From c6586922889b723f0a164577276b4111d8bcff0f Mon Sep 17 00:00:00 2001 From: gitea-bot Date: Sat, 20 Dec 2025 20:25:59 +0000 Subject: [PATCH] chore: Update manifests after change --- ...yaml => ConfigMap-talos-prune-script.yaml} | 6 ++-- .../cl01tl/manifests/talos/CronJob-talos.yaml | 34 +++++++++++++++++-- ...ret-talos-etcd-backup-external-secret.yaml | 2 -- ...Secret-talos-etcd-backup-local-secret.yaml | 2 -- ...ecret-talos-etcd-backup-remote-secret.yaml | 2 -- 5 files changed, 34 insertions(+), 12 deletions(-) rename clusters/cl01tl/manifests/talos/{ConfigMap-vault-backup-script.yaml => ConfigMap-talos-prune-script.yaml} (96%) diff --git a/clusters/cl01tl/manifests/talos/ConfigMap-vault-backup-script.yaml b/clusters/cl01tl/manifests/talos/ConfigMap-talos-prune-script.yaml similarity index 96% rename from clusters/cl01tl/manifests/talos/ConfigMap-vault-backup-script.yaml rename to clusters/cl01tl/manifests/talos/ConfigMap-talos-prune-script.yaml index 7f4c6beab..f1a2a6dc7 100644 --- a/clusters/cl01tl/manifests/talos/ConfigMap-vault-backup-script.yaml +++ b/clusters/cl01tl/manifests/talos/ConfigMap-talos-prune-script.yaml @@ -1,14 +1,14 @@ apiVersion: v1 kind: ConfigMap metadata: - name: vault-backup-script + name: talos-prune-script namespace: talos labels: - app.kubernetes.io/name: vault-backup-script + app.kubernetes.io/name: talos-prune-script app.kubernetes.io/instance: talos app.kubernetes.io/part-of: talos data: - backup.sh: | + prune.sh: | export DATE_RANGE=$(date -d @$(( $(date +%s) - ${DATE_RANGE_SECONDS} )) +%Y-%m-%dT%H:%M:%SZ); export FILE_MATCH="${BUCKET}/cl01tl/etcd/cl01tl-${DATE_RANGE}.snap.age" diff --git a/clusters/cl01tl/manifests/talos/CronJob-talos.yaml b/clusters/cl01tl/manifests/talos/CronJob-talos.yaml index 6024f9472..4cf060016 100644 --- a/clusters/cl01tl/manifests/talos/CronJob-talos.yaml +++ b/clusters/cl01tl/manifests/talos/CronJob-talos.yaml @@ -73,7 +73,7 @@ spec: name: talos-etcd-backup-external-secret - name: USE_PATH_STYLE value: "false" - image: ghcr.io/siderolabs/talos-backup:v0.1.0-beta.3@sha256:05c86663b251a407551dc948097e32e163a345818117eb52c573b0447bd0c7a7 + image: ghcr.io/siderolabs/talos-backup:v0.1.0-beta.3-5-g07d09ec@sha256:96054af026b6255ec14d198f2f10ad6c813b335a2e21a76804365c053dd4ba7b imagePullPolicy: IfNotPresent name: external securityContext: @@ -87,6 +87,10 @@ spec: seccompProfile: type: RuntimeDefault volumeMounts: + - mountPath: /var/run/secrets/talos.dev + mountPropagation: None + name: secret + readOnly: true - mountPath: /.talos name: talos-external - mountPath: /tmp @@ -121,7 +125,7 @@ spec: key: AGE_X25519_PUBLIC_KEY name: talos-etcd-backup-local-secret - name: USE_PATH_STYLE - value: "false" + value: "true" image: ghcr.io/siderolabs/talos-backup:v0.1.0-beta.3@sha256:05c86663b251a407551dc948097e32e163a345818117eb52c573b0447bd0c7a7 imagePullPolicy: IfNotPresent name: local @@ -136,6 +140,10 @@ spec: seccompProfile: type: RuntimeDefault volumeMounts: + - mountPath: /var/run/secrets/talos.dev + mountPropagation: None + name: secret + readOnly: true - mountPath: /.talos name: talos-local - mountPath: /tmp @@ -170,7 +178,7 @@ spec: key: AGE_X25519_PUBLIC_KEY name: talos-etcd-backup-remote-secret - name: USE_PATH_STYLE - value: "false" + value: "true" image: