alexlebens/infrastructure
1
0
Fork 0
Code Issues 1 Pull Requests Actions Activity
Files
28af32e60716e4bc90fa937ced68f994928f9417
infrastructure/clusters/cl01tl/manifests/vault/CronJob-vault-snapshot.yaml
gitea-bot 28af32e607 Automated Manifest Update (#2745) 
This PR contains newly rendered Kubernetes manifests automatically generated by the CI workflow.

Reviewed-on: #2745
Co-authored-by: gitea-bot <gitea-bot@alexlebens.net>
Co-committed-by: gitea-bot <gitea-bot@alexlebens.net>
2025-12-20 04:25:16 +00:00

160 lines
5.3 KiB
YAML
Raw Blame History

apiVersion: batch/v1
kind: CronJob
metadata:
name: vault-snapshot
labels:
app.kubernetes.io/controller: snapshot
app.kubernetes.io/instance: vault
app.kubernetes.io/managed-by: Helm
app.kubernetes.io/name: vault
helm.sh/chart: snapshot-4.5.0
namespace: vault
spec:
suspend: false
concurrencyPolicy: Forbid
startingDeadlineSeconds: 90
timeZone: US/Central
schedule: "0 4 * * *"
successfulJobsHistoryLimit: 1
failedJobsHistoryLimit: 3
jobTemplate:
spec:
parallelism: 1
backoffLimit: 3
template:
metadata:
labels:
app.kubernetes.io/controller: snapshot
app.kubernetes.io/instance: vault
app.kubernetes.io/name: vault
spec:
enableServiceLinks: false
serviceAccountName: default
automountServiceAccountToken: true
securityContext:
runAsGroup: 1000
runAsUser: 100
hostIPC: false
hostNetwork: false
hostPID: false
dnsPolicy: ClusterFirst
restartPolicy: Never
initContainers:
- args:
- -ec
- /scripts/snapshot.sh
command:
- /bin/ash
env:
- name: VAULT_ADDR
value: http://vault-active.vault.svc.cluster.local:8200
envFrom:
- secretRef:
name: vault-snapshot-agent-token
image: hashicorp/vault:1.21.1
imagePullPolicy: IfNotPresent
name: snapshot
volumeMounts:
- mountPath: /opt/backup
name: backup
- mountPath: /scripts/snapshot.sh
name: snapshot-script
subPath: snapshot.sh
containers:
- args:
- -ec
- /scripts/backup.sh
command:
- /bin/sh
env:
- name: BUCKET
valueFrom:
secretKeyRef:
key: BUCKET
name: vault-s3cmd-external-config
image: d3fk/s3cmd:latest@sha256:ed348a0fae5723d2e62636c175baf4dfaf732a790179ca675d1f24f863d0d68f
imagePullPolicy: IfNotPresent
name: s3-backup-external
volumeMounts:
- mountPath: /opt/backup
name: backup
- mountPath: /scripts/backup.sh
name: backup-script
subPath: backup.sh
- mountPath: /root/.s3cfg
mountPropagation: None
name: s3cmd-external-config
readOnly: true
subPath: .s3cfg
- args:
- -ec
- /scripts/backup.sh
command:
- /bin/sh
env:
- name: BUCKET
valueFrom:
secretKeyRef:
key: BUCKET
name: vault-s3cmd-local-config
image: d3fk/s3cmd:latest@sha256:ed348a0fae5723d2e62636c175baf4dfaf732a790179ca675d1f24f863d0d68f
imagePullPolicy: IfNotPresent
name: s3-backup-local
volumeMounts:
- mountPath: /opt/backup
name: backup
- mountPath: /scripts/backup.sh
name: backup-script
subPath: backup.sh
- mountPath: /root/.s3cfg
mountPropagation: None
name: s3cmd-local-config
readOnly: true
subPath: .s3cfg
- args:
- -ec
- /scripts/backup.sh
command:
- /bin/sh
env:
- name: BUCKET
valueFrom:
secretKeyRef:
key: BUCKET
name: vault-s3cmd-remote-config
image: d3fk/s3cmd:latest@sha256:ed348a0fae5723d2e62636c175baf4dfaf732a790179ca675d1f24f863d0d68f
imagePullPolicy: IfNotPresent
name: s3-backup-remote
volumeMounts:
- mountPath: /opt/backup
name: backup
- mountPath: /scripts/backup.sh
name: backup-script
subPath: backup.sh
- mountPath: /root/.s3cfg
mountPropagation: None
name: s3cmd-remote-config
readOnly: true
subPath: .s3cfg
volumes:
- name: backup
persistentVolumeClaim:
claimName: vault-storage-backup
- configMap:
defaultMode: 493
name: vault-backup-script
name: backup-script
- name: s3cmd-external-config
secret:
secretName: vault-s3cmd-external-config
- name: s3cmd-local-config
secret:
secretName: vault-s3cmd-local-config
- name: s3cmd-remote-config
secret:
secretName: vault-s3cmd-remote-config
- configMap:
defaultMode: 493
name: vault-snapshot-script
name: snapshot-script
Reference in New Issue View Git Blame Copy Permalink