- if .Values.janitor.cleanupTokens }}
|
|
- --tokens
|
|
{{- end }}
|
|
- --batch-size
|
|
- {{ .Values.janitor.batchSize | quote }}
|
|
- --limit
|
|
- {{ .Values.janitor.limit | quote }}
|
|
- --config
|
|
- /etc/config/hydra.yaml
|
|
{{- end }}
|
|
env:
|
|
{{- if not (empty ( include "hydra.dsn" . )) }}
|
|
{{- if not (include "ory.extraEnvContainsEnvName" (list $janitorExtraEnv "DSN")) }}
|
|
- name: DSN
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: {{ include "hydra.secretname" . }}
|
|
key: dsn
|
|
{{- end }}
|
|
{{- end }}
|
|
{{- with $janitorExtraEnv }}
|
|
{{- toYaml . | nindent 16 }}
|
|
{{- end }}
|
|
resources:
|
|
{{- toYaml .Values.cronjob.janitor.resources | nindent 16 }}
|
|
volumeMounts:
|
|
- name: {{ include "hydra.name" . }}-config-volume
|
|
mountPath: /etc/config
|
|
readOnly: true
|
|
{{- if .Values.cronjob.janitor.extraVolumeMounts }}
|
|
{{- toYaml .Values.cronjob.janitor.extraVolumeMounts | nindent 16 }}
|
|
{{- end }}
|
|
{{- if .Values.cronjob.janitor.extraContainers }}
|
|
{{- tpl .Values.cronjob.janitor.extraContainers . | nindent 12 }}
|
|
{{- end }}
|
|
{{- if .Values.cronjob.janitor.extraInitContainers }}
|
|
initContainers:
|
|
{{- tpl .Values.cronjob.janitor.extraInitContainers . | nindent 10 }}
|
|
{{- end }}
|
|
{{- with .Values.cronjob.janitor.nodeSelector }}
|
|
nodeSelector:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.cronjob.janitor.podSecurityContext }}
|
|
securityContext:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.cronjob.janitor.tolerations }}
|
|
tolerations:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- with .Values.cronjob.janitor.affinity }}
|
|
affinity:
|
|
{{- toYaml . | nindent 12 }}
|
|
{{- end }}
|
|
{{- end }}
|