ghcr.io/siderolabs/talos-backup:v0.1.0-beta.3@sha256:05c86663b251a407551dc948097e32e163a345818117eb52c573b0447bd0c7a7 imagePullPolicy: IfNotPresent name: remote @@ -185,6 +193,10 @@ spec: seccompProfile: type: RuntimeDefault volumeMounts: + - mountPath: /var/run/secrets/talos.dev + mountPropagation: None + name: secret + readOnly: true - mountPath: /.talos name: talos-remote - mountPath: /tmp @@ -208,6 +220,10 @@ spec: image: d3fk/s3cmd:latest@sha256:ed348a0fae5723d2e62636c175baf4dfaf732a790179ca675d1f24f863d0d68f imagePullPolicy: IfNotPresent name: s3-prune-external + volumeMounts: + - mountPath: /scripts/prune.sh + name: prune-script + subPath: backup.sh - args: - -ec - /scripts/prune.sh @@ -226,6 +242,10 @@ spec: image: d3fk/s3cmd:latest@sha256:ed348a0fae5723d2e62636c175baf4dfaf732a790179ca675d1f24f863d0d68f imagePullPolicy: IfNotPresent name: s3-prune-local + volumeMounts: + - mountPath: /scripts/prune.sh + name: prune-script + subPath: backup.sh - args: - -ec - /scripts/prune.sh @@ -244,7 +264,15 @@ spec: image: d3fk/s3cmd:latest@sha256:ed348a0fae5723d2e62636c175baf4dfaf732a790179ca675d1f24f863d0d68f imagePullPolicy: IfNotPresent name: s3-prune-remote + volumeMounts: + - mountPath: /scripts/prune.sh + name: prune-script + subPath: backup.sh volumes: + - configMap: + defaultMode: 493 + name: talos-prune-script + name: prune-script - name: s3cmd-config-external secret: secretName: talos-etcd-backup-external-secret diff --git a/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-external-secret.yaml b/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-external-secret.yaml index 0325fcc2f..6d988befe 100644 --- a/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-external-secret.yaml +++ b/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-external-secret.yaml @@ -7,8 +7,6 @@ metadata: app.kubernetes.io/name: talos-etcd-backup-external-secret app.kubernetes.io/instance: talos app.kubernetes.io/part-of: talos - annotations: - kubernetes.io/service-account.name: talos-backup-secrets spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-local-secret.yaml b/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-local-secret.yaml index 0c671d3a7..b54660cd5 100644 --- a/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-local-secret.yaml +++ b/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-local-secret.yaml @@ -7,8 +7,6 @@ metadata: app.kubernetes.io/name: talos-etcd-backup-local-secret app.kubernetes.io/instance: talos app.kubernetes.io/part-of: talos - annotations: - kubernetes.io/service-account.name: talos-backup-secrets spec: secretStoreRef: kind: ClusterSecretStore diff --git a/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-remote-secret.yaml b/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-remote-secret.yaml index da81a391e..24212870e 100644 --- a/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-remote-secret.yaml +++ b/clusters/cl01tl/manifests/talos/ExternalSecret-talos-etcd-backup-remote-secret.yaml @@ -7,8 +7,6 @@ metadata: app.kubernetes.io/name: talos-etcd-backup-remote-secret app.kubernetes.io/instance: talos app.kubernetes.io/part-of: talos - annotations: - kubernetes.io/service-account.name: talos-backup-secrets spec: secretStoreRef: kind: ClusterSecretStore -- 2.49.1